DATA PROTECTION

Passenger data will be processed solely in accordance with the Law on Personal Data Protection

To the extent necessary for the fulfillment of the contract or if required by law, Kotor Shuttle may also forward personal data to third parties. Kotor Shuttle guarantees that persons authorized to process such personal data are either bound by confidentiality agreements or subject to appropriate legal confidentiality obligations. Kotor Shuttle also undertakes to ensure that its employees are informed about all relevant data protection regulations.

When entering payment card information, confidential data is transmitted over a public network in a protected (encrypted) form using SSL protocol, employing modern tokenization methods for sensitive data, and in accordance with PCI-DSS standards.

At no time are payment card data accessible to the merchant. Kotor Shuttle does not store credit card numbers, and such data is not available to unauthorized persons.

3D Secure Protection – The Payment Gateway uses the highest global standards of data and privacy protection. All merchants using the Payment Gateway are automatically enrolled in 3D-Secure protection, ensuring the safety of customer purchases. Customers’ payment card numbers are not stored in the merchant’s system, and the registration process is protected by SSL data encryption.

PCI DSS Standards – The Payment Gateway continuously complies with all requirements of card organizations to enhance the security level of merchants and customers. Since 2005, the system has been continuously certified as PCI-DSS Level 1, which is the highest industry standard. PCI standards protect cardholder sensitive data throughout the entire payment process: from the moment data is entered at the merchant’s point of sale, during communication between the merchant and relevant banks and card organizations, as well as during subsequent data storage.