EN
UA
RU
DE
Create route
EN
UA
RU
DE
Call Filter

Privacy Policy of AUTOIZI j.d.o.o.

Last updated: 02.05.2025

1. INTRODUCTION

This Privacy Policy describes how AUTOIZI j.d.o.o. ("Company", "we", "us") collects, uses, stores and transfers the personal data of users of its ride-sharing, passenger transportation, and package and cargo delivery services (hereinafter referred to as the "Service"), which is available throughout the European Union, including Germany. The Company acts in accordance with the GDPR (EU 2016/679), BDSG (Germany), Croatian Personal Data Protection Act and other applicable regulations.

This Policy applies to all products, mobile apps, websites, and related services of the AUTOIZI platform.

By using our Service, you confirm your agreement with the terms of this Policy. If you disagree, please stop using the Service.

The Company is not responsible for violations caused by users or third parties unless they were directly caused by our actions or omissions.

2. DATA COLLECTION AND USE

We collect only the data necessary to provide and improve the Service:

* Identification data: login, password, avatar;
* Contact data: name, email, phone;
* Geolocation data (only with your consent);
* Information about vehicles, trips, routes, drivers, passengers, deliveries and addresses;
* Device data: IP, User-Agent, device type;
* Cookies and usage logs;
* Communication history with support or other users;
* Marketing preferences and consents.

Data collection is proportional to the purpose of processing and limited to what is necessary.

3. LEGAL BASES FOR PROCESSING

* User consent (Art. 6(1)(a) GDPR);
* Contractual obligations (Art. 6(1)(b));
* Legal obligations (Art. 6(1)(c));
* Legitimate interests (Art. 6(1)(f)): service protection, support, analysis, secure platform operation.

4. PURPOSES OF PROCESSING

* Providing and improving the Service;
* User registration and verification;
* Support and feedback;
* Ensuring secure use of the Service;
* Personalization and recommendations;
* Compliance with legal obligations;
* Internal analysis;
* Advertising with prior consent only.

5. DATA SHARING WITH THIRD PARTIES

We may share data with: * Service partners (logistics, insurance, carriers); * IT providers, CRM, analytics tools; * Payment services (banks, Stripe, etc.); * Legal consultants and auditors; * Authorities (as required by law); * Affiliates and subsidiaries; * Marketing platforms (with your opt-in); * Data processors under SCC or BCR agreements.

Examples of data disclosure: * Trip booking: data is shared with the driver;
* The driver receives the passenger's contact details;
* Insurance provider — in case of an incident;
* Hosting provider — limited technical data;
* Analytics — only in anonymized form.

All third parties are contractually obliged to maintain confidentiality and comply with the GDPR.

6. DATA RETENTION PERIODS

Category Retention Period
Account credentials Until account deletion + 3 years
Trip and transaction data 5 years
GPS data 3 months
Technical logs 1 year
Marketing consent Until withdrawal + 1 year
Other Until the purpose is fulfilled or 5 years

Retention periods may be extended if required by law.

7. COOKIES AND ANALYTICS

* Session cookies for login;
* Analytics tools (Google Analytics, Matomo);
* Cloudflare for protection;
* Retargeting with your consent.
Cookie settings can be adjusted via banner or browser.

8. USER RIGHTS

* Right to access data;
* Right to rectify or update data;
* Right to erasure (right to be forgotten);
* Right to restrict processing;
* Right to object;
* Right to data portability;
* Right to withdraw consent;
* Right to lodge a complaint with AZOP or BfDI.
Response will be provided within 15 working days.

9. MINORS

Use of the Service is permitted only with the consent of parents or legal guardians. Creating accounts for individuals under 16 is prohibited. Use without creating a profile is allowed with parental consent. If violations are detected, data will be deleted immediately and relevant authorities will be notified, if necessary.

10. INTERNATIONAL DATA TRANSFERS

Data may be transferred only to:
* Countries with adequacy decisions;
* Under SCC/BCR agreements;
* With technical and legal safeguards.

11. SECURITY INCIDENTS

In case of data breaches:
* We notify AZOP/BfDI or relevant authorities within 72 hours; * Notify users if the risk is high; * Take action to contain and prevent future incidents.

12. LIABILITY

The Company is not liable for losses caused by third parties unless due to our fault. Maximum liability is limited to amounts paid in the last 12 months.

13. DATA SECURITY MEASURES

* TLS 1.2+ encryption during transfer;
* AES-256 encryption at rest;
* Secured access to servers;
* Two-factor authentication;
* Regular security audits.

14. SUPERVISORY AUTHORITIES

* AZOP (Croatia) — https://azop.hr
* BfDI (Germany) — https://www.bfdi.bund.de

15. RELATED POLICIES

* Cookie Policy
* Retention Policy
* Security Policy

16. DATA TRANSFER BASED ON CONTRACTS

Data may be transferred to third parties based on this Policy, agreements, and our legitimate interests and legal obligations.

17. PASSENGER AND GOODS TRANSPORTATION

AUTOIZI provides a platform for organizing ridesharing and delivery of goods and parcels. Users must comply with applicable traffic and safety laws.

18. MARKETING AND SPAM POLICY

We do not send unsolicited messages. Communications are sent only with prior consent and include an unsubscribe option.

19. RIGHT TO WITHDRAW CONSENT

Users may withdraw consent and stop data processing. Some Service features may then be restricted.

20. POLICY UPDATES

Changes will be announced via website, email, or app and become effective upon publication.

21. FINAL PROVISIONS

This Policy may be updated as required. The latest version is always available on the website.

22. LIMITED DATA PROCESSING

In case of withdrawal of consent for specific processing categories (e.g., marketing), AUTOIZI reserves the right to retain a minimal set of technical and account data necessary to maintain basic functionality. You can renew your consent or adjust your preferences in your user profile.

23. SCOPE

This Policy applies to all AUTOIZI products, mobile apps, APIs, websites, and platforms.

definitions:
* Opt-in: explicit user consent;
* SCC/BCR: international data transfer mechanisms;
* Force Majeure: unforeseen circumstances;
* Two-factor authentication: additional security layer.

Your ticket has been created!
For it to become active, pay the driver following the instructions on
ticket pages
Your application has been processed
You can contact the driver for details by contacting him via
personal account

Trip settings

Fill in this field
Invalid time
Fill in this field
Fill in this field
Fill in this field
Fill in this field
UAH
UAH
USD
EUR
Set up trip settings:

Package Settings

Step 1: Indicate which types of packages you accept

Step 2: Indicate the price and describe the rules

Fill in this field