Privacy Policy

SMART TRAVEL d.o.o. (referred to as the AGENCY) acknowledges and appreciates your right to confidentiality of personal data and it is obliged to preserve the security of data collected through the site www.smarttravelcroatia.comAGENCY collects, processes and keeps your personal information in accordance with the EU General Data Protection Regulation (GDPR) and other applicable regulations. Data will not be passed on to third parties or exported to third countries except if necessary for the realization of the contracted services (accommodation, airline, transfer, insurance).
We consider that further use of  web site is your acceptance of all the conditions described below.


Your personal information is collected and used only on the basis of the information you have voluntarily provided to the AGENCY by sending a query (when you send your inquiry, personal information will be used, such as: first name, last name, e-mail) and in the case of confirmation of reservation (please read a description below).

Collected personal information is kept in electronic form, but in the case of package arrangement confirmation and a payment, the personal data are printed on the deposit payment invoice and the final invoice (name of the reservation holder, address of the residence), only for bookkeeping purposes, as well as on printed vouchers for travel services agreed (name and surname of all participants) and all appropriate technical and organizational measures are applied to prevent personal data violations. Received emails with your personal information will be used by AGENCY only for the purpose of meeting your requirements.

When confirming the booking agreement, we will need the personal data of the reservation holder who must be an adult person (first name and last name, date of birth, address of residence, contact telephone, e-mail etc.) and a personal data of other guests in the group (name and surname, date of birth). When booking the Insurance package or Airplane ticket, we will ask for personal data of the reservation holder who must be an adult person (first name and last name, date of birth, passport number, address of residence) and a personal data of other guests in the group (first name and last name, date of birth, passport number, address of residence). Only the necessary information (name and last name of all participants of the trip) will only be available to partners (accommodation, transportation and other travel services).
Payment details (bank card number, expiration date etc.) are specifically protected and will only be available to banks or cardholders for payment authorization.

Confidentiality of your information is protected and secured by using SSL encryption. Pages for web payment are secured by using Secure Socket Layer (SSL) protocol with 128-bit data encryption. SSL encryption is a data coding procedure for prevention of unauthorized access during data transfer. This enables a secure data transfer and prevents unauthorized data access during communication between user and Payway Payment Gateway and vice versa. Credit card numbers are not stored and are not available to unauthorized persons.

Payway is a system that allows simple connection between the AGENCY and one or more credit card issuers. Payway allows safe exchange of authorization questions and answers from credit card issuers and uses the highest standards of protection and data privacy. Payway system continuously works on safety enhancement and its confirmation.
PCI Data Security Standards (PCI DSS) is a norm that defines safety measures for processing, storing and transferring (communication) credit card data.

Cookies allow AGENCY to collect statistical data on user behavior at web page (for example, in which parts of our web page the users stay the longest and the shortest), which Internet browser is used etc. (i.e. Internet Explorer, Opera, Safari, Google Chrome, Firefox).

Whar are Cookies? The cookies are a small set of data sent from the server to the user’s computer, and serves as an anonymous identifier. They are are also used for easier navigation through the Internet. Cookies are not used to access user data or to track user activity after leaving

AGENCY reserves the right to use cookies at, but any user may prohibit receiving cookies by editing / changing settings in their Internet browser.

6. LINKS contains a link to the UHPA website (Association of croatian travel agencies), Facebook, Instagram and TripAdvisor. Accordingly, we would like to alert the users to consider that the AGENCY can not be held liable for the privacy of the mentioned Internet sites. Therefore, we encourage users to read the Privacy Statement of each Internet site they access.

The AGENCY takes all security measures to protect the user’s information, during data entry, transfer, data processing and storage. Access to data is limited only to those employees who are required to do business activity.
Users at any time have the right to request information about how their personal data are processed by the AGENCY, or to modify or delete them, by sending a request to Jelena Mijic, email:

In the event of any changes to the Privacy Policy, the notice will be published on the homepage of the web site with the intention of acquainting the user.

Office: Amruseva 10, 2nd floor, Zagreb, Croatia
Main office: Medveščak 89, Zagreb, Croatia
Working hours: Monday – Friday: 09.00 – 16.00
Croatia Phone: +385 1 2862 899
Mobile: +385 99 666 89 78

Zagreb, 26.09.2018.