Privacy Policy
We're a small, family-run boat tour business in Dubrovnik, and we only ever ask for the details we genuinely need to answer your questions and run your booking. Here's exactly what we collect and why.
Who we are
Group Boat Tours Dubrovnik is a family-run operator of shared small-group boat tours, based at Gruz harbour in Dubrovnik, Croatia. This policy explains what personal data we collect, how we use it, and the rights you have over it. If anything here is unclear, just get in touch and we’ll explain it in plain language.
What data we collect
We only collect what we need to help you, in two situations:
- When you make an enquiry: through our contact form, email or WhatsApp, we receive your name, email address, phone number and the message you send us.
- When you book a tour: we take your booking details — chosen tour, date, number of guests and your contact details — together with your card payment. Payments are processed securely by Stripe; we never see or store your full card number ourselves.
We do not collect special-category data, and we don’t buy or rent contact lists from anyone.
How we use your data and our lawful basis
We use your information for clear, limited purposes:
- To reply to your enquiry and give you the information you’ve asked for — on the basis of your consent when you contact us.
- To run your booking, confirm your tour, contact you about departures and process refunds — on the basis of performing our contract with you.
We may also keep basic records to meet our legal and accounting obligations as a Croatian business.
The processors we work with
Like most small businesses, we rely on a few trusted suppliers to operate. Each only handles your data to provide their service to us, and each is itself bound to protect it:
- Stripe — secure card payment processing.
- Mailgun (EU region) — sending and delivering our booking and enquiry emails.
- Cloudflare — hosting and protecting this website.
- Google Analytics — anonymous website usage statistics, only if analytics is enabled (see below).
Cookies and analytics
Our website uses only the cookies needed to function correctly. Where website analytics is enabled, we use Google Analytics to understand how many people visit and which pages are useful, in an aggregated form — never to identify you personally. You can block or delete cookies in your browser settings at any time without affecting your ability to browse or book.
How long we keep your data
We don’t hold on to data longer than we need to:
- Enquiries that don’t lead to a booking are kept for up to 12 months, then deleted.
- Booking and payment records are kept for as long as required for accounting and tax purposes under Croatian law, then securely removed.
Your rights
Under the GDPR you have the right to:
- access the personal data we hold about you,
- ask us to correct anything that’s inaccurate,
- ask us to delete your data where we no longer need it, and
- object to or restrict how we use it.
We won’t charge you for a reasonable request, and we’ll always respond as quickly as we can.
How to contact us about your data
To make a data request, or to ask anything about this policy, email us at [email protected] or use our contact page. For the wider terms that apply when you book with us, please see our terms & conditions.