NIAS

Nacionalni identifikacijski i autentifikacijski sustav

Opći uvjeti korištenja

  1. PRELIMINARY PROVISIONS
  1. General Terms of Use of electronic identity within the e-Citizens Project have been drawn up for the purpose of protecting users of electronic services of state administration bodies and/or legal entities, established by the Republic of Croatia or by state administration bodies within the scope of their mandate, or the owner of the nationally recognized credential for access to e-services.
  2. By accepting the NIAS General Terms of Use, the User is familiar with and agrees that for the purpose of User’s access to an e-service, NIAS forwards a set of personal data that may consist of: personal identification number (PIN), first name, last name, country code (HR), and date of birth. For the purpose of cross-border authentication when accessing e-services provided by EU member states, this User data set may optionally be expanded with the following data: last name at birth, place of birth, current address and gender. User can optionally enter an e-mail address used solely for the purpose of sending a notification to the User when using their credential. NIAS obtains the above-mentioned personal data from the PIN system in accordance with the NIAS Operational Protocol. According to the NIAS Operational Protocol, the PIN system has the role of an official Provider of user attributes to public e-services.
  3. All interrelationships that are part of NIAS communication not specifically regulated by these General Terms will be subject to the terms and conditions set forth in the NIAS Operational Protocol and all relevant regulations of the Republic of Croatia.
  4. All interrelationships that are part of the communication between NIAS, the Node and Cross-border Node that are not specifically regulated by these General Terms will be subject to the terms and conditions set forth in the NIAS Operational Protocol and the Regulation (EU) No 910/2014 of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market.
  5. An electronic identity (e-ID) is a set of electronic data needed to uniquely identify users for access to an e-service.
  6. The National Identification and Authentication System (hereinafter: NIAS) is an information technology system for central identification and authentication of public electronic service users.
  7. The Node is a point where NIAS connects to the EU electronic identification interoperability architecture, it is involved in cross-border authentication of Cross-border Users and it has the capability to recognise and process or forward data to NIAS.
  8. The unique identifier for the e-ID in NIAS is PIN.
  9. The unique identifier of the Cross-border User is an identification number created by an EU member state for cross-border identification purposes.
  10. Basic attributes are User identification data. Attributes are linked to PIN and are used to identify a User when using e-services.
  11. The basic attributes are identification data of a Cross-border User that are linked to the unique identifier of a Cross-border User and are used to identify a Cross-border User when using e-services.
  12. The User is a citizen owner of a nationally recognized electronic credential that accesses public electronic services via NIAS. The user can use multiple credentials recognized by NIAS.
  13. A Cross-border User is a citizen of an EU member state who holds a credential issued in an EU member state other than the Republic of Croatia, which Cross-border User uses to access an e-service via the Node and NIAS.
  14. Credential – means of electronic identification, it means a material and/or immaterial unit containing personal identification data and it is used for authentication for an online service.
  15. Electronic public service is a service provided by a state administration body and/or a legal entity, established by the Republic of Croatia or by a state administration body within the scope of their mandate, to a User and/or a Cross-border User through a computer communication network. E-service Providers decide on User and/or the Cross-border User access based on a message from NIAS about the credential’s authentication result.
  16. E-service Provider is a state administration body and/or legal entity established by the Republic of Croatia or a state administration body, or a legal entity by virtue of the authority of the head of e-Croatia body providing e-service to Users and/or Cross-border Users.
  17. User accesses NIAS via internet (international computer network). NIAS does not control the internet and therefore cannot guarantee the availability of e-services that it does not directly control.
  18. Cross-border User accesses a Croatian e-service via the Cross-border Node and Croatian Node that is connected to NIAS. Cross-border User accesses NIAS via internet (international computer network). Croatian Node and NIAS do not control the internet and therefore cannot guarantee the availability of e-services that they do not directly control.

 

  1. USING A CREDENTIAL
  1. Upon first signing in, each User will receive a unique electronic identity in NIAS to be used to access e-services or in electronic communications with the public sector.
  2. For access to Croatian e-services, Cross-border User uses a credential issued in an EU member state other than the Republic of Croatia.
  3. The User and/or Cross-border User uses their credentials as a means of proving their e-identity.
  4. The User and/or Cross-border User is responsible for a conscientious use of credentials and their safeguarding. NIAS and Node are not liable for damages caused by inappropriate use and safeguarding of the credentials.
  5. NIAS allows the User to access the data set about them required by the E-service Provider for the purpose of signing in. The User has the ability to suspend the submission of data for the purpose of signing into an e-service, resulting in the User's suspension from being signed into an e-service.
  6. When the Cross-border User is accessing an e-service, the Node forwards a set of data obtained from the Cross-border Node to NIAS, which then forwards them to the e-service. The Service Provider on the basis of the data obtained on the Cross-border User decides whether to grant or deny the Cross-border User access to the e-service.
  7. NIAS through the myID service allows the User to view credential history within the last 60 days.
  8. NIAS is not liable if the E-service Provider refuses access to the User on the basis of the delivered data.
  9. The Node and NIAS are not liable if the E-service Provider refuses access to the Cross-border User on the basis of the delivered data.
  10. The User may request a credential from the Credential Issuer in accordance with the credential issuance rules. The Central State Portal publishes information on credentials accepted in NIAS, their Issuers and the method of issuance.

 

  1. ACCESS TO AND SIGN-OUT FROM E-SERVICE
  1. In order to access an e-service via NIAS and/or the Node, the User and/or the Cross-border User has to have access to the Internet and one of the most widely used browsers, such as Internet Explorer, Chrome, Opera, Mozilla Firefox, etc.
  2. Single Sign On is a method of authenticating a User where it is sufficient for the User to be authenticated for only one e-service for several different systems between which there is a common link. The User is authenticated once per session and NIAS provides access to all e-services that require authentication by a credential of the same or lower security level, without the need for the User to reuse a credential.
  3. Cross-border User will not be able to use the Single Sign On.
  4. Access to an e-service that requires authentication by a credential of a higher security level than the one that is already authenticated by an active session, requires the User and/or Cross-border User to provide a new higher-level authentication credential.
  5. Single Sign-Out allows a User to sign out of all services they are signed into from one central location within a single session.
  6. Cross-border User will not be able to use the Single Sign-Out. The Cross-border User signs out of every service they have accessed.

 

  1. SIGNING OUT OF NIAS
  1. By signing out of NIAS, the User signs out of the NIAS session which initiates the Single Sign-out option to sign out from e-services they have been signed into. The Cross-border User signs out of every service they have been signed into.

 

  1. PRIVACY PROTECTION
  1. Ministry of Public Administration of the Republic of Croatia as NIAS management authority and Node operator warrants to the User and the Cross-border User that their personal data will be used in accordance with the regulations in the area of personal data protection and that the integrity and confidentiality of such data will not be violated in any way. Ministry of Public Administration of the Republic of Croatia warrants to the User and the Cross-border User that the Agreement with the Financial Agency as the operational manager of NIAS and the Node ensures that their personal data will be used in accordance with the regulations in the area of personal data protection. The protection of privacy and confidentiality of data exchanged between the Node and Cross-border Nodes is also regulated by the eIDAS Regulation 2015/1501 on the interoperability framework.
  2. 2. User data in the system is handled in accordance with regulations regulating the protection of personal data. NIAS keeps the following user data about the User:
    • PIN
    • the types of credentials used in NIAS
    • e-mail addresses (if User has entered them)
    • the history of the requested and sent attributes (personal data from item I.2) to the e-service for each sign-in and the type of credential used for sign-in purposes (available to the User through the myID service that is a component of NIAS)
    For the Cross-border User, the Node retrieves the set of Cross-border User data and forwards it to NIAS, which forwards it to the Service Provider.
  1. NIAS has no access to any secret data related to the user credential nor are they known to it in any way.
  2. Fina will retain user data throughout the term during which it manages NIAS.
  3. NIAS uses cookies. Cookie is a small text file that a visited web page stores on the User’s device. The file contains information to support the use of that web page. These cookies enable NIAS to work effectively and easily for the User and they will be deleted at the end of the session. By accessing NIAS, User accepts that NIAS may store cookies on their computer or any other type of device they are using. In the event the User does not allow cookies, NIAS will not work.
  4. Within the meaning of the provisions of the regulation in the area of personal data protection, the controller of personal data is the Ministry of Public Administration, Maksimirska 63, 10 000 Zagreb, PIN: 81700550832, contact telephone number: 01 235 75 55. The processor of personal data is Financijska agencija (Financial Agency), Zagreb, Ulica grada Vukovara 70, PIN: 85821130368.
  5. Contact Information for the Data Protection Officer of the data controller: zastita-podataka@uprava.hr.
  6. Personal data referred to in items I.2. and V.2. are processed only for the purposes of signing into the public e-services via NIAS.
  7. Personal data recipients from item I.2. are entities and bodies that provide public e-services that are accessed via NIAS.
  8. The user to whom personal data in points I.2. and V.2. refer and whose personal data are processed by the processor shall be entitled to request access to, rectification, erasure, transferability and restriction of processing of personal data and to object to the processing of personal data related to them, provided that the requirements prescribed by the regulations in the area of personal data protection are met. User may submit a request related to above-mentioned rights in writing to the following address: Ministarstvo uprave, Maksimirska 63, 10000 Zagreb, or by email at: zastita-podataka@uprava.hr.

Date of document: 25 May 2018 Version 4.0

Korisnički identifikator: 82C5-DC08-D8FA-1C56-4524-64A7-E5EE-A7BE