Privacy Policy

Last updated: 31 March 2026

At Taxi Biograd (“we”, “us”, “our”), accessible at https://taxi-biograd.net, we respect your privacy and are committed to protecting your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Croatian data protection laws.

This Privacy Policy explains what personal data we collect, how we use it, the legal basis for processing, how long we keep it, and what rights you have.

1. Data Controller

Data Controller: HRVOJE, prijevoznički obrt, vl. Hrvoje Erstić
Address: Porto San Giorgio 25, 23210 Biograd na Moru, Croatia
OIB: 00136884018
Email: info@taxi-biograd.net
Phone: +385 (99) 355 1070

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us using the details above.

2. What personal data we collect

We may collect the following categories of personal data when you contact us or book a transfer:

a) Information you provide directly

When you use our contact or booking form, call us, email us, or contact us via WhatsApp, we may collect:

  • full name
  • email address
  • phone number
  • pickup location
  • destination
  • selected vehicle type
  • travel details you include in your message, such as date, time, number of passengers, luggage details, and similar booking information
  • any other information you choose to send us

b) Booking and service information

If you book a ride or transfer with us, we may also process:

  • booking date and time
  • route and travel schedule
  • service preferences
  • communication records related to your booking
  • payment-related information necessary to arrange or confirm the service

c) Technical data

When you visit the website, certain technical data may be processed automatically by the website server or hosting environment, such as:

  • IP address
  • browser type and version
  • device type
  • operating system
  • referring website
  • date and time of access
  • requested pages

This type of technical data is commonly processed for website security, performance, and troubleshooting.

3. How we collect your data

  • when you fill in and submit the website contact or booking form
  • when you contact us by phone
  • when you send us an email
  • when you contact us by WhatsApp or similar messaging apps
  • when you communicate with us about a booking or transfer
  • automatically through your use of the website, such as server log data

4. Purposes and legal bases for processing

We process personal data only where we have a valid legal basis under GDPR.

a) To respond to enquiries

We use your data to answer questions, provide quotes, and communicate with you about our services.

Legal basis:
Article 6(1)(b) GDPR, when processing is necessary to take steps at your request before entering into a contract
Article 6(1)(f) GDPR, our legitimate interest in responding to customer enquiries

b) To manage bookings and provide taxi or transfer services

We use your data to arrange pickups, confirm routes, coordinate schedules, and deliver the requested service.

Legal basis:
Article 6(1)(b) GDPR, performance of a contract

c) To keep records and manage our business

We may use your data for administration, scheduling, internal records, dispute handling, and customer support.

Legal basis:
Article 6(1)(b) GDPR
Article 6(1)(f) GDPR, legitimate interest in operating and protecting our business

d) To comply with legal obligations

We may process or retain certain data where required by tax, accounting, consumer protection, or other legal obligations.

Legal basis:
Article 6(1)(c) GDPR, compliance with a legal obligation

e) To maintain website security and functionality

We may process technical information to protect the website from abuse, errors, and unauthorized access.

Legal basis:
Article 6(1)(f) GDPR, legitimate interest in website security and functionality

5. Cookies and similar technologies

We may use technically necessary cookies and similar technologies required for the website to function properly, such as security, session management, and form handling.

These cookies do not require consent where they are strictly necessary.

If the website uses analytics, marketing cookies, Google services, Meta Pixel, reCAPTCHA, embedded maps, or similar third-party tools, those services should be listed separately in this Privacy Policy and, where required, activated only after valid consent has been obtained.

6. Who we share your data with

We do not sell your personal data.

We may share your data only when necessary, for example with:

  • website hosting providers
  • email providers
  • IT support providers
  • booking, communication, or messaging service providers
  • accounting or legal advisers
  • public authorities where required by law

Where third-party providers process personal data on our behalf, we require them to handle it securely and in accordance with data protection law.

7. International data transfers

Where any of our service providers process data outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place, such as:

  • an adequacy decision by the European Commission, or
  • Standard Contractual Clauses, where required

If you use WhatsApp or other third-party communication services to contact us, your data may be processed by those providers under their own privacy terms.

8. How long we keep your data

We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, and dispute-resolution purposes.

Typical retention periods may include:

  • general enquiries: up to 12 months after the last contact
  • booking and service records: up to 24 months after service completion, unless a longer retention period is necessary
  • invoices and accounting records: as long as required by applicable tax and accounting laws
  • technical server logs: for a limited period necessary for security and maintenance

9. How we protect your data

We take appropriate technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure.

These measures may include:

  • limited access to personal data
  • password-protected devices and accounts
  • secure communication tools
  • regular software and website maintenance
  • use of reputable hosting and service providers

No system can be guaranteed 100% secure, but we take reasonable steps to protect your information.

10. Your GDPR rights

Under GDPR, you may have the right to:

  • request access to your personal data
  • request correction of inaccurate or incomplete data
  • request erasure of your data
  • request restriction of processing
  • object to processing based on legitimate interests
  • request data portability, where applicable
  • withdraw consent at any time, where processing is based on consent
  • lodge a complaint with the competent supervisory authority

In Croatia, the supervisory authority is:
Croatian Personal Data Protection Agency (AZOP)
Agencija za zaštitu osobnih podataka

Before contacting the authority, we encourage you to contact us first so we can try to resolve your request directly.

11. Third-party websites and services

Our website may contain links to third-party websites or allow communication through third-party services such as email or WhatsApp. Those third parties have their own privacy practices, and we are not responsible for their content or policies.

We recommend reviewing their privacy notices before using their services.

12. Children’s privacy

Our services are not directed specifically to children. We do not knowingly collect personal data from children without appropriate legal basis or parental involvement where required.

If you believe a child has provided us with personal data inappropriately, please contact us so we can remove it if necessary.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, technical, or operational changes. The updated version will be published on this page with a revised “Last updated” date.

14. Contact

If you have questions or requests regarding this Privacy Policy or your personal data, please contact:

HRVOJE, prijevoznički obrt, vl. Hrvoje Erstić
Porto San Giorgio 25
23210 Biograd na Moru
Croatia
OIB: 00136884018
Email: info@taxi-biograd.net
Phone: +385 (99) 355 1070