Privacy Policy

Last updated: January 5, 2026

1. Data Controller

ZAG ELITE d.o.o., Zagreb, VAT ID: HR00840154973
Kontakt: zagelite.transfers@gmail.com

2. Scope

This Privacy Policy explains how we collect, use, and protect personal data when you use our website zag-elite.com, transfer booking and payment services, as well as when you travel with us. This Policy also includes information about cookies.

3. Data We Collect

  • Identification and contact data: first and last name, email address, phone number.

  • Ride / booking data: pickup and drop-off locations, dates and times, flight number, number of passengers/luggage, special notes.

  • Payment data: transaction details (amount, currency, payment method); we do not store card details.

  • Technical data: IP address, system logs, device/browser information.

4. Purposes and Legal Bases for Processing

  • Performance of a contract (Art. 6(1)(b) GDPR): receiving and processing reservations, providing transport services, issuing invoices.

  • Compliance with legal obligations (Art. 6(1)(c)): tax and accounting regulations, obligations to evidence price/route prior to transport, record keeping.

  • Legitimate interests (Art. 6(1)(f)): passenger and driver safety, fraud prevention, service improvement.

  • Consent (Art. 6(1)(a)) where required: e.g. marketing communications.

5. Data Sharing

  • Payment processors / banks / POS providers

  • IT and hosting providers (website/app and email maintenance)

  • Insurance companies and legal advisors (in case of claims/incidents)

  • Competent authorities where required by law

All processors act under data processing agreements and apply appropriate security measures.

6. Data Storage and Retention

  • Reservation data and accounting records: retained in accordance with legal requirements.

  • System logs: generally up to 12 months, unless longer retention is required.
7. Your Rights

You have the right to access, rectification, erasure, restriction of processing, objection, data portability, and withdrawal of consent. To exercise your rights, contact: zagelite.transfers@gmail.com

8. Data Security

We apply technical and organizational measures (encryption, access control, backups, contractual safeguards with processors).

9. Cookies (Cookie Policy)

  • What are cookies: small files placed on your device by the website.

  • Types of cookies we use:

    • Necessary (session, security, anti-spam) – required for website functionality.

    • Analytics (e.g. traffic measurement) – subject to your consent.

    • Functional (language, preferences) – improve user experience.

  • Consent management: a cookie banner is shown on first visit; cookie settings can be changed at any time.

  • Third parties: analytics or map tools may set their own cookies (details available in cookie settings).

Transfers Outside the EEA

If transfers occur (e.g. hosting or SaaS providers), we apply Standard Contractual Clauses and additional safeguards.

11. Policy Changes

We reserve the right to amend this Policy. The new version becomes effective upon publication on the website.