We hereby inform you that the company OSOBUS with its registered office at ul. Legnicka 50 A, 59-500 Złotoryja, providing international passenger transport services by land, available at www.osobus.pl, is the controller, i.e. the entity deciding how your data will be used, which, under Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”), constitutes personal data (defined as “information relating to an identified or identifiable natural person”).
In accordance with applicable data protection regulations, in particular the GDPR, to ensure proper protection of personal data, data subjects must first be provided with information regarding the processing of their personal data as specified in Article 13 or 14 of the GDPR – depending on whether it was obtained directly from the data subject or from other sources.
Please read the information regarding your personal data, how we process and store it, and what your rights are:
How can you contact us for more information about the processing of your personal data?
Here are the contact details:
Email address: osobus@o2.pl
Postal address: OSOBUS, Legnicka 50A, 59-500 Złotoryja
Where do we get your data from?
We received it from you by phone or online. We also received it from the person or company you authorized when you made your travel reservation, and later, in connection with your subsequent trips.
What is the purpose and legal basis for the processing of your personal data by OSOBUS?
We process your personal data because it is necessary to perform the transport service you have commissioned us, including:
creating and managing your profile, ensuring the management of your account, and resolving technical issues; making reservations on your behalf by individuals who have been requested to do so, as well as by companies you work with; organizing the trip – logistics; handling requests you submit to us (e.g., by phone or email); and contacting you, including for purposes related to the provision of our services.
In addition, the law requires us to process your data for tax and accounting purposes.
If you consent, we will process your personal data for the following purposes:
saving data on the server; collecting data from websites and mobile applications; and storing data in cookies; organizing promotional campaigns, loyalty programs, or competitions in which you can participate; organizing the trip – logistics.
You can withdraw your consent to the processing of your personal data at any time in the same manner in which you expressed it. We will continue to process your personal data until that time.
Do you have to give us your details?
If for any reason you do not provide us with your personal data, we will unfortunately not be able to provide you with our services. Where required by law, we may require you to provide other data necessary, for example, to make a reservation or for accounting or tax purposes.
What personal data is required?
In order for us to enter into a contract with you, for example, to provide passenger transportation services, we require the following personal data:
First name
Last name
Contact number
Addresses to which the trip is to be related
Information required for invoicing, including company name, Tax Identification Number, address, etc.
What rights do you have regarding the processing of your data?
We guarantee that we will fulfill all your rights under the General Data Protection Regulation, i.e. the right to access, rectify and delete your data, limit its processing, the right to transfer it, not to be subject to automated decision-making, including profiling, and the right to object to the processing of your data.
You can exercise your rights when:
Your data is incorrect or incomplete – regarding your request for data rectification,
Your data will no longer be necessary for the purposes for which it was collected by the Carrier; you withdraw your consent to data processing; you believe that your data is being processed unlawfully; you object to the processing of your personal data; the data was collected in connection with the provision of services to another user or the data should be deleted in order to fulfill an obligation arising from the law – in relation to the request to delete data
you can request to limit the processing of your data for a period allowing us to check the accuracy of this data (remember, however, that in this case we may not be able to provide the transport service!); you believe that your data is or will be processed unlawfully but you do not want it to be deleted – in the request to limit the processing of your personal data
You can also request data transfer; you have the right to object and not be profiled.
You have the right to lodge a complaint regarding our processing of your personal data with the supervisory authority, which is the Inspector General for Personal Data Protection, ul. Stawki 2, 00-193 Warsaw
Who do we share your personal data with?
Your personal data is mainly shared with entities thanks to which your booked trip can take place.
The data you provide will not be made available to third parties. Only legally authorized institutions will be recipients of the data.
The data you provide will not be subject to profiling.
The data controller has no intention of transferring personal data to a third country or international organization.
How long do we store your personal data?
We store your data until you exercise your right to be forgotten. After exercising this right, your personal data will be used for the following purposes:
pursuing claims in connection with any issues arising from your reservation or travel,
compliance with legal obligations, including in particular tax and accounting obligations,
preventing abuse and fraud, for statistical and archiving purposes, for a maximum period of 10 years from the date of exercising your right to be forgotten,
Osobus will take all necessary measures to physically, technically, and organizationally protect your personal data against destruction, accidental loss, alteration, unauthorized disclosure, use, or access, in accordance with generally applicable laws, in particular the Regulation.
