Montenegro Pass

Tekst u izradi

Ova stranica je nacrt namijenjen samo za internu provjeru. Konačan, pravno provjeren tekst zamijeniće je prije javnog lansiranja. Ako imate pitanja, pogledajte Kontakt.

Politika privatnosti

Posljednje ažuriranje: 2026-04-20

This page explains what we collect, why we collect it, and what you control. The text below is a draft for legal review before launch and covers the cookie and consent framework we plan to use.

1. Who we are

The data controller is the legal entity listed at the foot of this page. Contact for privacy matters: privacy@montenegropass.me.

2. What personal data we process

  • Account data: email address, name, optional phone, country, city.
  • Pass and transaction data: purchased passes, activations, validations at partner venues, payment references (not card numbers).
  • Communication data: support emails, marketing opt-ins, notification preferences.
  • Technical data: IP address, device/browser, session cookies, consent records.

3. Consent and cookies

Montenegro Pass uses a self-hosted consent management platform (c15t). On your first visit you will see a cookie banner that lets you accept, reject, or customise three categories:

  • Necessary (always on): session cookies required for sign-in, checkout, and the consent record itself. These cannot be disabled, because the service does not work without them.
  • Marketing (opt-in): whether you wish to receive promotional email or SMS from Montenegro Pass. Your choice here also controls the "I agree to receive emails" step during card activation.
  • Measurement (opt-in): reserved for anonymised analytics. No third-party measurement scripts are loaded at launch. This category is wired for future use and will be disclosed in full before any provider is activated.

You can change your choice at any time via the Cookie Preferences link in the footer. A changed choice is recorded in our audit log and cookie data is adjusted accordingly.

4. Legal basis

We rely on contract performance for your account and pass, legitimate interest for fraud prevention, and consent for marketing and measurement. Legal obligation may apply for tax-related records.

5. Sharing

We do not sell personal data. Limited data is shared with partner staff during scan (your name and pass validity) and with the payment processor during checkout. A full list of processors will be published before launch.

6. Your rights

You have the right to access, correct, delete, or port your data, and to withdraw consent at any time. Requests are handled at privacy@montenegropass.me.

7. Retention

Account data is retained while your account is active and for 36 months after last activity. Consent records are retained in the c15t audit log for the period required by GDPR. Financial records are retained as required by Montenegro tax law.

8. Policy changes

When this policy changes substantively, the consent policy version bumps and the cookie banner re-appears so you can review and re-consent.