Personal data protection

This personal data protection provides information about the collection and processing of personal data through this website.

PRIVACY POLICY

This Privacy Policy provides information about the collection and processing of personal data through this website.

DATA CONTROLLER

TP LINE d.o.o.
Ulica Božidara Petranovića 4, Zadar
OIB: 62241235910
Contact: Tel: +385 20 313 119
E-mail: tp-line@tp-line.hr

DATA PROTECTION OFFICER (DPO)

Ines Krečak, Data Protection Professional, CIPP/E
E-mail: feralis@feralis.hr

DATA COLLECTED AND PROCESSED – PURPOSE AND LEGAL BASIS

Personal data is collected via this website for several defined purposes:

• To respond to inquiries or requests (identification and contact details, and information provided in the message).

• For job applications (basic identification data, contact details, and information concerning a seaman’s book, qualifications, education, and work experience).

• For purchases via our webshop (only necessary contact details, purchased ticket information, and data required to complete the purchase and ticket delivery).

• For customer registration (necessary registration data).

Without the requested data, services cannot be provided.

We also use cookies to improve website functionality and user experience. Only cookies consented to in advance are collected. Users can manage or withdraw their consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal.

LEGITIMATE INTERESTS

In certain situations, data may be processed on the basis of legitimate interest. You may object, but processing may continue if there are overriding legitimate grounds or for legal claim establishment, exercise, or defense.

Example: VIDEO SURVEILLANCE – Processed data: video recordings.

• Purpose: protection of people and property.

• Retention: up to 7 days, or 6 months in case of an incident (longer if needed for legal proceedings).

• Recipients: competent authorities upon request.

• Data is not used for other purposes.

INTERNET COOKIES

What are cookies?
Cookies are small text files stored on user devices (PC, phone, tablet) when visiting a website. They help websites remember actions and preferences.

What information can cookies store?
User identifiers, preferences, shopping cart contents, login data, browsing activity, interests, visit duration, as well as security/authentication details.

Cookie types by function:

• Technical/necessary cookies – essential for functionality (e.g., shopping cart, session ID).

• Functional cookies – enhance functionality (e.g., language preferences).

• Statistical cookies – collect anonymous aggregated usage data.

• Marketing cookies – collect behavioral data to provide personalized ads.

Disabling cookies
Users can enable/disable cookies through browser settings or anonymous browsing modes. More details:

• www.allaboutcookies.org

• www.youronlinechoices.eu

• www.aboutads.info/choices/

DATA RECIPIENTS

Personal data may be transferred to IT solution and service providers as processors bound by data protection agreements in line with EU Standard Contractual Clauses (Commission Implementing Decision (EU) 2021/915). They cannot process or transfer data without instructions. Data is not shared with third parties for direct marketing purposes.

DATA RETENTION

Data is processed until the purpose is fulfilled, unless further storage is legally required or based on legitimate interest. Data processed on the basis of consent is kept until the consent is withdrawn or the purpose fulfilled.

DATA COLLECTED VIA SOCIAL MEDIA

On profiles/pages managed under the company’s official name (e.g., Facebook, Instagram), personal data is only used for responding to inquiries or comments. It is not processed for other purposes.

DATA SECURITY

We apply appropriate technical and organizational measures to ensure security, confidentiality, and lawful processing of personal data.

• Webshop uses PCI DSS standards with SSL encryption (128-bit) for secure transfer of payment data.

• Data such as personal IDs, credit cards, or payment details are transmitted securely and are not accessible to the Controller.

• Risk-based reviews and regular protection measures are implemented against unauthorized access, alterations, or data leaks.

YOUR RIGHTS

• Right of access – confirmation of whether data is processed, categories, recipients, purposes, and retention.

• Right to rectification – correct or complete inaccurate data.

• Right to erasure – request deletion unless legal obligations prevent it.

• Right to restriction – limit processing in specific GDPR cases.

• Right to withdraw consent – at any time; withdrawal does not affect prior lawful processing.

• Right to object – especially against processing based on legitimate interests.

• Right to lodge a complaint – to the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka), Zagreb, Ulica Metela Ožegovića 16.

CONTACT INFORMATION

For additional information or to exercise your rights, contact the DPO at: feralis@feralis.hr

Responses will be provided within 30 days in electronic form unless otherwise requested.

OTHER INFORMATION

This Privacy Policy is regularly reviewed and updated. Significant changes that may affect user rights will be announced via a pop-up notice on the website.

Last updated: September 2025