Privacy Policy

INFORMATION ABOUT DATA PROCESSED

The purpose of collecting personal data

Personal data may be collected through this website for the following purposes:

  • to buy a bus ticket
  • for the better functioning of the features of these websites (cookies).

Categories of personal data

The categories of personal data that may be collected through this website are as follows:

  • Identification data (eg user name);
  • contact information (e.g. user's e-mail);
  • payment information (e.g. card number)
  • data about the use of this website (cookies).

Legal basis for processing personal data

For the collection of personal data, this website uses the legal basis of performance of the contract/service, i.e. the data is processed to enable the performance of the requested service or to take measures at your request before providing the requested service (for example, buying a train ticket). Data collected for the purpose of purchasing a train ticket are considered necessary data. That is, such data processing is necessary in order to perform the requested service or to take actions before providing the requested service, which makes such processing lawful in accordance with the provisions of the General Data Protection Regulation. Please note that if you do not provide the necessary information, we will not be able to fulfill your request. Data is also processed based on your prior consent/permission, for example when collecting cookies. We collect only those cookies for which you have previously given your consent. You have control over cookies for the entire time you use the website, that is, you can turn them on or off according to your preferences. It is important to note that the withdrawal of consent to the collection of cookies does not affect the legality of data processing that has already been carried out up to the time of withdrawal of consent.

RECIPIENTS OF PERSONAL DATA

Collected personal data can be forwarded for use by providers of IT and communication solutions and services who act as our processors:

  1. Online payment service WSpay Monroe Payments doo, Ulica grada Vukovara 269F, 10000 Zagreb, Croatia
  2. Fiscal invoice preparation service Etranet grupa doo, Radnička cesta 177, 10000 Zagreb, Croatia

We can forward personal data to another carrier, in the justified case of a bus breakdown or force majeure due to which we are unable to perform the contracted service, but only to the extent and quantity necessary for the realization of the requested service. The data transmitted in this way may be processed by the other carrier-partner exclusively for the purpose of fulfilling the task entrusted to it.

The executors provide reasonable guarantees and have taken appropriate technical and organizational protection measures in order to adequately ensure data protection and conduct in accordance with the requirements of the General Regulation. An agreement/agreement on the processing of personal data was concluded with such processors based on Commission Implementing Decision (EU) 2021/915 on standard contractual clauses between managers and processors as a separate part of the contract. The aforementioned agreement/contract stipulates the handling of personal data in detail, therefore they are not able to process personal data without our order and pass them on to third parties.

Personal data is not passed on to third parties for direct marketing purposes.

DATA RETENTION PERIOD

Personal data collected through this website is processed until the purpose for which the data was collected is fulfilled. After the termination of the purpose, personal data are no longer processed, except in the case if we are obliged to do so by legal regulations or the processing is based on our legitimate interest. All documents and information about passengers and customers such as incoming and outgoing invoices, calculations, contracts, etc. we store bilateral legal acts, decisions and resolutions for 11 years in accordance with special regulations. In the case of processing based on legitimate interest, it is carried out while such interest exists, unless the user limits it or completely suspends it based on a complaint. On the basis of legitimate interest, we store all correspondence, letters and papers, including e-mail, for a period of 5 years, complaints and correspondence with passengers regarding complaints for 1 year after the end of the procedure, and records of complaints for 2 years. We store data that we process on the basis of consent until the purpose of processing is fulfilled or until you withdraw your consent.

DATA COLLECTED THROUGH SOCIAL NETWORKS

The pages and profiles we manage on social networks (Facebook, Instagram, etc.) are always under the correct and full name of the Company.

 

We use personal data about our contacts that we collect using them only in the case of responding to an inquiry or comment, and the data is not processed for other purposes.

USE OF COOKIES              

                GENERAL TERMS

What are cookies?

Cookies are small files that the Internet browser (Web Browser) stores on a computer, mobile device or some other device with which the user visited an Internet site (Web site). It stores them on the "order" of that Internet site, for its further needs. These needs can be different and depend on the purpose of cookies, so for example cookies can collect information about the language the visitor has chosen to display pages at multilingual sites, the sequence of visited pages so that the user can return to the pages in the same sequence, a list of items that the user has inserted into the shopping cart in the Internet store, up to e.g. User's IP address, user's username and password, e-mail address, user's geolocation, whether he uses a computer or a mobile device, which pages of an Internet site he visited, and more.

Types of cookies according to duration

According to their duration, cookies can be:

  • Permanent cookies (saved) (eng Persistent Cookies) – these are cookies that remain on the computer or device used to visit the Internet site after closing the Internet browser. Internet sites use them to store data, such as login name and password, language settings or cookie settings so that the user does not have to re-enter them on each subsequent visit. Permanent cookies can remain on the computer or device used to visit an Internet site for days, months, or even years.
  • Temporary cookies or session cookies (eng. Session Cookies) – these are cookies that are removed from the computer or device used to visit the Internet site after closing the Internet browser. With them, Internet sites store temporary data, such as e.g. the last few pages that the user has opened on the Internet site he is visiting or the items in the shopping cart if he is on an Internet site that specializes in Internet sales.

Types of cookies by source

According to the source, cookies can be:

  • First party cookies - these are cookies stored by the original Internet site that the user primarily visits, e.g. Internet store if you buy online.
  • Third party cookies – these are cookies stored by other Internet sites or Internet services (eng. Web Services), which are parts of the primary Internet site that the user primarily visits. They are usually used by other Internet sites to monitor the habits of users on the primary Internet site, or they can be used by an Internet service for quality provision of that service (e.g., an Internet site uses a so-called Web Chat Internet service to interact with the user, which stores an identification number for its purposes user so that the service knows to whom to forward which message).

Cookies by function:

And Technical cookies
(always active) – necessary for the website to function and cannot be turned off. These cookies do not store information that could identify you identify .

II Functional cookies
(can be turned off) – enable the website to provide improved functionality and personalization.

III Statistical cookies
(can be turned off) - enable recording of visits and sources of traffic for the purpose of measuring and improving the efficiency of the Internet site

IV Marketing cookies
(can be turned off) – serve to track users through websites and display targeted ads.

HOW TO DISABLE COOKIES

By turning off cookies, the user decides whether to allow cookies to be stored on his computer. Additionally, you can accept or reject some or all cookies by adjusting your browser settings. Cookie settings can also be controlled and configured in the Internet browser. You can find information on how to change settings for some of the most commonly used Internet browsers at the following links:

ADDITIONAL INFORMATION ON DISABLED COOKIES

Some browsers allow you to browse the Internet in "anonymous" mode, limiting the amount of data placed on your computer and automatically deleting persistent cookies placed on your computer or mobile device when you end your browsing session. There are also many third-party applications that you can add to your browser to block or manage cookies. You can also delete cookies that were previously placed in your browser by selecting the option to delete browsing history and turning on the option to delete cookies. You can find more detailed information about cookies and adjusting your browser settings at the following links:

SECURITY OF PERSONAL DATA PROCESSING

We collect and process personal data in a way that ensures adequate security and confidentiality in their processing, and enables effective application of data protection principles. This includes reducing the amount of data, limiting the scope of its processing, determining the storage period and ensuring the availability of data. For this purpose, we have implemented appropriate technical and organizational protection measures that provide a level of security proportional to the risks of data processing and the nature of personal data that is stored. In doing so, we especially take into account the characteristics and costs of implementing those measures.

We provide users with the highest level of data protection. PCI DSS standard with TLS 1.2 cryptographic protocols are used for secure data transfer. All personal data, numbers of personal documents, credit cards or other means of payment provided by users, are transmitted exclusively via a secure connection with 256-bit data encryption. The controller does not have access to the data used for payment.

We regularly review processing that may pose a risk to the rights and freedoms of individuals. We have taken appropriate security measures to protect personal data from accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, especially in cases where the processing involves the transmission of personal data over the network, and from all other unlawful forms of processing.

EXERCISING RIGHTS

Right of access

At any time, you can request confirmation of whether your personal data is being processed and detailed information about the processing, in particular about the purpose of the processing, about the type/categories of personal data being processed, including insight into your personal data, about the recipients or categories of recipients, and about the intended period in which personal data will be stored.

Right to rectification

We guarantee the right to correction, and you can obtain the correction of incorrect and incomplete personal data without delay.

Right to erasure

You have the right to request the deletion of your personal data. If the request is justified and if the law does not oblige us to store data, the data will be deleted without undue delay.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data in the cases provided for in the General Regulation. In particular, we emphasize that you can limit the processing of personal data based on legitimate interest as a lawful basis for processing.

Right to withdraw consent

You have the right to withdraw your consent at any time. It is important to note that the withdrawal of consent does not affect the legality of the processing of personal data carried out up to the moment of its withdrawal.

Right to object

You have the right to object to the processing of your personal data in all cases provided for in the General Regulation. We especially point out that you can raise an objection to processing based on legitimate interest as a legal basis for processing and limit or completely prohibit processing.

Right to complain

In the event that you believe that the processing has resulted in a violation of your personal data and a violation of the provisions of the General Regulation, you can submit a complaint to the supervisory authority, the Agency for the Protection of Personal Data from Zagreb, Selska cesta 136.

CONTACT INFORMATION

For additional information about the processing of personal data or to exercise your rights in this regard, please contact us through our data protection officer or use other available contacts.

E-mail of the data protection officer: feralis@feralis.hr

Your request will be processed within 30 days from the moment you successfully identify yourself. We provide the answer in the usual electronic form, unless you expressly request otherwise.

OTHER INFORMATION

This privacy policy is regularly reviewed, supplemented and changed in order to always reflect the actual state of collection and processing of personal data through this website. Please check regularly for such changes. In case of significant changes or changes that could affect the rights and freedoms of the users of this site, we will inform about this in a pop-up window immediately after arriving at this website.

Last update: November/2024.

DATA PROTECTION OFFICER (DPO)

  • Ines Krečak - Data Protection Professional, CIPP/E [Feralis Group d.o.o.]
  • email: feralis@feralis.hr
  • way of performing the function: external, contracted data protection officer

For all questions about your data and processing for the foregoing purposes, please contact us at "Čazmatrans-Nova" Llc., 10 Milana Novačića street, Čazma 43240 or by e-mail: ekarta@cazmatrans.hr or tel: 043 / 277-320.

Anyone who finds that he/she has been violated a right guaranteed by the General Rule or the Law may apply for a violation of the right to the Personal Data Protection Agency, 14 Martićeva street, Zagreb 10000, www.azop.hr, tel: 01/4609 000 or via e-mail: azop@azop.hr..

  • We have not found the requested place of departure. Please try again.
  • We have not found the required destination. Please try again.
For additional information please contact us at: ekarta@cazmatrans.hr or call us
Secure online purchase

Čazmatrans Mobile App
Travel with the Čazmatrans mobile app.
Fast, simple, secure!