Privacy Policy for Truffle Adventure

Effective Date: [December 15, 2025]

This Privacy Policy describes how Sviličić Truffles (referred to as “we,” “us,” or “our”) collects, uses, and discloses your personal data when you visit and use the website https://truffleadventure.com/ (the “Service”).

We are committed to protecting your personal data and your right to privacy. If you have any questions or concerns about this privacy policy, please contact us at the details provided below.

1. Data Controller Information

Data Controller: Svilicic Truffles, Babići 1B, Kaštelir
OIB: 18332635461

2. Personal Data We Collect

We collect personal data primarily through three channels: data you provide directly, data collected automatically, and data from third parties.

A. Data You Provide Directly

This includes information you voluntarily provide to us when you:

  • Contact Us: Name, email address, phone number, and the content of your message.
  • Make a Purchase/Booking: Name, billing and shipping address, payment information (processed securely by a third-party vendor), and details of the product or service purchased.
  • Sign up for a Newsletter/Marketing: Email address and name.

B. Data Collected Automatically (Cookies & Tracking)

When you access the Service, certain information is collected automatically, which may constitute personal data under GDPR:

  • Usage Data: Information about how you use the website, such as time and date of visits, pages viewed, time spent on pages, and links clicked.
  • Device Data: Your device’s Internet Protocol (IP) address, browser type and version, operating system, and unique device identifiers.
  • Location Data: General location data inferred from your IP address.

C. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like pixels) to track activity on our Service and hold certain information. Non-essential cookies are only deployed after you give explicit consent via our cookie banner.

Our Cookie Policy (which is a separate document or a detailed section within this policy) provides granular detail on:

  • The specific types of cookies used (Necessary, Analytical, Marketing).
  • The purpose of each cookie.
  • How to manage or withdraw your consent.

3. Lawful Basis for Processing (GDPR)

We process your personal data based on one or more of the following lawful bases:

Lawful BasisExamples of Processing Activities
ConsentProcessing for marketing (newsletters) or deploying non-essential cookies. (You have the right to withdraw consent at any time).
Contractual NecessityProcessing personal data to fulfill a booking or complete a sale you have initiated.
Legitimate InterestAnalyzing website usage for improvement, preventing fraud, and ensuring security (provided your rights do not override these interests).
Legal ObligationWhen processing is required to comply with a law, court order, or governmental request.

4. How We Use Your Personal Data

We use the collected personal data for various purposes:

  • To provide and maintain the Service: Including processing your bookings and fulfilling your orders.
  • To manage your account: To manage your registration as a user of the Service.
  • To communicate with you: Responding to your inquiries, comments, or complaints.
  • For marketing purposes: Sending newsletters or promotional materials, where you have provided explicit consent.
  • To perform analytics: To monitor and analyze website usage, which helps us improve the Service and user experience.
  • For security: To prevent fraudulent transactions and monitor against theft.

5. Disclosure and Sharing of Your Personal Data

We may share your personal data with the following categories of third parties:

  • Service Providers: Third parties who perform functions on our behalf, such as payment processors (e.g., Stripe, PayPal), web hosting providers, and delivery services. These parties are contractually bound to keep your data secure and process it only according to our instructions.
  • Analytics Providers: Third parties like Google Analytics, which help us understand website traffic and usage patterns.
  • Legal & Regulatory Authorities: When we are legally required to do so, or to protect our rights, property, or safety.
  • Business Transfers: In connection with a merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.

6. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we will ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:

  • Transferring data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Using Standard Contractual Clauses approved by the European Commission, which provide the data transferred with the same protection it has in the EEA.

7. Your Data Protection Rights (GDPR)

If you are a resident of the EEA, you have the following rights regarding your personal data:

  • The Right to Access: You have the right to request copies of your personal data.
  • The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.
  • The Right to Erasure (“Right to be Forgotten”): You have the right to request that we erase your personal data, under certain conditions.
  • The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
  • The Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions (e.g., for direct marketing).
  • The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us using the details in Section 1. We will respond to your request within one month.

Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or the place of the alleged infringement if you believe that the processing of your personal data infringes the GDPR.

8. Children’s Privacy

Our Service is not directed to individuals under the age of 16. We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us.7

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Effective Date” at the top of this document. We encourage you to review this Privacy Policy periodically for any changes.

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by