Privacy Policy
GDPR is the name for Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
DATA CONTROLLER is a natural or legal person who determines the purpose and means of personal data processing.
DATA PROCESSOR is a natural or legal person who processes personal data on behalf of the data controller.
Ugostiteljski obrt Cipollina, Frane Supila 62, 22 000 Šibenik, OIB: 73322631689, owned by Anita Gašperov (hereinafter: the Company).
The Company cares about your privacy and the protection of your personal data. We have published this Privacy Statement to inform you about the ways we collect and process the personal data we have about you, the legal grounds on which we collect and process it, your personal rights concerning your data, and how you can exercise or protect those rights. Therefore, we kindly ask you to read this Statement carefully and check this page periodically for possible updates in the future.
About Us
Ugostiteljski obrt Cipollina, Frane Supila 62, 22 000 Šibenik is the data controller of your data (hereinafter: “we”, “us”, etc.) in accordance with the General Data Protection Regulation.
This Statement covers data we collect about you online, i.e., via email, the website https://taxisibenik.com.hr/ and other related communication channels. Any links on our website that lead to third-party sites are not covered by this Statement, and we are not responsible for their content or data processing practices.
What Personal Data Do We Collect?
While using the website, we may collect several types of data that, on their own or in combination, may be considered personal. These include:
-
Full name
-
Address
-
Phone number
-
Email address
-
Your IP address
When Do We Collect Your Personal Data?
There are several situations in which we may collect your personal data:
-
When you voluntarily provide personal data, e.g., when you fill out an order or registration form, call us using the phone number listed on the website, send us an email, or contact us via the contact form;
-
When you visit our website (e.g., IP address data that may be collected automatically when necessary for the site’s security and proper functioning);
-
When you call us (calls may be recorded);
-
When we receive data from third parties in accordance with the law, in which case we will notify you within 30 days of receiving the data or upon the first contact.
We do not collect data from minors nor offer services to them. We also do not process special categories of personal data as defined in Article 9 of the GDPR.
Purposes for Using Your Personal Data
We collect and process your personal data for the following purposes:
-
To process your order via our webshop and issue an invoice;
-
To register a new user account;
-
For communication and responding to your inquiries and cooperation requests;
-
For organizing prize contests and publishing the winners’ names;
-
For website traffic analysis and user experience personalization;
-
For sending promotional messages and newsletters.
We reserve the right to forward your personal data to third parties (our professional partners and/or companies with whom we provide services) to improve our services or upon your request. We also reserve the right to publicly announce contest winners’ names based on our legitimate interest in ensuring transparency and fairness.
Data Recipients
We do not forward your personal data to third parties unless legally required to do so.
We do not transfer your personal data to countries outside the EU that are not covered by the European Commission’s adequacy decisions or the Privacy Shield (a decision regulating data transfer between the US and the EU providing an equivalent level of protection). Visitor data and identifiers may be transferred to the US under the data controller Google Inc.
Data Processors
We may forward your personal data to third parties such as accounting services, credit card payment providers, or courier services for order delivery. All processors have valid data protection agreements in place, which bind our partners to protect your data in accordance with applicable regulations.
Use of Cookies and Other Identifiers
When you visit our website, we may collect the following information from your browser:
-
IP address
-
Time of access
-
Identifiers (browser, OS, language, etc.)
-
Referrer URL (the previous website you visited)
-
Shopping cart content
This data is collected to ensure server stability, improve security, enhance user experience, and simplify the shopping process. These activities are based on our legitimate interest.
You can learn more in our Cookie Policy.
Data Protection
To protect your data transmitted through this website, we use physical, technical, and organizational security measures. All personal data we hold is stored in a legally appropriate manner. We generally use HTTPS encryption to safeguard data from unauthorized access. Email messages are stored on secure, password-protected servers. Unless absolutely necessary, we do not duplicate or print your data, except for making regular backups.
Only employees who need your data to provide services to you have access to it. Any collaborators or processors guarantee equal or higher levels of data protection than those stated in this Statement.
Retention Period and Storage Location
Data provided based on your consent is stored until the consent is withdrawn. Otherwise, we keep the data as long as necessary to fulfill contractual and/or legal obligations, and at least for two years. Communication data (e.g., when you contact us) is kept for at least 5 years. Phone call recordings are stored for 2 years.
Personal data is stored at the company’s premises in adequately protected areas, and on servers located in Croatia (either owned by the company or third parties).
Your Legal Rights
Under the GDPR, all data subjects (individuals who provide personal data) have certain rights, which they can exercise at any time by contacting the data controller.
If you have any questions or wish to exercise any of the rights below, please contact us at info@taxisibenik.com.hr or call 099 513 4660.
We typically respond to requests within 30 days.
Right of Access and Information
Upon request, we will provide a report on all personal data we hold about you and allow you to review it. If we do not have any data about you, we will inform you of that. If you provided personal data when registering as a customer/member, you can always view it through your profile.
Right to Rectification
If you find inaccuracies in the personal data we hold, we will correct them upon your request, provided you submit the correct information. During the request processing, we will, where possible, temporarily suspend the processing of the disputed data. You can also edit your data directly through your profile.
Right to Erasure (Right to Be Forgotten)
You have the right to request deletion of your personal data if at least one of the following conditions is met:
-
The data is being processed unlawfully;
-
The data is used for direct marketing based on legitimate interest;
-
There is no legal basis for retaining the data;
-
The data is no longer necessary for the purpose it was collected for;
-
There is a legal obligation to delete it;
-
You have withdrawn your consent.
These rights arise from Article 17, paragraph 1 of the GDPR. Please note that this right is limited and we may not be able to delete personal data in all cases, e.g., when we have a legal obligation to retain it.
Right to Restrict Processing
You may request temporary suspension of data processing if:
-
You believe the data is inaccurate (and have requested a correction);
-
The data is being processed unlawfully but you do not wish to have it deleted;
-
The data is needed for legal claims, even if we no longer need it;
-
You await confirmation of whether our legitimate interests override your rights after you have objected to processing.
Right to Data Portability
Upon request, we will provide a copy of your data in a commonly used, machine-readable format. You may also request that we transfer the data directly to another controller of your choosing.
Right to Object
You have the right to object at any time to our processing of your personal data based on legitimate interest. Upon receiving your objection, we will assess whether our legitimate interests override any risks to your rights and freedoms.
Right to Lodge a Complaint
We aim to process your data transparently and lawfully. However, if you believe we are processing your data unlawfully or the issue cannot be resolved amicably, you have the right to file a complaint with the competent supervisory authority in your EU member state of residence or directly with the Croatian Personal Data Protection Agency, Martićeva 14, 10000 Zagreb; azop@azop.hr.
Notification of Data Breaches
In the event of a personal data breach (including but not limited to theft, loss, unauthorized access, duplication, or disclosure) that may significantly impact your rights and freedoms, we are obliged to notify you and the supervisory authority as soon as possible, and no later than 72 hours after becoming aware of the breach.
We are not required to notify you of a breach if:
-
Technical and organizational protective measures (such as encryption) have been applied to the affected data, making it unintelligible to unauthorized persons;
-
Subsequent measures have been taken to ensure that a high risk to your rights and freedoms is no longer likely;
-
Notification would involve disproportionate effort (in which case we will notify you via public communication or similar equally effective means).
Contact Us
Phone: 091 513 4660
Email: info@taxisibenik.com.hr
Postal address: Frane Supila 62, 22000 Šibenik
Changes to This Statement
We reserve the right to update this Statement. The latest version will be published on this page.
Last updated: 07/04/2025