Privacy Policy

Products and legal entities

The website www.traveling.com, and appurtenant systems (getbytransfer.com, buscroatia.com, ferrycroatia.com, internal admin interface and other products) are operated by Get By Aps, Sønderholt 37, 9560 Hadsund Denmark and will be jointly called traveling.com in this document. By agreeing to the following privacy policy, you consent to the collection, use and processing of the data described below by Get By Aps, in accordance with data protection laws and provisions. The consent may be revoked at any time, with effect to the future.

GDPR Compliance Statement

The GDPR (General Data Protection Regulation) is an important piece of legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union. The regulation becomes effective and enforceable on the 25th May 2018. Get By Aps. -  traveling.com is fully committed to achieving compliance with the REGULATION (EU) 2016/679 GDPR even prior to the regulation’s effective date, as well as to protecting personal information which stipulates that the personal data given will not be passed on to third parties without client’s consent and will be kept in a safe manner in accordance with the requirements of the Regulation as long as there is a need or no request for withdrawal of consent, deletion, restriction or correction of data.

Personal information

Get By Aps. -  traveling.com will not collect any personal information about you (such as your name, address, telephone number, or email address), unless you voluntarily choose to provide them (e.g. in surveys, query, request etc.) or give your consent or unless otherwise provided by relevant laws and regulations for the protection of your personal data.

Personal data of children

When providing information society services directly to a child, processing of personal data of a child is lawful if the child is at least 16 years old. If a child is below the age of 16, such a treatment is lawful only if and to the extent that the parent has given or approved the parent's liability to the child. Get By Aps. -  traveling.com invests reasonable efforts to check whether or not the custody of such a parent has been or has been approved by the holder of parental responsibility for the child, taking into account the available technology.

Lawfulness, fairness and transparency

We will process your personal information only on the basis of legal obligation, your privacy or other legitimate grounds. Data related to you will be collected, used, inspected or otherwise processed transparently, while the deadlines and data processing purposes, the processing manager's identity data, information on how you can access your data, the process of filing complaints and updating the data are all publicly disclosed.

Purpose limitation

Your personal information will be collected for special, explicit and legitimate purposes and will not be processed in a manner that is inconsistent with these purposes. Data collected for one purpose will not be used for any other purpose or in a manner that is not in accordance with the approved purpose. For purposes of processing that is not carried out on the basis of a legal basis or contract we will ask you for a special privilege.

Data minimisation

The personal information we collect is appropriate, relevant and limited to the purpose of processing. The processing manager and processor will not collect any personal information that is not required for processing purposes.

Accuracy and integrity of data

It is necessary that the personal information we collect and prepare is accurate and up-to-date and that is why we will take every reasonable measure to ensure that the personal data that is incorrect are deleted or removed without delay, taking into account the purposes for which they are being processed.

Storage limitation 

The deadlines for keeping your personal data are determined by positive legal regulations or by your privacy to collect and process your personal information.

Integrity and confidentiality

In order to protect your personal information from accidental or unlawful destruction, loss or alteration, and from unauthorized disclosure or access, Get By Aps. -  traveling.com use technical and organizational security measures.

Questions and Comments

Get By Aps. -  traveling.com will respond to reasonable requests for correction of your personal information and to correct, supplement or delete inaccuracies. If you have any questions or comments about the Privacy Policy, please contact us. Personal Data Protection Officer can be contacted via info@traveling.com. 

What data is collected?

Travel information and basic buyer info (Name and email) are used to generate tickets  bought on traveling.com which are sent on your email upon purchase. This data is used only for the operating business and as such all parties involved in the passenger transfer have access to it: traveling.com for rebooking / cancellation / customer support purposes and operator for allotment management and passenger validation.All data is safely stored in the traveling.com system and is not shared publicly.

Once you have traveled by any operator available through traveling.com, you will get an email containing review instructions. The review data is shared publicly, that being only the review scores, review text and buyer’s first name. Reviewer’s email, full name and other personal info is never shared outside the traveling.com team.

User’s IP address and request logs are collected and processed using 3rd party software by traveling.com team. This data is used only for fraud prevention and performance optimizations, and is accessible only by traveling.com team.

Cookies are used to improve our page performances and provide analytics about the page usage. You can learn more about the types of cookies and their purpose by clicking on the cookies link in the footer. 

Data protection

All data sent towards traveling.com or sent by the traveling.com system towards your client are sent securely through encrypted channel using SSL encryption and can not be monitored or decrypted by 3rd parties to plain format.

Emails sent by traveling.com system are also sent through SSL encrypted channel towards your email client.

The entire traveling.com system and database is hosted by Amazon Web Services cloud accessible only by having complex access keys and passwords available to and safely stored by traveling.com team.

Data is safely stored in the traveling.com system for as long as the user has the account on traveling.com opened and has not requested for his data to be deleted under the Federal privacy right.

Review data can be publicly posted on traveling.com, that being only the ratings, comment text and first name (does not uniquely identify the reviewer).

Data sharing

Your initial login credentials will be emailed to your personal email client with instructions for changing your password. traveling.com is generating, but not storing your initial generated password in plain format.

Upon a successful purchase, your ticket data is used to generate a PDF ticket and will be emailed to your personal email.

Ticked data is shared with the corresponding operator in order for the ticket to be verified upon entering the vehicle, and for the operator to perform yield management.

• Data is accessible for the operator through traveling.com operator interface

• In some cases, data is also sent to the operator’s email

• In some cases, data is also sent to the operator’s IT system

Your personal data is not used for marketing purposes by the traveling.com team, unless you have signed up for Newsletter when the email contents are shared with Mailchimp (but not used for any other purposes), or in the case you get a review email.

Server access logs are available to traveling.com team only, however they are processed and securely stored by 3rd parties software used only by traveling.com team.

Payment process

Traveling.com, along with its payment partners Corvus LLC (Buzinski prilaz 10, 10010 Zagreb, Croatia) and Stripe Payments Company (354 Oyster Point Boulevard, South San Francisco, California, 94080), does not store any credit card data. The credit card data is sent from Corvus or Stripe to the corresponding bank to authorize the transaction and is then deleted.

Both payment providers, Corvus and Stripe, as well as Traveling.com, store transaction data (paid amount, credit card holder’s name and address, credit card type, the first and last four digits of the credit card number, and the user’s IP address) for confirmation and safekeeping.

Any mentioned payment data is visible only to internal customer support and is not used for any other purposes.

Newsletter

In case you accept to receive traveling.com promotional newsletters, your travel data, email and full name will be used to generate a personalized Newsletter email. Newsletter email is sent to your personal email through Mailchimp system.

3rd party software used for processing data

Hotjar (https://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe) is used to improve sites user experience. Hotjar measures and records users interactions on the site (mouse movements, clicks, times between actions, browser information, key entries, mouse scroll actions etc.). You can read more about Hotjar data processing here: https://www.hotjar.com/privacy, or you can disable Hotjar tracking for your device here: https://www.hotjar.com/opt-out.

Google Analytics, a website analytics tool developed by Google Inc. ("Google"). Google analytics is the most popular visitor analytics tool used on the web, and based on implementing a cookie in visitors browser to track the way he uses a specific website. Google analytics uses a IP anonymization tool and does not use your anonymized IP to correlate with the rest of the gathered data. As such, Google Analytics provides a broad, group based analytics and does not personalize users. In case you do not want to provide traveling.com with the anonymous usage data collected through Google Analytics, you can opt out by installing a browser plugin from https://tools.google.com/dlpage/gaoptout

Social sharing plugins (Facebook, Google+, Twitter) - are used to enable you to “Like”, “Tweet”, “+1”, or “Share” a certain link from the traveling.com system to your profile on the corresponding social network. The plugins are directly connected to the servers of the social networks and will be sharing your social network data in case you are logged in to the corresponding social network, but also your IP even in the case you are logged out. Depending on your actions on traveling.com (clicking the Social actions on those plugins) the social network might publish the action and the data on your profile, visible to either your friends or publicly, depending on your configuration. This process is not controlled by traveling.com so you can enable or disable certain features on the social networks corresponding configuration pages, and read more on how the data is used in their privacy policy:

• Facebook

• Privacy policy https://www.facebook.com/policy.php

• Block facebook plugin using 3rd party browser plugins: https://www.comparitech.com/blog/vpn-privacy/stop-facebook-tracking/

• Twitter

• Privacy policy https://twitter.com/privacy

• Block Twitter plugin using 3rd party browser plugin such as: https://noscript.net/

• Google +1

• Privacy policy https://developers.google.com/+/web/buttons-policy

• Block Google +1 plugin using 3rd party browser plugin such as: https://noscript.net/

Retargeting software (by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") is used to create pseudonymized profiles of traveling.com visitors in order to track their website usage for marketing purposes of traveling.com. Cookies could be used in the users browser in order to track reoccuring visits on the page and in order to present web advertisements for products of traveling.com on 3rd party websites. You can disable this feature under https://www.google.com/settings/ads, and read more about this feature on https://policies.google.com/technologies/ads.

TheRootCause (https://therootcause.io/, Mäster Samuelsgatan 36, Stockholm, Sweden, Europe) is used to improve sites user experience. TheRootCause tracks errors happened on some subpages of site and stores those errors. In case that an error gets stored, several user data will be stored as well (site screen in time error occured, mouse click, user operating system information, user browser information, etc.). You can read more about TheRootCause data processing here: https://therootcause.io/privacy-policy/.

Right to information and Right to appeal

Under the Federal privacy right, you are entitled to request information about your stored data in the traveling.com system as well as to have your data erased from the traveling.com system. In such a case, all of the data traveling.com has about you will be irreversibly anonymised. Such request should be made to Get By aps., Klamsagervej 32, 8230 Åbyhøj Denmark or via email to info@traveling.com.

Conversion Statement

All payments will be processed in euros (€). Your credit card will be charged in euros or converted into your local currency based on the exchange rate applied by your bank or credit card provider.

Due to currency conversion, there is a possibility of a slight difference from the original price stated on our web site: traveling.com