PRIVACY POLICY

for the Internet Platform at www.certag.eu

 

 

§ 1. General Provisions

1.     The Controller guarantees that the Controller makes every effort that the Personal Data is processed by the Controller with the greatest respect for the privacy of data subjects, and with the utmost care for the security of the processed Personal Data, and in particular the Controller guarantees that the Controller has undertaken the relevant measures provided for in the law which are aimed at ensuring the security of the Personal Data.

2.       The Controller represents that the Controller applies the technical and organisational measures ensuring the security of the processed Personal Data which are relevant to the threats and categories of protected data, and in particular secures the data against making it available to unauthorised persons, taking it away by unauthorised persons, its processing in violation of the law, as well as its change, loss, damage or destruction.

3.       By accepting this Privacy Policy, the User represents that the User has read and gives the consent to the rules of processing their Personal Data in connection with the use of the Platform.

 

§ 2. Definitions

Whenever the following terms are mentioned in the Privacy Policy, they shall have the following meaning:

1)    Controller - shall mean Przemysław Tronina trading under the business name of Przemysław Tronina Consilium, with its registered office at the following address: ul. Smoleńskiego 1b, 51-607 Wrocław, Tax Identification Number (NIP): 8981957953   Company number  (Regon): 020104965, e-mail: info@certag.eu, www: www.certag.eu. The Controller shall also mean the data controller as interpreted in Article 4 (7) of the GDPR;

2)    Personal Data - shall mean any information about an identified or identifiable natural person (in the case of the Privacy Policy, the User); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person; ;

3)    Software - shall mean the Internet browsers that the User may use in order to use the Platform;

4)    Platform - shall mean the ICT system used by the Controller to provide electronic services, as described in the Terms and Conditions for Provision of Services available at the web address: www.certag.eu;

5)    Cookies - shall mean computer data, in particular text files, which are stored on the User’s Device and are intended for the use of the Platform;

6)    Privacy Policy - the present document;

7)    Device - shall mean the electronic Device used by the User to access the Platform, in particular: PCs, laptops, tablets, smartphones, etc;

8)    Service - shall mean the service provided electronically to the User by the Controller, through the Platform, consisting in particular in:

a.    authenticating the User’s transport logbook in the database of certified transport;

b.    registering the User and the loading compartments used by the User in the database of certified transport;

c.     scheduling transports and assigning them to drivers;

d.    assessing the compliance of the carrier’s company data and the certification status of its quality systems;

e.    performing on-line verification of the certification status of the applied quality system and inspections of transports;

9)    User - shall mean a person using the Service via the Platform.

 

§ 3. Personal Data Processing

1.     User’s Personal Data is processed by the Controller:

1)    for performing a contract for the provision of electronic services concluded with the Controller - then the legal basis for the Personal Data processing shall be the necessity of the processing for the performance of a contract (Article 6 (1) (b) of the GDPR);

2)    for fulfilling the Controller’s statutory obligations arising, in particular, from tax and accounting regulations - the legal basis for processing shall be a legal obligation (Article 6(1)(c) of the GDPR);

3)    for analytical and statistical purposes - the legal basis of the processing shall be the Controller’s legitimate interest (Article 6(1)(f) of the GDPR) consisting in analysing the Users’ activity on the Platform, as well as their preferences in order to improve the applied functionalities;

4)    for establishing, exercising or defending the claims - the legal basis of the processing shall be the Controller’s legitimate interest (Article 6(1)(f) of the GDPR) consisting in the protection of the Controller’s rights;

5)    for technical and administrative purposes, to ensure the security of the Controller’s ICT system and to manage these systems - in this regard the legal basis of the processing shall be the Controller’s legitimate interest (Article 6(1)(f) of the GDPR);

6)    for direct marketing purposes - the legal basis of the processing shall be also the Controller’s legitimate interest (Article 6(1)(f) of the GDPR).

2.     The provision of the Personal Data by the User is voluntary but necessary to use the Service.

3.     The User may also give a separate consent to receive commercial, advertising and marketing information from the Controller. The User may withdraw the consent to its receipt at any time.

4.     The Controller processes or may process the following User’s Personal Data that the User voluntarily provides when using the Service :

1)   first name and surname;

2)   e-mail addresses;

3)   telephone numbers;

4)   NIP (Tax Identification Number);

5)   address of registered office or place of business;

6)   business name;

7)   certified quality system number;

8)   data collected during interaction with the Controller or the Controller’s representatives through electronic communication.

5.     The recipients of the Personal Data shall be the persons authorised by the Controller to process the data in the performance of their duties, the entities ordered by the Controller to provide the Controller with IT, accounting, HR, legal and tax services, in particular on the basis of personal data processing entrusting agreements.

6.    The Controller shall have the right to make the User’s data and information available within the scope of the conducted proceedings to an authorised body, e.g. prosecutor’s office or court.

7.    The Controller shall process the User’s Personal Data for the duration of the relationship with the User and for the period of the statute of limitations of claims, however, not longer than 6 years. If the processing is based on the User’s consent, the Controller shall process the User’s data until the consent is withdrawn.

8.    The Administrator shall observe the following Personal Data processing rules:

1)    processes the Personal Data lawfully, fairly and in a transparent manner for the data subject;

2)    collects the Personal Data for specified, explicit and legitimate purposes and does not further process it in a way incompatible with those purposes;

3)    processes the Personal Data in a way that is adequate, relevant, and limited to what is necessary for the purposes of the processing;

4)    the Personal Data is processed correctly and is updated when necessary; the Controller takes all reasonable steps to ensure that the Personal Data that is inaccurate in light of the purposes for which it is processed is erased or rectified without undue delay;

5)    stores the Personal Data in a form which permits the identification of the data subject for no longer than it is necessary for the purposes for which the data is processed.

9.     The User whose Personal Data is processed has the right to request the following from the Controller: access to data, as well as its rectification, erasure, restriction of its processing, or objection to its processing, in compliance with  § 7 of the Policy.

 

§ 4. Cookies

1.     The Controller uses the Cookies as part of the Platform.

2.     The Platform uses persistent Cookies, i.e. files stored on the User’s Device for the period specified in the parameters of the Cookies or until they are deleted by the User.

3.     The Platform uses the necessary Cookies which enable the use of the Platform.

4.     The Platform uses the following Cookies:

Cookie name

File type

Origin

Description of functionalities

Term of the agreement

CertagCookie

Persistent

Necessary

Own file

Used for user’s identification and authorisation

Not applicable

 

5.     The solutions applied within the Platform are safe for the User’s Devices.

 

§ 5. Transfer of data outside the EEA

1.    The User’s Personal Data, including the data that the User makes available while browsing the Site, in particular the data collected with the use of the Cookies, may be made available to trusted third parties, according to the User’s preferences, including those expressed through the Cookies settings.

2.    In the event that the User’s Personal Data is transferred to authorised entities established outside the European Economic Area (EEA), this shall only be done on the basis of a decision of the European Commission (EC) to provide an adequate level of protection, EC-approved standard contractual clauses, binding corporate rules or the provisions of the GDPR.

 

§ 6. Profiling

1.     The Controller does not use the systems for profiling and automated decision-making.

2.     The Controller declares that the Controller may use the tools designed to analyse traffic on the Platform, such as Google Analytics and other similar tools.

 

§ 7. Users’ rights

1.     The User shall have the right to access their Personal Data and to correct it at any time.

2.     In the case of the Personal Data processing for marketing purposes, based on the consent given, the User shall have the right to withdraw the consent at any time and through a declaration made in writing or in the form of an e-mail to the Controller’s address: info@certag.eu.

3.     The User shall have the right to correct, complete, update, rectify and request deletion of their Personal Data.

4.     The User shall have the right to object to the processing of their Personal Data on the basis of legitimate interests pursued by the Controller or by a third party. Filing an objection by the User to the processing of their Personal Data for marketing purposes prevents further processing of this information for these purposes.

5.     In order to request correction, completion, updating, rectification, restriction of processing, deletion and objection to the processing of their Personal Data, the User should send the request to the Controller’s e-mail address: info@certag.eu or in writing to the following address: ul. Smoleńskiego 1 b, 51-607 Wrocław, Poland.

6.     The User shall have the right to lodge a complaint with the President of the Personal Data Protection Office in case the Controller does not process their Personal Data in accordance with the law.

7.     The User has the possibility to restrict or disable the access of the Cookies to the User’s Device. If the User selects this option, the use of the Platform will be possible with certain functionalities requiring Cookies disabled.

8.     The User may change their Cookie settings at any time. In particular, such settings may be modified so as to block the automatic handling of the Cookies in the web browser settings or to inform the User about each case of placing the Cookies on the User’s Device. The detailed information about the possibility and methods of using the Cookies is available in the settings of the Software.

9.     The User may remove the Cookies at any time by using the functions available in the web browser used by the User.

 

§ 8. Final provisions

1.    Links to other websites may appear on the Platform. Such websites operate independently of the Controller and are in no way supervised by the Controller. Such websites may have their own privacy policies and regulations and we recommend that you become familiar with them.

2.    Any questions and objections regarding the Privacy Policy may be reported by sending an e-mail to: info@certag.eu.

3.    The Controller reserves the right to change the Privacy Policy.

4.    The Users shall be informed of any changes to the Privacy Policy on the pages of the Platform.