Who we are

Jamming Adventures is a brand of Astrape Usluge d.o.o., company incorporated in Croatia in 2010. We are located on the island of Murter, Croatia and are offering various services around active vacation. At the moment you are visiting our website located at: https://jamming.tours.

What personal data we collect and why we collect it

Visiting the web site

When a visitor comes to our website, we do collect some data to improve our services and our web page. Some data we collect might be considered personal, such is IP address and browser’s ‘user agent’ string. We do not collect any other personal data. IP addresses are part of standard Internet protocol and is presented by your browser when you visit our web page. Visitor’s browser will, unless it is configured differently, receive a cookie; a bit of information that will allow us to customize the content of the website for the visitor.

For the purpose of enhancing the website and understanding the demographics of our visitors, we also utilize services from Google Inc, in particular Google Analytics. We share visitor’s IP address with Google Inc, which is used to determine origin of the visitor. We also collect some other non-personal information, such is type of browser, screen resolution, preferred language, etc. You can read more about Google’s privacy policy at https://policies.google.com/technologies/partner-sites.

Contact forms

When a visitor uses our contact form, we collect more of personal information. All this data is voluntarily given by the visitor and necessary to establish a functional communication. We ask the user for their name, last name and email address. This information is shared only within our company, it is not stored in any way and is not processes by any of our partners.

Booking

When a visitor decides to book a service with Jamming Adventures, they are requested to create a user account for our service. We use this user account to allow customers to keep track of services they bought and to enable multiple payments. At this stage in addition to information requested in Contact forms section, we also ask for customer’s phone number and physical address. These are needed for generating invoices and payment tracking. We will also share this information with the company providing accounting services; http://kriptus.hr/ as well as with the company providing invoicing services; https://solo.com.hr/sigurnost-i-privatnost.

If a customer opts for paying with a credit card, additional personal data is collected. However, this data is not collected by Jamming Adventures, neither is Jamming Adventures exposed to this information. Payment processing via credit card is done by WSPay, which is working in accordance with strict security and privacy policies (PCI-DSS).

If a customer opts for paying with PayPal, additional personal data is collected. PayPal will inform Jamming Adventures about PayPal user that executed the payment. This is needed to safely correlate payments by PayPal with our customer. This data is stored together with rest of the booking information only on Jamming Adventures servers. For details on PayPal privacy policy please visit https://www.paypal.com/en/webapps/mpp/ua/privacy-full.

How long we retain your data

We retain only data collected when a visitor buys one of our services. This data is stored for 2 years on our servers, while due to law requirements our accounting partner might be required to retain the data for a longer period.

What rights you have over your data

If you have an account on this site, or have made a booking, you can request an export of the data we store about you, you can ask for all data to be removed or altered if that is appropriate. For any request please contact us as at privacy@jamming.tours. Our dedicated GDPR officer is Ante Karamatić.

Additional information

How we protect your data

We ensure we have state of the art IT infrastructure, that all traffic between our visitors, our web site and our partners is encrypted. We apply all security patches to our systems and we host our website on servers located within EU, with the strictest privacy policies.

What data breach procedures we have in place

In case of data breach, affected users will be notified within 72h once breach has been detected.