← Back to legal
Legal

Privacy Policy

This Privacy Policy explains how JEDITOOLS DOO operating the Riva Escapes website and enquiry service collects, uses, stores, and shares personal data when you visit the website, submit an availability request, contact us, or interact with our analytics and consent tools.

Effective date: 06 April 2026 Last updated: 06 April 2026 Contact: legal@rivaescape.me

1. Who we are

We are JEDITOOLS DOO, trading as Riva Escapes.

Controller JEDITOOLS DOO
Registered address UL. 4. JULA BB, BLOK 35‑36, Podgorica, Montenegro (Crna Gora)
Registration / tax details 51026004
General contact jedi.tools@gmail.com
Privacy contact legal@rivaescape.me

2. Scope of this policy

This policy applies to personal data processed through:

  • the Riva Escapes website and landing pages;
  • the availability and enquiry form;
  • direct communications by email, phone, or WhatsApp;
  • website analytics and consent-management tools that are enabled on the site.

The website currently presents informational offers and lets you send an enquiry to discuss details and availability. Submitting a form does not automatically create a confirmed booking unless we expressly confirm that to you later in a separate communication.

3. What personal data we collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Identity and contact data: your name, email address, phone number, and WhatsApp number.
  • Trip enquiry data: selected escape type, pickup location, preferred date, number of guests, and any notes you include in your request.
  • Communication data: the content of messages you send us and records of our replies.
  • Technical and usage data: IP address, browser type, device information, pages viewed, interactions with site sections and calls to action, and approximate traffic-source data.
  • Consent data: your cookie preferences and related consent records.

Please do not submit sensitive personal data or unnecessary confidential information in free-text fields.

4. How we collect your data

We collect personal data:

  • directly from you when you fill in the enquiry form or contact us;
  • automatically through cookies, analytics tags, log files, and similar technologies, where permitted;
  • from service providers that support our website hosting, analytics, communication, and form processing infrastructure.

5. Why we use your data and our legal bases

Respond to your enquiry To review your request, check availability, contact you, and discuss the details of the service you asked about. Legal basis: processing necessary to take steps at your request before entering into a possible contract, and where relevant our legitimate interests in handling incoming service enquiries.
Operate and secure the site To keep the website functioning, prevent abuse, troubleshoot issues, and protect our systems. Legal basis: our legitimate interests in running a secure and reliable website.
Analytics and measurement To understand visits, page views, section views, traffic sources, and form interactions so we can improve the website and measure the performance of landing pages. Legal basis: your consent where analytics cookies or similar technologies require consent.
Comply with legal obligations To keep records, address lawful requests, or meet accounting, tax, regulatory, or legal requirements. Legal basis: compliance with a legal obligation.
Protect our rights To establish, exercise, or defend legal claims, prevent misuse, and enforce our terms and internal policies. Legal basis: our legitimate interests or, where required, compliance with legal obligations.

6. Cookies and analytics

We use strictly necessary technologies to operate the website and, if you consent, analytics technologies to understand how visitors use the site.

Where analytics cookies or similar technologies are used, they should only be activated after you give the relevant consent through our cookie banner or preferences tool. You can change your preferences at any time through our Cookie Policy and the consent controls made available on the website.

If Google Analytics 4 and Google Tag Manager are enabled, we use them to measure items such as visits, page views, section visibility, form-start events, submit attempts, and successful lead submissions. We do not intentionally send personally identifiable information such as names, email addresses, phone numbers, or free-text form content to analytics tools.

7. Recipients of personal data

We may share personal data with service providers that support our business, such as:

  • website hosting and infrastructure providers;
  • database, backup, and cloud service providers;
  • analytics and tag-management providers;
  • email, messaging, and customer-support tools;
  • professional advisers, authorities, or counterparties where legally required or reasonably necessary.

We do not sell your personal data.

8. International transfers

Your personal data may be processed in countries outside your own country and, where applicable, outside the EEA. If we transfer personal data internationally in a context where GDPR applies, we will use an appropriate transfer mechanism, such as an adequacy decision or approved contractual safeguards, where required.

9. How long we keep your data

We keep personal data only for as long as reasonably necessary for the purposes described above, including to handle your enquiry, maintain records, resolve disputes, enforce agreements, and comply with legal obligations.

Unless a longer retention period is required by law or justified by an active customer relationship, we generally intend to keep enquiry data for 12 months after the last meaningful interaction. Technical logs and analytics records may be retained for different periods depending on system settings and provider configurations. You should align the final wording here with your actual backend retention rules and deletion process.

10. Your rights

Depending on the law that applies to your case, you may have the right to:

  • request access to the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request deletion of your data in certain situations;
  • request restriction of processing in certain situations;
  • object to processing based on legitimate interests;
  • withdraw consent at any time where processing is based on consent;
  • request portability of data where applicable;
  • lodge a complaint with a competent supervisory authority.

To exercise your rights, contact us at legal@rivaescape.me. We may need to verify your identity before completing your request.

11. Data security

We use reasonable technical and organisational measures designed to protect personal data, such as access controls, secure hosting, backup procedures, transport security, and internal access limitation on a need-to-know basis. No online system is completely secure, so we cannot guarantee absolute security.

12. Children

Our website and enquiry flow are not intended for children under the age of 18, and we do not knowingly collect personal data from children without an appropriate legal basis or authorisation where required.

13. Third-party links and services

The website may contain links to third-party websites or messaging services, such as WhatsApp. Their privacy practices are governed by their own notices and policies, not this one.

14. Changes to this policy

We may update this Privacy Policy from time to time to reflect operational, legal, or technical changes. The updated version will be posted on this page with a revised “Last updated” date.

15. Contact us

If you have questions about this policy or want to exercise your data protection rights, contact:

JEDITOOLS DOO
UL. 4. JULA BB, BLOK 35‑36, Podgorica, Montenegro (Crna Gora)
legal@rivaescape.me