Privacy Policy

Privacy Policy for the Orient Express Hotel Website

We take care of the privacy of our website visitors, and in our business operation, we act in accordance with the legislation on data protection and in particular with the General data protection regulations applied from 25th May 2018. This statement aims to inform you about why and how we process your personal data in the context of using our website, about the grounds on which we process your personal information and how we handle it, as well as the rights you can exercise in this context.

Personal Data Protection

MAXIMUS Ltd company protects your personal data and all our employees are trained to handle such data in accordance with legal requirements. In addition, all employees are obliged to confidentiality and protection of all computerised data. We collect, use, and process your data in accordance with this Privacy Policy and the provisions of the Data Protection Act as well as other applicable regulations in the Republic of Croatia, which govern the protection of personal data. We guarantee our visitors and guests that all personal information is treated as confidential information and business secrets.
This privacy policy governs the way in which personal information accessed by the MAXIMUS Ltd company via the booking system or other forms is handled.
We collect personal data in order to provide a maximally efficient response to your inquiry, ensure the provision and payment of a service, promote our services, for data processing statistics, and the opportunity to send publications and other promotional materials and brochures. By providing us with personal information such as your e-mail address, phone number, etc., you also give your explicit consent for the MAXIMUS Ltd company to contact and inform you with the purpose of providing our services, thereby confirming that you are familiar with our privacy policy. If you do not wish to be contacted about our services, you should explicitly inform MAXIMUS Ltd in writing (via e-mail or by registered post).
Personal information that is governed and covered by our privacy policy:
1. Name and family name
2. Address
3. E-mail address
4. Phone, mobile, or fax number
5. Credit card information you provided when booking online or to a third party
6. Payment procedure or payment security
7. Your preferences to improve our service
8. Any other information that you want us to know and want to keep secret
9. CV for employment application

Who are the recipients of personal data?

In the framework permitted by law and depending on the processing activity, your details are delivered or disclosed to the following associates:
-IT service providers as part of software support and maintenance;
In some cases, the recipients of personal data are located outside of the EU. As explained on case by case basis, in the section “Purposes for which we collect data and legal grounds for data collection“, in all cases of transferring personal data in such countries, adequate level of protecting personal data is ensured according to the law (e.g. recipient’s membership in “the Privacy Shield” programme in case of recipients in the USA, by signing standard contract clause with the recipient). Also, at any given moment you can request additional information on personal data transfer outside of the EU and safety measures which are applied when using our contact details.

Privacy Policy Content

We shall not sell, rent, or disclose your personal information to any third parties without your explicit consent, as this is contrary to the privacy policy and the Data Protection Act. If we wish to contact you in any manner regarding our promotions and services, we will ask your consent. MAXIMUS Ltd company shall not be liable for any accidental error or an error due to force majeure that would cause any violation of the protection of your personal information, but we guarantee that we will securely rectify any such errors, if possible, as soon as possible. MAXIMUS Ltd company collects only that personal information that you have voluntarily submitted and we use it for the purposes of providing the above mentioned services. We will not ask you to provide your information in order to access our site or ask you to disclose more information than actually required to use one of our services. The credit card information you provide shall be used solely as a means of securing payment of booked services and is under the same protection as any other of your personal data. After the duly rendered and paid services, this information shall no longer be used without your explicit consent. By filling in the form on the page, you guarantee that the information you have provided is accurate and that you are giving your consent to the provisions of our privacy policy.

Privacy Policy Term

When you submit your information, you agree for us to contact you and will be included in our mailing list, as your entry is your explicit consent to contact. We shall protect your personal information permanently and you can request exclusion from our mailing list at any time. After that, your data shall no longer be used by the MAXIMUS Ltd company except for computing or statistical data processing.

Data Confidentiality

We emphasise that your personal information shall remain confidential when you visit the hotel's webpage, but also during your physical visit to the hotel, unless you volunteer to disclose it. We undertake not to disclose your personal information to any third parties, except in the cases as set forth in the applicable law.

Use of Cookies

To make it easier to browse our website, we use cookies. They are small text files that the server puts on the user's computer to track the selection of the individual language variants of our site. "Cookies" placed on your computer do not contain your name, but your IP address. After you stop working on a server, the information is no longer available to the company MAXIMUS Ltd If you want to remove cookies from your device at any time, please update your browser settings.

Spam Messages

Spam is where unwanted e-mails that contain marketing materials sent without your consent are stored. MAXIMUS Ltd company does not send spam e-mail messages, and we use an anti-spam tool to protect employees from receiving spam messages. If for some reason you think you have received junk e-mail from MAXIMUS Ltd, please let us know at the following address:

Access, Rectification, or Erasure of Personal Data

All our responders have the rights granted by personal data protection regulations.
You are granted the following rights:
-Right to withdraw a consent (when processing is based on consent)
-Right to access
-Right to delete (“right to be forgotten”)
-Right to make a correction
-Right to object
-Right to limit processing
-Right to transfer data
-Right to complain to competent authority
The enquiries and requests you send us will be processed without delay, in accordance with legal obligations, and you will be informed about the measures we have taken.
If you wish to exercise this right, please feel free to contact us at


Redirects from our pages will direct you to link for booking rooms in our hotel:

General conditions, information, and requests for personal data protection:

General Data Protection Regulation – Regulation (EU) 2016/679
Act on the Implementation of the General Data Protection Regulation
Croatian Personal Data Protection Agency – AZOP