INFOBUS s.r.o.
(valid for www.infobus.eu and mobil application INFOBUS of iOS and Android)
This Cookie Policy explains how Infobus s.r.o. ("we," "us," or "our") uses cookies and similar tracking technologies when you visit our website www.infobus.cz (the "Website"). This policy should be read together with our Privacy Policy.
We are committed to protecting your privacy and ensuring transparency about how we collect and use information through cookies. This policy complies with applicable data protection laws worldwide, including the EU General Data Protection Regulation (GDPR), ePrivacy Directive, US state privacy laws (CCPA, CPRA, etc.), Brazil's LGPD, Canada's PIPEDA and Quebec's Law 25, China's PIPL, Japan's APPI, South Korea's PIPA, Vietnam's PDPL, Indonesia's PDP Law, Turkey's KVKK, Russia's Federal Law No. 152-FZ, and other applicable regulations.
Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and to provide information to website owners.
Cookies allow us to recognize your device and remember information about your visit, such as your preferred language and other settings. This can make your next visit easier and the site more useful to you.
We use the following categories of cookies on our Website:
Purpose: These cookies are essential for the operation of our Website. They enable core functionality such as security, network management, and accessibility. Without these cookies, services you have requested cannot be provided.
Legal Basis: These cookies are necessary for the performance of our contract with you or to comply with legal obligations. They do not require consent under GDPR, ePrivacy Directive, and similar laws.
Examples: Session cookies, authentication cookies, load-balancing cookies, security tokens, cookie consent preferences
Purpose: These cookies collect information about how visitors use our Website, such as which pages are visited most often and if error messages are received. This helps us improve how our Website works.
Legal Basis: Your explicit consent is required in the EU/EEA, UK, Norway, Vietnam, South Korea, Indonesia, Brazil, Quebec (Canada), and Turkey. In some jurisdictions (Netherlands, Italy, France, Slovenia), privacy-friendly analytics cookies may not require consent if they are anonymized and used only for our own website.
Examples: Google Analytics, Adobe Analytics, Matomo, Yandex Metrica, custom analytics tools
Purpose: These cookies allow the Website to remember choices you make (such as your username, language, or region) and provide enhanced, more personalized features.
Legal Basis: Your explicit consent is required in most jurisdictions unless the functionality is specifically requested by you.
Examples: Language preferences, region selection, font size preferences, form auto-fill
Purpose: These cookies are used to deliver advertisements more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns.
Legal Basis: Your explicit consent is required in all jurisdictions. In US states with privacy laws, you have the right to opt-out of the sale or sharing of personal information for targeted advertising.
Examples: Google Ads, Facebook Pixel, LinkedIn Insights, Twitter Ads, retargeting pixels
Purpose: These cookies are set by social media services that we have added to the Website to enable you to share our content with your friends and networks. They track your browser across other sites and build a profile of your interests.
Legal Basis: Your explicit consent is required in all jurisdictions.
Examples: Facebook, LinkedIn, Twitter, Instagram, YouTube embedded content
Cookies can be either session cookies or persistent cookies:
• Session Cookies: These are temporary cookies that expire when you close your browser.
• Persistent Cookies: These remain on your device for a set period or until you delete them. The duration varies depending on the purpose of the cookie.
We use both first-party and third-party cookies:
• First-Party Cookies: These are set directly by us and used only by our Website.
• Third-Party Cookies: These are set by third-party services we use, such as analytics providers, advertising networks, and social media platforms. These third parties may track your browsing activity across different websites.
Below is a list of the specific cookies we use. Please note that the cookies used may change over time as we improve and update our Website.
| Cookie Name | Category | Purpose | Provider | Duration |
|---|---|---|---|---|
| _ga | Analytics | Google Analytics — registers a unique identifier to track site visitors and generate statistics about their behavior. | 2 years | |
| _gid | Analytics | Google Analytics — registers a unique identifier to distinguish users; refreshed every 24 hours. | 24 hours | |
| cookie_consent | Necessary | Cookiebot — stores the user's cookie consent choices — acceptance or rejection of different cookie categories. | Cookiebot | 1 year |
| session_id | Necessary | Cookiesbot — maintains the user session by storing a temporary ID to associate a user's requests on the server. | Cookiesbot | Session |
| urlParams | Marketing | AppsFlyer — saves UTM parameters and URL parameters for advertising campaign attribution. | Appsflyer | 30 days |
| stel_ssid | Statistics | Telegram — identifies the session of a user arriving via a Telegram widget or referral link. | Telegram | 30 days |
| lang | Preferences | infobus.eu — remembers the user's chosen interface language for correct content display. | infobus.eu | 90 days |
| infobusLastTouchSource | Statistics | infobus.eu — records the last traffic source (last-touch attribution) — where the user came from before converting. | infobus.eu | 30 days |
| infobusFirstTouchSource | Statistics | infobus.eu — records the first traffic source (first-touch attribution) — where the user first arrived on the site. | infobus.eu | 30 days |
| fs_uid | Preferences | customer.io — stores a unique user identifier for the customer.io platform (personalization and profile management). | customer.io | 30 days |
| ajs_user_id | Statistics | customer.io — identifies the authenticated user in the analytics system for action tracking. | customer.io | 30 days |
| ajs_anonymous_id | Statistics | customer.io — assigns an anonymous identifier to unauthenticated users for analytics and later profile linking. | customer.io | 30 days |
| af_marketing_kb_page | Marketing | AppsFlyer — stores data about the marketing page from which the user arrived for campaign attribution. | Appsflyer | 30 days |
| _vwo_uuid_v2 | Statistics | Visual Website Optimizer — assigns a unique visitor ID for A/B testing and conversion optimization. | Appsflyer | 30 days |
| _uetvid | Marketing | Microsoft Ads — tracks the user for remarketing — used to display personalized ads across the Microsoft network | infobus.eu | 30 days |
| _uetsid | Marketing | Microsoft UET — stores the current session identifier for Universal Event Tracking — Bing Ads conversion tracking. | infobus.eu | 30 days |
| _rdt_uuid | Marketing | Reddit Pixel — unique user identifier used for remarketing and conversion measurement on Reddit. | Appsflyer | 30 days |
| _mkto_trk | Marketing | AppsFlyer — links the visitor's session for personalizing marketing campaigns and email outreach | Appsflyer | 30 days |
| _ib_push_token_set | Marketing | infobus.eu — stores a token for sending browser push notifications to the user. | infobus.eu | 30 days |
| _gtmeec | Statistics | Google Tag Manager — service cookie that stores an event/session ID for correct operation of analytics tags. | infobus.eu | 30 days |
| _gid | Statistics | AppsFlyer — used to identify users within advertising attribution | Appsflyer | 30 days |
| _gcl_au | Statistics | Google Ads / AdSense — used to track conversions from advertising campaigns. | infobus.eu | 30 days |
| _ga_MB9NNSW1TT | Statistics | Google Analytics 4 (AppsFlyer) — stores GA4 session state — session counter and timestamps within the AppsFlyer context. | Appsflyer | 30 days |
| _ga_L97TR1N1TG | Statistics | Google Analytics 4 (customer.io) — stores GA4 session state — unique session ID and visit counter within the customer.io context. | customer.io | 30 days |
| _ga_88VQ980K3Z | Statistics | Google Analytics 4 (infobus.eu) — stores GA4 session and user interaction data for the infobus.eu domain | infobus.eu | 30 days |
| _fbp | Marketing | Facebook Pixel — identifies the browser for remarketing and conversion tracking of Facebook/Meta ads. | infobus.eu | 30 days |
| _current_user_details | Marketing | customer.io — stores detailed data about the current authenticated user for personalization and marketing segmentation. | customer.io | 30 days |
| _clsk | Statistics | Microsoft Clarity — groups a user's requests into one session for heatmaps and behavioral analysis. | infobus.eu | 30 days |
| _clck | Statistics | Microsoft Clarity — stores a unique visitor identifier for session recordings and click heatmaps | customer.io | 30 days |
| __utmzzses | Statistics | Google Analytics (legacy) — stores traffic source data (UTM tags) for analytics — legacy Universal Analytics format. | infobus.eu | 30 days |
| __Secure- | Necessary | Google — secure session cookie used for request authentication and CSRF protection. | Session | |
| SSID | Necessary | infobus.eu — stores an encrypted identifier for the authenticated user session. | infobus.eu | Session |
| SM | Statistics | Microsoft Clarity — session metadata cookie — stores auxiliary information for correct session recording. | clarity | Session |
| SIDCC | Necessary | Google — additional session security check — protects the account from unauthorized access. | Session | |
| SID | Necessary | Google — main identifier of the authenticated Google user session (digital account signature). | Session | |
| SEARCH_SAMESITE | Necessary | Google — SameSite protection cookie to prevent CSRF attacks during Google searches | Session | |
| SAPISID | Necessary | Google — used for user authentication across Google services (Maps, YouTube, etc.). | Session | |
| S | Necessary | Google — auxiliary session protection cookie for Google services. | Session | |
| PHPSESSID | Necessary | infobus.eu — standard PHP session cookie that associates user requests with their server-side data. | infobus.eu | Session |
| OTZ | Marketing | Google Ads — used for aggregated audience analysis and customization of Google Ads offerings. | 30 days | |
| NID | Marketing | Google — stores user preferences (language, search results count) and is used for personalized advertising. | 30 days | |
| MicrosoftApplicationsTelemetryFirstLaunchTime | Statistics | Bing / Microsoft — records the time of first launch/visit for telemetry and usage statistics of Microsoft products. | Bing | Session |
| MicrosoftApplicationsTelemetryDeviceId | Statistics | Bing / Microsoft — unique device identifier for telemetry and analytics of the Microsoft platform | Bing | Session |
| MUID | Marketing | Microsoft / Bing / Clarity — universal user identifier for tracking and ad display across the Microsoft network | Bing, clarity | 30 days |
| MR | Marketing | Microsoft Clarity — used to refresh the MUID identifier and track user actions. | clarity | 30 days |
| HSID | Necessary | Google — protection cookie to prevent request forgery (CSRF) when using Google services. | Session | |
| FPLC | Statistics | infobus.eu — primary lifecycle tracking cookie — links sessions and visits of the same user. | infobus.eu | Session |
| FPID | Statistics | infobus.eu — unique first-visit identifier for end-to-end user analytics. | infobus.eu | Session |
| FPGSID | Statistics | infobus.eu — group session identifier for aggregating user interactions within one visit. | infobus.eu | 30 days |
| FPAU | Marketing | Google Ads — identifier for linking Google Ads data with user conversion analytics | 30 days | |
| CookieConsent | Necessary | Cookiebot / infobus.eu — stores the detailed status of the user's consent to use cookies by category. | Cookiebot | Session |
| APISID | Necessary | Google — used for authentication and personalization in Google services (required Auth component). | Session | |
| ANONCHK | Marketing | Microsoft Clarity — checks whether the user is anonymous; used for session recording. | clarity | 30 days |
| AEC | Necessary | Google — ensures session security — prevents fraudulent requests and protects the Google account. | 30 days | |
| ADS_VISITOR_ID | Marketing | Google Ads — unique visitor identifier for ad attribution and conversion tracking. | 30 days | |
| cart | Necessary | infobus.eu — stores the contents of the user's cart (selected tickets/routes) within the current session. | infobus.eu | Session |
| firebase-heartbeat-database#firebase-heartbeat-store | Necessary | Firebase SDK — periodically updates SDK activity data to monitor the health of the Firebase connection. | infobus.eu | 30 days |
| search-items | Preferences | infobus.eu — saves the parameters of the user's last search (route, date, passengers) for convenient reuse | infobus.eu | 30 days |
| bs_session | Preferences | infobus.eu — stores browser session data — interface settings and current state | infobus.eu | Session |
| _ib_cpa_click_id | Marketing | infobus.eu (CPA) — click identifier from a CPA network for tracking and attribution of affiliate conversions. | infobus.eu | Session |
| _ib_cpa_network_id | Marketing | infobus.eu (CPA) — affiliate network identifier — determines which CPA network the user came from | infobus.eu | Session |
| infpartner | Preferences | infobus.eu — stores the referral partner identifier — determines through which partner the user arrived. | infobus.eu | 30 days |
| ga4_item_indices | Preferences | infobus.eu / GA4 — stores product/route position indices for correct eCommerce event transmission to Google Analytics 4. | infobus.eu | 30 days |
| __Host-GAPS | Marketing | Google Accounts — secure Google Accounts session identifier — used for authentication and security. | Session |
For a complete and up-to-date list of cookies, please use our cookie scanner tool available at Cookiebot.
The legal basis for processing cookies varies by jurisdiction:
We obtain your explicit opt-in consent before placing non-essential cookies on your device, as required by the ePrivacy Directive and GDPR. Consent is:
• Freely given - you can refuse without negative consequences
• Specific - separate consent for different cookie categories
• Informed - we provide clear information about each category
• Unambiguous - an affirmative action is required (clicking "Accept")
For users in California, Connecticut, Virginia, Colorado, Utah, Montana, Oregon, Delaware, Iowa, Indiana, Tennessee, Maryland, Kentucky, Nebraska, New Hampshire, New Jersey, Minnesota, Texas, and Florida:
We provide you with the ability to opt-out of the sale or sharing of your personal information for targeted advertising. We honor Global Privacy Control (GPC) signals where required by law.
You can exercise your right to opt-out by clicking the "Do Not Sell or Share My Personal Information" link in our cookie banner or at Cookiebot.
For users in Canada, particularly Quebec, we obtain your explicit opt-in consent before collecting personal information through cookies. We provide:
• Clear explanation of cookie purposes
• Granular consent options by category
• Easy withdrawal mechanism
For users in Vietnam, we obtain your explicit opt-in consent before collecting personal data through cookies. Your silence or continued browsing does not constitute consent. Consent is voluntary, specific, fully informed, and purpose-specific.
We provide separate consent options for tracking, marketing, and behavioral advertising. For users under 7 years old, parental/guardian consent is required. For users aged 7 and above, both the child and parent/guardian must consent for sensitive data processing.
For users in South Korea, we obtain your explicit consent for cookies that collect personal information. Consent is freely given, specific, informed, and unambiguous. We provide granular consent by purpose and easy withdrawal mechanisms.
For users in Indonesia, we obtain your opt-in consent for personal data processing via cookies. Consent must be voluntary, specific, informed, and explicit. We provide equally prominent Accept and Reject buttons with granular controls by cookie category.
For users in Japan, we obtain your opt-in consent for third-party cookies that collect person-related information. We provide transparency about cookie use and opt-out mechanisms as required by the Telecommunications Business Act.
For users in Brazil, we obtain your explicit opt-in consent before processing personal data through cookies.
We provide a two-layer banner system with Accept All, Reject All, and Manage Cookies options (all equally prominent), with granular consent by purpose in the second layer.
For users in China, we obtain your explicit, voluntary consent for personal information processing. Consent is separate (not bundled) and we obtain re-consent when the purpose, method, or type of processing changes. For users under 14 years old, parental consent is required.
For users in Turkey, we obtain your explicit consent for processing personal data through cookies. Consent must be freely given, specific, informed, and explicit. We maintain verifiable records of consent and provide user-friendly withdrawal mechanisms.
For users in Russia, we obtain your consent separately from any other documents or information. Consent is not bundled with user agreements and requires a separate checkbox or form. We provide information about web analytics tools and obtain consent for Google Analytics, Yandex Metrica, and similar services.
You have the right to decide whether to accept or reject cookies. You can exercise your cookie preferences in the following ways:
When you first visit our Website, we present you with a cookie banner that allows you to accept or reject different categories of cookies. You can:
• Accept All - consent to all cookie categories
• Reject All - reject all non-essential cookies
• Manage Cookies - select specific cookie categories you want to allow
You can change your cookie preferences at any time by clicking the "Cookie Settings" link in our footer or at Cookiebot.
Most web browsers allow you to control cookies through their settings. You can set your browser to:
• Block all cookies
• Accept only first-party cookies
• Delete cookies when you close your browser
• Receive a notification before cookies are set
For instructions on how to manage cookies in popular browsers:
• Google Chrome: Settings > Privacy and Security > Cookies and other site data
• Mozilla Firefox: Settings > Privacy & Security > Cookies and Site Data
• Safari: Preferences > Privacy > Cookies and website data
• Microsoft Edge: Settings > Cookies and site permissions > Cookies and site data
Please note that blocking all cookies may prevent you from accessing certain features of our Website.
We honor Global Privacy Control (GPC) signals. If your browser sends a GPC signal, we will treat it as a request to opt-out of the sale or sharing of your personal information for targeted advertising purposes, as required by applicable US state privacy laws.
You can opt-out of targeted advertising through the following industry tools:
• Digital Advertising Alliance (DAA): www.aboutads.info/choices
• Network Advertising Initiative (NAI): www.networkadvertising.org/choices
• European Interactive Digital Advertising Alliance (EDAA): www.youronlinechoices.eu
• Google Ad Settings: adssettings.google.com
Depending on your location, you may have the following rights regarding cookies and personal data:
• Right to Access: Request information about cookies and personal data we collect
• Right to Rectification: Request correction of inaccurate data
• Right to Deletion: Request deletion of your personal data collected through cookies
• Right to Object: Object to processing of your data for direct marketing purposes
• Right to Restrict Processing: Request limitation on how we use your data
• Right to Data Portability: Request a copy of your data in a structured, machine-readable format
• Right to Withdraw Consent: Withdraw your cookie consent at any time
• Right to Opt-Out of Sale/Sharing: (US states) Opt-out of sale or sharing of personal information for targeted advertising
• Right to Limit Use of Sensitive Information: (California) Limit use of sensitive personal information
• Right to Lodge a Complaint: File a complaint with your local data protection authority
To exercise any of these rights, please contact us using the information in the "Contact Us" section below.
We retain cookie data for different periods depending on the purpose and legal requirements. Session cookies are deleted when you close your browser. Persistent cookies are retained for the duration specified in Section 6 (Specific Cookies We Use) or until you delete them. We retain records of your cookie consent for as long as required by applicable law (typically 3 years in the EU, or longer where required by specific jurisdictions).
Some cookies and tracking technologies may result in your personal data being transferred to countries outside your location, including countries that may not provide the same level of data protection as your home country.
Where we transfer personal data internationally, we ensure appropriate safeguards are in place, such as:
• EU Standard Contractual Clauses (SCCs)
• Adequacy decisions by regulatory authorities
• Privacy Shield frameworks (where applicable)
• China's cross-border transfer certification (where applicable)
• Other legally approved transfer mechanisms
Our Website is not directed to children under the age of [16/18] (or the applicable age in your jurisdiction). We do not knowingly collect personal information from children through cookies.
For users in jurisdictions with specific age requirements (such as China where parental consent is required for users under 14, or Vietnam where both child and parental consent is required for users aged 7 and above for sensitive data), we implement age verification and parental consent mechanisms as required by law.
We may update this Cookie Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. The "Last Updated" date at the top of this policy indicates when it was last revised.
If we make material changes to this policy, we will notify you by updating the date and, where required by law, seeking your renewed consent. We recommend that you review this policy periodically to stay informed about how we use cookies.
If you have any questions about this Cookie Policy or our use of cookies, please contact us:
Company Name: Infobus s.r.o.
Address: U Sluncové 666/12a, 186 00 Prague, Czech Republic, ID: 242 45 224
Email: [email protected]
Data Protection Officer: Algotech a.s.
Supervisory Authorities by Jurisdiction
If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction:
| Jurisdiction | Supervisory Authority |
|---|---|
| EU/EEA | Your national Data Protection Authority (list at edpb.europa.eu) |
| United Kingdom | Information Commissioner's Office (ICO) - ico.org.uk |
| United States | Your state Attorney General or relevant state privacy authority |
| Canada | Office of the Privacy Commissioner of Canada - priv.gc.ca |
| Brazil | ANPD (Autoridade Nacional de Proteção de Dados) - gov.br/anpd |
| South Korea | Personal Information Protection Commission (PIPC) - pipc.go.kr |
| Japan | Personal Information Protection Commission (PPC) - ppc.go.jp |
| China | Cyberspace Administration of China (CAC) - cac.gov.cn |
| Turkey | Turkish Data Protection Authority (KVKK) - kvkk.gov.tr |
| Russia | Roskomnadzor - rkn.gov.ru |
This Cookie Policy is designed to comply with applicable privacy and data protection laws worldwide. If you have any questions or concerns, please do not hesitate to contact us.
