Last updated: February 17, 2026
Website: https://split-cityexcursions.com Data controller: Flarent d.o.o., Križine 14, 21000 Split, Croatia Contact for privacy matters: info@flarent.hr Last updated: 19 May 2026
carrentalsplit.com is operated by Flarent d.o.o. ("Flarent", "we", "us", "our"), a licensed vehicle rental company and travel agency based in Split, Croatia. Through this website we provide car hire in Split, with additional services covering motorcycles, scooters, e-scooters, bikes, transfers, and tours for visitors travelling in Dalmatia.
For the purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR") and the Croatian Act on the Implementation of the General Data Protection Regulation (Zakon o provedbi Opće uredbe o zaštiti podataka, OG 42/2018), Flarent d.o.o. is the data controller of personal data processed through this website.
Our details:
If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at info@flarent.hr.
This Privacy Policy explains what personal data we collect about you when you use https://split-cityexcursions.com, why we collect it, how we use and share it, how long we keep it, and what rights you have under the GDPR.
It applies to:
It does not cover third-party websites we link to (for example, TripAdvisor, Facebook, Instagram, Google Maps). Those services have their own privacy policies, and we encourage you to read them.
We only collect data that we genuinely need to provide our services, run our website safely, and meet our legal obligations.
When you fill in an inquiry or booking form, contact us by email, or speak with us by phone or WhatsApp, we may collect:
When you visit the website, our servers and analytics tools may automatically collect:
This data is collected through server logs and through the analytics and advertising cookies described in Section 6 and in our Cookie Policy. Analytics and advertising cookies are only set after you give consent in our cookie banner.
We may receive data about you from:
Under the GDPR, every processing activity must have a lawful basis. We rely on the following:
| Purpose | Categories of data | Lawful basis (GDPR Art. 6) |
|---|---|---|
| Responding to your inquiry or quotation request | Identity, contact, message content | Art. 6(1)(b) — steps prior to entering into a contract at your request |
| Processing and fulfilling a booking (tour, transfer, rental) | Identity, contact, booking details, driver data | Art. 6(1)(b) — performance of a contract |
| Taking payment and preventing payment fraud | Payment data, identity, IP address | Art. 6(1)(b) — contract; Art. 6(1)(c) — legal obligation; Art. 6(1)(f) — legitimate interest in fraud prevention |
| Issuing invoices and keeping accounting records | Identity, contact, transaction data | Art. 6(1)(c) — legal obligation (Croatian Accounting Act / Fiscalisation Act) |
| Meeting tourist-agency reporting duties | Identity, nationality, booking details | Art. 6(1)(c) — legal obligation under Croatian tourism legislation |
| Customer support and after-sales communication | Identity, contact, booking details, message content | Art. 6(1)(b) — contract; Art. 6(1)(f) — legitimate interest in providing good service |
| Website analytics (Google Analytics 4) | Cookie identifiers, IP, usage data | Art. 6(1)(a) — your consent via our cookie banner |
| Marketing and remarketing (Google Ads, Meta Pixel) | Cookie identifiers, IP, usage data | Art. 6(1)(a) — your consent via our cookie banner |
| Sending optional marketing emails (if you opt in) | Identity, contact, booking history | Art. 6(1)(a) — your consent |
| Security, abuse prevention, and IT operations | IP address, server logs | Art. 6(1)(f) — legitimate interest in keeping the site secure |
| Defending or pursuing legal claims | Whatever is relevant to the claim | Art. 6(1)(f) — legitimate interest in legal defence |
You are not required to give us your personal data, but if you choose not to provide the data marked as required in our forms, we will not be able to send you a quotation or fulfil a booking.
Most of our processing happens inside the European Economic Area (EEA). However, some of our service providers — in particular Google and Meta — may transfer personal data to the United States or other countries outside the EEA.
Where this happens, the transfer is protected by one of the safeguards permitted under Chapter V GDPR, typically:
You can request a copy of the safeguards we rely on by emailing info@flarent.hr.
We keep personal data only for as long as is necessary for the purpose for which it was collected, plus any period required by law.
| Data | Retention period |
|---|---|
| Inquiry messages that do not lead to a booking | Up to 12 months from your last contact, then deleted |
| Booking records, vehicle lease contracts, related correspondence | 11 years (Croatian Accounting Act, Art. 8) |
| Invoices and accounting records | 11 years (Croatian Accounting Act, Art. 8) |
| Driver licence and ID copies (where collected) | Duration of the rental + 5 years (insurance and liability claims period), then deleted |
| Marketing email subscriber list | Until you unsubscribe, after which we retain only proof of consent and opt-out for up to 3 years |
| Website server logs | Up to 12 months |
| Cookie data | See the Cookie Policy for the lifetime of each cookie |
After the retention period ends, we securely delete or irreversibly anonymise the data.
We apply technical and organisational measures appropriate to the risk, including:
No method of internet transmission is 100% secure, so while we do our best, we cannot guarantee absolute security. If you suspect a problem, please contact us immediately at info@flarent.hr.
As a data subject, you have the following rights in respect of your personal data:
To exercise any of these rights, email info@flarent.hr with enough information for us to identify you and understand your request. We will reply within one month, in line with Art. 12(3) GDPR. We may extend this period by up to two further months for complex requests and will let you know if we do.
We may need to verify your identity before acting on a request, to make sure we do not disclose data to the wrong person.
If you believe that our processing of your personal data does not comply with the GDPR, you have the right to lodge a complaint with a supervisory authority. In Croatia, this is:
Agencija za zaštitu osobnih podataka (AZOP) Selska cesta 136, 10000 Zagreb, Croatia Phone: +385 1 4609 000 Email: azop@azop.hr Website: https://azop.hr
You may also complain to the supervisory authority in your country of residence within the EEA.
This website and our services are not directed at children under 16. We do not knowingly collect personal data from a child under 16 without the consent of the holder of parental responsibility. Where a child is travelling as part of a booking made by a parent or guardian, the parent or guardian is responsible for providing any data we need (such as the child's name and date of birth).
If you believe a child has given us personal data without proper consent, please contact us at info@flarent.hr, and we will delete the data.
We may update this Privacy Policy from time to time — for example, when we change our services, add a new processor, or to reflect changes in the law. The "Last updated" date at the top of this page always shows the date of the most recent version. For material changes, we will make a clear notice on the website and, where appropriate, contact you directly.
If you have any questions, requests, or complaints about this Privacy Policy or our handling of your personal data, please write to:
Flarent d.o.o. Križine 14, 21000 Split, Croatia Email: info@flarent.hr Phone: +385 95 336 2332 (Tours & Transfers) or +385 95 321 0498 (Rent a Car)