Legal
Privacy Policy
Last updated: June 2026
1. Who We Are
Plažica is an online platform for reserving beach sunbeds and loungers along Montenegro's Adriatic coast, operated by Pelicanos d.o.o., Montenegro. When you use our website to browse beaches, sign in, or make a reservation, we act as the data controller responsible for your personal data.
Contact: info@pelicanos.me
2. Data We Collect
We collect only what is necessary to provide the reservation service:
- —Email address — used to send your one-time sign-in code (OTP) and booking confirmations.
- —Booking details — beach, date, seat, lounger type, and price of each reservation you make.
- —Payment data — payment is processed entirely by Stripe. We never see or store your card number; we only receive a payment session ID and confirmation status.
- —OTP log — the email address and IP address each time a sign-in code is requested, for fraud prevention.
- —Usage data — standard server logs (IP address, browser, pages visited) collected automatically.
3. How We Use Your Data
- —To authenticate you via a one-time email code.
- —To create, manage, and display your reservations.
- —To generate your entry QR code.
- —To process and confirm payments via Stripe.
- —To detect and prevent fraudulent sign-in attempts.
We do not use your data for advertising and do not sell it to any third party.
4. Third-Party Services
We share data with the following processors solely to operate the platform:
| Service | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing | Email, booking description, amount |
| Twilio | OTP verification codes | Email address |
| Cloudflare Turnstile | Bot / fraud prevention | Browser signals (no personal data) |
5. Cookies and Sessions
We use a single session cookie to keep you signed in. This cookie is essential for the service to function and does not track you across other websites. We do not use advertising or analytics cookies.
6. Data Retention
We retain your account and reservation records for as long as necessary to fulfil the purposes described here or as required by Montenegrin law. OTP logs are deleted after 90 days.
7. Your Rights
Under applicable data protection law you have the right to:
- —Access the personal data we hold about you.
- —Correct inaccurate data.
- —Request deletion of your data (subject to legal retention obligations).
- —Restrict or object to processing.
- —Receive your data in a portable format.
To exercise any of these rights, contact info@pelicanos.me.
8. Security
All data is transmitted over HTTPS. Payment data is handled exclusively by Stripe and never touches our servers. Sign-in uses time-limited one-time codes rather than passwords, reducing the risk of credential theft.
9. Changes to This Policy
We may update this policy from time to time. The "Last updated" date at the top will reflect the most recent revision. Continued use of the platform after changes constitutes acceptance of the updated policy.