🚤
〰〰〰〰〰〰〰〰
RENT A BOAT VIR

Privacy & Cookie Policy

Last updated: 4 July 2026

1. Who we are

The controller of your personal data is Gizmo, craft business (obrt), operating as Rent a Boat Vir, Luka II, 23234 Vir, Croatia (“we”, “us”). Contact: rentaboatvir@gmail.com, tel. +385 91 588 4940. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Croatian law.

2. Scope

This policy applies to this website (rentaboat-vir.eu), to enquiries and bookings made by phone, WhatsApp, e-mail or through our contact form, and to our social media pages on Facebook and Instagram.

3. What data we collect

Identity and contact data: name, telephone number, e-mail address, when you provide them to us. Booking data: requested dates, number of persons, chosen service, boat licence details where required for rental. Billing data: data required to issue an invoice under Croatian law. Communications: the content of messages you send us (including via WhatsApp, which is operated by Meta and subject to its own terms). Technical data: IP address, device and browser type, and cookie data as described in section 6.

4. Why we process your data and on what legal basis

Answering enquiries and managing bookings: performance of a contract or steps taken at your request before entering into a contract (Art. 6(1)(b) GDPR). Issuing and keeping invoices: compliance with legal obligations (Art. 6(1)(c) GDPR). Safety and legal claims: our legitimate interest in operating safely and establishing, exercising or defending legal claims (Art. 6(1)(f) GDPR). Marketing measurement and advertising (e.g. Meta Pixel): exclusively your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time.

5. Recipients of data

We share personal data only where necessary: with our accounting service and the Croatian Tax Administration (invoicing), with our website hosting provider, and, only if you consent to marketing cookies, with Meta Platforms Ireland Ltd. (Facebook/Instagram advertising tools). The interactive map on our contact page is provided by Google (Google Maps); loading it may transfer technical data to Google. Our availability calendar and weather widgets are served via Cloudflare and do not process personal data. We never sell your personal data.

6. Cookies and similar technologies

Essential cookies are required for the website to function and are always active. Marketing and analytics cookies (such as the Meta Pixel, used to measure the performance of our advertising) are set only after you click “Accept” in our cookie banner. If you choose “Essential only”, no marketing cookies are set. You can change your mind at any time by clearing cookies in your browser, after which the banner will appear again. You can also limit ad tracking in your Facebook and Instagram settings.

7. International transfers

Where providers such as Meta or Google transfer data outside the European Economic Area, they do so under recognised safeguards such as the EU, US Data Privacy Framework or the European Commission’s Standard Contractual Clauses.

8. How long we keep data

Enquiries and correspondence, up to 2 years after our last contact. Invoices and accounting records, 11 years, as required by Croatian law. Data processed on the basis of consent, until you withdraw consent. We delete or anonymise data once it is no longer needed.

9. Your rights

You have the right to access your data, to rectification, erasure, restriction of processing, data portability, and to object to processing based on legitimate interest. Where processing is based on consent, you may withdraw it at any time without affecting prior processing. To exercise any right, contact us at rentaboatvir@gmail.com, we will respond within one month. You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (AZOP, Selska cesta 136, 10000 Zagreb, azop.hr) or with your local EU supervisory authority.

10. Children

Our services are intended for adults. We do not knowingly collect data from children under 16; boat rental contracts may only be concluded by persons aged 18 or over.

11. Security

Access to personal data is limited to the staff of our craft business. We use up-to-date software, encrypted connections (HTTPS) and reputable providers to protect your data.

12. Automated decision-making

We do not use automated decision-making or profiling that produces legal effects concerning you.

13. Changes to this policy

We may update this policy from time to time. The version published on this page applies. Material changes will be indicated by updating the date above.