Saferoad RRS Polska Sp. z o.o. (hereinafter referred to as SAFEROAD) takes the protection of personal data very seriously. We have therefore taken technical and organisational measures to ensure that data protection regulations are complied with at SAFEROAD. All web activities are conducted in accordance with applicable personal data protection and data security legislation. Our security measures are continuously improved in line with technological developments. When communicating by email, however, we can not guarantee complete data security, so we recommend that you send us your confidential information by post.
§ 1 Information about the collection of personal data
(1) We provide information below about the collection of personal data when using our website. Personal data is all data that has a reference to you as a person, e.g. name, address, email addresses, user behaviour.
(2) The controller pursuant to Art. 4 (7) of the EU General Data Protection Regulation (GDPR) is Saferoad RRS Polska Sp. z o.o., ul. Leszczynowa 6, 80-175 Gdańsk, POLAND. You can reach our data protection officer at our postal address care of “data protection officer” or at email@example.com.
(3) When you contact us by email or through a contact form, the information you provide (your email address, your name and telephone number if applicable) will be stored by us to answer your questions. We delete the data that arises in this context after the storage is no longer required, or limit the processing if there are statutory retention requirements.
(4) If we rely on commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective transactions. In doing so, we also name the specified criteria for the storage duration.
§ 2 Your rights
(1) You have the following rights with respect to the personal data concerning you:
- Pursuant to Art. 15 GDPR, you have the right to demand information about your personal data processed by us. In particular, you can request information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a right to lodge a complaint, the source of the data, if not collected from us, and the existence of automated decision-making including profiling and, where appropriate, meaningful information about the respective details;
- Pursuant to Art. 16 GDPR, you have the right to demand the correction of incorrect or incomplete personal data stored by us immediately;
- Pursuant to Art. 17 GDPR, you have the right to demand the deletion of your personal data stored by us, except where the processing is required for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims is;
- Pursuant to Art. 18 GDPR, you have the right to demand the restriction of processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you decline its deletion, and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to processing in accordance with Art. 21 GDPR;
- Pursuant to Art. 20 GDPR, you have the right to obtain your personal data provided to us in a structured, common and machine-readable format or to request the transfer of the data to another controller;
- Pursuant to Art. 7 (3) GDPR, you have the right to revoke consent you have previously granted to us at any time. As a result of your exercise of this right, we are not allowed to continue the data processing based on this consent for the future and
(2) If your personal data is processed based on legitimate interests pursuant to Art. 6 (1) (f) sent. 1 GDPR, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 GDPR, provided that there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which will be implemented by us without you being required to specify your particular situation.
Please direct your request/objection to firstname.lastname@example.org, or by mail to the following address:
Saferoad RRS Polska Sp. z o.o.
ul. Leszczynowa 6
(3) You also have the right to lodge a complaint about the processing of your personal data by us to a data protection supervisory authority.
§ 3 Collection of personal data when visiting our website
(1) In the event of merely informative use of the website, i.e. if you do not register or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (the legal basis is Art. 6 (1) (f) sent. 1 GDPR):
- shortened IP address
- Date and time of the request
- Content of the request (concrete page)
- Access status/HTTP status code
- Transmitted amount of data
- Website from which the request arises
- Operating system and its interface
- Language and version of the browser software
(3) In addition, to improve usability, we also use temporary cookies that are stored on your device for a specified period of time. If you visit our site again to take advantage of our services, it will automatically recognise that you have already been with us and what inputs and settings you have made, so you do not have to re-enter them.
(5) The data processed by cookies is required for the purposes mentioned, namely to protect our legitimate interests as well as the interests of third parties pursuant to Art. 6 (1) (f) sent. 1 GDPR.
(6) Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or a notice always appears before a new cookie is set. However, disabling cookies completely may mean that you can not use all features of our website.
The tracking measures as indicated in the following and that are used by us are implemented on the basis of Art. 6 para. 1 S. 1 lit. f DSGVO. The tracking measures that are used allow us to ensure that our website is designed to be needs-oriented and continually optimised. We also employ the tracking measures to record statistics on the use of our website and for the purpose of evaluating the optimisation of our products. These interests are to be viewed as justifiable in the sense of the previously mentioned regulation.
The respective purposes of data processing and the data categories can be inferred from the following tracking tools.
We use Google Analytics, a web analysis service of Google Inc. (https://www.google.de/ intl/de/about/) (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; in the following “Google“), for purposes of needs-oriented design and to continually update our pages. In this connection, user profiles are created that use pseudonyms and cookies (see our numeral 4. The information generated by the cookies regarding your use of this website, such as:
- browser type/-version,
- operating system used,
- referrer URL (the page visited earlier),
- host name of accessing computer (IP address),
- time of server query,
is transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports on website activity and to yield further services associated with the use of the website and the internet for purposes of market research and needs-oriented design of these internet pages. Also, this information may be transferred to third parties, insofar as this is legally specified or insofar as third parties have been engaged to process these data. In no case will your IP address be merged with other data from Google. The IP addresses are anonymized, so that an allocation is not possible (IP masking).
You can prevent the installation of cookies through an appropriate browser software setting; however, we refer to the fact that, in this case it is possible that not all of the functions of this website can be used in full scope. Moreover, you can prevent the recording of data generated by the cookie and data pertaining to your use of the website (incl. your IP address) and the processing of this data by Google, in that you download and install a browser add-on and install (https:// tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, in particular for browsers on mobile end devices, you can additionally prevent the recording of data by Google Analytics by clicking on https://tools.google.com/dlpage/gaoptout. An opt-out cookie is set to prevent future recording of your data upon a visit to this website. The opt-out cookie applies to that browser only and only for our website and is stored on your device. If you delete the cookie in that browser, you must then reset the opt-out. You can find further information on data protection in connection with Google Analytics help (https://support.google.com/analytics/answer/ 6004245?hl=de).
§ 5 Social media plug-ins
(2) We have no influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of the processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
(3) The plug-in provider saves the data collected about you as user profiles and uses these for purposes of advertising, market research and/or tailor-made website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles; you must contact the respective plug-in provider to exercise this right. Through the plug-ins, we offer you the opportunity to interact with social networks and other users so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 (1) (f) sent. 1 GDPR.
(4) The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and, for example, if you link to the page, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend logging out regularly after using a social network, but especially before activating the button, as this will prevent assignment to your profile with the plug-in provider.
(5) For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy policies of these providers, which are provided below. There you will also find further information about your rights and settings options for the protection of your privacy.
(6) Addresses of the respective plug-in providers and URL with their privacy notices:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; https://www.facebook.com/policy.php; Further information on data collection: https://www.facebook.com/help/186325668085084, https://www.facebook.com/about/privacy/your-info-on-other#applications and https: //www.facebook.com/about/privacy/your-info # everyoneinfo.
Facebook has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; https://www.google.com/policies/privacy/partners/?hl=de. Google has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Twitter, Inc., 1355 Market St., Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
Xing AG, Gänsemarkt 43, 20354 Hamburg, DE; https://www.xing.com/privacy.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; https://www.linkedin.com/legal/privacy-policy. LinkedIn has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
§ 6 Inclusion of You Tube videos
(1) We have included YouTube videos in our online offering, which are stored on https://www.YouTube.com and are directly playable from our website. These are all embedded in the “enhanced privacy mode”, which means that if you do not play the video, no data about you as a user will be transferred to YouTube. The data mentioned in paragraph 2 will be transmitted only when you play a video. We have no influence on this data transfer.
https://www.google.de/intl/de/policies/privacy. Google also processes your personal data in the US and has subjected itself to the EU-US Privacy Shield framework: https://www.privacyshield.gov/EU-US.
§ 7 Further functions and offers of our website
(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested. To do this, you will generally need to provide other personal data that we use to provide the service and for which the aforementioned data processing principles apply.
(2) We sometimes commission external service providers to process your data. These providers have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.
(3) Furthermore, we may disclose your personal data to third parties if this is necessary for the performance of the contract, the enforcement of our rights, in particular for the enforcement of claims arising from contractual relationships, and for safeguarding our legitimate business interests with regard to the advising and support of our customers, as well as conclusion of contracts or similar services offered by us together with partners. You can receive more information in this regard when you provide your personal data or below in the description of the offer.
(4) Insofar as our service providers or partners are based in a country outside the European Economic Area (EEA), we inform you about the consequences of this circumstance in the description of the offer.
§ 8 Use of our product portal
(1) Insofar as you wish to use our portal, you must register yourself by providing your email address, a password you have chosen and your own user name. There is no requirement to provide your real name; pseudonymous use is possible. We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed if you have previously confirmed your registration via a confirmation email sent to you for this purpose by clicking on the link contained therein. If your confirmation is not received within [24 hours], your registration will be automatically deleted from our database. The specification of the aforementioned data is mandatory; you can voluntarily provide all other information when using our portal.
(2) When you use our portal, we store your data required for the fulfilment of the contract, including details of the payment method, until you ultimately delete your access. Furthermore, we will store the voluntary data provided by you for the time of your use of the portal, unless you delete it before. All information can be managed and changed in the protected customer area. The legal basis is Art. 6 (1) (f) sent. 1 GDPR.
(3) If you use the portal, your data may be made available to other participants of the portal in accordance with the contractual service. Unregistered members will not receive information about you. For all registered members, your [username and photo] will be visible, regardless of whether you have approved this. Your entire profile with the data you have released is also visible to all members who have confirmed you as a personal contact. If you make content accessible to your personal contacts that you do not send by private message, this content will be visible to third parties as far as your personal contact has granted their approval. If you post in public groups, this will be visible to all registered members of the portal.
(4) In order to prevent unauthorised access by third parties to your personal data, in particular financial data, the connection is encrypted using TLS technology.
§ 9 Data security
We use the popular SSL (Secure Socket Layer) method within you visit our site, in conjunction with the highest level of encryption supported by your browser. In general, this is 256-bit encryption. If your browser does not support 256-bit encryption, we will use 128-bit v3 technology instead. Whether a particular page of our website is encrypted is shown with the symbol of the closed key or lock icon in the lower status bar of your browser.
We also take appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
§ 11 General
We at SAFEROAD also take corporate privacy seriously.
The relevant legal provisions require that personal data be processed in a manner that ensures the rights of data subjects to the confidentiality and integrity of their data. According to these regulations, it is forbidden to process personal data unlawfully or without authorisation or to intentionally or unintentionally violate the security of the processing in such a way as to destroy, to lose, to change, or to disclose or allow access to unauthorised parties.
For this reason, our employees have been obliged to maintain secrecy and, in particular, to comply with the data protection provisions for confidentiality pursuant to Art. 5 (1) (f), Art. 32 (4) of the General Data Protection Regulation (GDPR).
Employees are therefore prohibited from processing, using or making personal data accessible to third parties without authorisation. If external service providers are commissioned by SAFEROAD to process personal data for the first time, they will be contractually obliged to comply with the requirements of Art. 28 GDPR.