IBERVEST Ltd. for commerce

Ulica Gračansko borje 24
10 000 Zagreb

Commercial Court of Zagreb: Tt-02/4663-2 (court registration number), 91116602757 (PIN)

Original capital: amounts 12.000.000 HRK and is paid in full

Members of the Management Board: Ann Myriam Donck-Barun & Rosine Ceuppens

Transfer account: 2340009-11100763443, at Privredna Banka Zagreb (Radnička cesta 50, Zagreb)


Ibervest d.o.o. and Imago Ibervest d.o.o.

  1. Introductory provisions

This privacy policy applies to all the facilities operating as part of the companies IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o.

This Privacy Policy regulates the protection of your personal data by IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o., pursuant to the Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter: GDPR).

This Privacy Policy applies in all the cases of your personal data processing by IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. as the controller, unless particular processing cases require the application of other Information, Privacy Policies or similar documents, independent of their title, whose application overrides or amends this Information.

This privacy policy or statement explains how we handle personal data collected from or on you at this web site, through written and/or oral communication with you, and upon your visit to our facilities.

Since every guest is important to us, offering best-quality service is our top priority. The company IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. respects your privacy and undertakes all measures to ensure your personal data are protected. Everybody who visits our web site and all our guests, including you, deserve our maximum discretion and responsibility in the process of managing your personal data. We collect and store information in accordance with the GDPR.

“Personal data” means all information collected and stored in a format enabling your personal identification, either directly (e.g. by name) or indirectly (e.g. by phone number) as an individual.

Before you provide us this information, we recommend you read this document which describes our guidelines on client privacy protection.

  1. The personal data we collect

In each interaction, that is, contact with the client, that is, in every aspect of our business, we can collect personal data. You can provide your personal data in the following manners:

  • When you request data regarding service reservation, accommodation in or visit to our facilities;
  • By sending e-mail inquiries;
  • By sending payments to us and/or our facilities;
  • In the process of making a reservation, completing a survey and participating in a possible prize game or promotion;
  • When communicating with us by phone, e-mail, social network, fax and other means;
  • When completing surveys after your stay, giving a review on your stay or on using our products and services;
  • When you organize an event in our facility – we collect details related to meetings and events, dates of events, number of guests, and, in case of business meetings and events, we also collect data on your organization

We can collect personal data by using the internal CCTV network and other security devices in our facilities which can take photos or recordings of guests and visitors for the purpose of protecting our staff, guests and property.

Since we (may) cooperate with third persons (including, but not limited to, travel agents and providers of accommodation services, business partners, subcontractors in technical, payment, advertising network and delivery services, analytical services providers, search information providers), we may also receive information on you from them.

If you access and use our web site (including: browsing, streaming, storing into the cache memory or storing this web site or any service, function, material or content located thereon), it means you have read and accepted all the conditions for use.

  1. Data covered by the privacy policy system

Data we primarily request from you and which are protected:

  • name and surname
  • address
  • contact data: e-mail address, phone/cell phone number
  • data on your credit card provided in the reservation procedure
  • other data you might provide and wish to keep secret.

Bear in mind we can collect or dispose of, in certain situations, sensitive personal data such as: your nationality (indicated on the passport or identity card); membership in political, professional or trade association (information is related to a group reservation or an event you are related to during your stay in our facility; and health and/or medical information; information related to your preferences, special requests or needs).

We may distribute your data to the extent necessary to be in compliance with our legal obligations, laws and regulations we are subject to. You personal data may be shared with other parties if you consent to this, or without your consent if necessary to fulfil our obligations toward you.

You can cancel protection over these data at any moment by explicit statement

Moreover, you can unsubscribe from our mailing list at any moment causing us not to use your data for promotion. In that case, we can only use it for our internal purposes, such as statistical data processing. Data will remain stored in the system for the next 5 years or until you opt out.

We will undertake all reasonable steps to make sure all your personal data we keep stored is accurate and complete.

  1. The purpose of obtained data

All the information we might request will be used exclusively for the following purposes:

  1. provision of services you requested from us (provision of accommodation services, organizing events, seminars, parties, etc.);
  2. fulfilling obligations arising from various contracts between you and us, such as making reservations and booking (contractual obligation);
  3. registering your visit in the e-visitor system after you arrive to stay in the facilities of IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. (legal obligation);
  4. responding to your inquiry;
  5. providing information before your arrival, confirming your reservation and sending an electronic invoice;
  6. improving your stay in the facilities owned by IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o.;
  7. i) using your feedback to improve our services;
  8. j) our internal statistical data processing
  9. k) sending promo material

We warrant that the above stated data will only be used for the above-mentioned purposes. By providing your personal data through every form of communication, you give your explicit consent for IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. to contact you for the indicated purposes. If you do not wish for us to contact you, you must notify us thereon exclusively in written manner.

As regards the obligations toward local authorities, we might be obligated to deliver your information to local authorities if prescribed by law.

  1. Privacy policy content

We will not sell, rent or make your e-mail address available to third legal persons or individuals without your consent. We will ask for your specific permission if you want us to contact you regarding special offers and campaigns. The companies IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. shall not be held responsible for an inadvertent error or an error due to force majeure or other objective circumstance causing accidental violation of the guaranteed protection of your data, but we do warrant that the error will be removed, if and as soon as possible.

  1. Duration of the privacy policy

At the moment you deliver your data, you accept that we contact and add you to our mailing list. The moment of addition to the list represents your explicit consent to being contacted. Your data will be protected permanently, and you can ask to be excluded from our mailing list at any moment.

  1. Statement related to credit card data

You hereby accept that IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. as the owner of this web site are not responsible for any type of interception of information on the credit card or for any other illegal use of data on the credit card in relation to direct use of this web site. We undertake all legally prescribed measures for protecting such data.

  1. Cookies and web technologies

As is the case with many other web sites, our site may also use “cookies” and other technologies to help us deliver content according to your interests and process reservations or requests, and/or analyse the characteristics of your visits.

A cookie is information that the web site you visit stores on your computer. Cookies usually store your settings, web site settings, such as the preferred language. Later on, when you reopen the same web site, the internet browser sends back the cookies that belong to this web site. This makes it possible for the web site to show customized information.

Cookies may store a wide range of information, including personal data (such as your name or e-mail address). However, this information can be stored only if you enable it – web sites cannot access information you had not provided them with and they cannot access other files on your computer or mobile device. You cannot see the default activities of storing and sending cookies. You can change your internet browser settings so as to be able to decide on your own whether you want to approve or reject the cookie saving requests, delete the saved cookies automatically when closing the internet browser and so on. Cookies as such cannot be used to identify you personally.

Opting out enables you to decide whether you will allow cookies to be saved in your computer or mobile device. Cookie settings can be controlled and configured in your web browser. If you unable cookies, you may not be able to use some of web site functionalities.

If you wish to delete or unable cookies on your computer at any time, you can update your internet browser settings (please search for information on how to delete and unable cookies in your browser by selecting the Help tab).

  1. Protecting personal data on children and minors

IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. advise parents and guardians to instruct children on responsible and safe handling of personal data on the internet.

We do not intentionally collect personal data on children under 18, and we do not want or intend to collect data on persons under 18, so we recommend and invite you to discourage your children from providing us any personal information without your permission.

  1. Your consent

Your providing of information means that you guarantee these are accurate, that you have capacity and authority to dispose of the provided information, and that you give your full consent for us to use and collect your data in accordance with the law and our privacy policy terms and conditions.

  1. Changing data

You can contact us at any moment for the purpose of reviewing your personal data as well as updating, rectifying and erasing them. Until such moment, we will be using your old data for the indicated purposes.

In case of any issues with your rights, please contact us by e-mail or by calling +385 1 4623 515 and +385 99 4959 501.

  1. Transparency

Any amendments to our privacy policy will come into force at the moment of their publication on this web site. These amendments will apply in our relationship as if they existed before you were added to our mailing list, provided they are in accordance with the relevant laws of the European Union and the Republic of Croatia and that they do not limit your rights.

However, transmitting information over the internet is not completely safe. Although we will do our best to protect your personal data, we cannot guarantee that the data you send to our web site will be safe, meaning each data transmission will be at your risk. Having received your data, we will apply strict procedures and protection measures to prevent unauthorized access to them.

All personal data we collect from you are confidential, except when you voluntarily decide to make them public. We hereby declare that we will not disclose any data we receive from your to other parties, except in the cases indicated in this Privacy Statement.

Only authorized employees of IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. and associated companies who need to use personal data to meet their business interests, as indicated above, will have access to personal data.

IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. will not be held responsible for any defects in data protection caused by force majeure unpreventable by commercially available means. We guarantee errors will be removed, if possible, without delay.

  1. Data subjects’ rights

A data subject, upon his/her request, will be provided the following information by IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o.: identity and contact details of the controller, contact details of the data protection officer, the purposes of data processing for which personal data are used as well as the legal basis for the processing, legitimate interests, recipients or categories of recipients of personal data, the fact that the controller intends to transfer personal data to a third country (if any), the duration of data storage or criteria defining such duration, consent-related rights, the existence of automated decision-making and the existence of rights indicated below.

In case data are not collected directly from data subjects, the source of personal data must be indicated in addition. IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. process personal data in accordance with the GDPR, respecting the following rights:

a) Right of access by the data subject – the data subject shall have the right to obtain confirmation as to whether or not personal data concerning him or her are being processed, and how they are being processed. The person whose data are being processed has the right to know everything about accessing personal data and the purpose of the processing, data categories, potential recipients to whom data will be disclosed, etc.

b) The right to rectification – the data subject shall have the right to obtain without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. Data subjects must update their personal data in a business relationship with IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o.

c) The right to erasure (“the right to be forgotten”) – the data subject shall have the right to obtain the erasure of personal data concerning him or her and IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
  • the data subject objects to the processing and there are no legitimate grounds for the processing overriding the legitimate interest of IBERVEST d.o.o. and IMAGO IBERVEST d.o.o. for the processing and/or storing personal data;
  • personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation;

d) Right to data portability – the data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o., in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. It must be kept in mind that the right to portability refers exclusively to personal data of the data subject.

e) Right to object – the data subject shall have the right to object at any time, on grounds relating to his or her particular situation, to processing of personal data concerning him or her. In such case, IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. shall no longer process the personal data unless they demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims. The data subject may object to the processing to the supervisory authority – Data Protection Agency (for more, visit

f) Right to restriction of processing – the data subject shall have the right to obtain the restriction of processing in case the accuracy of the personal data is contested by the data subject, in case the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead, and in case the data subject has objected to processing. The data subject is entitled to request the exercise of any of the above rights at any time, unless the GDPR prescribes it is not obligatory. At his/her request, the data subject will be given information on actions undertaken related to the said rights, not later than within three months from the receipt of the request (depending on the quantity and complexity of the request).

Efforts shall be made to reply to all the requests within one month and, if necessary, the deadline will be prolonged by not more than two more months. If IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. fail to act on the data subject’s request within one month from the receipt of the request, the data subject shall be informed of the reasons for the failure. The reasons for failing to act include the lawfulness of data processing which prevents IBERVEST d.o.o. and/or IMAGO IBERVEST from acting on the request. The data subject has the right not to be subject to a decision which is based solely on automated processing which significantly affects him/her, including profile creation, unless such decision:

  • is necessary for concluding or performing a contract between the data subject and IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o.;
  • is authorised by law;
  • is based on data subject’s explicit consent.
  1. Acting on personal data violations

IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. as the controller shall make sure that, in case of violation of personal data, without undue delay, if possible, not later than 72 hours after learning of the violation, they notify the competent supervisory authority on the violation of personal data, unless it is unlikely that the violation of personal data will endanger the rights and freedoms of individuals.

The report delivered to the supervisory authority shall contain all the information stipulated by the GDPR. In case of violation of personal data likely to cause high risk to the rights and freedoms of individuals, IBERVEST d.o.o. and/or IMAGO IBERVEST d.o.o. as the controller shall notify the data subject on the violation of personal data without undue delay. Data subjects shall not be informed where GDPR provides it is not necessary.


  1. About Cookies

    Cookies are small files that your browser saves on your computer or mobile device when you visit our website. This allows our website to recognize your computer the next time you visit us, so that we can offer you a personalized experience as you navigate through it. The cookies on our website are not aimed at spying on the user and do not follow everything the user does and are not malicious code or virus. They are also not related to unwanted messages (spam), do not save username and password and are not intended for advertising. Information such as your first and last name or email address will not be saved – our website cannot access your personal data and files on your computer.

  2. Cookie types


    Permanent cookies

    Permanent or saved cookies remain on the computer after closing the Internet browser program. With them, websites store information such as login name and password, language settings or cookie settings so that you do not have to re-enter them on each subsequent visit. Persistent cookies can remain on your computer or mobile device for days, months, even years.

    Temporary cookies
    Temporary cookies or session cookies are removed from the computer when the Internet browser is closed. With them, websites store temporary data, such as the last few pages you opened on the website you are visiting or the items in your shopping cart if you are on a website that specializes in Internet sales.


    First party cookies
    First-party cookies come from the website you are viewing and can be permanent or temporary. With the help of these cookies, websites can store data that they will use again during the next visit to that website.

    Third party cookies
    Third-party cookies come from other websites that are located on the website you are viewing. Using these cookies, other websites can track internet usage on the website you are viewing for marketing purposes.


    Technical cookies or Necessary cookies: (ALWAYS ACTIVE) – necessary for the website to function and cannot be turned off in our systems. They are typically set in response to your actions involving a request for services, such as cookie settings, logging in, or filling out forms. You can set your browser to block these cookies or send a warning about them, but in this case some parts of the site will not work. These cookies do not store any information that could identify you.

    Functional cookies: (CAN BE TURNED OFF) – enable the website to provide enhanced functionality and personalization.

    Statistical (Analytical) cookies: (CAN BE TURNED OFF) – enable the recording of visits and traffic sources for the purpose of measuring and improving the effectiveness of the website.

    Marketing cookies: (CAN BE TURNED OFF) – serve to track users through websites and display targeted ads. This website does not use marketing cookies.

  3. Ibervest’s cookies


    PURPOSE: The GDPR Cookie Compliance plugin uses this cookie to save the website user’s cookie settings preferences.
    TYPE: Necessary
    DURATION: 1 year (by default, but cookie consent is set to expire after 6 months)
    SOURCE: First party

    PURPOSE: Google Analytics sets this cookie to calculate data about visitors, sessions and campaigns and to track the use of the site for the site analytics report. The cookie stores information anonymously and assigns a randomly generated number to identify unique visitors.
    TYPE: Analytics
    DURATION: 2 years (by default, but cookie consent is set to expire after 6 months)
    SOURCE: Third party

    PURPOSE: Google Analytics sets this cookie to store and count page views.
    TYPE: Analytics
    DURATION: 2 years (by default, but cookie consent is set to expire after 6 months)
    SOURCE: Third Party

    PURPOSE: The Polylang plugin sets this cookie to remember the language the website user selects when returning to the website and get the language information when unavailable in another way.
    TYPE: Functional
    DURATION: 1 year (by default, but cookie consent is set to expire after 6 months)
    SOURCE: First party

    You can select cookie behavior settings when you access our website in the following pop-up window: SETTINGS.

  4. Cookie settings

    Additionally, you can accept or reject some or all cookies by adjusting your browser settings. The following links provide information on how to change settings for some of the most commonly used Internet browsers: Google Chrome, Mozilla Firefox, Microsoft Edge, Internet Explorer, Opera, Safari. If your browser (for any of your devices with which you access this website) is not listed, you can certainly find information about its settings on its website. We do not guarantee the long-term validity of these links, as their validity depends on the administration of other websites.

    Some browsers allow you to navigate the website in “anonymous” mode, limiting the amount of data placed on your computer and automatically deleting persistent cookies placed on your computer or mobile device when you end your browsing session.

    There are also many third-party applications that you can add to your browser to block or manage cookies. You can also delete cookies that were previously placed in your browser by selecting the option to delete browsing history and turning on the option to delete cookies.

    You can find more detailed information about cookies and adjust your browser settings at