Saferoad RRS Polska Sp. z o.o. (hereinafter referred to as SAFEROAD) takes the protection of personal data very seriously. We have therefore taken technical and organisational measures to ensure that data protection regulations are complied with at SAFEROAD. All web activities are conducted in accordance with applicable personal data protection and data security legislation. Our security measures are continuously improved in line with technological developments. When communicating by email, however, we can not guarantee complete data security, so we recommend that you send us your confidential information by post.
By using our website you consent to the collection and processing of your personal data in accordance with this privacy policy.
§ 1 Information about the collection of personal data
(1) We provide information below about the collection of personal data when using our website. Personal data is all data that has a reference to you as a person, e.g. name, address, email addresses, user behaviour.
(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is Saferoad RRS Polska Sp. z o.o., ul. Balcerskiego 2, 80-299 Gdańsk, POLAND. You can reach our data protection officer at our postal address care of “data protection officer” or at privacy.rrs@saferoad.pl.
(3) When you contact us by email or through a contact form, the information you provide (your email address, your name and telephone number if applicable) will be stored by us to answer your questions. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements.
(4) If we rely on commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective transactions. In doing so, we also name the specified criteria for the storage duration.
§ 2 Your rights
(1) You have the following rights with respect to the personal data concerning you:
- Pursuant to Art. 15 GDPR, you have the right to demand information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to lodge a complaint, the source of the data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about the respective details;
- Pursuant to Art. 16 GDPR, you have the right to demand the correction of incorrect or incomplete personal data stored by us immediately;
- Pursuant to Art. 17 GDPR, you have the right to demand the deletion of your personal data stored by us, except where the processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims is;
- Pursuant to Art. 18 GDPR, you have the right to demand the restriction of processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you decline its deletion, and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to processing in accordance with Art. 21 GDPR;
- Pursuant to Art. 20 GDPR, you have the right to obtain your personal data provided to us in a structured, common and machine-readable format or to request the transfer of the data to another controller;
- Pursuant to Art. 7 (3) GDPR, you have the right to revoke consent you have previously granted to us at any time. As a result of your exercise of this right, we are not allowed to continue the data processing based on this consent for the future and
(2) If your personal data is processed based on legitimate interests pursuant to Art. 6 (1) (f) sent. 1 GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without you being required to specify your particular situation.
Please direct your request/objection to rrs@saferoad.pl, or by mail to the following address:
Saferoad RRS Polska Sp. z o.o.
ul. Balcerskiego 2
80-299 Gdańsk
POLAND
(3) You also have the right to lodge a complaint about the processing of your personal data by us to a data protection supervisory authority.
§ 3 Collection of personal data when visiting our website
(1) In the event of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (the legal basis is Art. 6 (1) (f) sent. 1 GDPR):
- shortened IP address
- Date and time of the request
- Content of the request (concrete page)
- Access status/HTTP status code
- Transmitted amount of data
- Website from which the request arises
- Browser
- Operating system and its interface
- Language and version of the browser software
(2) We use cookies on our site. These are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device and do not contain viruses, Trojans or other malicious software.
(2) Information is stored in the cookie which results in each case in connection with the specific terminal used. However, this does not mean that we are immediately aware of your identity. On the one hand, the use of cookies serves to make the use of our offer more pleasant for you. For example, we use so-called session cookies to recognise that you have already visited individual pages on our website. These are automatically deleted after leaving our site.
(3) In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognise that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
(4) On the other hand, we use cookies in order to statistically record the use of our website and to evaluate such data for the purpose of optimising our offer (see section 4). These cookies allow us to automatically recognise when you visit our site again that you have already visited us before. These cookies are automatically deleted after a defined time.
(5) The data processed by cookies is required for the purposes mentioned, namely to protect our legitimate interests as well as the interests of third parties pursuant to Art. 6 (1) (f) sent. 1 GDPR.
(6) Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is set. However, disabling cookies completely may mean that you can not use all features of our website.
Tracking-Tool
The tracking measures as indicated in the following and that are used by us are implemented on the basis of Art. 6 para. 1 S. 1 lit. f DSGVO. The tracking measures that are used allow us to ensure that our website is designed to be needs-oriented and continually optimised. We also employ the tracking measures to record statistics on the use of our website and for the purpose of evaluating the optimisation of our products. These interests are to be viewed as justifiable in the sense of the previously mentioned regulation.
The respective purposes of data processing and the data categories can be inferred from the following tracking tools.
Google analytics
We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/ intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; in the following “Google“), for purposes of needs-oriented design and to continually update our pages. In this connection, user profiles are created that use pseudonyms and cookies (see our numeral 4. The information generated by the cookies regarding your use of this website, such as:
- browser type/-version,
- operating system used,
- referrer URL (the page visited earlier),
- host name of accessing computer (IP address),
- time of server query,
is transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to yield further services associated with the use of the website and the internet for purposes of market research and needs-oriented design of these internet pages. Also, this information may be transferred to third parties, insofar as this is legally specified or insofar as third parties have been engaged to process these data. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized, so that an allocation is not possible (IP masking).
You can prevent the installation of cookies through an appropriate browser software setting; however, we refer to the fact that, in this case it is possible that not all of the functions of this website can be used in full scope. Moreover, you can prevent the recording of data generated by the cookie and data pertaining to your use of the website (incl. your IP address) and the processing of this data by Google, in that you download and install a browser add-on and install (https:// tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can additionally prevent the recording of data by Google Analytics by clicking on https://tools.google.com/dlpage/gaoptout. An opt-out cookie is set to prevent future recording of your data upon a visit to this website. The opt-out cookie applies to that browser only and only for our website and is stored on your device. If you delete the cookie in that browser, you must then reset the opt-out. You can find further information on data protection in connection with Google Analytics help (https://support.google.com/analytics/answer/ 6004245?hl=de).
§ 5 Social media plug-ins
(1) We are currently using the following social media plug-ins: [Facebook, Google+, Twitter, Xing, LinkedIn]. We use the so-called two-click solution here. In other words, when you visit our site, no personal data is initially passed on to the providers of the plug-ins. The provider of the plug-in can be identified by the mark on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button. The plug-in provider receives the information that you have accessed the corresponding website of our online service only if you click on the marked field and activate it. In addition, the data mentioned under § 3 of this privacy policy will be transmitted. In the case of Facebook and Xing, according to the respective providers in Germany, the IP address is anonymised immediately after collection. By activating the plug-in, personal data will be transmitted by you to the respective plug-in provider and stored there (with US providers in the USA). Since the plug-in provider carries out the data collection, in particular via cookies, we recommend that you delete all cookies via the security settings of your browser before clicking on the greyed-out box.
(2) We have no influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of the processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
(3) The plug-in provider saves the data collected about you as user profiles and uses these for purposes of advertising, market research and/or tailor-made website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles; you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the opportunity to interact with social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 (1) (f) sent. 1 GDPR.
(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and, for example, if you link to the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend logging out regularly after using a social network, but especially before activating the button, as this will prevent assignment to your profile with the plug-in provider.
(5) For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy policies of these providers, which are provided below. There you will also find further information about your rights and settings options for the protection of your privacy.
(6) Addresses of the respective plug-in providers and URL with their privacy notices:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; https://www.facebook.com/policy.php; Further information on data collection: https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other#applications and https: //www.facebook.com/about/privacy/your-info # everyoneinfo.
Facebook has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Twitter, Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy. LinkedIn has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
§ 6 Inclusion of You Tube videos
(1) We have included YouTube videos in our online offering, which are stored on https://www.YouTube.com and are directly playable from our website. These are all embedded in the “enhanced privacy mode”, which means that if you do not play the video, no data about you as a user will be transferred to YouTube. The data mentioned in paragraph 2 will be transmitted only when you play a video. We have no influence on this data transfer.
(2) When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under § 3 of this privacy policy will be transmitted. This happens regardless of whether YouTube provides a user account that you are logged into, or if there is no user account. When you are logged into Google, your data will be assigned directly to your account. If you do not wish the data to be associated with your profile on YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for purposes of advertising, market research and/or custom design of its website. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles; you must contact YouTube to exercise this right.
(3) Further information on the purpose and extent of the data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information about your rights and settings options for the protection of your privacy here:
https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
§ 7 Further functions and offers of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal data that we use to provide the service and for which the aforementioned data processing principles apply.
(2) We sometimes commission external service providers to process your data. These providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.
(3) Furthermore, we may disclose your personal data to third parties if this is necessary for the performance of the contract, the enforcement of our rights, in particular for the enforcement of claims arising from contractual relationships, and for safeguarding our legitimate business interests with regard to the advising and support of our customers, as well as conclusion of contracts or similar services offered by us together with partners. You can receive more information in this regard when you provide your personal data or below in the description of the offer.
(4) Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.
§ 8 Use of our product portal
(1) Insofar as you wish to use our portal, you must register yourself by providing your email address, a password you have chosen and your own user name. There is no requirement to provide your real name; pseudonymous use is possible. We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed if you have previously confirmed your registration via a confirmation email sent to you for this purpose by clicking on the link contained therein. If your confirmation is not received within [24 hours], your registration will be automatically deleted from our database. The specification of the aforementioned data is mandatory; you can voluntarily provide all other information when using our portal.
(2) When you use our portal, we store your data required for the fulfilment of the contract, including details of the payment method, until you ultimately delete your access. Furthermore, we will store the voluntary data provided by you for the time of your use of the portal, unless you delete it before. All information can be managed and changed in the protected customer area. The legal basis is Art. 6 (1) (f) sent. 1 GDPR.
(3) If you use the portal, your data may be made available to other participants of the portal in accordance with the contractual service. Unregistered members will not receive information about you. For all registered members, your [username and photo] will be visible, regardless of whether you have approved this. Your entire profile with the data you have released is also visible to all members who have confirmed you as a personal contact. If you make content accessible to your personal contacts that you do not send by private message, this content will be visible to third parties as far as your personal contact has granted their approval. If you post in public groups, this will be visible to all registered members of the portal.
(4) In order to prevent unauthorised access by third parties to your personal data, in particular financial data, the connection is encrypted using TLS technology.
§ 9 Data security
We use the popular SSL (Secure Socket Layer) method within you visit our site, in conjunction with the highest level of encryption supported by your browser. In general, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether a particular page of our website is encrypted is shown with the symbol of the closed key or lock icon in the lower status bar of your browser.
We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
§ 10 Change to the privacy policy
We reserve the right to update this privacy policy from time to time, in particular to reflect changing legislation or case law. We therefore recommend that you visit this website regularly so that you are aware of the protection and processing of your data.
§ 11 General
We at SAFEROAD also take corporate privacy seriously.
The relevant legal provisions require that personal data be processed in a manner that ensures the rights of data subjects to the confidentiality and integrity of their data. According to these regulations, it is forbidden to process personal data unlawfully or without authorisation or to intentionally or unintentionally violate the security of the processing in such a way as to destroy, to lose, to change, or to disclose or allow access to unauthorised parties.
For this reason, our employees have been obliged to maintain secrecy and, in particular, to comply with the data protection provisions for confidentiality pursuant to Art. 5 (1) (f), Art. 32 (4) of the General Data Protection Regulation (GDPR).
Employees are therefore prohibited from processing, using or making personal data accessible to third parties without authorisation. If external service providers are commissioned by SAFEROAD to process personal data for the first time, they will be contractually obliged to comply with the requirements of Art. 28 GDPR.
May 2018