Privacy Policy

Effective date: May 06, 2026

Last updated: May 06, 2026

This Privacy Policy explains how Time Walk d.o.o. ("Time Walk", "we", "us", "our") collects, uses, and protects your personal data when you visit our website timewalk.hr or book and participate in our tours.

We respect your privacy and comply with the EU General Data Protection Regulation (GDPR) and Croatian data protection law.

1. Who we are

Time Walk d.o.o.
Address: Šenoina 10, 21000 Split, Croatia
OIB (Croatian business ID): 19749884227
Email: info@timewalk.hr
Phone: +385 91 920 4433

For all privacy-related questions or to exercise your rights under GDPR, contact us at info@timewalk.hr.

2. What data we collect

When you book a tour

  • Full name
  • Email address
  • Phone number
  • Booking date, time, and group size
  • Payment information (processed by our booking partner — we do not store card details)
  • Special requests, accessibility needs, or health information you choose to share

When you contact us

  • Name, email address, and the content of your message

When you subscribe to our newsletter

  • Email address

When you visit our website

  • IP address (often anonymised)
  • Browser type, version, and language
  • Device type and operating system
  • Pages visited, time spent on each page, and referral source
  • Cookie data (see our Cookie Policy for full details)

3. Why we collect it (legal basis)

We process your personal data only when we have a valid legal basis under GDPR:

  • Contract performance — to deliver the tour you've booked, manage your reservation, and provide customer support.
  • Consent — for newsletters, marketing communications, and non-essential cookies (which you can withdraw anytime).
  • Legal obligation — to comply with Croatian tax law, accounting requirements, and other regulatory duties.
  • Legitimate interest — to improve our website, prevent fraud, and analyse anonymised website performance.

4. Who we share your data with

We share your personal data only with trusted service providers we use to operate our business:

  • TicketingHub — booking platform that processes reservations and payments
  • GetYourGuide and Viator — when you book through them, they share your booking details with us so we can deliver the tour
  • Brevo — our email service provider for booking confirmations and (with consent) newsletters
  • Cloudflare — for website security and performance
  • Ma-Ro Consulting — our accounting and bookkeeping partner
  • Croatian Tax Authority and other public bodies — when required by law

We do not sell your personal data to third parties. We do not share your data for advertising purposes without your explicit consent.

5. International data transfers

Some of our service providers (such as Brevo, TicketingHub, or Cloudflare) may process data outside the European Economic Area. When this happens, we ensure transfers are protected by appropriate safeguards — such as Standard Contractual Clauses approved by the European Commission, or transfers to countries with an adequacy decision.

6. How long we keep your data

Type of data Retention period
Booking and payment records 11 years (Croatian tax law)
Newsletter subscriber email Until you unsubscribe
Contact form messages Up to 2 years
Website analytics data Up to 26 months
Cookie consent records 1 year

7. Your rights under GDPR

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate or incomplete data
  • Erasure ("right to be forgotten") — request deletion of your data, subject to legal obligations
  • Restriction — limit how we process your data
  • Objection — object to processing based on legitimate interest or for direct marketing
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent — at any time for processing based on consent
  • Lodge a complaint — with the Croatian Personal Data Protection Agency (AZOP) at azop.hr

To exercise any of these rights, email us at info@timewalk.hr. We respond to all requests within 30 days.

8. Security

We use appropriate technical and organisational measures to protect your personal data, including encrypted connections (HTTPS), access controls, secure passwords, and regular reviews of our security practices. However, no system is 100% secure — please use strong passwords and protect your own login credentials.

If a data breach occurs that affects your rights and freedoms, we will notify you and the AZOP within 72 hours, as required by GDPR.

9. Children's privacy

Time Walk's services are not directed to children under 13. We do not knowingly collect personal data from children under 13 without parental consent. If you are a parent or guardian and believe we have collected such data, please contact us at info@timewalk.hr and we will delete it.

10. Cookies

We use cookies and similar technologies on our website. For full details on what cookies we use, why we use them, and how you can manage your preferences, please see our Cookie Policy.

11. Third-party links

Our website may contain links to third-party websites (such as our blog references, GetYourGuide, Viator, or partner services). This Privacy Policy applies only to timewalk.hr — once you click a link to an external site, we are not responsible for their privacy practices. Please review their own privacy policies.

12. Changes to this policy

We may update this Privacy Policy from time to time, especially as we add new tools or services. The "Last updated" date at the top of this page will reflect any changes. For significant changes, we will notify you by email or through a notice on our website.

13. Contact us

For any privacy-related questions or to exercise your rights:

Time Walk d.o.o.
Email: info@timewalk.hr
Phone: +385 91 920 4433
Address: Šenoina 10, 21000 Split, Croatia

© 2026 Time Walk d.o.o. · Split, Croatia
€19 · 80 min ★ 5.0 · 90+ reviews
Book Now →