Privacy Policy

Last updated: 09.12.2025

This Privacy Policy describes how TRLJICA, obrt za trgovinu i ribarstvo, vl. Edita Čikarela (“Company”, “we”, “us”, or “our”) collects, uses, stores, and protects personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable laws. By using https://zadarboattrip.com (“Website”), you consent to the practices described in this Privacy Policy.

1. Data Controller

For purposes of GDPR, the Company acts as the “data controller” for personal information processed through the Website. You may contact the Company regarding any privacy-related matter at:

Email: svetisimetours@gmail.com.com

2. Information We Collect

We may collect personal information that you voluntarily provide during the booking process, including your full name, email address, phone number, number of passengers, and any additional details required to complete your reservation. Payment-related information, such as credit or debit card numbers, is not received, stored, or handled by us. Payment data is processed exclusively by TixTree and Stripe, both of which operate under strict security and PCI-DSS compliance standards.

Additionally, the Website may automatically collect certain technical data such as your IP address, browser type, operating system, device identifiers, access timestamps, and browsing behavior through the use of cookies and similar technologies.

3. Use of Personal Data

The Company processes personal information to facilitate bookings, issue confirmations, provide updates regarding excursions, respond to customer inquiries, improve user experience on the Website, ensure compliance with legal obligations, and maintain operational security. Personal information is not sold, rented, or transferred to unauthorized third parties.

We may share limited personal information with trusted service providers who perform essential operational tasks. These include TixTree for ticketing and reservation management and Stripe for payment processing. Both parties process data under strict privacy and security standards. We may also share personal data when required to comply with legal obligations or respond to legitimate requests from public authorities.

5. Legal Basis for Processing

We process personal data under the following legal bases:

Performance of a contract: Necessary to complete your booking and provide excursion services.
Legitimate interests: Ensuring Website security, improving services, and preventing fraud.
Consent: When required for optional communications or cookie-based activities.
Legal obligations: Compliance with accounting, tax, and maritime regulations.

6. Data Retention

Personal data is retained only for the period necessary to fulfill the purposes described in this Policy and to comply with applicable legal obligations. Once retention is no longer required, data is securely deleted or anonymized.

7. Data Security

We implement appropriate technical and organizational safeguards to protect personal information from unauthorized access, loss, alteration, or misuse. Sensitive payment data is secured solely by TixTree and Stripe under stringent PCI-DSS standards. Despite our best efforts, no data transmission over the internet can be guaranteed as fully secure.

You have the right to access your personal data, request corrections, request deletion under certain conditions, restrict or object to processing, request data portability, and withdraw previously granted consent. To exercise any of these rights, you may contact us at:

Email: svetisimetours@gmail.com.com

9. Changes to the Privacy Policy

We may update this Privacy Policy to reflect changes in our services or applicable regulations. Updates will be posted on the Website with a revised “Last updated” date.