This document regulates the policy used by Trans.eu Group S.A. with its head office in Wysoka, 4 Chabrowa street, 52-200 Wysoka, entered into the Register of Entrepreneurs, kept by the District Court for Wrocław-Fabryczna in Wrocław, VI Commercial Division of the National Court Register under number 0000720763, Tax Identification Number: 8942764658, REGON: 932920615 (hereinafter: Controller), in the scope of protection of users’ personal data and information that may constitute the users’ business secret.
This policy applies to services offered by the Controller via the website www.workshops.trans.eu. The above policy does not cover the websites and services of third parties that can be accessed via the links on the abovementioned website. Detailed information on personal data protection is available from each service provider separately. The Controller recommends reading each time the documents in question on suppliers’ websites.
The Controller uses the so-called “Cookies” to track visits of website users and save their preferences, e.g. language, login data, as well as adjusting the services offered to their needs. The abovementioned files are used to compile general statistics on users’ use of the website. The files will be kept until they become outdated or expired. Cookies will not be transferred to third parties, they will only be transferred to entities belonging to the Trans.eu Group.
As it is possible to disable cookies in the web browser, the use of services will not be prevented, however, some difficulties may occur.
Data in Google Analytics
Traffic on the Controller’s websites is monitored by the Google Analytics analytical system, whose purpose is to collect data on the way websites are used and on their popularity. This data (e.g. the browser used or the IP address) will not be made available by the Controller to third parties.
In order to use the services and products offered by the Controller, you must fill in Register form uploaded on website, by clicking “sign up for workshops”. During registration, please provide: company name, company address, postal code and country, job title, phone and email address. You can also ask question via website using other form. You must provide: company name, company address, phone and email address Data is also collected passively, i.e. through the operation of the website (e.g. IP address, resolution, location, type of browser).
Providing personal data is voluntary, but necessary to conclude and implement service contracts and to contact the Controller. If the Controller does not receive the necessary information, the Controller will not be able to conclude or perform contracts and provide services.
Users personal data will be processed:
for the purposes necessary for the implementation of the contract concluded with the user and the Controller or for the purpose of carrying out activities before the conclusion of the contract (art. 6(1)(b) of the GDPR),
if necessary, for purposes arising from legitimate interests pursued by the Controller or a third party (art. 6(1)(f) of the GDPR), including: answering a question/complaint, sending the Controller’s newsletter regarding changes in the software, Regulations, etc., to ensure the Controller’s IT security; in order to examine customer satisfaction, pursue claims and defend against claims, in direct marketing of the Controller’s products and services, as well as entities from the Trans.eu group, as well as other entities for which the Controller provides services under separate contracts, for the internal administrative purposes of the Controller, e.g. preparation of statistics.
based on your consent (art. 6(1)(a) of the GDPR), granted for specific purposes (e.g. sending data within the Trans.eu group).
If the user has given such consent, the Controller sends information about the current and future products and services of the Controller and Group entities via email in the form of an information or advertising campaign.
In terms of personal data, withdrawal of consent is possible at any time, although it does not affect the processing of personal data occurring before its withdrawal.
Personal data recipients
The data may be disclosed to other recipients in order to fulfil the legal obligation of the Controller, based on your consent or for purposes arising from legitimate interests of the controller or third party.
The recipients may be in particular: entities from the Trans.eu capital group, institutions statutorily authorised to receive your data pursuant to relevant legal provisions, as well as entities processing data on behalf of the Controller and their authorised employees, where such entities process data on the basis of an agreement with the Controller and only in accordance with instructions and on condition of confidentiality. The group of entities performing tasks on behalf and for the Controller includes entities providing services to the extent necessary to provide technical facilities for the implementation of services, e.g. IT service providers and entities providing accounting services. The Controller exercises due diligence when sending data, using means and security measures that prevent unauthorised persons from gaining access to data (including SSL, encrypted connections).
Data transfer outside the European Community
Personal data is not transferred to third countries (i.e. to countries outside the European Economic Area).
Data subject’s rights
The user may request access to the personal data, as well as to rectify it, restrict its processing or erase it, withdraw consent to data processing at any time in the scope of this consent, as well as transfer of the personal data. The user has the right to lodge a complaint with the supervisory body, which in Poland is Personal Data protection Office with its head office in Warsaw, Stawki 2 Street, 00-193 Warsaw, if the user finds that the processing of their data violates the provisions of the GDPR. In addition, you have the right to object to the processing of data at any time for reasons related to your particular situation, when the Controller processes data for purposes arising from legitimate interests, for purposes related to direct marketing, including profiling. After confirming user’s identity, the Controller will execute the indicated rights based on an analysis of the legitimacy of the request and applicable law. The Controller shall use all reasonable endeavours to fulfil users’ requests regarding personal data, unless such data must be retained due to applicable law or other legally justified interests of the Controller.
Data storage period
Personal data will be processed and stored by the Controller for the period necessary to achieve the purposes, i.e.:
performance of the contract concluded between the user and the Controller—until its completion, and after that time for the period required by law or for the implementation of any claims;
to the extent that the data is processed on the basis of consent—the Controller will process it until the consent is withdrawn,
until the legitimate interests of the Controller that constitute the basis for this processing are fulfilled or until you object to such processing, unless there are legitimate grounds for further processing of data.
In order to ensure security, the Controller:
allows access to the account only after entering the email address and password (it is recommended to set passwords consisting of min. 8 characters and containing upper and lower case letters, special characters, and numbers), which the user should keep confidential, controls the methods of collecting, storing, and processing information, including physical security measures to protect against unauthorised access to the system,
grants access to personal data only to those employees, contractors, and associates who must have access to them to process them for the Controller’s needs; in addition, they are bound by the contract to maintain strict confidentiality, and in the event of failure to comply with these obligations may suffer consequences, including termination of cooperation.