The City of Dubrovnik in accordance with legal provisions is obliged to provide protection of privacy and personal data protection to buyers of the Dubrovnik Card. When buying the Dubrovnik Card only basic data will be collected about customers, necessary for buying the aforementioned card. All buyers’ data is strictly kept and is only available to those employees who need it in performing their job. All employees and business partners are responsible for respecting the privacy and protection of personal data and should ensure that such data will not be used to send advertising messages or for any marketing actions without the prior consent of customers involved.

The buying process and registration

To buy or send an inquiry through this web page, the user i.e. the buyer shall previously complete the registration process. During that process the buyer will be asked for contact information (such as name and surname, e-mail address, residential address). Such data is used to get in touch with the buyer when answering questions through our web site and ensuring the privacy of the user to control a performed purchase or entry or to change data.  The user i.e. the buyer can send an inquiry without sending his data, just by using a valid e-mail address. 


Credit card payment is performed through the WebPay service, one of the leading systems in the credit cards industry. Confidentiality of your data is protected and secured using SSL encryption. Web payment sites are secured using Secure Socket Layer (SSL) protocols with 128/256-bit data encryption. SSL encryption is a data encryption process which prevents unauthorised access during data transmission. This ensures secure data transfer and disables unauthorised access to data when communicating between your computer and the WebPay service and vice versa. The WebPay service and financial institutions (credit card companies) exchange information using a Virtual Private Network (VPN), which is protected from unauthorised access. Credit card numbers are not stored and are not available to unauthorised persons.


This website may contain links to other websites. Please bear in mind that the City of Dubrovnik cannot be held liable for compliance with privacy on the aforementioned other web sites. Our customers are encouraged to read the privacy statements of each web site that collects personally identifiable information. This Privacy Statement applies solely to information collected on the website. 

Collection and processing of personal data

During the buying process of the Dubrovnik Card i.e. the process of realisation of the required service as well as for informing you about your purchase, we will only use the data you voluntarily provide us with. We undertake not to sell, disclose or provide any of your information to a third party in a manner not specified in this statement.

The City of Dubrovnik collects personal information and can use it to provide customer support, answers to inquiries and complaints

Which data do we collect?

Personal data: name, surname, address, place and country of residence, zip code, e-mail address, telephone / fax number.

Purpose of data collection

Dubrovnik Card purchase – to process your purchase.

Disclosure to third parties

Personal data may be transferred to third parties, provided there is a legal basis for the transfer.

How long will we keep your data

Personal data is stored and processed only as long as is necessary for the realisation of the service.
Personal data that is no longer required or irrevocably anonymised or destroyed in a safe manner.

Web shop:

Access to a web shop or online purchase is possible after login.
Data provided by the user during registration is stored on the City of Dubrovnik’s server and in the business software accessible only by employees of that department using access codes. The City of Dubrovnik hereby notifies buyers of the Dubrovnik Card that the credit card data as well as any data of that type is not stored or processed on its website but on the protected Webteh d.o.o. web site (WebPay service) where everything is done through encryption and to us as a company this data is not visible in its original form. You as a user or buyer of the Dubrovnik Card can decide to permanently leave your data on the pages used for billing, but this data will not be stored on our servers or in our software. We encourage you to read how these pages process and record such type of data.

Where is personal data stored?

The city of Dubrovnik keeps its server in the Republic of Croatia, in its official premises.

The right to delete users’ personal information:

The user or buyer of the Dubrovnik Card (the Dubrovnik Card) has the right to request the deletion of personal data at any time. This can be done by sending an e-mail to and the data will be deleted without delay unless there is a legal obligation of keeping the above-mentioned data, a legitimate interest or a basis for The realisation of your legal rights. We will only be able to answer your request if the same was sent from an active e-mail that was recorded in our business software, containing accurate information in it (name and surname) in order to protect you from eventual exposure of your personal data to a third party.

Right to complaint

If, despite the measures taken to protect your personal data you believe that you have grounds for complaint, please contact us on Apart from the City of Dubrovnik, you can file a complaint to the Personal Data Protection Agency.

Privacy Statement City of Dubrovnik can change at any time by publishing a revised Privacy Policy text on the City of Dubrovnik website and on the mobile version of the mentioned website. In this way, the City of Dubrovnik invites every Buyer of the Dubrovnik Card to read this statement before purchasing it and if he/she disagrees with the Statement of Privacy, we urge him/her to leave, not to access or use the web site This Privacy Statement comes into force immediately after being posted on the web site and on the mobile version of the same. The continued use of this website by the user after the entry into force of the Privacy Statement will be considered the user’s confirmation and acceptance of this Statement of Privacy.


Mato Franković