How we care for
your data.

Green Horizon Resort ("we", "us", "our") operates the website at greenhorizonresort.com and the three villas in the heart of Istria, Croatia. We are the data controller responsible for the personal information described in this notice.

If you have any questions about how we handle your information, you can reach us at contact@greenhorizonresort.com.

When you submit an enquiry or reservation we collect the details you provide to us: your name, email address, phone number (if given), the villa and dates you are interested in, your party size, and any notes you share with the concierge.

When you browse the site we also collect limited technical data through cookies and similar technologies — such as your device type, language, approximate region, and the pages you visit — as described in our Cookie Policy.

We use your information to respond to your enquiries, prepare and confirm your reservation, deliver the services you have booked, keep you informed about your stay, and comply with our legal and accounting obligations.

With your consent, we may occasionally send you seasonal updates about the resort. You can unsubscribe at any time from any such message.

We process personal data on the lawful bases set out in the EU General Data Protection Regulation (GDPR): the performance of a contract with you, our legitimate interests in running the resort, compliance with legal obligations, and — where required — your consent.

We do not sell your personal information. We share it only with carefully selected service providers who help us operate the site and deliver your stay — such as hosting, email, payment, and analytics partners — and only to the extent necessary for those purposes.

We may also disclose information where required by law, to protect our legitimate interests, or in connection with legal proceedings.

We keep enquiry details for up to twenty-four months to follow up on your interest and respond to any subsequent questions. Booking records are kept for as long as required by applicable tax and accounting law, typically ten years.

After these periods, your data is securely deleted or anonymised.

Subject to applicable law, you have the right to access the personal information we hold about you, to request its correction or deletion, to restrict or object to its processing, and to request a copy of it in a portable format.

You also have the right to lodge a complaint with your local data protection authority. To exercise any of these rights, please write to us at the address below.

Some of our service providers are based outside the European Economic Area. When we transfer personal information to such providers, we rely on appropriate safeguards — such as the European Commission's Standard Contractual Clauses — to ensure that your data continues to be protected.

We use reasonable technical and organisational measures — including encryption in transit, access controls, and staff training — to protect your information against loss, misuse, and unauthorised access. No system is ever perfectly secure, but we take our duty of care seriously.

We may update this notice from time to time to reflect changes in our practices or in the law. When we do, we will update the "last updated" date at the top of the page. Material changes will be highlighted on our site.