We provide this Privacy Policy to inform you about how we collect, use, share and otherwise process your personal information. As a private customer, as an employee of one of our corporate customers, or as another person to whom we offer or provide our services – accommodations, meetings and events, and related products and services – through our websites, mobile applications, email communications, or other online and offline means. We are committed to respecting our users’ privacy concerns and process all personal data in accordance with European and Slovenian data protection law. Personal information you provide to us in a privacy request will be used solely for the purpose of processing your request.

This privacy policy and Cookie Policy apply to users and the website and its subpages. The user is any legal or natural person who uses or visits the website .

By using the website, the user confirms that he/she agrees with Privacy Policy. By continuing to use the website, the user agrees to the changes.

The Privacy Policy describes how the personal data and other information provided by the user on the website are collected and used.

The policy may be changed or updated from time to time. In order to be informed about the changes affecting your personal data, we recommend that you visit this website regularly.


Users’ personal data is carefully protected, in accordance with personal data protection legislation (Regulation (EU) 2016/679 (GDPR) and Personal Data Protection Act – ZVOP-1) and data protection and Cookie Policy. The data provided will be used exclusively for the purposes related to our business.


The owner of the personal data is the company HOSTEL ZZZ, Lok4cija d.o.o, Ulica dveh cesarjev 170, 1000 Ljubljana, Slovenia.


The controller of personal data cooperates with outsourced service providers who process the data exclusively on behalf of the controller. This process is for the purpose of enabling bookings and booking payments, supporting analytics and marketing services, improving service and user experience, etc. The personal data controller and processors have defined their relationships and obligations. The processors of personal data are not permitted to disclose the personal data for their own or third parties’ purposes or to transfer the data to third parties or third countries.The personal data controller may disclose personal data to law enforcement authorities and other government agencies if required by law or if strictly necessary for the prevention, detection or prosecution of crime and fraud.


The personal data we collect includes: – User’s first name, last name, email address and country; – credit card data (type of credit card, name of cardholder, credit card number, expiry date); – data related to the guest’s stay, including arrival and departure dates, special requirements, service preferences (including preferences regarding the room, service or other services used); – event-related data (first name, last name, company, email address, telephone number, country, start and end time of the event, duration of the event, number of participants); – data provided by the User in advance of the Event, including the User’s IP address; – an e-mail address used for sending information about promotions and special offers by e-mail. All data received will be used exclusively for communication related to the provision of our services, for the management and processing of online bookings, for customer support and for promotional activities within the scope of the legislation.


Personal data may be processed and stored in accordance with the law, i.e. for as long as there is a purpose for the processing and storage, or until the individual’s consent has been withdrawn. Once the user’s consent has been withdrawn in writing, the data will be deleted. All retained personal data are part of this Privacy Notice.


In order to ensure the protection of personal data, we implement all necessary legal, organizational and appropriate logisticaland technical procedures and measures.We ensure that unauthorized persons do not have access to the personal data, premises, equipment and software in which the data is stored.We ensure an effective means of blocking, disposing of, deleting or anonymising personal data.We enable the retrospective identification of when individual personal data was used and entered into the database and who did this. This applies to the period during which the individual data is stored.


In accordance with the applicable legislation on the protection of personal data, the data subject has the right at any time to withdraw the consent given, to obtain access to, rectification, restriction of processing or erasure of personal data by notifying us in writing by post to HOSTEL ZZZ, Lok4cija d.o.o, Ulica dveh cesarjev 170, 1000 Ljubljana, Slovenia, or by e-mail to The data subject may also lodge a complaint about the processing of his/her personal data and address it to the above-mentioned address. The data subject may also lodge a complaint about the processing of his/her personal data directly with the competent supervisory authority, i.e. the Information Commissioner of the Republic of Slovenia.


In case of personal data breaches, we will immediately take all internal and external measures (technical, organizational) to protect the rights and interests of individuals. We will inform each of the data subjects and the competent supervisory authority in the Republic of Slovenia.


The Privacy Policy is amended and updated as necessary, so we recommend that you review it regularly. The Policy is published on the website; it entered into effect on 5th of October 2022.