Privacy policy

I. INTRODUCTION AND SCOPE OF APPLICATION

Personal data protection and information security have always been a priority at Raben Group. Being a responsible organisation aware that information has a specific value and it constitutes a resource which requires appropriate protection, it is important for us to keep you informed about matters related to personal data processing, particularly in the light of the personal data protection regulations, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR). For this reason, this privacy policy (hereinafter referred to as the “Policy”) presents key information related to the processing of personal data by the Ukrainian company of Raben Group, i.e.:

RABEN UKRAINE LLC, with its registered office in: 150 Brovarska str., Velyka Dymerka, Brovarskiy district, Kyiv region, 07442, Ukraine.

This Policy applies to all cases in which Ukrainian company of Raben Group are controllers of data and process them. Therefore, as part of the Policy, we present both information on the processing of personal data in connection with the use of our website https://ukraine.raben-group.com/ and social media sites as well as detailed information clauses concerning processing of personal data by the Ukrainian company of Raben Group outside these channels.

In this document you will also find detailed information regarding situations when the Ukrainian company of Raben Group jointly control personal data with other companies of Raben Group (in particular the list of companies covered by joint controllership, information about the point of contact and indication of the purposes of processing covered by joint controllership).

Privacy policies for Raben Group companies having their registered office in a country other than Ukraine are located in separate tabs of the website dedicated to each country.

II. GENERAL INFORMATION

The Ukrainian company of Raben Group pay special attention to the issue of correct, lawful processing of personal data. We inform individuals about the legal basis for processing of their personal data, the ways in which they are collected and used, as well as the rights of data subjects in relation to it, through numerous communication channels, including in particular this Policy.

The Ukrainian company of Raben Group ensure transparency in the processing of personal data and report on the processing of data in a lawful and timely manner. This applies to cases where we process personal data obtained directly from the data subject, as well as cases in which we obtained personal data from other sources. As part of the detailed information clauses, we provide data subjects with the full range of information required under the provisions of Articles 13 and 14 of the GDPR.

The Ukrainian company of Raben Group ensure that data are collected only to the extent necessary to fulfil the indicated purpose and are processed only for as long as it is necessary. We strive to identify the needs for change in the area of personal data on an ongoing basis and to protect the rights and freedoms of data subjects as much as possible. In order to ensure the fairness and transparency of the processing of personal data, the Ukrainian company of Raben Group keep detailed records of the processing of personal data and, when acting as a processor, records of categories of processing activities.

When processing personal data, the Ukrainian company of Raben Group ensure their security and confidentiality and pay particular attention to the selection and verification of the technical and organisational measures used for the processing (including taking into account data protection in the design phase, conducting appropriate risk analyses and, where necessary, carrying out a data protection impact assessment). Ukrainian company of Raben Group ensures that only duly authorised persons who are obliged to keep the processed data confidential have access to the processed personal data

The Ukrainian company of Raben Group pay great attention to the appropriate selection of business partners, including taking into account the security of personal data they share with them. In the case of using the services of processors, the Ukrainian company of Raben Group carefully check whether a given provider guarantees the appropriate level of security of the entrusted personal data and verify this issue during periodic audits.

In the event that - in spite of the security measures in place - a data protection breach occurs in connection with the processing of personal data, the Ukrainian company of Raben Group will take all possible steps to identify the causes, scope and potential consequences of the breach and fulfil the resulting legal obligations, in particular those related to notifying the supervisory authority and the persons affected by the breach.

The Ukrainian company of Raben Group also pay great attention to issues related to the international transfer of personal data, including in particular the transfer of personal data to personal data processors located outside the European Economic Area (EEA).

Countries outside the EEA may not offer the same level of personal data protection as the EEA countries. Before your personal data are transferred outside the EEA, we will make every effort to ensure that such transfer does not lead to a reduction in the level of your protection guaranteed under the regulations in force in the EEA countries. If your personal data are transferred outside the EEA, the transfer will be based on an adequacy decision or on the basis of standard data protection contractual clauses adopted by the European Commission.

III. DATA PROTECTION OFFICER

The Ukrainian company of Raben Group have appointed a Data Protection Officer - Mr Vitaliy Kovalenko. He can be contacted in all matters relating to the processing of personal data and exercising the rights related to data processing:

by directing inquiries to the postal address: RABEN UKRAINE LLC, 150 Brovarska St., Brovarsky district, Brovarsky village, Kyiv region, 07442, Ukraine, marked “personal data protection”;
by directing inquiries to the e-mail address: vitaliy.kovalenko@raben-group.com

IV. EXERCISE OF THE RIGHTS OF DATA SUBJECTS

The Ukrainian company of Raben Group pay special attention to the issues related to exercising the rights of natural persons under the GDPR.

You may request to exercise your rights under the GDPR in particular by reporting them to the Data Protection Officer using the communication channels indicated in Section III of the Policy.

If we are not able to identify the natural person on the basis of the request, we will ask the applicant for additional information. It is not compulsory to provide such data, however failure to do so will result in the request not being able to be met (and consequently being refused).

The response to the request should be provided within one month of receipt. If necessary, this time limit may be extended by a further two months, of which the data controller will inform the applicant, indicating the reasons for this action.

Where the request is made electronically, the response will be provided in the same form (unless the applicant has requested a response in another form). In other cases, a response will be given in writing. Where the timing of the request makes it impossible to respond in writing and the extent of the applicant's data allows contact to be made electronically, a response will be given in this form.

The controller handling the request will keep the information about the request and the person who made the request in order to ensure that compliance can be demonstrated and to establish, exercise or defend against possible claims by data subjects. Each request is recorded in the register of requests kept by the controller concerned. This register is kept in such a way as to ensure the integrity and confidentiality of the data contained therein.

As a data subject, you have the following rights:

the right to be informed about the processing of personal data - on this basis we provide the natural person making the request with information about the processing, including in particular the purposes and legal basis for the processing, the scope of the data stored, the entities to whom they are disclosed and the planned date of data erasure;
the right to obtain a copy of the data - on this basis we provide a copy of the processed data relating to the natural person making the request;
right to rectification - we are obliged to rectify any inconsistencies or errors in the processed personal data and to complete them if they are incomplete;
the right to data erasure - on this basis, you may request the erasure of data the processing of which is no longer necessary for the fulfilment of any of the purposes for which they were collected;
the right to restrict processing - where such a request is made, we will cease to carry out operations on the personal data - with the exception of those operations to which the data subject has consented and the storage of the data, in accordance with the adopted retention rules - or until the reasons for restricting the processing cease to exist (e.g. a decision is made by the supervisory authority authorising further processing);
the right to data portability - on this basis, insofar as the data are processed by automated means in connection with a concluded agreement or granted consent, we will release the data provided by the data subject in a computer-readable format. It is also possible to request that these data be sent to another entity, provided, however, that the technical capacity exists for this on both our part and that of the designated entity;
the right to object to processing for marketing purposes - you may object to the processing of your personal data for marketing purposes at any time without having to justify your objection;
the right to object to other purposes of processing - you may object at any time - on grounds relating to your particular situation - to the processing of personal data that is carried out on the basis of our legitimate interests (e.g. for analytical or statistical purposes or for reasons relating to the protection of property); an objection in this respect should contain a justification;
the right to revoke consent - if your data are processed on the basis of your consent, you have the right to revoke it at any time, which does not, however, affect the lawfulness of the processing carried out before its revocation;
the right to lodge a complaint - in case you consider that the processing of your personal data breaches the provisions of the GDPR or other regulations concerning personal data protection, you may lodge a complaint with the authority supervising the processing of personal data, which for the Ukrainian company of Raben Group, this is the Office of the Ukrainian Parliament Commissioner for Human Rights with a registered office in Kyiv, 21/8 Instytutska St., 01008.

V. JOINT CONTROLLERSHIP OF PERSONAL DATA

In order to achieve their business objectives and ensure the highest standards of provided services, Raben Group companies may process personal data not only as independent controllers, but also as joint controllers based on a joint controller agreement concluded pursuant to Article 26(1) and (2) of the GDPR, specifying in particular the purposes of such processing

Raben Group companies, acting as Joint Controllers, jointly determine the purposes and means of processing personal data.

1. List of Joint Controller

The parties to the joint controller agreement concluded by Raben Group companies are the following companies (hereinafter referred to as the “Joint Controllers”):

Raben Management Services spółka z ograniczoną odpowiedzialnością with its registered office in Robakowo (62-023) at ul. Zbożowa 1,
Raben Trucking & Rental GmbH with its registered office in Mülheim-Kärlich (56218) Germany, Urmitzer Str. 9,
Raben ECP GmbH with its registered office in Mannheim (68219) Germany, Holländerstr. 11,
Raben Trans European Germany GmbH with its registered Mannheim (68219) Germany, Holländerstr. 11,
Raben Germany Immobilien GmbH with its registered in Mannheim (68219) Germany, Holländerstr. 11,
Raben Trans European Immobilien GmbH with its registered Mannheim (68219) Germany, Holländerstr. 11,
Raben 4PL Solutions GmbH with its registered in Mannheim (68219) Germany, Holländerstr. 11,
Raben Sea & Air GmbH with its registered in Hamburg (22113) Germany, Bredowstraße 30,
Raben Real Estate Poland spółka z ograniczoną odpowiedzialnością with its registered office in Robakowo (62-023) at ul. Zbożowa 1,
Raben Transport spółka z ograniczoną odpowiedzialnością with its registered office in Gądki (62-023) Poland, ul. Poznańska 71,
Raben East spółka z ograniczoną odpowiedzialnością with its registered office in Robakowo (62-023) at ul. Zbożowa 1,
Raben Logistics Polska spółka z ograniczoną odpowiedzialnością with its registered office in Robako (62-023) at ul. Zbożowa 1,
Fresh Logistics Polska spółka z ograniczoną odpowiedzialnością with its registered office in Robako (62-023) at ul. Zbożowa 1,
Raben Business Services spółka z ograniczoną odpowiedzialnością with its registered office in Robakowo (62-023) at ul. Zbożowa 1,
Raben Sea & Air SE with its registered office in Robakowo (62-023) at ul. Zbożowa 1,
Raben Group N.V. with its registered office in Oss (5342LW) the Netherlands, Vorstengrafdonk 81,
Raben Netherlands B.V. with its registered office in Oss (5342LW) the Netherlands, Vorstengrafdonk 81,
Ascari Investments B.V. with its registered office in Oss (5342LW) the Netherlands, Vorstengrafdonk 81,
Raben Real Estate Holding S.E. with its registered office in Oss (5342LW) the Netherlands, Vorstengrafdonk 81,
Raben Real Estate Netherlands B.V. with its registered office in Oss (5342LW) the Netherlands, Vorstengrafdonk 81,
Raben Trucking Netherlands B.V. with its registered office in Etten-Leur (4878AH) the Netherlands, Parallelweg 3,
G.J. Groep B.V. with its registered office in Etten-Leur (4878AH) the Netherlands, Parallelweg 3,
Raben Logistics Czech s.r.o. with its registered office in Nupaky (251 01) Czechia, Komerční 535,
Raben Transport s.r.o. with registered office in Kostelec (349 01) Czechia, Ostrov u Stříbra 64,
Raben Logistics Slovakia s.r.o. with its registered office in Senec (903 01) Slovakia Diaľničná cesta 10D.
Raben Sittam S.r.l., with its registered office in Cornaredo (20007) Italy, Via Monzoro 100,
Raben Trans European Hungary Kft. with its registered office in Dunaharaszti (2330) Hungary, Jedlik Ányos út 31,
Raben Real Estate Hungary Kft. with its registered office in Dunaharaszti (2330) Hungary, Jedlik Ányos út 31,
Raben Logistics Romania S.l.r. with its registered office in Dragomiresti - Deal (077096) Romania, Strada Padurii no. 26 CTPark BUCH 14,
Raben Logistics Bulgaria EOOD with its registered office in Sofia, Bulgaria, 8 Tsar Kaloyan Str., 2nd floor,
Raben Lietuva UAB with its registered office in Vilnius (LT-02120) Lithuania, Liepkalnio 85B,
Raben Baltics UAB with its registered office in Vilnius (LT-02120) Lithuania, Liepkalnio 85B,
Raben Latvia SIA with its registered office in Dreiliņi, Stopiņu pagasts, Ropažu novads (LV-2130) Latvia, Garā iela 2,
Raben Eesti OUwith its registered office in Harju maakond, Rae vald, Peetri alevik (75312) Estonia, Reti tee 4,
Raben Intertrans AE, with its registered office in Athens (18546) Greece, Agiou Dimitriou 41,
Raben Real Estate Greece MIKE with its registered office in Athens (18546) Greece, Agiou Dimitriou 41,
Raben BEXity GmbH, with its registered office in Vienna (1110) Austria, Warneckestraße 7.

2. Point of contact

The main point of contact for data subjects in all matters related to joint controllership is the Data Protection Officer of the Ukrainian company of Raben Group, who can be contacted:

by directing inquiries to the postal address: RABEN UKRAINE LLC, 150 Brovarska St., Brovarsky district, Brovarsky village, Kyiv region, 07442, Ukraine, marked “personal data protection”;
by directing inquiries to the e-mail address: vitaliy.kovalenko@raben-group.com

In addition, data subjects may, at their own discretion, contact any of the Joint Controllers directly through the communication channels indicated in point 1 above (postal address/e-mail address).

3. List of purposes of processing covered by joint controllership

Raben Group companies listed in section 1 above jointly control personal data in the following processes in pursuit of the jointly agreed objectives indicated below:

Process	Goal	Joint Controllers
Recruitment - creating databases of job applicants	Conducting the recruitment process and creating a database of job applicants	RABEN UKRAINE LLC
Recruitment - selection of job applicants (decision-making process)	Conducting the recruitment process	RABEN UKRAINE LLC jointly controls data with each individual Joint Controller (for key positions)
Recruitment - acceptance/selection of job applicants for employment by RABEN UKRAINE LLC	Conducting the recruitment process	RABEN UKRAINE LLC jointly controls data with each individual Joint Controller (for key positions)
Recruitment - future recruitments	Creating a database of job applicants	RABEN UKRAINE LLC jointly control the data
Employment - access to employee data of Raben Group companies	Human resources management according to the Group standard	RABEN UKRAINE LLC. jointly controls data with each individual Joint Controller (with respect to remuneration data)
Employment - access to employee data of Raben Group companies	Sharing a database for internal recruitment	RABEN UKRAINE LLC jointly control the data
Archiving - setting archiving rules - scope, retention, access rights	Ensuring the security of the archived data and the compliance of the archiving process with regulations	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Customer service (returns/claims) - support in the claims handling process and decision-making in claims procedures	Undertaking actions necessary for the conduct and completion of the claims handling process	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Customer service - Track & Trace	Taking the necessary measures for the correct execution of deliveries (information on the status of the shipment)	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Customer service - running the Subscription Centre	Management of information on customer consents (maintaining correct communication with customers)	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Customer service - service quality surveys	Satisfaction survey on the provided services	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Customer service - enquiries	Taking the necessary steps to conclude the agreement	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Customer service - operating forms on websites (for customer service and sale of services)	Communication with customers and potential customers	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Sale of services	Undertaking activities aimed at selling services provided by Raben Group companies	RABEN UKRAINE LLC and Joint Controllers to the extent that they provide services to customers
Customer service	Performance of concluded agreement	RABEN UKRAINE LLCand Joint Controllers to the extent that they provide services to customers
Document flow - transfer of data and financial documents	Maintaining the integrity of the accounting system and meeting legal obligations	RABEN UKRAINE LLCwith each individual Joint Controller (with respect to certain quota thresholds resulting from Corporate Governance)
Cybersecurity - security tests	Ensuring IT security	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Cybersecurity - cybersecurity incident management	Identification and resolution of security incidents	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Helpdesk - with respect to software bugs/errors	Troubleshooting the software in use	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Physical security - theft prevention	Ensuring security of goods	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Internet marketing - running FP on social media	Building Raben Group's image, promotion of the provided services	RABEN UKRAINE LLC with each individual Joint Controller who runs a separate social media profile
Internet marketing - organizing competitions on social media	Building Raben Group's image, promotion of the provided services	RABEN UKRAINE LLC with the company or companies organising the competition in question
Internet marketing - newsletter (subscription and content preparation)	Building Raben Group's image, promotion of the provided services	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Internet marketing - personalisation of offers and profiling	Building Raben Group's image, promotion of the provided services	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Occupational health and safety - activities concerning safety incidents	Prevention and management of health and safety incidents	RABEN UKRAINE LLC with each individual Joint Controller (with respect to more serious incidents)
Occupational health and safety - reporting safety incidents within the Group	Prevention and management of health and safety incidents	RABEN UKRAINE LLC with each individual Joint Controller (with respect to more serious incidents)
Legal services	Support in reviewing agreements, participation in negotiations, support in concluding agreements, support in claims processes and other activities related to legal security of Raben Group companies	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Cooperation with banks	Execution of transactions and other issues related to the conduct of activities before banks with which Raben Group companies cooperate	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller
Activities of the “managing company”	Other issues related to the direction of activities of Raben Group companies	RABEN UKRAINE LLC jointly controls the data with each individual Joint Controller

4. Essential content of the arrangements between the Joint Controllers

In fulfilment of the obligation set out in the provision of Article 26(2) of the GDPR, below we set out the essential content of the arrangements between the Joint Controllers made under the joint controller agreement:

The Joint Controller which has a decisive influence on the selection and provision of technical means for the processing of personal data, including in particular hardware and software, is Raben Management Services spółka z ograniczoną odpowiedzialnością (hereinafter referred to as “RMS”)
For the involvement of any processor in the processes covered by the joint controllership, the acceptance of this processor by RMS, which is also the entity authorised to enter into data processing agreements on behalf of all Joint Controllers, is required in each case;
Each of the Joint Controllers is responsible for implementing the information obligations under the provisions of the GDPR. The content of the information obligations is the result of joint arrangements between the Joint Controllers. The Joint Controllers are obliged to take into account the guidance provided by RMS on the content of the information obligations;
Each Joint Controller independently maintains a Register of Processing Activities and, if applicable, a Register of Categories of Processing Activities;
The Joint Controller required to conduct initial data protection risk analyses and, where necessary, data protection impact assessments is RMS. The final conclusions of the analyses should be prepared jointly by the Joint Controllers;
In the case of international transfers of personal data, in particular involving countries outside the EEA, the Joint Controllers are required to apply additional GDPR-compliant safeguards and to establish rules for informing individuals about such transfers and their responsibilities;
Each of the Joint Controllers is the entity responsible for the processing of personal data in accordance with the GDPR, including in particular the exercise of data subjects' rights;
Data subjects may request the exercise of their rights under the GDPR to any of the Joint Controllers, at their discretion and choice, in particular by notifying them through the point of contact indicated in this section;
Each of the Joint Controllers is obliged to keep a register of requests, which is stored in a manner that ensures the integrity and confidentiality of the data contained therein;
Data subjects have the right to lodge a complaint in relation to the processing with any supervisory authority of their choice with territorial jurisdiction over any of the Joint Controllers, including in particular the President of the Office for Personal Data Protection;
The Joint Controllers cooperate closely in relation to the meeting of data subjects' requests;
In the event of a breach of the protection of personal data under joint controllership, each Joint Controller is obliged to inform the other Joint Controllers of the suspected breach promptly, but no later than 24 hours after the breach is identified;
The Joint Controllers are required to participate in the investigation of an identified breach. The Joint Controller who has identified a breach is required to carry out a preliminary analysis of the risk of the breach to the rights and freedoms of the natural person affected and communicate the results to the other Joint Controllers;
Based on the results of the performed risk analysis, the Joint Controllers jointly decide on the notification of the breach to the competent supervisory authority and to the data subjects and identify the Joint Controller(s) responsible for the implementation of the aforementioned information obligations.

VI.PROCESSING OF PERSONAL DATA BY A UKRAINIAN COMPANY OF RABEN GROUP IN CONNECTION WITH THE OPERATION OF THE WEBSITE AND SOCIAL NETWORKS

1. Introduction

In order to comply with the information obligations imposed on us, below we set out the key issues relating to our processing of the personal data of the users of the website https://ukraine.raben-group.com/ (hereinafter referred to as the “Website”) as well as social media sites.

Information about the processing of personal data via websites by Raben Group companies having their registered office in a country other than Ukraine is located in separate tabs of the website dedicated to each country.

‍Natural persons who visit the Website or social media sites, or communicate about services through these channels, are in control of the personal information they provide to us, while we ensure that we limit the collection and use of your information to the minimum necessary to provide you with the level of service you expect.

We use technology on our websites to automatically collect and analyse, purely anonymously, information about user activity on the websites. Read more HERE.

To a limited extent, we may collect personal data automatically via cookies and other technologies on our websites. Detailed information on the collection and use of cookies is available in our cookie policy, which can be found HERE

Our Website offers various possibilities of contacting us. Apart from contact forms, we also use application forms used to commence employment and cooperation, as well as notification forms and subscriptions to our newsletter. The use of the aforementioned forms usually requires you to provide your personal data. These data are processed for the purposes and in accordance with the legal basis referred to in the communications accompanying these forms.

2. Joint controllership of personal data by the companies of Raben Group in connection with the operations of the Website and social networks

The Ukrainian company of Raben Group jointly control the personal data processed via the Website and social media sites together with the Raben Group companies indicated in the content of section V. point 2. for the following purposes:

related to the handling of contact forms used for the sale of services and customer service,
managing the consents granted as part of our Subscription Centre, i.e. a tool for handling consents grated by natural persons,
personalising communications and profile offers on the basis of the information aggregated in the customer service, sales and marketing processes in conjunction with the relevant data from cookie files and other technologies,
performing the newsletter service,
providing customers and transport participants with information on the current status of the shipment as part of the Track &Trace service,
operating social media sites, including the organisation of competitions through them.

To the remaining extent, Ukrainian company of Raben Group is an independent controller of personal data processed via the Website.

Notwithstanding the above:

Raben Group companies and Facebook are the joint controllers of the data of users who have liked the fanpage of Raben Group companies. Facebook as the brand owner of Instagram, also jointly controls the data of persons who follow the fanpage of Raben Group companies on Instagram;
Raben Group companies and YouTube are the joint controllers of the data of users who have liked the fanpage of Raben Group companies.
Raben Group companies together with LinkedIn are the joint controllers of user data.

3. Data Protection Officer

For all matters relating to the processing of your personal data through the Website and social media sites and the exercise of your rights in relation to data processing, you can contact our Data Protection Officer through the following communication channels:

by directing inquiries to the postal address: RABEN UKRAINE LLC, 150 Brovarska St., Brovarsky district, Brovarsky village, Kyiv region, 07442, Ukraine, marked “personal data protection”;
by directing inquiries to the e-mail address: vitaliy.kovalenko@raben-group.com

4. Data recipients and data transfer to third countries

Your data are shared with the providers of the services we use (e.g. maintenance of websites, social media sites, IT systems, sending newsletters).

Your personal data may be transferred to data processors established outside the European Economic Area (EEA).

Countries outside the EEA may not offer the same level of personal data protection as the EEA countries. Before your personal data are transferred outside the EEA, Raben Group will make every effort to ensure that such transfer does not lead to a reduction in the level of your protection guaranteed under the regulations in force in the EEA countries. If your personal data are transferred outside the EEA, their transfer will be based on an adequacy decision or standard data protection contractual clauses adopted by the European Commission. You may also request additional information with regard to the transfer of the data outside the EEA by contacting us as described in point 3.

5. Your rights and profiling

The joint controllership of personal data under the provision Article 26(1) of the GDPR does not affect the exercise of your rights under the GDPR. As agreed between the Joint Controllers, each Joint Controller is the entity responsible for the processing of personal data in accordance with the GDPR.

You have the right to request access to your personal data, their rectification, erasure or restriction of processing, or to object to processing as well as the right to data portability. If the data are processed on the basis of a consent, you have the right to revoke your consent at any time without affecting the lawfulness of the processing conducted on the basis of the aforementioned consent prior to its revocation.

The companies will verify your requests, demands or objections in accordance with applicable data protection legislation. In response to your request, the Companies may ask you to verify your identity, to provide information that will help the Companies better understand the request. The Companies will make every effort to justify their decision to you if your requests are not met.

At the same time, please be advised that you have the right to lodge a complaint with the supervisory authority competent for the Raben Group Company running the Website and communication with you. For the Polish companies of Raben Group, the competent authority in this respect is the the Office of the Ukrainian Parliament Commissioner for Human Rights with a registered office in Kyiv, 21/8 Instytutska St., 01008.

Your personal data may be processed by automated means (including profiling), however in this case this will not have any legal effect on you or similarly materially affect your situation. The profiling of personal data in this case consists of the processing of your data (including by automated means) to evaluate certain information about you, including aggregated customer service data, website traffic analysis, statistics, predicted interests and personal preferences for the marketing of our services.

You have the right to object at any time - on grounds relating to your particular situation - to profiling based on Article 6(1)(f) of the GDPR. In that case, we can no longer process these personal data unless we can demonstrate the existence of compelling legitimate grounds for processing that override your interests, rights and freedoms or grounds for establishing, exercising or defending against claims.

6. Processing of personal data of visitors to the website https://ukraine.raben-group.com/

6.1. Purpose of data processing

The activity of Website users, including their personal data, is recorded using cookies and other technologies and is processed for the purpose of personalising and profiling marketing communications. You can find more information about this in our cookie policy HERE.

6.2. Legal basis for data processing

The legal basis for the processing of personal data via the Website is the legitimate interest of each controller (Article 6(1)(f) of the GDPR), consisting of the need to ensure that the users of the Website have access to the content and communication published therein through the channels available through the Service and to keep statistics in order to improve the functionality of the Service.

6.3. Duration of data processing

Where data are processed on the basis of a legitimate interest, the data will be processed for a period allowing the fulfilment of that interest or until an effective objection to the processing is raised. In the case of installed cookies, their processing time is determined by the period set for each cookie or until you revoke your consent.

6.4. Obligation to provide data

The provision of data is voluntary, however necessary for the uninterrupted and fully correct use of the Website's functionalities.

7. Processing of personal data of visitors to social media sites operated by the Ukrainian company of Raben Group

7.1. Purpose of data processing

The Ukrainian company of Raben Group process personal data of users visiting Raben Group profiles related to the Website operated in social media (Facebook, Instagram, Yotube, LinkedIn). Data shared directly on social media is processed in connection with the operation of the profile, including to inform users about Raben Group activities and to promote various types of services and products.

On the Website, with your consent, we use cookies and other technologies to profile content directed to you via social media.

7.2. Legal basis for processing

The legal basis for processing of personal data by the Ukrainian company of Raben Group for the above purposes is the legitimate interest (Article 6(1)(f) of the GDPR) consisting in aggregating information and profiling on this basis to promote communications promoting own products and services to customers and other persons who communicate via forms on the Website dedicated to customer services in relation to your consent to the tracking of cookies in accordance with the cookie policy, which you can find HERE.

7.3. Duration of data processing

Data of users of social media sites will be processed for the period of existence of legitimate interest of the Ukrainian company of Raben Group, for the period when the user follows Raben Group profiles and in case of communication via social media sites, for the period necessary to close the conversation.

7.4. Obligation to provide data

We obtain all your data through the owners of the social media, from your public profile or fanpage posts and, if you have granted your consent, also from the registration of your activity on the Website. The provision of data is voluntary, however in the case of communication via social media, it is necessary in order to handle cases and maintain the relationship carried out in the given communication.

8. Processing of personal data of persons contacting us via the contact forms available on the Website

The use of the forms usually requires you to provide your personal data. The following provides general information on the purposes and legal grounds for processing data through the forms available on the Website. In addition, there is information next to each form indicating the purpose and legal basis for the processing of personal data by the specific form.

8.1. Purpose of data processing

When enquiries are made via the forms available on the Website, the personal data contained in the correspondence are processed for:

establishing contact and responding to your inquiry;
establishing or exercising civil law claims in the course of business, as well as the defence against such claims;
personalising communications and profile offers on the basis of aggregated customer service information in conjunction with relevant cookies;
undertaking other activities carried out on the basis of your consent, such as conducting surveys - e.g. opinion or satisfaction surveys, sending newsletters or providing information about the offered services, new offers and promotional opportunities, on the communication channel of your choice.

8.2. Legal basis for data processing

The legal basis for the processing of personal data for the aforementioned purposes is the legitimate interest (Article 6(1)(f) of the GDPR) consisting in conducting effective communication with persons making inquiries via the website, securing and exercising claims and providing tailored information regarding offers and services or consent (Article 6(1)(a) of the GDPR)

8.3. Duration of data processing

Your personal data will be processed until:

in relation to the processing of your data on the basis of Article 6(1)(f) of the GDPR, until you lodge an objection if, after consideration by the controller, it is found to be effective, or until the expiry of the statute of limitations for claims, as appropriate;
in relation to the processing of your data on the basis of Article 6(1)(a) of the GDPR - until you revoke your consent

Revocation of consent does not affect the lawfulness of the processing which was carried out on the basis of the consent prior to its revocation

8.4. Obligation to provide data

Providing personal data is voluntary, however necessary in order to establish contact and respond to your inquiry, request or demand and/or to carry out communications on the basis of the granted consents.

VII. DETAILED INFORMATION CLAUSES CONCERNING THE PROCESSING OF PERSONAL DATA BY COMPANIES OF RABEN GROUP OUTSIDE THE WEBSITE AND FANPAGES IN SOCIAL MEDIA.

Websites and fanpages in social media are not the only channels through which Raben Group processes personal data.

In order to fulfil the information obligations imposed on us, below we present key issues related to processing of personal data outside the website and fanpage on social media sites of transport participants, drivers, carriers, providers, customers, the so-called "contact persons", newsletter users, visitors to our facilities, representatives of legal persons and media representatives.

Information for transport participants

Information for the driver (employed/cooperating with the carrier providing services for companies of Raben Group)

Information for a driver (employed/co-operating with a carrier providing services for companies of Raben Group) covered by “monitoring” of telematics devices

Information for the carrier

Information for Customer

Information for driver - TMLE litle aplication

Information for suppliers

Information for Track & Trace users

Information for contact persons

Information on video surveillance and Raben Group visitor service

Information for media

Information for representatives of legal persons

Information for whistleblowers

VIII. AMENDMENTS TO THIS POLICY

We are committed to regularly review this Policy and amend it if it proves necessary or desirable due to: new legal regulations, new guidelines of authorities responsible for supervising the processes of personal data protection, best practices applied in the area of personal data protection.

We also reserve the right to amend this Policy in the event of changes in technology we use to process personal data (if the change affects the wording of this document), and in the event of changes in methods, purposes or legal grounds for processing of personal data.

This document was last updated on 19^th of January 2024.