Privacy Policy

About Us and This Policy

Mon Perin d.d., with its registered office at Trg La Musa 2, 52211 Bale, Croatia, OIB: 06374155285, manages the website at monperin.com. This policy explains in a simple and understandable way how we collect, use, and protect your personal data when you visit our site or when you contact us.

What Data We Collect

During your use of our site, we may collect different types of data, depending on how you interact with us and how you use the website:

• Browse data - when you visit monperin.com, we automatically record technical information such as browser type, language, time of visit, and pages you viewed. We collect this data through Google Analytics 4. With your consent, we also use Microsoft Clarity, which records anonymous Browse sessions to understand how users use our site – which elements they click, how they move their mouse, and which parts of the site they view. In Microsoft Clarity reports, data entered by users is completely anonymized. The IP address is also recorded at the machine level of the server, but it is not visible in Google Analytics 4 and Microsoft Clarity systems.
• Data you provide us yourself - when you fill out a contact form, subscribe to a newsletter, or contact us, you may give us your name, surname, email address, and phone number. Before storing them, with your explicit consent, and before forwarding them to third parties, we encrypt this data using the SHA-256 algorithm for additional security and unreadability. When stored in HubSpot CRM, this data is recorded in its original, readable form, which is necessary for the functionality of reciprocal contact.
• We also save data from chat conversations - when you use our live chat on the site, conversations are processed through the HubSpot Chat system. This includes personal data and messages you send, conversation time, and basic technical data necessary for chat functionality.
• Reservation data - when you create a reservation inquiry or make a reservation through our site, your data is processed through our specialized reservation system, Phobs. This system communicates with the website via a secure, encrypted API and records information necessary for your reservation: name and surname, contact details, dates of stay, number of people, special requests, credit card data, and other details relevant to the reservation. Phobs records and machine-processes this data exclusively for the purpose of processing, confirming, and managing offers or your reservation.
• Phone call data - if you call us, our Aircall system may record your number and basic call information.

How We Use Your Data

We process your personal data based on various legal grounds and always for clearly defined purposes:

• Communication and service provision - when you contact us via form, phone, or live chat, we use your data to answer inquiries, resolve requests, and provide requested information about our products and services. This processing is based on your request before concluding a contract or on our legitimate interest in maintaining business communication.
• Reservation processing - we use the data you enter during the booking process exclusively for processing, confirming, and managing your reservation. This includes sending reservation confirmations, arrival reminders, communication about potential changes, and providing service during your stay. This processing is based on the execution of the reservation contract between you and Mon Perin.
• Special categories of data - health data - if you voluntarily provide us with information about special health needs, disabilities, food allergies, or other medical data relevant to your stay during reservation or communication with us, we process this sensitive data with special care and exclusively based on your explicit consent. We use them only to enable you a safe and pleasant stay. This data is accessible only to a limited number of authorized employees who need to know it to provide the service, is stored separately from other data with additional security measures, and is deleted immediately after your stay, unless you ask us to keep it for future visits.
• Newsletter, loyalty program, and marketing communication - if you subscribed to our newsletter or loyalty program during the reservation process or through a special form, we send you news about our products, special offers, and useful content. For this communication, we always ask for your explicit consent, which you can withdraw at any time by clicking the unsubscribe link in each message.
• Website analysis and improvement - we use Browse data to understand how visitors use our site, which pages are most popular, and where we can improve the user experience. This analysis helps us optimize the content and functionalities of the site. For advanced analytics, we ask for your consent.
• Personalized advertising - only with your explicit consent, we may use your encrypted contact data (email and phone converted to hash values) to display more relevant ads on Google and Meta platforms. This means you may see our ads when you use these platforms, but only if you have explicitly allowed it. We never share your actual contact details with advertising platforms – they only receive encrypted versions.
• Customer relationship management - we record all interactions with you in our HubSpot CRM system to provide better and more personalized service. This includes the history of your inquiries, purchases, and preferences, which allows our team to provide you with more relevant assistance when you contact us next time.
• Phone support - when you call us, the Aircall system records basic call information (number, time, duration) so that we can monitor the quality of our customer support and return missed calls if necessary.
• Security and fraud prevention - we may use your data to protect our site and users from malicious activities, fraud, or unauthorized access. This includes monitoring unusual usage patterns and preventing automated attacks. In such scenarios, our employees may contact you for authentication purposes.
• Legal obligations - in certain situations, we must process your data due to legal obligations, such as tax regulations, accounting standards, or court orders. In these cases, we store the data for as long as legally required.
• Statistics and reports - we create aggregated, pseudonymized, and anonymized reports on the use of our services that cannot be linked to you as an individual. We use this data as cumulative statistics for business analysis and planning.

It is important to note that we never use your data for automated decision-making that could significantly affect you, nor for profiling without your knowledge and consent.

Tracking Technologies and Advertising

We use cookies and similar technologies on our site through Google Tag Manager. This includes Google Analytics 4 for analytics, Microsoft Clarity for user behavior analysis, and Google Ads and Meta Ads tracking pixels for advertising. All these technologies operate in accordance with Google Consent Mode v2 and comply with the General Data Protection Regulation (GDPR), meaning we ask for your consent before activating any tracking functions. You can choose whether to allow only necessary cookies or granularly allow those for analytics and marketing as well. Microsoft Clarity is activated only with your explicit consent for analytical cookies and is used exclusively to understand behavioral patterns when using the website, without identifying you as an individual.

• Changing consent settings - you can change your cookie consent decision at any time through the cookie settings on our site. The new setting applies from the moment of change onwards and affects future data collection. Changing consent does not retroactively affect data already collected while consent was active - that data remains processed according to the settings that were valid at the time of its collection.

For more information about cookies, please see our Cookie Policy.

Sharing Data with Third Parties

Your data is stored in the following systems:

• HubSpot - our CRM system for contact management
• HubSpot Chat - for live chat communication on the website
• Phobs - booking system for processing reservations
• Google services - for analytics and advertising (only with consent)
• Microsoft Clarity - for user experience analysis (only with consent)
• Meta platforms - for advertising (only with consent)
• Aircall - for managing phone calls
• CDN - content delivery network that speeds up page loading. CDN may temporarily machine-process technical data such as your IP address solely for the purpose of content delivery.

We never sell your personal data. We only share it with our business partners who help us provide services, and always under strict data protection agreements.

Your Rights

According to the General Data Protection Regulation (GDPR), you have the right to:

• Request access to the data we hold about you
• Correct inaccurate data
• Request the deletion of your data
• Restrict the processing of your data
• Transfer your data to another service provider
• Withdraw consent at any time
• Object to the processing of your data

To exercise any of these rights, please contact our Data Protection Officer at [email protected].

Children's Protection

Our site is not intended for persons under 16 years of age. We do not knowingly collect data about children. If you learn that a child has shared their data with us, please contact us immediately so we can remove it.

Data Security

We implement technical and organizational measures to protect your data from unauthorized access, loss, or misuse. This includes encryption of sensitive data, secure servers, and limited access only to authorized personnel. Health and other sensitive data are stored with additional levels of protection and access is limited to a minimal number of employees who necessarily need them to provide the service.

How Long We Store Data

We store your data only as long as necessary for the purposes for which it was collected:

• Browse data: 26 months
• Contact data: while you actively use our services or until consent withdrawal
• Call data: according to legal deadlines
• Chat conversations: 24 months or while you actively use our services

Policy Changes

We may update this policy periodically. All changes will be published on this page with a new effective date. We recommend that you review this page periodically.

Contact and Complaints

For all questions about the protection of your data or how we process it, please contact our Data Protection Officer:

Email: [email protected]

Postal address: Mon Perin d.d., Trg La Musa 2, 52211 Bale, Croatia

If you are not satisfied with our response, you have the right to file a complaint with the Croatian Personal Data Protection Agency on the website azop.hr.