General Terms of Use
- PREAMBLE
- These General Terms and Conditions of Use of the e-Citizen portal (hereinafter referred to as: the General Terms and Conditions) shall govern the use, by legal and natural persons, of the e-Citizen as well as other corresponding components integrated in the State information infrastructure.
- The use of the e-Citizen portal (together hereinafter referred to as: the System) shall not be possible without consent to the General Terms and Conditions.
- By activating and using the System, the Users acknowledge that they have been familiarized with and understood the General Terms and that they expressly accept them.
- The General Terms shall be posted on the corresponding System website (www.gov.hr).
- By accepting these General Terms and Conditions, the Users agree that they shall use the System, the electronic services and other corresponding components integrated in the e-Citizen and e-Business Systems and the State information infrastructure solely in accordance with their original purpose, legally intended use and without jeopardising, limiting or preventing the work and the use thereof by third parties.
- The Central State Office for the Development of Digital Society reserves the right to modify and/or supplement the General Terms and Conditions without prior notice and it shall inform the Users/Cross-Border Users thereof in a timely manner.
- All enquiries or remarks about the System operation shall be made via e-mail to: pomoc@e gradjani.gov.hr or phone at: 072 200027
- All enquiries or remarks about e-services and the contents delivered to the user mailbox, shall be made directly to the e-Service Provider in accordance with the Terms and Conditions of the e-Service provision.
- All requests or enquiries about Personal data processing as well as the withdrawal of the consent to personal data processing may be delivered in writing at the following address: Central State Office for the Development of Digital Society, Ivana Lučića 8, 10000 Zagreb, or by e-mail to: zastitapodataka@rdd.hr.
- The contact information of the personal data protection officer of the personal data controller are: zastitapodataka@rdd.hr.
- These General Terms and Conditions shall be applied as of 2nd August 2021.
- DEFINITIONS
- The terms contained in these General Terms and Conditions shall have the following meaning:
- Administrator or System Administrator means the Central State Office for the Development of the Digital Society;
- Authentication means the process enabling the User’s and/or Cross-border system verification and/or the verification of the use of the User’s and/or Cross-Border User’s personalised security credentials;
- Node means the point of connection between the National Identification and Authentication System (hereinafter referred to as: The NIAS) and the EU/EEA structure for the interoperability of electronic identification. It is included in the cross-border authentication of Cross-Border Users and has the ability to recognise and process, i.e. forward data to other nodes and NIAS;
- e-Representations means an e-Authorisations subsystem module that retrieves information on legal representatives from the Attribute provider and e-Authorisations database, enabling the identification of a business entity legal representatives;
- e-Mandate means an e-Authorisation subsystem module that enables the creation and management of e-Mandates for the access to e-Services by legal representatives or other authorised persons of a business entity;
- e-Authorisations means an e-Business subsystem enabling the authorisation data management and retrieval of legal representatives’ information, which is composed of two modules: the e-Representation module and the e-Mandate module. The e-Authorisation subsystem is also used within the e-Citizen system where it enables e-Services requiring information on underage children of an authenticated User, who is the children's legal representative according to the Attribute provider record (Parent-child functionality), to retrieve such data;
- Electronic service ili e-Service is a public service provided by the e-Service Provider to a User and/or Cross-Border User via the internet;
- Electronic identity ili e-ID is a unique set of identification data of a particular entity (a person, a public-sector entity, a computer system) kept in electronic form and providing a unique identification of the entity to which such data pertain; these data are required for an unambiguous User identification for the purpose of access to an e-Service;
- Cross-Border User’s Unique Identifier means, for natural persons, a natural person’s identification number and for business entities, a business entity’s unique identifier created by an EU/EEA Member State for cross-border identification purposes.
- User’s Unique Identifier for Natural Persons in NIAS is the Personal Identification Number (PIN), while for business entities, it is the business entity’s unique identifier, i.e. a combination of the business entity’s identifier data contained in the competent register and those contained in the business entity register source (Attribute Provider).
- Single Sign On means a method of User authentication allowing a User to be authenticated only once in order to log in to multiple e-Services, provided that the minimum authentication security level requirement, necessary for the access to an e-Service, is met, i.e. that the User is authenticated once per session and NIAS enables the access to all e-Services requiring authentication by a credential of the same or lower security level without the User having to use its credential again.
- Single Sign-Out enables a User to log off from all e-Services to which s/he has logged in during a single NIAS session.
- The user is a natural person acting on its own behalf (or, as the case may be, on behalf of a minor) or a person authorised to act on behalf of a business entity and owning a nationally recognised electronic credential, who accesses the System via NIAS.
- User Mailbox (hereinafter referred to as: UM) is a e-Citizen system service enabling electronic communication with public-sector entities through the components of the State information infrastructure. For the avoidance of doubt, the term UM shall be used herein also to indicate both the personal user mailbox as a part of the e-Citizen system and the business user mailbox, as a part of the e-Business system.
- Qualified electronic signature means an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures.
- Qualified electronic time stamp means an electronic time stamp that binds the date and time to data in such a manner as to reasonably preclude the possibility of the data being changed undetectably, it is based on an accurate time source linked to Coordinated Universal Time and it is signed using an advanced electronic signature or sealed with an advanced electronic seal of the qualified trust service provider, or by some equivalent method.
- My Profile is an e-Service automatically activated by the User when logging in to the System via Navigation bar; it is intended for the purpose of User’s account administration within the System. Should the My Profile e-Service become available for Cross-Border Users as well, such term shall be applied respectively to the Cross-Border User logging in to the System.
- The National Identification and Authentication System (NIAS) means an information and technological system of central identification and authentication of electronic services users, which forms a part of the System.
- The navigation bar is part of the System and contains basic information regarding a User logged in the System and the business entity on whose behalf the User is authorised to act. The navigation bar may also contain information regarding a Cross-Border User logged in the System and the business entity such Cross-Border User is authorised to act for.
- User’s Basic Attributes means a User’s identification information linked to its Personal Identification Number (PIN) or a business entity’s unique identifier, which are used to identify the User using an e-Service.
- Basic Cross-Border User’s Attributes means a Cross-Border User’s identification information linked to its Personal Identification Number (PIN) or a business entity’s unique identifier, which are used to identify the Cross-Border User using an e-Service.
- Cross-Border User means a citizen or a person in a business entity of an EU/EEA/EES Member State, who possesses a credential issued in an EU/EEA Member State, except the Republic of Croatia, whereby the Cross-Border User accesses an e-Service via Node and NIAS.
- e-Service Provider is a public authority and/or a legal entity established by the Republic of Croatia and/or a legal entity designated by the head of the authority competent for e-Croatia, which provides an e-Service to the Users and/or Cross-Border Users. For the avoidance of doubt, this term shall not include the service provider within the Shared-Services Centre that entered into the System Component Operational Management Agreement with the System Administrator in accordance with Article 2, item 2 of the Regulation on the Organisational and Technical Standards for the Connection on the State Information Infrastructure (Official Gazette of the Republic of Croatia “Narodne novine” No 60/2017)
- System means the e-Citizen portal with all its components.
- The e-Citizen System forms part of the State information system and it is composed of the Portal for Public Information and Electronic Services for Citizens, the National Identification and Authentication System and the User Mailbox System.
- The e-Business System forms part of the State information system, and it is composed of: the Portal for Public Information and Electronic Services for Business Entities, the National Identification and Authentication System and the User Mailbox System.
- Public Authorities are state administration bodies, other state bodies, local and regional government, legal entities and other bodies with official authorities, legal entities established by the Republic of Croatia or local or regional government, public service bodies, legal entities mainly or entirely financed from the state budget or the local or regional government budget or from public funds (duties, charges and similar) based on a special regulation, as well as companies majority-owned, separately or together, by the Republic of Croatia and local and regional governments.
- Digital credential is a device, or a set of information presented by User, used as an evidence of electronic identity (e-ID) for the purpose of enabling the access to e-Services.
- USE OF THE SYSTEM AND E-SERVICES
- 3.1. The User accesses the System, the NIAS and the e-Services via internet (international computer network).
- 3.2. The Cross-Border User accesses the Croatian e-Service across the Cross-border Node and the Croatian node that is connected to the NIAS.
- 3.3. In order to access the e-Service, the User and/or the Cross-Border User must have access to the internet and to one of the most used internet browsers such as, for example, Edge, Chrome, Opera, Mozilla Firefox and others.
- 3.4. The User and/or the Cross-Border User shall use their credentials as a means of proof of their e-identity.
- 3.5. The e-Service Providers shall decide on the User’s and/or Cross-Border User’s access based on a NIAS message containing the result of the credential authenticity verification and the retrieval of additional authorisation attributes that depend on the selected e-Service.
- 3.6. e-Service Providers shall provide e-Services in the manner and to the extent stipulated by the rules of use of a specific e-Service laid down by a particular e-Service Provider. The Administrator shall neither have influence on the rules of use of an e-Service nor on the e-Service provision and/or contents.
- 3.7. The User and/or Cross-Border User shall be responsible for a conscientious use and keeping its credential.
- 3.8. The user may use more credentials recognised by the NIAS.
- 3.9. Administrator or System Administrator shall publish information on credentials that are recognised by the NIAS, their issuers and the issuing method.
- 3.10. The User may request a credential from the credential Issuer in accordance with the Issuer’s credential issuing rules.
- 3.11. The Cross-Border User may perform the cross-border authentication with a credential published by the European Commission in the Official Journal of the European Union in accordance with Article 6 of the Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC (hereinafter referred to as: the eIDAS Regulation).
- 3.12. In order to access Croatian e-Services, the Cross-Border User shall use a credential issued in an EU/EEA Member State, except the Republic of Croatia. The NIAS enables the User to view the set of information about the User itself, which is required by the e-Service Provider for login purposes. In case of e-Services intended both for the citizens and the business entities, the e-Service Provider will always require the maximum set of information. The User may cancel the data required for the e-Service login from being sent, but by doing so, the User’s login process will be cancelled as well.
- 3.13. When a Cross-Border User is accessing an e-Service, the Node will send the set of information received by the Cross-border node to the NIAS that in turn will forwards it to the e-Service. Based on the information received, the e-Service Provider will decide whether to allow or to deny the access to the e-Service to a Cross-Border User.
- 3.14. During its initial logging in via the NIAS, the User will have its user account automatically opened in the My Profile e-Service.
- 3.15. The My Profile service enables the User to administrate its user account within the NIAS, to access all e-Services of the System, to manage its own shortcuts to available e-Services, to view the 60-day history of credential use, to manage authorisations for an automatic data forwarding to e-Services and to set an e-mail address for the receipt of the credential use notifications.
- 3.16. By logging off from the NIAS, the User logs out of the session on the NIAS, resulting in the Single Sing-Out of the e-Services that it had previously logged in.
- 3.17. The “My Profile” service enables a Cross-Border User to access all System e-Services intended for Cross-Border Users.
- 3.18. The Single Sign On option is not available for Cross-Border Users.
- 3.19. The access to an e-Service requesting the authentication with a credential of a higher security level than the one that has already been authenticated per active session, requires new authentication with a higher security level credential from the User or/and Cross-Border User.
- 3.20. The Single Sign-Out option is not available for Cross-Border Users. Cross-Border Users needs to log off from each service separately.
- USER MAILBOX
- 4.1. All users authenticated in the NIAS with a valid credential shall be entitled to use an UM. Should the UM also become available to Cross-Border Users, this term shall include them as well.
- 4.2. During the initial login to the System via NIAS, the UM shall be automatically opened for each new User.
- 4.3. An UM shall be automatically opened for the existing Users who have not had an UM until coming into force of these General Terms and Conditions, once they agree to these General Terms and Conditions.
- 4.4. When opened, the UM may be deactivated by the User who will then continue to use the System without the UM.
- 4.5. The Users shall have the right to export data from the UM to an easily-read data base while the UM remains opened.
- 4.6. After closing the UM, the access to and the export of data from the UM shall not be possible.
- 4.7. False representation and unauthorised access to other people’s UMs as well as any action that may cause unauthorised data modification, confusion, disturbance, interference in communication with the UM and other adverse actions, shall be prohibited.
- 4.8. The User shall be responsible for forwarding the information regarding the received message to the UM. The Administrator shall not be liable for any information forwarded to the-email, which has been verified by the User itself.
- 4.9. The UM data storing and copying for the purpose other than use in the User’s interest shall be forbidden.
- 4.10. The messages in the UM shall be protected from data modification and unauthorised use. By electronically logging in and/or time-stamping the information contents at the time of forwarding such received information to third parties, the User confirms that the contents forwarded is identical to the contents of the message that the User received from the e-Service Provider.
- 4.11. The costs of procurement and maintenance of User’s own computer equipment (hardware and software) as well as other equipment required for the access to and the use of the UM, including other costs related to its use, shall be borne by the User.
- 4.12. The UM message contents shall be available only to the Users and their representatives/authorised persons.
- 4.13. The Administrator shall warn the Users that there is a certain level of risk of the security measures being bypassed by unauthorised persons or applications causing damage to the Users.
- 4.14. The Central State Office for the Development of the Digital Society shall ensure that the best UM function and contents testing standards are in place.
- 4.15. The UM system shall use data and unauthorised data management protection standards and measures stipulated by law.
- 4.16. In case of breach of the General Terms and Conditions, the Administrator shall have the right to suspend the access to the system and activate measures stipulated by law in order to provide protection.
- 4.17. The Administrator shall not be held liable for any contents or its loss and damage caused by the use of the UM.
- 4.18. The e-Service Providers who sent the contents delivered to the UM shall be liable for such contents.
- 4.19. The UM shall deliver the messages and the attachments to the User in the form sent by the sending institutions.4.19. KP Korisniku dostavlja poruke i priloge u obliku u kome su ih poslale institucije pošiljatelji.
- 4.20. Neither the UM nor the Administrator may guarantee, and they do not guarantee, the accuracy and the quality of the contents of the messages received.
- 4.21. The Administrator shall not be held liable for the documents and contents at the sources which the UM connects to and the Administrator may not guarantee the accuracy, the origin or the quality of contents of those pages or their availability.
- SYSTEM AVAILABILITY AND EXCLUSION OF ADMINISTRATOR LIABILITY
- 5.1. The Administrator shall provide the Users with a limited System access service via the State information infrastructure and shall in no way be liable for its use by the Users and its around-the-clock availability and correct operation.
- 5.2. The Administrator shall endeavour to make the System available at all times, except during maintenance, but it shall not guarantee around-the-clock availability or correct operation of the System.
- 5.3. By using the System, the User accepts the risk of the System being partly or entirely unavailable or malfunctioning during a certain period of time.
- 5.4. The Administrator shall not be held liable for the System unavailability or malfunctioning regardless of whether the reason for such unavailability or malfunctioning is beyond Administrator's control and/or fault or not.
- 5.5. By accepting these General Terms and Conditions, the Users expressly declare that they release the Administrator from any future liability for around-the-clock availability and correct functioning of the System.
- 5.6. Given that the e-Services are provided through the System, the Administrator does not provide such services, therefore the Administrator shall not in any way be liable for the contents and availability of e-Services.
- 5.7. Should the User note that the System and/or the use of e-Services is not available and/or is malfunctioning, the User shall, inform the Administrator thereof without delay via e-mail: pomoc@e gradjani.gov.hr or phone at: 072 200027
- 5.8. When notified of such System and /or e-Service unavailability or malfunction, the Administrator shall endeavour to promptly inform the e-Service Providers thereof in order to avoid any adverse consequences of such System and/or e-Service provision unavailability or malfunctioning, and the Administrator shall try to enable the System operation at its earliest convenience. The consequences of an e-Service unavailability or malfunction shall be subjected to the rules of use of the e-Service in question.
- 5.9. Should the User fail to notify the Administrator of the System and/or e-Service provision unavailability or malfunction in accordance with the item 5.6 of the General Terms and Conditions, the User may lose the rights that the User would be normally entitled to under the rules of use of a specific e-Service laid down by the e-Service Provider.
- 5.10. The Administrator shall, at the request of the User who has acted in accordance with item 5.6 of the General Terms and Conditions, issue a System and/or e-Service provision unavailability or malfunctioning confirmation within 3 days of the day of request. The request referred to in this item shall be filed to the Administrator via e-mail to: pomoc@e gradjani.gov.hr.
- 5.11. The Administrator shall not be liable for the e-Service Provider’s denying the access to the User and/or Cross-Border User based on the information received.
- 5.12. The e-Service Provider shall be responsible for providing clear information about prerequisites to be met by the Users in order to access an e-Service, as well as of the requirement to regulate their access rights by means of e-Mandates in e-Authorisations and the acceptance of the conditions of use of the e-Service concerned.
- 5.13. The Administrator shall not be held liable for any damage caused by credential misuse or neglectful keeping as well as of any damage/destruction of User’s/Cross-Border User’s data and equipment caused by the use of the System.
- 5.14. The Administrator does not control the internet, therefore the Administrator may not and will not guarantee the availability of e-Services that are not under its direct control.
- 5.15. The e-Service Providers shall be responsible for correct and proper operation of e-Services in accordance with stipulated rules of use of a specific e-Service, for the message contents as well as for the protection of the communication channel between the e-Service and the User/Cross-Border User.
- 5.16. The Administrator shall not be liable for damages to the User’s and/or Cross-Border User’s equipment as a result of the use of the System or any of its components.
- 5.17. The Administrator shall not be held liable for the way the credential, the password and PIN are used.
- GENERAL PROVISIONS
- 6.1. All relations that have not been specifically provided for in these General Terms and Conditions shall be subjected to the requirements of the NIAS Work Protocol for e-Citizen and e-Business, the e-Authorisations Work Protocol as well as all relevant regulations of the Republic of Croatia, as applicable.
- 6.2. Unless otherwise specified herein, all relations between the Administrator and the User or the Cross-Border User shall be governed by the law of the Republic of Croatia.
- 6.3. All relations involved with the communication between the NIAS, the Node and the Cross-Border Node that have not been specifically provided for in these General Terms and Conditions, shall be subjected to the requirements of the NIAS Work Protocol for e-Citizen and e-Business and the Regulation (EU) No 910/2014 of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market.
- 6.4. All headings are inserted for convenience of reference only and shall not affect the contents of these General Terms and Conditions.
- 6.5. Any reference to gender identity shall include any gender, that is any person.
- 6.6. The preamble shall be binding as the rest of the General Terms and Conditions.
- 6.7. Any dispute arising out of and/or related to the use of the System and/or these General Terms and Conditions shall be resolved by the competent court in Zagreb.