privacy policy

Last Updated: 02/28/2026

1. INTRODUCTION

This Privacy Policy explains how MonkeyMedia d.o.o., operating under the brand Livvi, collects, uses, processes, stores, and protects personal data when you access or use the Livvi platform (“Platform”).

Controller details:

MonkeyMedia d.o.o.
Cetinovec 17C
49250 Zlatar
Croatia
OIB: 67894399974
VAT ID: HR67894399974
Email: privacy@livvi.io

Livvi is committed to compliance with:

• EU General Data Protection Regulation (GDPR)

• ePrivacy Directive

• Applicable Croatian data protection laws

By using the Platform, you acknowledge this Privacy Policy.

2. DATA CONTROLLER & DATA PROCESSOR ROLES

Depending on the context:

• Livvi acts as a Data Controller for account, billing, and platform data.

• Livvi acts as a Data Processor when Hosts use the Platform to process Guest data (e.g., bookings, marketing).

Hosts are independent Data Controllers regarding their Guests.

Livvi is not responsible for Hosts’ independent data processing practices.

3. PERSONAL DATA WE COLLECT

We may collect the following categories:

3.1 Account Information

• Full name

• Business name

• Email address

• Phone number

• VAT ID / OIB

• Billing address

• Login credentials

3.2 Booking Information

• Guest name

• Contact details

• Booking dates

• Property details

• Payment status

3.3 Payment Information

Payments are processed via Stripe.

Livvi does not store full card details.

Stripe may collect:

• Cardholder name

• Billing address

• Payment identifiers

Stripe’s privacy policy applies separately.

3.4 Technical Data

• IP address

• Device type

• Browser type

• Operating system

• Cookies

• Usage logs

3.5 Marketing Data

• Email interaction data

• Campaign engagement

• Messaging metadata

3.6 AI-Generated Data

• Behavioral insights

• Pricing suggestions

• Predictive analytics

AI outputs are based on user-provided data and platform usage patterns.

4. LEGAL BASIS FOR PROCESSING

We process personal data under the following GDPR legal bases:

• Contract performance (Art. 6(1)(b))

• Legal obligation (Art. 6(1)(c))

• Legitimate interest (Art. 6(1)(f))

• Consent (Art. 6(1)(a))

Where consent is required, it can be withdrawn at any time.

5. PURPOSES OF PROCESSING

We process data to:

• Provide and operate the Platform

• Process bookings

• Manage payments

• Prevent fraud

• Improve services

• Provide AI-based analytics

• Comply with legal obligations

• Enforce Terms & Conditions

• Provide customer support

6. AI & AUTOMATED DECISION-MAKING

Livvi may use AI systems for:

• Dynamic pricing suggestions

• Revenue forecasting

• Marketing automation

• Automated communication

AI systems do not make legally binding decisions without human oversight.

Users remain responsible for final decisions.

Livvi does not guarantee AI accuracy.

7. DATA SHARING

We may share data with:

• Stripe (payment processing)

• Cloud hosting providers

• Analytics providers

• Legal authorities when required

• Integration partners (e.g., OTA platforms)

We do not sell personal data.

All processors are bound by contractual safeguards.

8. INTERNATIONAL DATA TRANSFERS

If data is transferred outside the EU/EEA:

• Standard Contractual Clauses (SCCs) are used

• Appropriate safeguards are implemented

9. DATA RETENTION

We retain data:

• For the duration of the account

• As required by accounting laws

• For legal defense purposes

• For regulatory compliance

Inactive accounts may be deleted after a reasonable period.

Certain financial records may be retained for up to 11 years under Croatian law.

10. DATA SECURITY

We implement:

• Encryption in transit (SSL/TLS)

• Access control measures

• Role-based permissions

• Secure cloud infrastructure

• Monitoring and logging

No system is 100% secure. Users acknowledge inherent internet risks.

11. DATA SUBJECT RIGHTS (GDPR)

Users have the right to:

• Access personal data

• Rectify inaccurate data

• Erase data (“Right to be forgotten”)

• Restrict processing

• Data portability

• Object to processing

• Withdraw consent

Requests can be sent to: privacy@livvi.io

We may require identity verification before fulfilling requests.

12. HOST RESPONSIBILITIES (WHEN LIVVI IS PROCESSOR)

When Hosts use Livvi to process Guest data:

• The Host is the Data Controller

• Livvi acts as Data Processor

The Host is responsible for:

• Obtaining valid consent

• Providing privacy notices

• Ensuring lawful data processing

Livvi is not liable for Host GDPR violations.

13. COOKIES

Livvi uses cookies for:

• Essential platform functionality

• Analytics

• Security

• Performance optimization

Users can manage cookies through browser settings.

See our Cookie Policy for details.

14. CHILDREN’S DATA

The Platform is not intended for individuals under 18.

We do not knowingly collect data from minors.

If discovered, such data will be deleted.

15. DATA BREACHES

In case of a personal data breach:

• Livvi will notify supervisory authorities as required

• Affected users will be informed if legally necessary

16. LIMITATION OF LIABILITY

Livvi shall not be liable for:

• Data misuse by Hosts

• Third-party processor failures

• External cyber attacks beyond reasonable control

Liability is limited to the maximum extent permitted by law.

17. CHANGES TO THIS POLICY

We may update this Privacy Policy at any time.

Changes become effective upon publication.

Continued use constitutes acceptance.

18. CONTACT

For privacy inquiries:

privacy@livvi.io

You also have the right to lodge a complaint with:

Croatian Personal Data Protection Agency (AZOP)