Privacy Policy
Last updated: 21 May 2026 Effective date: 21 May 2026
This Privacy Policy explains how IRANTE collects, uses, stores, and protects your personal data when you visit our website irante-rent.com, contact us, or make a booking. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Croatian Act on the Implementation of the General Data Protection Regulation (NN 42/2018).
1. Data Controller
The data controller responsible for your personal data is:
IRANTE, vl. Ante Gospodnetić Registered as: IRANTE, taxi prijevoz na moru, vl. Ante Gospodnetić Address: Stjepana Radića 3, 21400 Supetar, Republic of Croatia Owner: Ante Gospodnetić Owner OIB: 15001338152 Business registration number (MBO): 90579283 Obrtnica number: 17010800062
Contact for privacy-related matters: Email: agospodnetic@yahoo.com Phone: +385 98 207 446
2. What Personal Data We Collect
We collect the following categories of personal data:
Data you provide directly to us
- Contact form: first name, last name, email address, and the contents of your message
- Booking plugin (QuanticaLabs): name, email address, phone number, booking details (boat, dates, number of people, requested services)
- Direct communication: any information you share via WhatsApp, email, or phone
Payment data
- Payments are processed by Stripe Payments Europe, Ltd. We do not collect, store, or have access to your full payment card details. Stripe collects this information directly. See Stripe’s privacy policy at https://stripe.com/privacy.
Data collected automatically
- IP address, browser type and version, device type, operating system, referring website, pages visited, time spent on pages, language preferences, and approximate location (country/city level)
- Cookie identifiers (see Section 7)
3. Why We Process Your Data (Legal Basis)
We process your personal data on the following legal bases under Article 6 of the GDPR:
| Purpose | Legal basis |
|---|---|
| To respond to your inquiries via contact form, email, WhatsApp, or phone | Legitimate interest (Art. 6(1)(f)) |
| To process your booking and provide the requested service | Performance of a contract (Art. 6(1)(b)) |
| To process payments | Performance of a contract (Art. 6(1)(b)) |
| To comply with Croatian tax and accounting law | Legal obligation (Art. 6(1)(c)) |
| To analyze website usage and improve our services | Consent via cookie banner (Art. 6(1)(a)) |
| To prevent fraud and secure the website (reCAPTCHA) | Legitimate interest (Art. 6(1)(f)) |
4. How Long We Keep Your Data
| Data type | Retention period |
|---|---|
| Contact form messages | 12 months from last communication |
| Booking records and customer details | 11 years (required by Croatian Accounting Act) |
| Payment transaction records | 11 years (required by Croatian tax law) |
| Website analytics data | 14 months (default Google Analytics retention) |
| Cookies | Varies — see Section 7 |
After these periods expire, your data is permanently deleted or anonymized.
5. Who We Share Your Data With
We do not sell, rent, or trade your personal data. We share data only with the following categories of recipients, all bound by contracts and applicable data protection laws:
Service providers (data processors)
- Hostinger International, Ltd. (Lithuania) — website hosting
- Google LLC (United States) — Google Analytics, Google Maps, Google reCAPTCHA
- Stripe Payments Europe, Ltd. (Ireland) — payment processing
- CookieYes Limited (United Kingdom) — cookie consent management
- QuanticaLabs — booking plugin provider
Legal authorities
- We may disclose personal data when required by Croatian law, court order, or to protect our legal rights.
Service partners
- If you book a service involving a skipper or third-party operator, we share only the minimum data required to provide the service (e.g. name, contact, booking time).
6. International Data Transfers
Some of our service providers (Google, Stripe) may process data outside the European Economic Area, primarily in the United States. These transfers are protected by:
- Standard Contractual Clauses approved by the European Commission, and/or
- The EU-U.S. Data Privacy Framework
You can request a copy of these safeguards by contacting us.
7. Cookies
Our website uses cookies and similar technologies. Cookies are small files stored on your device. You can manage your cookie preferences at any time via the cookie banner managed by CookieYes.
Categories of cookies we use:
- Strictly necessary cookies — required for the website to function (e.g. session, security). Cannot be disabled.
- Analytics cookies — Google Analytics, to understand how visitors use the site. Only set with your consent.
- Functional cookies — Google Maps, to display location and directions.
- Security cookies — Google reCAPTCHA, to prevent spam and abuse.
You can withdraw your cookie consent at any time by clicking the cookie banner icon on our site or by clearing cookies in your browser settings.
8. Your Rights Under GDPR
You have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure (“right to be forgotten”) — request deletion of your data, subject to legal retention requirements
- Right to restriction — request that we limit how we use your data
- Right to data portability — receive your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interest
- Right to withdraw consent — where processing is based on consent, withdraw it at any time
- Right to lodge a complaint — file a complaint with the supervisory authority (see Section 11)
To exercise any of these rights, contact us at agospodnetic@yahoo.com. We will respond within one month of receiving your request, as required by GDPR.
9. How We Protect Your Data
We implement reasonable technical and organizational measures to protect your personal data, including:
- SSL/TLS encryption for all data transmitted via our website
- Secure hosting infrastructure (Hostinger)
- Limited access to personal data by authorized personnel only
- Regular security updates of WordPress and plugins
- Strong passwords and secure authentication
However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but we use industry-standard practices to protect your data.
10. Children’s Privacy
Our services are not directed at children under 18. We do not knowingly collect personal data from minors. Bookings and contracts must be made by an adult (18+). If you believe a minor has provided us with personal data without parental consent, please contact us immediately and we will delete the data.
11. Supervisory Authority
If you believe we have not handled your personal data in accordance with the law, you have the right to lodge a complaint with the Croatian data protection authority:
Agencija za zaštitu osobnih podataka (AZOP) Selska cesta 136, 10000 Zagreb, Croatia Phone: +385 (0)1 4609 000 Email: azop@azop.hr Website: https://azop.hr
You may also contact the supervisory authority in your country of residence within the European Union.
12. Third-Party Links
Our website may contain links to third-party websites (e.g. social media, partner sites). We are not responsible for the privacy practices of these external sites. We encourage you to read their privacy policies separately.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other reasons. The updated version will be posted on this page with a new “Last updated” date. We recommend reviewing this policy periodically. Significant changes will be communicated via a notice on our website.
14. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:
IRANTE, vl. Ante Gospodnetić Stjepana Radića 3, 21400 Supetar Croatia
Email: agospodnetic@yahoo.com Phone: +385 98 207 446