Privacy policy

  • Privacy protection

    Conformity with applicable legislation
    In accordance with the General Data Protection Regulation (EU) 2016/678 and other applicable legislation, Terme Krka is focusing closely on the protection of privacy of information it obtains from the users of this website, and the personal data submitted to Terme Krka by users. We want to make it clear how we collect, store, use and disclose personal data.

    What personal data do we collect on our website?
    You can visit our website without providing your personal data. You only have to provide personal data if you order any services.

    We only collect personal data when you provide it yourself, for example, when you subscribe to our newsletter, access certain content or take part in a prize draw, when you fill out a form about side effects or make hotel reservations, when you order services by e-mail or make an enquiry about services and similar cases where you have decided to provide us with your personal data.

    In addition to the personal data you provide us with, we also collect data using cookies. This data can contain information about: the website you used to access our website, the websites you visit from our website, the duration of your visit to our websites. We immediately anonymise the last three numbers of your IP-address, which means we cannot identify you by your IP-address. With this information, we may be able to determine your identity, however, we do not do this.

    For what purposes do we process the data that you provide us with through the website?
    The data you provide us or we collect via cookies is processed for the following purposes: for internal statistical purposes and for the purposes of visitor interests, but only in such a way that does not disclose your identity; for identifying server problems and for creating the website; for other purposes that you have requested and have agreed to, unless prescribed otherwise by law.

    Do we send your personal data to other companies?
    The Terme Krka company has access to your personal data, while it has concluded agreements with all its external providers, with whom it cooperates, where they are bound to personal data protection in accordance with applicable legislation.

    Where do we store the personal data you entrust us with through the website?
    Your personal data is stored on Krka’s servers in the European Union and which we manage ourselves. If the personal data is being stored by contractual partners, they guarantee at least the same level of security as is provided by Terme Krka. We will not forward your data in any for to be used by third parties, except for companies with whom we have concluded personal data processing agreements, or if required by judicial authorities.

    The Terme Krka website is principally intended for adults. If Terme Krka will create online content for minors or products and services for minors, it shall be performed in compliance with applicable legislation and consent shall be obtained from the minor’s parents or guardians.



    A cookie is a small file that is stored on your device when you visit a website and is recognised by the website that issued it.
     The cookies are used to enable all the functionalities of the website, to customise certain content to your preferences and to improve the website by analysing visits.

    The data collected via cookies is processed solely for statistical purposes and for the purposes of visitor interests, but only in such a way that does not disclose your identity, for identifying server problems and for creating the website.

    Some cookies that we use are temporary, while some cookies remain stored on your device for a specific period even after you leave our website. We use temporary cookies to measure the number of website visitors and we use the stored cookies to store contact details for future visits to our website so that you do not have to register again the next time you visit the website. We also used stored cookies that originate from other websites: these are cookies from YouTube that enable you to be able to watch certain video content on our website, advertising cookies and Google Analytics cookies that we use to see how you use our website, what content you are interested in and how long you stay on our website. On this basis we can create content for the website and customise it to the needs of visitors.

    The majority of browsers automatically accepts the use of cookies. You can decline the use of cookies at any time. If you want to decline cookies on your device, you can change the browser settings on your device. To find out more about declining cookies, go to, and to find out more about Google Analytics go to


    Your rights

    Using a request and the instructions on how to exercise your rights published on the page “Rights of the individual”, you can request at any time to access your personal data that we process, to correct them or delete them, object to their processing or limit processing.

    Furthermore, you can unsubscribe from receiving promotional e-mails by clicking “Unsubscribe” in the footer of the received e-mail.

    Changes to the Terme Krka website privacy policy

    Terme Krka reserves the right to change their website privacy policy, therefore we advise that you regularly check it. If any significant changes will be made, we will publish a notice in advance on our website.



    Terme Krka uses technical and organisational security measures that protect your data against tampering, loss, destruction or unauthorised access. Since we are aware of its importance, security measures are also integrated into all systems and procedures dealing with personal data databases. We working with databases, we use the most up-to-date technological solutions and approaches that, in combination, ensure a high degree of security regarding the storage and processing of personal data (data encryption, data access policy, recording data accesses, etc.). The infrastructure with continuous supervision safeguards the data from any threats, including viruses and other types of malicious codes. We use systems and procedures to detect threat, which help protect the services and ultimately provide a high level of security.