Privacy Policy

This Privacy Policy explains how Nova Sidera D.O.O., a company registered under the laws of Montenegro, collects, uses, stores, and protects personal data of Smarenta platform users.

Personal data processing is carried out in accordance with:

• Montenegro's Personal Data Protection Law, and
• General Data Protection Regulation (EU) 2016/679 (GDPR).

By using the Smarenta platform, you confirm that you are familiar with this Privacy Policy and understand its provisions.

Nova Sidera D.O.O. acts as the personal data controller within the meaning of GDPR.

This Privacy Policy applies to all users of the Smarenta platform, including but not limited to:

• travelers looking for rental accommodation;
• local tenants;
• individual property owners;
• companies engaged in property rental;
• property managers;
• platform administrators.

The platform has different types of user accounts (owner, manager, user, admin) with different levels of access to functionality.

Depending on how the platform is used, we may collect the following categories of personal data:

4.1 Data Provided Directly by the User

• First and last name (optional);
• Email address (required);
• Phone number (optional);
• Account password (stored exclusively in encrypted/hashed form, if registration via email);
• Property and content data entered by the user in the CRM (e.g., address, description, booking records).

4.2 Payment Data

Payments are processed through NLB e-commerce service and Bankart payment gateway. Smarenta does not store or process payment card data (card number, CVC, etc.). Card data is entered and processed exclusively in the payment provider/bank system.

4.3 Automatically Collected Data

• Cookies;
• User activity log (logins, CRM actions, technical events);
• IP addresses may be logged in server logs exclusively for security, system stability, and abuse prevention purposes.

Personal data is processed for lawful purposes, including:

• registration and management of user account;
• enabling access to CRM and platform functionalities;
• processing subscriptions and billing for CRM usage;
• providing technical and customer support;
• sending service notifications (non-marketing);
• sending marketing and promotional messages exclusively with specific user consent;
• ensuring security and proper functioning of the platform.

Personal data processing is carried out on the basis of the following legal grounds, in accordance with Article 6 GDPR:

• contract performance – to provide platform services;
• user consent – for marketing messages and non-essential cookies;
• compliance with legal obligations – in accordance with applicable regulations;
• legitimate interest – protection of platform security, service improvement, and abuse prevention.

The Smarenta platform uses cookies and similar technologies to ensure proper site functioning and usage analysis.

Possible technologies (if activated):

• Google Analytics (analytics);
• Meta Pixel (marketing and advertising).

Non-essential cookies are used exclusively after obtaining user consent via cookie banner. More detailed information is available in the separate Cookie Policy.

Personal data may be transferred exclusively to trusted third parties, to the extent necessary to provide services, including:

• payment provider/bank (NLB e-commerce / Bankart gateway) – exclusively within the billing process (without disclosing card data to Smarenta);
• analytical and marketing services (only with consent, where applicable);
• hosting and technical partners (as needed, with adequate contractual protection measures).

We do not sell or transfer personal data to third parties for commercial purposes.

Platform users may be located in EU countries and third countries. Personal data is stored on servers located within the European Union, with the application of protective measures in accordance with GDPR.

Personal data is stored only as long as necessary to achieve the purposes stated in this Privacy Policy.

After deleting a user account, personal data is deleted except to the extent that the law requires otherwise (e.g., records necessary to fulfill legal obligations or resolve disputes).

In accordance with GDPR, users have the right to:

• access their personal data;
• request correction of inaccurate or incomplete data;
• request deletion of personal data;
• withdraw consent at any time (when processing is based on consent).

The Smarenta platform is intended exclusively for users over 18 years of age. Registration and use of the platform by minors is not permitted.

We apply appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration, or unauthorized disclosure.

We reserve the right to change this Privacy Policy at any time. The current version will always be available on the Smarenta website with the date of the last update indicated.