Privacy Policy (GDPR) – Goolets Adriatic d.o.o.

Last updated: 01 April 2026

 

This Privacy Policy explains how Goolets Adriatic d.o.o. (“Goolets Adriatic”, “we”, “us”) collects, uses, stores, and shares personal data when you contact us, request an offer, book services, or use our website and related communication channels. We process personal data in accordance with the EU General Data Protection Regulation (GDPR) and applicable Croatian data protection laws.

 

1) Who we are (Data Controller)

Company: Goolets Adriatic d.o.o.

Address: Poljička cesta 1, 21000 Split, Croatia

Email: adriatic@goolets.net 

Phone: 00385 95 950 5505

 

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the details above.

 

2) What personal data we collect

Depending on your interaction with us, we may collect the following categories of personal data:

 

1. A) Identification & contact data

• Full name
• Email address
• Phone number
• Country of residence
• Company name and role 

 

1. B) Booking and travel-related data

• Charter details (yacht name, dates, itinerary, ports)
• Number of guests and group composition (e.g., adults/children)
• Service preferences and requests (e.g., activities, dining, transfers)
• Hotel/villa details (if applicable), pickup points and timing
• Passport/ID details only if required by a specific supplier/service (e.g., certain transfers, permits), and only to the minimum extent necessary

 

1. C) Communication data

• Email, messages, and call notes related to your requests and bookings
• Information you voluntarily share during coordination (e.g., special requests)

 

1. D) Payment and billing data

• Billing details needed for invoicing (e.g., company information, VAT details)
• Payment status and transaction references

 

We do not store full card details. Card payments are processed by certified payment providers.

 

1. E) Website and technical data (if applicable)

• IP address, device/browser information
• Basic analytics data (pages visited, timestamps, referral source)

 

3) Why we collect and use your data (purposes)

 

We use your personal data for the following purposes:

• To respond to inquiries and provide offers and information
• To organize and deliver services you request (reservations, coordination, scheduling)
• To communicate with you before, during, and after service delivery
• To manage administrative operations, including invoicing and accounting
• To ensure service quality and safety, including operational logistics and risk management
• To comply with legal obligations, including tax, accounting, and tourism/transport requirements where applicable
• To improve our services and website (analytics and performance, where applicable)

 

4) Legal bases for processing (GDPR Article 6)

We process your personal data on one or more of the following legal bases:

• Contract / steps prior to contract: to prepare offers, confirm bookings, and deliver services
• Legal obligation: to comply with accounting, tax, and other applicable laws
• Legitimate interests: to manage our business operations, protect our rights, and improve services (balanced against your rights)
• Consent: where required (e.g., optional marketing communications, certain cookies) — you may withdraw consent at any time

 

5) How long we keep your data (retention)

We keep personal data only as long as necessary for the purposes described above:

• Inquiries and offers (no booking): typically up to 12 months after the last communication
• Confirmed bookings and service delivery: typically up to 5 years after completion (to manage operations, disputes, and service history)
• Accounting and invoices: as required by law (generally up to 11 years, depending on applicable Croatian regulations)
• Marketing (if consented): until you withdraw consent or request deletion

 

Retention may be extended if required to establish, exercise, or defend legal claims.

 

6) Who we share your data with

We may share your personal data only to the extent necessary to deliver the requested services and operate our business. This may include:

• Service providers and partners such as:
• Yacht-related partners (where applicable)
• Hotels/villas and hospitality venues
• Tour and activity providers
• Transfer providers (taxi/van/boat), skippers, and logistics partners
• Restaurants, beach clubs, wineries
• Wellness providers (e.g., therapists, medical clinics)
• Payment service providers (for processing payments)
• Accountants, legal advisors, and IT providers (as needed for business operations)
• Authorities where required by law

 

We do not sell personal data.

 

7) International data transfers

If it is necessary to share data with suppliers or partners outside the European Economic Area (EEA), we will ensure appropriate safeguards are in place (e.g., contractual protections and GDPR-compliant transfer mechanisms), where required.

 

8) Your rights (GDPR)

You have the right to:

• Access your personal data
• Rectify inaccurate or incomplete data
• Erase your data (“right to be forgotten”), where applicable
• Restrict processing in certain situations
• Object to processing based on legitimate interests
• Data portability (receive your data in a structured, commonly used format)
• Withdraw consent at any time (where processing is based on consent)

 

To exercise your rights, contact us at [insert email]. We may request reasonable verification to protect your data.

 

You also have the right to lodge a complaint with the relevant supervisory authority, including the Croatian Personal Data Protection Agency (AZOP).

 

9) Data security

We use appropriate technical and organizational measures to protect personal data from unauthorized access, loss, misuse, or disclosure. Access is limited to authorized personnel and trusted partners who require the data for service delivery.

 

10) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, with the updated “Last updated” date.