Privacy Policy
We collect what we need to run your boat and land tours — names, contact details, passenger information required by maritime law, and payment data. We use cookies to make our website work and to understand how visitors use it. We do not sell your information to anyone. You have rights over your data and can ask us to show you what we have, correct it, or delete it. The rest of this policy explains the details.
Who we are
Chill Relax & Travel is a newly established tourism company based in Split, Croatia, specializing in personalized travel experiences and private boat tours.
Although newly founded, our team brings extensive experience gained over many years working across various sectors of the tourism industry. From customer service and operations to on-field experience at sea, our background allows us to understand the needs of modern travelers and deliver a high level of service.
We are committed to providing reliable, professional, and tailored experiences while respecting your privacy and ensuring the protection of your personal data.
For privacy purposes, we are the "data controller" — the company responsible for deciding how your personal information is used and for keeping it secure.
Company: CR&T j.d.o.o. Address: Makarska ulica 12, 21000 Split, Croatia Director: Duje Ribičić Branch Manager: Dora Modrić OIB: 93618045770 MBS: 6247512 Email: info@chillrelaxandtravel.com Phone: +385 95 585 7168 / +385 98 612 019
We comply with the EU General Data Protection Regulation (GDPR) and Croatian data protection law. Your information receives the same protection regardless of where you live.
Information we collect
Booking information
When you book a tour, we collect the details needed to confirm your reservation and run your trip: your name, email address, phone number, number of guests, and any special requests you mention (dietary needs, mobility considerations, celebrations).
For certain tours, Croatian maritime regulations require a passenger manifest listing every person on board. We need the full name, date of birth, nationality, and passport or ID number of each guest. This is not something you can choose to do; port authorities and the coast guard can ask to see the manifest at any time. If you are booking for a group, make sure everyone knows you are sharing their details with us.
Payment information
Card payments go through safe third-party companies that follow PCI-DSS rules. They take care of your card information. We can only see the amount, the reference number, and that the payment went through. We never see or keep your full card number. For accounting purposes, cash and bank transfers are kept track of.
Communications
We keep a record of every conversation you have with us, whether it's by email, WhatsApp, phone, or a contact form. This helps us give you the same level of service every time. If you called us last week, we can pick up where we left off instead of starting over. It also gives us proof in case there are any questions about what was said or agreed upon.
Website data
When you visit chillrelaxandtravel.com, our servers automatically gather technical information about you, such as your IP address, browser type and version, device type, operating system, pages visited, time spent, and how you got there (search engine, direct link, or social media). This is something that almost all websites do, and it helps us learn how people use the site so we can make it better.
We use Google Analytics with Google Signals enabled to understand how visitors use our website. This may combine your site activity with information from your Google account if you are signed in and have Ads Personalization enabled. All analytics data is aggregated and does not identify you personally. You can opt out of Google Analytics at any time by using the Google Analytics Opt-out Browser Add-on or by declining analytics cookies in our cookie banner.
We use Google Tag Manager to manage website tags. GTM itself does not collect personal data, but it triggers other services (like Google Analytics) that may.
If you leave a review, we may publish it on our website along with your first name and the tour you took. We will never publish your email, phone number, or other contact details. If you want a review removed, email us and we will take it down.
Cookies
Cookies are small text files that our website stores on your device when you visit. Some cookies are essential for the website to work; for example, they keep track of what's in your booking cart, remember that you're logged in, and store your cookie preferences. The site wouldn't work right without these, so they are always on.
Other cookies remember things like your language or currency settings so that we can make your experience better.
Analytics cookies tell us which pages get the most traffic and where people usually go when they leave the site. The data is grouped together, so we only see overall trends, not what any single person does.
With your consent, we may use marketing cookies to track ad performance and show you relevant ads on other sites.
When you first come to our site, a banner will ask you what kind of cookies you want. You can change your mind at any time by going to the Privacy Settings link in the footer or changing the settings in your browser.
How we use your information
We collect things for a reason. We mostly collect your information so that we can provide the boat tour or service you booked. We use your contact information to confirm your reservation, send you the time and place of the meeting, and get in touch with you if anything changes. Croatian maritime law requires us to make manifests using passenger information. We give our crew all the information they need so the captain knows who to expect and the hostess knows about any special requests or dietary restrictions. We couldn't run your tour without this information.
We use your payment information to charge you for your booking and to give you your money back if you need it. We keep transaction records for our accounting needs and to follow Croatian tax laws, which say that we must keep financial records for several years. We use your contact information to respond when you contact us with questions or concerns. We also keep records of our communications so that we can provide consistent service over time.
We analyse our website traffic and booking methods to see what's working and what isn't. This could mean realising that a certain page has a high drop-off rate and needs to be clearer, or that some tours are more popular than expected and should be offered more often. We use customer feedback, both formal reviews and casual comments, to decide how to improve our current products and create new ones.
We use your email address to send you news about special offers, new tours, and other updates from Chill Relax and Travel if you have given us permission to do so. We don't send you marketing emails without your permission, and every email has an unsubscribe link that lets you leave the list with just one click. We also use your information when the law requires it, such as keeping records for tax authorities, giving passenger manifests to port officials, and responding to legal requests from courts or law enforcement.
How long we keep your data
We keep different types of data for different lengths of time, depending on why we collected it:
- Booking and passenger data — 2 years after the date of your tour, then deleted. Passenger manifests may be kept longer if required by maritime authorities.
- Financial and transaction records — 11 years, as required by Croatian accounting and tax law.
- Communications (email, WhatsApp, etc.) — 2 years from the last contact.
- Marketing consent and email data — until you unsubscribe or withdraw consent, after which we delete your address within 30 days.
- Website analytics data — as configured in Google Analytics (default 26 months).
When the retention period expires, we securely delete or anonymise your data.
Legal basis for processing
GDPR says that we need a compelling legal reason for every way we use your personal data. Most of what we do is contract performance — when you book a tour with us, we use your information to deliver that service. Some processing is required by law, like keeping tax records and passenger manifests up to date. We need your permission to send you marketing emails and to set non-essential cookies. You can change your mind at any time. Finally, some of the processing we do is based on our legitimate business interests, such as analysing website traffic to improve the user experience or keeping records of communications for quality and dispute resolution purposes.
Who we share data with
We will not sell your personal information. We only share it when we have to: with our crew so they can prepare for your trip, with payment processors who handle card transactions safely, and with technology companies that host our website and send our emails under strict confidentiality agreements. As required by maritime law, authorities may receive passenger manifests, and tax authorities may inspect our financial records.
Your rights
You can ask for access to your personal data, ask us to fix mistakes, ask us to delete your data (with some exceptions for legal reasons), limit how we use your data, receive your data in a portable format, object to processing based on legitimate interests, and withdraw your consent at any time. To exercise any right, send an email to info@chillrelaxandtravel.com and we will respond within 30 days. If you think we didn't handle your data properly, you can file a complaint with Croatia's data protection authority (AZOP) at azop.hr or with the authority in your own country.
Security
Your data is sent over HTTPS, which means it is encrypted between your browser and our servers. We keep information on secure servers that only staff members who need it can access. Card payments go through providers that meet PCI-DSS standards, which is the same level of security that banks use. Everyone on our team knows how to handle personal information according to the rules we have set. No system is completely immune to problems, but we take the precautions that make sense for a business our size. If something goes wrong and your data is compromised in a way that affects your rights, we will contact you and report it to the authorities as required by law.
Third-party links
Our website links to Mapbox, social media, and other sites. Once you leave our site, their privacy policies apply.