Personal data protection and information security have always been prioritized in the activities of Raben Management Services Sp. zoo. and operational companies of Raben Group, as well as in the entire capital group (hereinafter referred to as: “Raben Group”). Being a responsible organisation aware that information has a specific value and it constitutes a resource which requires appropriate protection, it is important for us to keep you informed about matters related to personal data processing, particularly in the light of the new personal data protection regulation, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). For this reason, this document presents key information on the legal grounds for the processing of personal data, methods of their collection and use, as well as the rights of data subjects.
II. Raben Group
In the understanding of this Policy, Raben Group companies are:
- Raben Group N.V. with the registered office in Oss in the Netherlands, Raben Group Intelectual Properties B.V. with the registered office in Oss in the Netherlands, or Cougar Investments Holding B.V. with the registered office in Oss in the Netherlands, as well as
- each company - seated both in Poland and abroad - in relation to which Raben Group N.V., Raben Group Intelectual Properties B.V. or Cougar Investments Holding B.V. (separately or jointly) is the “dominant entity” in the understanding of the Polish Accounting Act dated September 29, 1994, (consolidated text Journal of Law 2009, No. 152, item 1223).
Raben Group companies in the understanding of this Policy are also companies which will be established in the future and which will meet at least one of the conditions stipulated in point 1) or point 2).
- Raben Management Services Sp. z o.o. with its registered office in Robakowo, ul. Zbożowa 1, 62-023 Robakowo
- Raben Logistics Polska Sp. z o.o. with its registered office in Robakowo, ul. Zbożowa 1, 62-023 Robakowo
- Fresh Logistics Polska Sp. z o.o. with its registered office in Robakowo, ul. Zbożowa 1, 62-023 Robakowo
- Raben East Sp. z o.o. with its registered office in Robakowo, ul. Zbożowa 1, 62-023 Robakowo
- Raben Transport Sp. z o.o. with its registered office in Gądki, ul. Poznańska 71, 62-023 Gądki;
- Raben Real Estate Poland Sp. z o.o. with its registered office in Robakowo, ul. Zbożowa 1, 62-023 Robakowo
At the same time, please be advised that Raben Group companies, which operate in the form of a capital group, to achieve business objectives and ensure the highest standards of services, including customer service, collectively set goals and means of personal data processing and pursuant to art. 26 of the GDPR, jointly control personal data in accordance with the principles described hereinbelow.
Raben Group has appointed a company acting as a Shared Services Centre - Raben Management Services Sp. z o. o., which manages HR and payroll processes, marketing processes (including the management of database of journalists cooperating with Raben Group and company accounts on social networks), IT (including IT systems where personal data are collected, of contractors, drivers, consignees, etc.), security incidents, as well as coordinates employee recruitment and risk analysis processes for all other companies. The company also operates the website www.raben-group.com, and therefore it coordinates the processing of personal data sent through the forms available on the website (e.g. the contact form, Raben Group newsletter).
Companies Raben Logistics Polska Sp. z o.o., Fresh Logistics Polska Sp. z o.o., Raben Transport Sp. z o.o., Raben East Sp. z o.o. offer transport and logistics services (“Operational Companies”). Each of the entities has its own specialization, but together they offer customers a comprehensive logistic offer, which allows for meeting expectations of even the most demanding customers.
The Operational Companies actively cooperate with each other in the scope of selected processes in order to optimize costs as well as management and administrative processes. They often use shared infrastructure (shared buildings), which includes shared regulation of the flow of people and goods (protection of persons and property). In case of individual contracts with contractors, cooperation is established between an external entity and several or all of Raben Group companies (in which case, they can be represented by Raben Management Services Sp. o.o.).
Carriers and drivers are offered cooperation with all Operational Companies, which allows for more efficient use of transport capacity.
Operational Companies individually implement processes related to the service of trainees and interns, temporary employees. In line with their own needs, they recruit employees. At the same time, in the case of explicit consent of the candidate, they also enable them to participate in future recruitment processes within Raben Group.
Safety is important. As part of the SHE program (Safety, Health and Environment), Raben Group identifies and explains incidents which may lead to accidents. Therefore, a form was made available on the Raben Group website, through which any person who noticed a potentially dangerous incident or a behaviour incompatible with the Raben Group's Code of Ethics is able report it. In order to explain its causes, Raben Management Services Sp. z o.o., together with the Company / Companies the incident concerns, process personal data of the reporting person for the purpose of contact and explaining all the relevant circumstances.
Flow of personal data between individual companies is the consequence of the relations between them within Raben Group and the need to centralise the management of individual processes. In no way does it breach legal regulations.
Within individual operations of personal data processing, the company that manages or coordinates a particular process, is obligated to fulfil the information obligation towards the data subject, it is also responsible for executing the rights of persons, whose data are being processed.
IV. Contact point
We have appointed a Data Protection Officer. It is a person you can contact in all matters relating to the processing of personal data and exercising the rights related to data processing. Contact details of the Data Protection Officer are available on the website: https://polska.raben-group.com/nasza-odpowiedzialnosc/bezpieczenstwo-informacji/.
V. Scope, methods and purposes of data processing
We want to be transparent in terms of methods ways and legal grounds for personal data processing, as well as the purposes for which we process personal data. In order to make our explanation of these issues as clear as possible, we present the following list of personal data processing operations.
At the same time, we would like to assure you that whenever we process personal data based on the legitimate interest of the controller, we try to analyse and balance our interest and the potential impact on the data subject (positive and negative) as well as the rights of that person. We do not process personal data when we come to the conclusion that the impact on the data subject would prevail over our interests, unless we have a different legal ground, e.g. we have the appropriate consent or it is required and permitted by the provisions of law.
V.1. Processing of personal data of people who visit websites run by Raben Group or use services provided electronically
1. General Information
Natural persons who visit our websites or use the services we provide electronically have control over the personal data they provide to us, and we ensure that the collection and use of information about users is limited to the minimum necessary to provide services to them on the expected level.
2. Log files
Each time the website is called, our system automatically collects data and information from the computer system of the computer which opens the page. The following data are collected:
1) information about the type and version of the used browser,
2) user's operating system,
3) user's IP address,
4) date and time of calling the page,
5) websites from which the user's system moved to our website (the so-called referrer),
6) websites which were called by the user's system through our website.
The data are also saved in the log files of our system. Recording of the data along with other personal data of the user does not take place. The data cannot be used to identify a specific person because the IP address is masked. The data are also recorded and processed in log files to analyse errors and for statistical purposes.
Temporary saving of the IP address by the system is necessary to make the website available to the user's computer. For this purpose, the user's IP address must be saved for the duration of the session. Saving in log files is intended to ensure the functionality of the website. In addition, the data are used to optimize the website and to ensure the security of our information systems. Data analysis for marketing purposes therefore does not take place.
To a limited extent, we may collect personal data automatically via cookies located on our websites. A cookie is a small file containing information data recorded and stored on a computer, tablet or a smartphone, used for accessing websites. Cookies usually contain the name of the site where they originate from, duration of their storage on the device and their unique number.
Cookies are used for the following purposes:
- adjusting the website to the user preferences and optimising the use of websites;
- personalising the content displayed for the specific user of the service;
- building statistics which explain how Internet services are used by users, which allows for improving their structure and the content;
- sustaining the user's session (after logging in), which allows for bypassing the necessity of logging in on each sub-page of the service;
- optimising the advertising and marketing offer to the specific user of the website.
There are three major types of cookies: "session", "persistent" and "third party" cookies.
Session cookies are temporary files stored on the user's computer, tablet or smartphone until logging out, leaving the page or closing the web browser, and they are used to offer services which require verification within a particular website.
Persistent cookies are stored on the computer, tablet or smartphone for the duration defined in the parameters of the cookie, or until they are deleted by the user, and they are used to remember the settings selected by the user and to personalise the interface.
Third party cookies allow for gathering information about how websites are used and for delivering advertising content to the users, which is optimally adjusted to their interests.
Personal data collected via cookies are encrypted so as to prevent undesired and unauthorised persons from accessing them. They are collected for the sole purpose of performing specific functions for the user.
Using our website without using cookies is possible, however in individual cases certain limitations in functionalities of the website may appear while browsing.
Detailed information about the possibilities and methods of supporting cookies is available in the settings of internet browsers.
In order to analyse the user behaviour we use Google Analytics, a web analytics and reporting software by Google Inc. ("Google"). However, we have requested Google to make your IP address anonymous before analysing user behaviours in the web. We have introduced certain lines to the program code of Google Analytics.
As we have requested making IP addresses anonymous, your IP address is cut to the EU Member States or other European Economic Area states before it is sent to the Google server in the USA. Your full IP address may be sent to the Google server in the USA and abbreviated there only in some exceptional circumstances beyond our control. At our request Google will use the above information to evaluate how our website is used, generate site activity reports and provide us with other services connected with the use of the website and the Internet. Your IP address provided by your web browser to Google Analytics is in no way connected to other Google data.
We would like you to note that you can prevent Google from recording and processing the data from (Google) cookies concerning your website use (including your IP address) as well as processing these data by Google, if you download and install a special browser plug-in available at tools.google.com/dlpage/gaoptout .
4. Online applications and forms
Our website offers various possibilities of contacting us. Apart from contact forms, we also use application forms regarding employment and cooperation, as well as notification forms and subscriptions to our newsletter. The use of the aforementioned forms usually requires you to provide your personal data. These data are processed only within and for the purpose for which they were provided and with your explicit consent.
If you have agreed to receive our Newsletter to your e-mail address, you can always revoke your consent by unsubscribing from the Subscribers list by clicking on the opt-out link at the bottom of each Newsletter.
6. Using Social Plug-ins
On www.raben-group.com website, we use Social Plug-ins ("Plug-ins") of the Facebook social network, which is the property of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, the USA ("Facebook"). The Plug-ins are marked with the Facebook logo and the statement "Facebook Social Plug-in". The list of our Facebook plug-ins and their images are available here: developers.facebook.com/plugins. If you open one of our pages which contains the plug-in, your browser will automatically connect to the Facebook servers. At the same time personal data are sent to Facebook (currently they are:the IP, the date and time, viewed website/name of the viewed URL and cookie-ID). According to our knowledge, data processing takes place in the USA. Facebook may combine these data with other information they possess about your person. Being the administrator of the website, we do not have any knowledge about the exact course of processing your data by Facebook. For more information about processing of your personal data by Facebook, please read the provisions of Personal Information Policy of Facebook http://www.facebook.com/about/privacy/).
7. Google +1 button
Thanks to the Google +1 button, clients receive personalised information from Google and the partners. Google stores information defined by the client as +1 content as well as the information about the website the client visits using the +1 button. The +1 information may be displayed together with the name of the client's profile and their picture in Google services, e.g. in search results and in the Google profile, as well as in other locations on the web and in Internet announcements.
Google records information concerning +1 activities in order to improve Google services. In order to use the Google +1 button, the client must have the globally visible, public Google profile, which contains at least the name selected for this profile. This name is used by all Google services. In some cases this name may replace another name used for co-sharing the content via Google account. Users who know the electronic mail address of a specific person, or who possess other information which allow for the identification, may obtain information concerning the identity of a specific Google profile.
The photographs and icons presented on the website are the property of Raben Group or originate from photo banks such as Fotolia, Thinkphoto, Dreamstime, Getty Image, or they have been purchased from agencies as the content of the site. Detailed information is available here. Some icons used on the website originated from the website modernuiicons.com by Austin Andrews (http://templarian.com/).
V.2. Processing of personal data of persons contacting Raben Group in order to obtain information about the offer or to share comments regarding services, as well as making contact for the purpose of concluding a contract
We collect the following personal data from natural persons who contact us in order to obtain information about the offer or share comments about our services, as well as those who contact us to conclude a contract: name and surname, position, e-mail address and telephone number. In particular, these persons can send us an e-mail via the website. Such messages contain the set user's name and e-mail address, as well as additional information that the user wishes to include in the message.
We ask you not to provide information on special categories of personal data listed in Article 9 (1) of the GDPR (information on racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data concerning physical or mental health, genetic data, biometric data, data concerning a natural person's sex life or sexual orientation and the criminal past). If you provide such information for any reason, it will mean your express consent to collecting and using such data by us as set out herein or as set out in the location where the data were disclosed.
V.3. Processing personal data of customers and potential customers
Raben Group processes personal data of its customers and potential customers. These data may also include contact details for customers and potential customers (their employees). Personal data of this type are processed in IT systems used by Raben Group, including the CRM system. Personal data processed for these purposes include, but are not limited to: name and surname, employer name, contact person's position, telephone number, e-mail address or other business contact details.
V.4. Processing personal data of end users of online tools
In a situation where we provide customers with specific products or services online (via the Internet), we process personal data of end users of such products and services. Please note that the information on cookies and access logs we have provided above is also applicable to the processing of natural persons who use products or services offered online.
V.5. Processing personal data of transport participants
Raben Group processes personal data of transport participants, the information clause for this group of people can be found at: polska.raben-group.com/nasza-odpowiedzialnosc/bezpieczenstwo-informacji/strefa-odbiorcy/
V.6 Processing data of persons visiting the Raben Group fanpage
Raben Group and Facebook are the joint controllers of data of the Users who have liked the Raben Group fanpage, available at: https://www.facebook.com/RabenGroupOfficial/ . As a result, Raben Group, as the Fanpage Administrator, may obtain anonymous statistical data on persons visiting the website using the function provided by Facebook. These data are collected thanks to cookie files, each of whom contains a unique user code (they are active for two years and saved by Facebook on the computer hard drive or on any other data carrier of the people visiting the fanpage). The user code that can be linked to the user connection data registered on Facebook is downloaded and processed when the fanpage is opened. Although they are anonymous data, Raben Group may ask Facebook to process them in the field of:
- demographic data (including trends in age, gender, marital status and professional status),
- information about lifestyle and interests,
- geographic data which allow for determining where to conduct special promotions or organize events, how to best target the information offer.
At the same time, the data of persons who liked the Raben Group fanpage can be processed in an non-anonymised form in the case of:
- Communication with Raben Group via Messenger available on Facebook,
- Commenting posts made available on the Raben Group fanpage,
- Participation in various promotional campaigns, contests - in this case, the processing will be carried out on the basis of the User's explicit consent, in accordance with the rules and regulations of the particular campaign.
Under no circumstances will the data of persons who like the Raben Group fanpage be used for a purpose other than the one for which they were submitted. Their processing will be carried out exclusively on Facebook and in accordance with the general terms and conditions of using the portal.
We want our fanpage to be a place for exchange of opinions and experiences, where Users will be able to communicate while maintaining the principles of personal culture and mutual respect. Therefore, please respect the following rules:
- We do not tolerate hate speech or content of a racist, homophobic, sexist, pornographic, vulgar nature, insulting other religions, beliefs or nations.
- We do not tolerate breaking the law, acting in violation of applicable laws, infringing the rights of third parties, including copyrights and intellectual property rights.
- Please pay special attention to information posted in the comments on posts. Fanpage is a public place, therefore providing data by the Users, such as a PESEL number, ID card number, telephone number or authorization data (login, password) may involve negative consequences for the User who publicizes this type of information.
We reserve the right to delete or hide entries break break the aforesaid rules.
Additional information about electronic correspondence
If you wish to write an electronic mail to us, please be advised that unencrypted e-mail messages which are sent via the Internet are not accurately protected against access of third parties.
VI. Legal grounds for processing
1. Processing of personal data of people who visit websites run by Raben Group or use services provided electronically, or who publish content of the Raben Group fanpage in social networks, is based on different legal grounds of processing depending on the category of personal data which we process and the purpose of processing. We process personal data of persons who visit our websites on the basis of the legitimate interest of the data controller or on the basis of a consent if we have asked the data subject to provide such a consent. We process the data of persons who complete the online / contact form, because it is necessary for the purpose of performing the contract or taking action to concludes this contract, at the request of the person providing their data. The data of persons visiting our fanpage are processed in accordance with the rules of using Facebook, based on the User's consent.
Sometimes the law requires us to process certain personal data for tax and accounting purposes.
2. Processing of personal data of persons contacting Raben Group in order to obtain information about the offer or to share comments regarding services, as making contact for the purpose of concluding a contract is based on the consent expressed by the user addressing the above request to Raben Group or in order to perform the contract (complying with the request) submitted by a given person. The provided data may also be processed based on the legitimate purpose of the data controller.
3. Processing of personal data of natural persons who are our customers is based on:
a) legitimate interest of a Raben Group company as a data controller (e.g. in the area of database creation, analytical activities, including activities regarding product use analysis, direct marketing of own products, securing documentation for defence against potential claims or for the purpose of exercising claims);
b) a consent (including, in particular, consent to e-mail marketing or telemarketing).
c) performance of the concluded contract
d) obligations arising from the law (e.g. tax law or accounting regulations).
4. Processing of personal data of natural persons who are potential customers is based on:
a) legitimate interest of a Raben Group company as a data controller (especially in the area of creating a database, direct marketing of own products);
b) a consent (including, in particular, consent to e-mail marketing or telemarketing).
5. If the end users are also customers of Raben Group, the legal grounds for processing their data are the same as for Raben Group customers described hereinabove. If, however, they are not customers, the legal grounds for processing their personal data depends on the situation and the type of personal data or the consent of a natural person (including in particular consent to e-mail marketing or telemarketing), or the legitimate interest of Raben Group as a data controller (e.g. in the scope of providing a service ordered by the customer, within the scope of analytical and profiling activities, including activities regarding the analysis of the use of products, direct marketing of own products, securing documentation for the purposes of defence against potential claims or for the purpose of exercising claims).
6. Legal grounds for processing personal data of transport participants are described at: https://polska.raben-group.com/nasza-odpowiedzialnosc/bezpieczenstwo-informacji/strefa-odbiorcy/
VII. Duration of data processing
The time during which we can process personal data depends on the legal grounds which constitutes a legal premise for personal data processing by Raben Group. Accordingly, please be advised that if Raben Group processes personal data based on:
1. a consent, the period of processing lasts until the data subject revokes the consent or the completion of the processing purpose;
2. a legitimate interest of the controller, the period of processing lasts until the abovementioned interest (e.g. the period of limitation of civil claims) ceases to exist, or until the the data subject objects to further such processing - in situations where such an objection is in accordance with the law;
3. applicable legal regulations, the periods of processing for this purpose are set out by these regulations;
In the absence of specific legal or contractual requirements, the basic period of data storage in the case of subscriptions and other documentary evidence drawn up during the performance of the contract is maximum 10 years.
VIII. Recipients of data
We provide your personal data to other entities based on the requirements of the law or in connection with pursuing the purpose for which they were provided to us. At the same time, we declare that we only use the services of verified entities known on the local market and guaranteeing the security of your data. Contracts under which we entrust the processing of personal data contain provisions about the protection measures required by us, ensuring confidentiality, integrity and availability of the data transferred.
We may transfer your personal data to companies or other reliable business partners who provide services on our behalf, for example to provide technical support to assess the suitability of the website for marketing purposes or other types of providing the service. Your personal data are transferred to these entities and other third parties only if it is necessary to perform the services you have requested or which you have authorized, to protect you and our rights, property or safety, or if we are obligated to do so under applicable laws, court orders or regulations of the other authorities, or if the disclosure of personal data is otherwise necessary to support legal or criminal arrangements or a lawsuit.
In connection with the above, we indicate that the recipients of personal data that Raben Group processes as a data controller may be:
- the aforesaid entities processing personal data under personal data processing contracts (the so-called processors),
- entities providing hosting services,
- subcontractors of Raben Group companies providing services of software provision, maintenance of software or hardware which we use, as well as providers of service we use
- entities providing services in the field of questionnaire surveys,
- debt collection companies,
- auditors and statutory auditors, legal advisers, tax advisers,
- law enforcement authorities, regulatory authorities and other public administration bodies.
IX. Rights connected with personal data processing
Natural persons have specific rights regarding their personal data, and Raben Group companies as data controllers are responsible for exercising these rights in accordance with the applicable law. In case of any questions or requests regarding the scope of and exercising the rights, as well as to contact us in order to exercise a specific right in the field of personal data protection, please contact our Data Protection Officer. We reserve the right to exercise the following rights after successfully verifying the identity of the person applying for the performance of a specific action.
You have the following rights connected with personal data processing:
1. right to revoke the consent to data processing, if we process your personal data on the basis of your consent,
2. right to access your personal data,
3. right to rectify your personal data,
4. right to demand erasure of your personal data,
5. right to restrict processing your personal data,
6. right to object to processing of your data due to your special situation - in cases when we process your data based on our legitimate interest,
7. the right to portability of your personal data, i.e. the right to receive your personal data from us, in a structured, commonly used, machine readable format. You can send these data to another data controller or request us to transfer your data to another controller on your behalf. However, we will do this only if such a transfer is technically possible. You have the right to personal data portability only with reference to the data which we process on the basis of a contract concluded with you or on the basis of your consent;
8. right to lodge a complaint with the supervisory authority responsible for personal data protection, i.e. the President of the Personal Data Protection Office.
If the basis for processing is consent, you have the right to revoke it at any time.
The last update of the document was on May 25, 2018.