fbpx

Privacy policy and personal data processing

I. PRIVACY POLICY

Introduction

The protection of personal data is treated as an important aspect in the operation of Transcash.eu S.A. (hereinafter: “TC”). TC provides debt recovery and factoring services, which involve the processing of personal data of both TC clients as well as their debtors and contractors. Therefore, TC has created this Privacy Policy to implement its obligations under the law, including arising from the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR). The policy primarily contains information that, according to the regulations, needs to be provided by the personal data controller to the person whose data he processes. For this reason, in the Policy you will find information about the legal basis for the processing of personal data, how it is collected and used, as well as about the related rights of data subjects. TC uses the provided personal data for the purposes set out in this document or for other purposes that are indicated each time at the time of their transfer to TC. When collecting and using your personal data, TC is diligent to maintain transparency regarding the basis and manner of processing personal data.

Explanation of terms

Whenever this Privacy Policy refers to:

  • personal data – it means any information about an identifiable natural person, including a natural person conducting business activity,
  • controller – it means an entity that sets the purposes and methods of processing personal data,
  • processing entity (processor) – it means an entity that processes personal data on behalf of the controller,
  • data subject – it means a natural person identifiable on the basis of personal data made available to the controller,
  • data processing – it means any activity on personal data, regardless of whether it is performed in an automated manner or not, e.g. collecting, storing, recording, organizing, modifying, viewing, using, sharing, limiting, deleting or destroying,
  • recipient – it means a natural or legal person, public authorities, entities or other entities to which personal data is disclosed.

When does this Privacy Policy apply?

This Privacy Policy applies only in cases where TC is the controller of your personal data and processes it. This applies both to the case in which TC processes personal data that TC has obtained directly from the data subject, as well as the case in which TC has obtained personal data from other sources. In both cases, TC fulfills its reporting obligations set out in art. 13 and art. 14 GDPR in accordance with these provisions.

This policy does not apply to the situation when TC processes your data only as a processing entity (processor) – i.e., for example, in the scope of data of debtors entrusted to TC for processing by their creditors, who are TC customers, for the purpose of providing debt recovery services by TC to creditors (in these situations creditors are personal data controllers).

As a personal data processor, TC informs that it acts as a personal data controller, i.e. as an entity deciding on the purpose and method of data processing, in relation to:
1) personal data of natural persons in the scope of performance of the agreement concluded with them (Agreement for the provision of debt recovery services, Agreement for the provision of invoice financing services, Agreement for the provision of factoring services or another agreement which subject is the provision of services by TC to those persons),
2) personal data of natural persons from whom TC purchased the debt as a result of the assignment of the debt,
3) data of natural persons who have consented to the processing of their data.

On the other hand, in the scope of personal data of debtors (as part of the debt collection service) and contractors (as part of the factoring service up to the assignment of receivables), TC acts as a processing entity (processor). You remain the controller of this personal data. The rules for entrusting data processing are set out in the General Terms and Conditions for Providing Debt Recovery Services available on our website (regarding data entrusted by you to TC in connection with the ordering of debt recovery services) and the document Entrustment for the processing of personal data (regarding data entrusted at the stage preceding conclusion of the assignment agreement under factoring).

Below we indicate TC data as the controller of personal data:

Transcash.eu Spółka Akcyjna, with its registered office in Wysoka, address: ul. Chabrowa 4, 52-200 Wysoka, entered in the Register of Entrepreneurs of the National Court Register kept by the District Court for Wrocław-Fabryczna in Wrocław, VI Commercial Department of the National Court Register under the number 0000626049, NIP: 8971714717

Transcash.eu S.A. has appointed a Data Protection Officer who can be contacted at: iod@transcash.eu

The purposes and legal grounds for processing personal data and the periods of their storage by TC

Your personal data may be processed by TC:

  • in order to carry out preparations for concluding with you a debt recovery agreement, a factoring service agreement or an assignment of debt agreement (including consideration of a debt sale offer submitted by you) – pursuant to art. 6 par. 1 lit. b) of the GDPR, i.e. when it is necessary to take action at your request before the conclusion of the agreement (data is stored by TC until the end of these activities or until the conclusion of the agreement),
  • in order for TC to perform the agreement concluded with you (including, i.a., agreement regarding debt recovery, factoring or assignment of debt) – pursuant to art. 6 par. 1 lit. b) of the GDPR, i.e. when it is necessary to perform the agreement concluded with you (data is stored by TC for the duration of the agreement, settlements after its termination, and then the limitation period of any claims arising from its title),
  • in order to possibly determine and pursue claims or defend itself against them – pursuant to art. 6 par. 1 lit. f) of the GDPR, i.e. when the legal basis for processing is the legitimate interest of TC in protecting its rights (the data is stored by TC until the limitation of claims of TC arising from the agreement – the limitation period is determined by law, in particular the Civil Code),
  • for analytical and statistical purposes – pursuant to art. 6 par. 1 lit. f) of the GDPR, i.e. when the legal basis for processing is the legitimate interest of TC – improving the quality of services and adapting them to the needs of customers (data is stored by TC for a period of 3 years from the date of termination of the agreement or from the event causing such processing),
  • for direct marketing purposes – pursuant to art. 6 par. 1 lit. f) of the GDPR, i.e. when the legal basis for processing is TC’s legitimate interest consisting in the controller’s right to process personal data for direct marketing purposes in motif 47 of the GDPR (data is stored by TC until the data subject expresses effective objection).
  • for other types of marketing – pursuant to art. 6 par. 1 lit. a) of the GDPR, i.e. based on your consent (data is stored by TC until the data subject withdraws his consent for further processing of his data for this purpose),
  • in order to fulfil the obligations provided for by law (including, for example, accounting, tax) – pursuant to art. 6 par. 1 lit. c) of the GDPR. (data are processed by TC for the period required by the provisions of the law, i.e. Enforcing on the data controller storagage of accounts until the time of expiry of tax liability).

Your personal data are processed by TC, among others, in relation to servicing the concluded agreements for the time necessary to realize services and for the time in which pursuing claims related to the provided services is possible. Your data may be stored by TC also for the purposes of preventing abuses and frauds, for statistical and archiving purposes for the period of 3 years from teh date of agreement expiry or from an event causing the nessity of such processing. Should a consent constitute the basis of data processing, such data shall be used by TC until the time of its withdrawal. For the period of 5 years counted from the date of withdrawal of such a consent for the processing of data, TC may however store data in a limited scope for the purpose of confirming compliance of the processing of such data with the provisions of GRDP, unless TC, as data controller, based on other legal bases is obliged to process your data for a longer period of time. At the same time, for the purpose of settllements, TC shall store data for the period in which TC is obliged to maintain data or documents that contain such data in order to document execution of its legal obligaitons, including enabling inspections of ther execution by public authorities.

Volunatariness of submission of personal data

Submission of personal data in the above stated purposes is of voluntary nature, however, their non-submission may result in failure to conclude agreement between you and TC (i.e. In case when it is necessary to fill out the form by entering your personal data).

Rights of person whose data are processed by TC as personal data controller

In case when TC processes your personal data as their controller, you are entitled to:
– access your data and obtain their copies,
– adjust (correct) your data,
– remove data, limit their processing,

– submit an objection against their processing (including profiling),
– transfer data,
– submit complaints to hte supervisory organ,
– withdraw consent for the processing of personal data should the processing of such data occur pursuant to the granted consent (Article 6, sec. 1 letter f of GRDP)

Information on recepients and categories of personal data recipeinets

Your personal data may be disclosed:

  • To subjects related to TC, that is Trans.eu Group S.A. Company or other companies from the capital group Trans.eu,
  • other users of the Trans.eu Platform maintained by the company Trans.eu Group S.A.,
  • authorized personnel or contractors of TC, including entities providing selected services towards TC (accounting services, marketing, IT services, entities servicing electronic payments – in such scope as it is necessary for the provision of these services),
  • business partners of TC (entities supporting our services).

Obtaining debtors’ data (contractors) in case of obtaining recevaibles by TC

TC conducts factoring activity in the framework of which it purchases debts. As a result of concluding assignment agreement and debt purchase agreement, TC becomes the controller of debtor’s data submtted to TC by the assignor (person selling debts to TC) in order to enable efficient sale of debts. Such data cover contact data of a debtor accessible thorugh Central Registration and Information on Business and debt-related data from invoices (invoice number, issuance date, payment term, amount). The source of obtaining such data is the documentation submitted to TC by the assignor pursuant to conclusion of assignment agreement (offer of sale of debts/application for invoice financing) and documentation necessary for the indication of existnace of the sold debt (transport order/ transport agreement, transport document confirming conduct of service and VAT invoice issued by the assignor to the debtor). In case of obtaining debts, the debtor is notified of the change to creditor and of processing of his personal data by TC as data controller.

Automated making of decisions and profiling

In the scope necessary for conclusion or conduct of agreement with TC, your personal data may be processed in an automated manner, which may be related to an automated making of decisions, including profiling, which may evoke legal effects towards you or impact your situation in another significant manner. Such type of cases may occur as an element of the process of quotations in order to establish possibilitites of submitting offers for conclusion of agreement for factoring service provision. Data submitted by you in forms available on the websites https://transcash.eu, https://transfactor.eu i https://transinkasso.eu, as well as data concerning the so far history of cooperaton between TC and the client, should we have such data at disposal, including data regarding the history of debt-recovery orders carried out at the order and/or towards you may be subjected to an automated analysis, further to generally accessible data originating from the state registers, data from credit information agencies and debt exchange base maintained by TC. Within the process of assessing the possibilities of submitting an offer of conclusion of agreement, statistical models are applied, as a result of which your creditworthiness and credibility towards entering into committments with TC. In case of revealing through this lack or insufficient creditworthiness or credibililty to enter into a given committment, TC will refuse to conclude an agreement and provision of service to you.

Declaration concerning Privacy Policy

The hereby Privacy Policy has come into force on 25/05/2018. TC reserves the right to amend the hereby Privacy Policy should this turn out to be necessary as a result of introducing modifications in our policy, management, right or jurisdiction. Any amendments shall be binding from the date of their publication on the website https://transcash.eu/polityka-prywatnosci/ along with an indication of the date of their entry into force.

Contact data

Should you have any questions or concerns regarding the Privacy Policy, as well as should you wish to avail of the rights of receipient of data which TC processes as contoller (that is the right to access one’s data or obtain their copy, adjust/correct, remove data, limit data processing, submit an objection towards data processing, including proliling, transfer of data, withdrawal of consent for personal data processing) please contact us through email at info@transcash.eu or write to us to the following address: Transcash.eu S.A., ul. Chabrowa 4, 52-200 Wysoka.

 

II. COOKIES POLICY

Privacy Statement

The hereby appendix regulates the policy applied by Transcash.eu S.A. with its seat in Wysoka, ul. Chabrowa 4, 52-200 Wysoka, entered into the register of entrepreneurs of the National Court Register, maintained by the District Court for Wrocław-Fabryczna in Wrocław, VI Economic Department of the National Court Register under the number 0000626049, NIP: 8971714717 (hereinafter: Controller) and its subcontractors and related entities, in the scope of protection of personal data of Users and information which might constitute secrecy of Users in the enterprise.

The hereby policy refers to the services offered by the Controller on the following websites https://transcash.eu/, https://pl.transinkasso.eu/, https://transfactor.eu/ and on the forms belonging to Transcash.eu, available on the platform Trans.eu (www.trans.eu).

Cookies files

The Controller applies the so-called “cookie” files in order to track User visits and save their preferences, such as language and log in data. Since it is possible to switch off cookie files in the internet browser, one may be prevented from availing of all products and services.

Data in Google Analytics

Traffic on the websites of the Controller is monitored by the analytical system Google Analytics, the objective of which is to gather data on the manner of using the websites and their popularity. Such data include, among others, used browsers or IP addresses. These shall never be disclosed to any third parties.

Storing data

In order to avail of the services and products offered by the Controller, one must register an account on the Platform Trans.eu or via contact form, available on the websites of the Controller, this is https://transcash.eu/, https://pl.transinkasso.eu/ i https://transfactor.eu/. During registration one ought to indicate the following data: first name and surname, email address, gender, date of birth. One may also disclose data concerning preferences and professional qualificaitons. These data are gathered also passively, that is through the operations of the website (i.e. IP address, resolution, location, type of browser).

Use of data

Contact information will be used solely for the purpose:

  • necessary for the execution of agreement concluded between the User and the Controller
  • granting answers to the asked questions/complaiint,
  • enabling establishing contact between Users for the purpose of negotiating/concluding agreement/order,
  • sending of our information brochure concerning changes in the software, Terms and Conditions etc.
  • passing of information concerning the product, should the user be interested in same..

Storing of personal data may also be used by the Controller for the purpose of sending to the User, pursuant to their consent expressed in accordacne with hte provisions of the Terms and Conditions, information regarding current and future products and services. Such information will be sent by means of hte Trans communicator or email in the form of information campaigns or advertisements. The user may however unsubcribe from obtaining such informaiton, by sending a message to the address info@transcash.eu (so-called withdrawal of consent for obtaining commercial information). Having withdrawn consent for obtaining commercial information these may continue to be sent to the user as informaiton builletin, concerning changes in the software, Terms and Conditions etc.

Disclosure of data to third parties

We reserve the right to disclose personal data of users to our related entities and subsidiaries of hte Controller as well as to subcontractors in the scope necessary for their execution of agreements for service provision. The Controller maintains due dilligence upon transferring data and applies such means and protections that prevent access to data by unauthorized persons (among others, SSL, connection encryption).

Without user consent personal data will not be disclosed to any third parties, with the exception of the circumstances in which the handover occurs as a result of legally justified demand of an authorized entitiy (among others: law enforcement body or justice authority).

Access to data

The uer is entitled to view, correct or object to the use of his or her personal data. Upon obtaining a written demand and a document confirming idenity of a User, the Controller corrects or removes personal data of that User from the database. The Controller will make all justified efforts in order to fulfil the demands of users concerning removal of personal data, unless these data must be retained on account of the law in place or in line with hte law for business purposes. The Controller enables correcting the majority of personal data in the framework of equal functions offered under the service Trans (i.e. Autonomously through editing an account or by means of a consultant).

Safety

In order to ensure safety, the Controller:

  • Applies SSL encryption,
  • enables access to the account solely after entering the correct login and password (it is recommended that passwords conssiting as a minimum of 6 characters, containing small and capital letters, special characters and digits are applied), which should be kept in secrecy by users,
  • Methods of storage, collection and processing of information, including physical means of safety are controlled in order to protect against an unauthorized access to the system,
  • Access to personal data is granted solely to employees, contractors and representatives who must be authorized to such access in order to process them for the needs of the Controller. Furthermore, pursuant to the agreement they are obliged to maintain strict secrecy and in case of failure to fulfil these obligations they may be subjected to consequences, including termination of cooperation.

Declaration concerning Cookie Policy

The hereby Cookie Policy has come into force on 25/05/2018. The Controller reserves the right to amend the hereby Cookie Policy should this turn out to be necessary as a result of introducing modifications in our policy, management, right or jurisdiction. Amendments shall become valid on the date of their publication on the website.