PRIVACY POLICY    

This document governs the policy applied by Trans.eu Group S.A. with its registered office in Wrocław, ul. Racławicka 2-4, 53-146 Wrocław, entered into the Register of Entrepreneurs of the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, 6th Commercial Division of the National Court Register, under KRS number: 0000720763, NIP (Tax Identification Number): 8942764658, REGON (Company Registration Number): 932920615 (hereinafter: the Controller), with regard to the protection of users’ personal data and information that may constitute trade secrets of the users.

This policy applies to the services offered by the Controller through the website: www.trans.eu. The above policy does not cover third-party websites and services that can be accessed through links on the aforementioned website. Detailed information on the protection of personal data is available from each service provider separately. The Controller recommends always reading the relevant documents on the websites of the providers.

Data we collect

In order to fully use the Controller’s services and products, the User may create an account or log in to the Trans.eu Platform (hereinafter: the Platform).  

In order to use the services and products offered by the Controller, it is necessary to register an account via the form provided on the website in the Registration/Register Company/Add an Employee section. When registering, the following data must be provided: Tax ID, company name, registered office address, postal code and country. In order to verify the User, the company’s Tax ID, phone number, e-mail address and first and last name are required. When logging in, the User enters the following information: TransID number. In addition, the User may complete the profile functioning within their account with additional data, such as: date of birth. 

As part of the Platform access service, we obtain most of the User’s data (including information, photos, documents) directly from the User. We can obtain some of the data from public sources, such as the National Court Register, the Central Register and Information on Economic Activity or similar sources, as well as from private entities that collect and provide information on entrepreneurs. These sources can provide us with data such as: identification data, contact data, financial data, geolocation data, etc.

The provision of data is voluntary, although necessary for the implementation of the service and the contact with the Controller. If the Controller is not provided with the necessary information, it will not be possible for the Controller to perform and deliver the service.

Some data is also collected passively, i.e. through the use of the website (e.g. IP address, resolution, location, browser type). 

Use of data

Personal data of the User is processed:

  • for the purposes necessary to provide the Platform access service based on the agreement aconcluded between the User and the Controller or in order to perform activities prior to the conclusion of the agreement (Article 6(1)(b) of the GDPR),
  • as a Controller, we are subject to a number of legal obligations arising from national law. If necessary, we will process your data in order to comply with requirements imposed by regulations (Article 6(1)(c) of the GDPR),
  • if necessary, for purposes resulting from the Controller’s or third party’s legitimate interests (Article 6(1)(f) of the GDPR), including but not limited to: providing support to the User, responding to queries/complaints, sending the Controller’s newsletter regarding changes to the Controller’s software, Trans.eu Platform Regulations and Regulations of related services, etc., for the purpose of ensuring IT security of the Controller, surveying Customer satisfaction, pursuing claims and defending against claims, in direct marketing of the Controller’s products and services and those of the entities of Trans.eu Group, as well as other entities to which the Controller provides services under separate agreements, for the Controller’s internal administrative purposes, such as preparing statistics, analyzes, reports, e.g. in terms of the methods and preferences of the User for the use of the Platform services and services related to the Platform, or the Controller’s website, 
  •  on the basis of your consent (Article 6 (1)(a) of the GDPR), granted for specific purposes (e.g. to provide the User with marketing content regarding the products and offers of the Controller and entities of the Trans.eu Group, e.g. newsletters, if the there is an interest in them or whether to send data within the Trans.eu Group for specific purposes).

If the User has given such consent, the Controller sends information on the current and future products and services of the Controller and entities of the Trans.eu Group via electronic communication (e.g. e-mail, phone, SMS, MMS, push, notifications on the Platform) as part of an information (commercial information) or marketing campaign (advertising). 

With regard to personal data, the consent may be withdrawn at any time, however, it does not affect the processing of personal data prior to its withdrawal.

Personal data may be processed by automated means (including profiling). The purpose of profiling is to collect information about the activity within the Platform, ways of using the Platform and User preferences, which allows us to better tailor our offer, as well as the products and services provided within the Platform and messages directed to the Users. This type of machine processing also allows the Controller to improve the technological functioning of the Platform, or to detect events that may threaten the security of the Platform and the Users. The legal basis for the processing is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR). 

Recipients of personal data

Data may be disclosed to other recipients in order to perform the agreement with the User, to comply with a legal obligation of the Controller, based on the User’s consent or for purposes arising from the legitimate interests of the Controller or a third party. 

The recipients may be in particular: entities of the Trans.eu capital group, institutions legally authorized to receive the User’s data under the applicable legislation (e.g. law enforcement or judicial authorities), as well as entities processing data on behalf of the Controller and their authorized employees, where such entities process data on the basis of an agreement with the Controller and only in accordance with instructions and under the condition of confidentiality. Entities performing tasks on behalf of and for the Controller include those providing services to the extent necessary to ensure technical and administrative facilities for the implementation of services available within the Platform, such as payment service providers, IT service providers, GPS signal monitoring service providers, auditors and entities operating the Platform. 

The Controller shall exercise due diligence in the transfer of data, using measures and safeguards to prevent unauthorized access to data (including SSL, encrypted connections).

Transfer of data outside the European Community

The level of protection of personal data outside the European Economic Area (EEA) may differ from that provided by European law. With this in mind, the Controller will only transfer personal data outside the EEA if it is necessary to do so. In the event of such a transfer, the Controller shall ensure an adequate level of protection of personal data primarily by:

  1. the transfer of personal data to countries that have been recognized by the European Commission as providing an adequate level of protection for personal data, 
  2. the use of standard contractual clauses issued by the European Commission, 
  3. the use of other appropriate safeguards. 

Rights of the data subject

The User has the right to access personal data, as well as to request rectification, restriction or erasure of personal data, to withdraw at any time consent to the processing of data to the extent of such consent, as well as to transfer personal data. 

The User has the right to lodge a complaint with the supervisory authority, which in the Republic of Poland is the President of the Office for Personal Data Protection, if they believe that the processing of their data violates the provisions of the GDPR. 

In addition, the User has the right to object at any time to the processing of data for reasons related to a particular situation, when the Controller processes data for the purposes of legitimate interest, for purposes related to direct marketing, including profiling. 

After confirming the User’s identity, the Controller will exercise the aforementioned rights based on the analysis of the legitimacy of the request and the applicable law. The Controller will make every reasonable effort to comply with Users’ requests for personal data, unless the data must be retained due to applicable law or other legitimate legal interests of the Controller. 

Data retention period

Personal data will be processed and stored by the Controller for the time necessary to fulfil the purposes, i.e.:

  • performance of the Agreement concluded between the User and the Controller – until its completion, and thereafter for the period required by law or for the exercise of any claims;
  • in terms of fulfilling legal obligations incumbent on the Controller – until the Controller fulfills these obligations,
  • to the extent that the data is processed based on consent – the Controller will process it until its withdrawal,
  • until the legitimate interests of the Controller constituting the basis for such processing are fulfilled or until the User objects to such processing, unless there are legitimate grounds for further data processing.

The data collected during the Users’ visits on the Controller’s website will be processed until it becomes outdated or useless. This applies to data processed for analytical and statistical purposes, including the use of cookies and managing the Controller’s websites.

Cookies

The Controller uses the so-called “cookies” to track visits of the Users on the websites and store their preferences, e.g. language, login details – and to adjust the services offered to their needs. These files are used to compile general statistics on the use of the website by the Users and they are stored until they become outdated or no longer relevant. Cookies will not be made available to other third parties, they will only be transferred to service providers to the extent necessary to provide technical support for the handling of the aforementioned files and entities belonging to the Trans.eu Group. 

Cookies can be deactivated in the User’s web browser, which will not prevent the User from using the services, but some difficulties may occur, i.e. the Controller’s website may no longer be fully functional. 

The categories of cookies can also be managed through the “Consents” window, under the “Show details” tab, which appears when the User first visits our website.  Detailed information on the Controller’s use of cookies is provided in the “Consents” message, under the link “Learn more” link, referring to the Cookie Policy document, available at: https://www.trans.eu/pl/polityka-plikow-cookies-eu/. 

Social media sites

Please be advised that the Controller’s website may include social networking plug-ins, including Facebook, Twitter, LinkedIn, Instagram, etc. In connection with their placement on the Controller’s website, the User is obliged to read the content of the privacy policies of these providers on their own in order to receive up-to-date information on the protection of personal data. 

Data in Google Analytics and other service providers

Traffic on the Controller’s websites is monitored, among others, by the Google Analytics system, or other service providers, such as. Albacross, the purpose of which is to collect data on the use of websites and their popularity, as well as to identify the users visiting the websites and to adjust advertising content. This data (e.g. the browser used or IP address) will not be shared by the Controller with any third parties.

Security

For security purposes, the Controller:

  • uses SSL encryption,
  • allows access to the account only upon entering the login address and password (it is recommended to set up passwords consisting of at least 8 characters and containing upper- and lower-case letters, special characters and digits), which the User should keep exclusively for their information, 
  • controls the methods of collecting, storing and processing information, including physical security measures to protect against unauthorized access to the system,
  •  grants access to personal data only to those employees, contractors and collaborators who need to have access to it in order to process it for the Controller’s purposes; moreover, under the agreement aand additional obligations (e.g. authorization) they are obliged to maintain strict confidentiality and protection of information, and in the case of entrusting data – by entrustment agreements for the processing of personal data. 

Privacy Policy Statement

 This Privacy Policy entered into force on 10.11.2024. We may update the Privacy Policy from time to time to reflect changes in our practices and information processing standards. Such modifications may take place without notifying the User. If there are any material changes that modify the principles of personal data processing, the User may be notified by email or by means of a notification made available on the website. The changes will be effective from the date of their publication at https://www.trans.eu/en/privacy-policy/, along with the date of their introduction.

Contact details

If you have any questions or comments regarding the Privacy Policy, please contact the Controller: Trans.eu Group S.A., Wrocław, ul. Racławicka 2-4, 53-146 Wrocław, (contact: 71 734 17 00, info@trans.eu).

The Controller has appointed a Data Protection Officer who can be contacted by email at: iod@trans.eu.