Privacy Policy and GDPR

Data Collection and Processing

D.O.O. EMERALD MOUNTAIN RESORT East New Sarajevo strictly respects your privacy and implements all necessary measures to protect your personal data. We collect only the data that is necessary for providing our services or for fulfilling legal obligations. We collect data based on your consent or in accordance with the legal grounds provided by REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) of 27 April 2016 and the applicable Law on Personal Data Protection ("Official Gazette of BiH", No. 49/2006, 76/2011 and 89/2011 – corr.).

Types of Data Collected

We collect the following types of personal data:

  • First name, last name, and contact information (e-mail address, phone number, etc.);
  • Technical information about the device and browser you use when accessing our site;
  • Information about your use of our site and interaction with the content.

Legal Basis for Data Processing

The processing of your personal data is carried out on one of the following legal grounds:

  • Your consent that you gave us during data collection;
  • Fulfillment of legal obligations arising from applicable legislation;
  • Protection of our legitimate interests as a company, provided that these interests are not overridden by your rights and freedoms;

Use and Sharing of Data

We use the collected data exclusively for the purposes for which it was collected, such as providing services, personalizing the user experience, sending notifications and offers, analytics, and improving our site. We will not share your personal data with third parties without your consent, except in cases where it is necessary to provide our services, and only for the stated needs:

  • Engaging external service providers who process data on our behalf and for our account when the conditions for data processing and responsibility for personal data protection are defined by contract;
  • Fulfillment of legal obligations – we will submit your personal data to public authorities only when required by law.

International Data Transfer

In some cases, your personal data may be transferred and processed in other countries. We will take all reasonable steps to ensure that such transfers are carried out in accordance with applicable data protection laws and that appropriate technical and organizational data protection measures are applied.

We will only transfer your data:

  • To countries that have ensured an adequate level of personal data protection in accordance with the Law on Personal Data Protection of BiH (for example, EU countries);
  • To countries that do not meet the conditions under point 1, but only with the implementation of appropriate safeguards in accordance with the provisions of the GDPR. For example, if we transfer personal data to a recipient in the United States, we will first ensure that the recipient is a signatory to the Data Protection Agreement in accordance with the applicable standard contractual clauses on personal data protection.

Data Retention

We keep your personal data only for as long as it is necessary to achieve the purpose for which it was collected, unless the law provides otherwise. All collected data will be stored in our electronic documents on an internal server for a maximum period of 10 years. In the event that your data is no longer used or if you withdraw your consent for data processing, we will take all measures to safely remove it.

Your Rights

In accordance with the GDPR and the applicable Law on Personal Data Protection of RS, you have certain rights regarding the processing of your personal data, including the right to access, correction, deletion, restriction of processing, data portability, and objection. You also have the right to withdraw your consent at any time when the processing is based on consent. To exercise these rights or for additional information, please contact us at office@emeraldjahorina.com.

Data Security

We take reasonable technical and organizational measures to protect your personal data from loss, misuse, or unauthorized access. We have established procedures and a Rulebook on Personal Data Protection and regularly update our systems to ensure the security of your data.

Changes to the Privacy Policy

This privacy policy may be updated from time to time. In the event of significant changes, we will notify you of these changes through a notification on our site or through other communication channels.

If you have any questions, requests, or complaints regarding our privacy policy or the processing of your
personal data, please contact us at office@emeraldjahorina.com.

This privacy policy comes into effect from the date of its publication.