Privacy and cookies policy page

Trakcja System Sp. z o.o. with its registered office in Wrocław, puts the convenience and safety of its customers and employees first. This “Privacy Policy” aims to provide you with the necessary information about the data we collect from you and process, including an explanation of the principles of processing this information.

The personal data we process refers to data obtained during the preparation and execution of agreements and business activities we undertake. Privacy protection is particularly important to us.

To achieve this, we have drawn up a Privacy Policy that explains the privacy protection standards we have adopted in a few simple steps. It also refers to cookies.

Our Privacy Policy applies to all persons who use our website (hereinafter referred to as the “Website”) or electronic services available through this Website. These persons are referred to by us in this document as “Users”.

Our Privacy Policy is particularly directed at potential Clients, Contractors, Partners, Subcontractors, as well as other individuals, including our potential employees, who use the contact form. It is also directed at the employees/coworkers of these individuals, in case their data is shared.

Our main objective is to duly inform our Users of their rights and our obligations in relation to the processing of their personal data, in particular bearing in mind the content of the data protection provisions set out in Article 13 sections 1 and 2, and Article 14 sections 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, Official Journal of the European Union, L of 2016 No. 119, p. 1 as amended, further referred to as “the GDPR”).

1. Who is the controller of your personal data?

The controller of your personal data, who independently determines the purposes and methods of processing personal data, is Trakcja System Sp. z o.o. with its registered office in Wrocław, Lipowa 3, 53-142, Wrocław, entered in the register of entrepreneurs kept by the District Court for Wrocław Fabryczna in Wrocław, VI Economic Division of the National Court Register under the KRS number 0000416796, holding Tax Identification Number 897-178-20-96, and National Business Registry Number 021857862.

2. Who is the Data Protection Officer at Trakcja System Sp. z o.o. in Wrocław?

Our Data Protection Officer, who can be contacted on matters concerning the processing of personal data or the exercise of data subjects’ rights, is Ms Katarzyna Bala-Antczak.

3. How can you contact the Controller or the Data Protection Officer?

You can contact the Controller by mail at the following address: Trakcja System, with its registered office in Wrocław, Lipowa 3, 53-142, Wrocław, providing a note“concerning Personal Data Protection”or by using the contact form on our Website, or also by e-mail sent to

You can contact the Data Protection Officer directly at:

The use of the contact form on the aforementioned Website requires you to provide personal data, including your name, surname, email address, telephone number, message content, and subject.

4. When do we collect your personal data?

We gather your personal data when you use our services, enter into agreements with us, visit our Website, or contact us through any means.

5. For what purpose and on what basis do we process your personal data?

We process your personal data on the basis of generally applicable legal regulations and the specific legal grounds listed below, for the purposes outlined:

  • the performance of an agreement under civil law or to take steps prior to its signing, in which case the legal basis is the necessity for the performance of the agreement (Article 6 section 1 point b of the GDPR);
  • contact during the execution of the agreement, in which case the legal basis is our legitimate interest (Article 6 section 1 point f of the GDPR);
  • consent for the marketing of entities cooperating with the Controller, in which case the sole legal basis is the consent of the person concerned (Article 6 section 1 point a of the GDPR);
  • the use of the contact forms provided by the Controller on the Website and answering the questions asked, the legal basis then is our legitimate interest (Article 6 section 1 point f of the GDPR);
  • complying with the generally applicable legal provisions incumbent on the Controller, including, in particular, accounting and tax laws, whereby the legal basis is the fulfilment of an obligation (Article 6 section 1 point c of the GDPR);
  • the possible establishment, assertion or defence of claims, or defence against legal claims, whereby the legal basis is our legitimate interest (Article 6 section 1 point f of the GDPR);
  • acquisition and further processing of non-confidential data or data appearing in public databases of entities, i.e., e.g. business entity databases, whereby the legal basis is our legitimate interest (Article 6 section 1 point f of the GDPR).

In addition, as part of our recruitment processes, we process personal data in order to:

  • carry out the recruitment process, in which case the legal basis is actions aimed at entering into an agreement (Article 6 section 1 point a and/or b of the GDPR),
  • future recruitment processes, in which case the sole legal basis is the consent of the person concerned (Article 6 section 1 point a of the GDPR).
  • Where do we acquire your data from?

The Controller obtains personal data directly from Users, through the Website, by having them fill in a contact form and send a message with specific content.

The Controller, therefore, primarily operates on personal data provided directly to them. If you have not provided us with your personal data directly, we may have obtained it from:

  1. our clients,
  2. our contractors,
  3. public information sources.

Due to the scope of our business activities, we also collect personal data in other cases, such as during business meetings or through the exchange of business cards, with the purpose of creating and maintaining business contacts. The legal basis for the processing in this case is our legitimate interest (Article 6 section 1 point f of the GDPR) in networking in connection with our business.

7. What is the scope of your personal data that we process?

In our company, we apply the principle of minimising the data we process. This means that we strive to process your data only to the extent that is minimal and necessary for each specific purpose.

We would like to inform you that browsing the content of the Website pages, without using the contact form, does not require the User to provide any personal data.

In connection with the purposes listed above, as a rule, we do not process data relating to categories of sensitive data (e.g. relating to health status, etc.). We require this type of data for recruitment processes for the jobs we offer. You will then receive more detailed information from us about the processing of personal data related to this process.

If you voluntarily provide us with a wider range of data, we will be entitled to process it. We ask you not to provide the Controller with the personal data of third parties unless you are duly authorised to do so. In the event of transferring the personal data of third parties to us, please provide a statement indicating that you are authorised to transfer such data.

Depending on the purpose and legal basis for the collection and processing of personal data, we may collect and process, among others, the following data:

  1. identifying information, including but not limited to: first name, last name, PESEL No. (Personal Identification Number), date of birth;
  2. contact details, including but not limited to: address, telephone number, and e-mail address;
  3. other data whose scope is justified by the purpose for which they are collected and processed.

If we obtain personal data ourselves, the scope of processed data typically includes: first and last name, basic contact and address details, position held, or type of business activity conducted.

8. Does our Website use cookies or keep logs?

In addition to the data provided to us directly by Users while browsing our Website or using the contact form on our Website, we use the following mechanisms to gather information:

1) by using cookies – data identifying a User’s session on a web browser and on the servers of the Website

In order to provide the highest level of service and for statistical purposes, we use cookies. Using our Website means that they will be placed on your device. You can change your browser settings at any time. Some functionalities available on our Website may not work if you do not consent to the installation of cookies.

Cookies are text files that are stored on your device when you visit a website. By using our Website, you consent to the use of cookies.

Using the Website without changing your cookie settings means they will be stored on your end device. You can change the cookie settings in your browser at any time.

If you do not want cookies to be installed on your devices, you can change your browser settings for the installation of these files. It is also possible to delete these files from the memory of the relevant device at any time.

Third-party sites or services to which our Website directs Users may also use cookies other than those mentioned above, including, in particular, cookies enabling login and providing advertisements tailored to User preferences and behaviour. Please read the cookie policies on the websites you access.

At this point, we would like to mention that the information collected in this way may constitute personal data and be stored using the technology used by the User to browse and use the Website. As a rule, these files do not serve to deliberately identify the User personally.

2) by using server logs – data such as: the IP address of the device from which the User connects to the Website, where the request to view the website came from, the type of browser, the browser language, the date and time of the event, the number of clicks, the amount of time spent on the website, the date and time of use of the website, the type and version of the operating system, screen resolution, data collected in server logs and other similar information as well as information on errors which occurred during the execution of HTTP transactions, and if the Website was accessed via a link – the URL of the page from which the User was redirected

9. Who is the recipient of your personal data?

The personal data processed by the Controller may be disclosed at any time to entities authorised under applicable law, such as the competent state authorities

Depending on the specific purpose, the data processed by the Controller may furthermore be disclosed to:

  1. authorised employees and associates of the Controller;
  2. processors to whom the Controller has entrusted the processing of personal data, providing the following services: marketing, archiving, consulting, auditing, subcontracting, technical (in particular relating to IT systems and for the maintenance of the Controller’s website), training, courier and translation.
  3. separate data controllers, providing postal, banking, or legal services.

The Controller will not sell Users’ personal data to other entities, and any sharing of data will be carried out in accordance with applicable laws and with full adherence to principles related to their security.

Regarding the above-mentioned list of recipients, the Controller may transfer your personal data to countries outside the European Economic Area (hereinafter referred to as third countries) and international organisations that are related to the scope of the Controller’s business activities and the cooperation undertaken with various entities. The data will be transferred to countries for which the European Commission has issued decisions regarding the adequacy of the protection of personal data and/or in compliance with all legal requirements, including on the basis of a relevant agreement containing data protection clauses adopted by the European Commission, ensuring an appropriate level of protection for the transferred personal data.

10. For how long do we process your personal data?

The duration of the processing of your personal data depends on the purpose for which we process your data.

Personal data processed by us on the basis of the consent you have given will be processed until you withdraw it. You may withdraw the consent you have given for the Controller to process your personal data at any time. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. If there are other grounds for processing your data, your data may be processed despite your withdrawal of consent.

If the processing is based on a legal obligation imposed on the Controller or in connection with the contract performance or for the purposes of the legitimate interests pursued by the Controller, the periods for processing the data may depend on:

  1. the moment a decision is taken on the conclusion of a civil law agreement;
  2. the period for fulfilling a particular contractual obligation (service provision);
  3. record-keeping obligations (retention period for accounting and tax records as required by law);
  4. obligations related to storing documents and information required by regulations concerning anti-money laundering and counter-terrorism financing measures;
  5. the need to secure or later pursue civil law claims (statute of limitations period for claims as per legal regulations).

11. Will your data be processed in an automated manner or subject to profiling?

The Controller does not make automated decisions based on the collected personal data, including profiling.

12. What rights do you have in connection with the acquisition of personal data by the Controller?

You have the following rights in connection with the acquisition of personal data by the Controller:

  1. to request access to personal data concerning the data subject from the Controller;
  2. rectification of personal data;
  3. erasure or restriction of the processing of personal data;
  4. to object to the processing;
  5. data portability;
  6. submitting a complaint to the supervisory authority, i.e. the President of the Personal Data Protection Office, in the event that the Controller violates the regulations regarding personal data protection during the processing of your personal data.

Additionally, you have the right to object to the processing of your personal data when the legal basis for processing by the Controller is:

  1. the necessity of processing for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data Controller (Article 6 section 1 point e of the GDPR).
  2. the legitimate legal interest of the Controller (Article 6 section 1 point f of the GDPR).

Once an objection has been lodged, the Controller will no longer be able to process personal data based on the aforementioned legal bases unless the Controller can demonstrate the existence of compelling legitimate grounds for processing that override the interests, rights, and freedoms of the data subject, or grounds for establishing, pursuing, or defending legal claims.

If the Controller processes your data for direct marketing purposes, you have the right to object to the processing of your data, including profiling.

13. Do we require your personal data?

If it does not directly result from the concluded agreement or in generally applicable law, the provision of personal data is voluntary. Nevertheless, the provision of personal data is necessary in order to make use of the Controller’s services and offerings or to establish contact with the Controller through the indicated sources of communication.

14 How do we secure your data?

The Controller employs appropriate technical and organisational measures to ensure the secure storage of data, including protecting such data against unauthorised access by third parties, loss, or destruction.

15. What else should you know?

Our Website links to other entities’ websites, primarily related to social media in the broadest sense. The websites or portals of entities cooperating with the Controller, as well as those to which there is a possibility of redirection through the Website (links, hyperlinks, etc.), are subject to their own privacy policies and terms of service created by those entities. The Controller is not responsible for and has no influence on the contents and provisions of these documents.

We encourage you to read the privacy notices on the aforementioned websites/portals before using the features they offer.

We would like to caution that the provisions of this Privacy Policy do not apply to those websites/portals.

16. How do we modify our Privacy Policy?

In order to ensure that we comply with the requirements imposed by law, we reserve the right to update our Privacy Policy at any time. The above applies particularly when our Privacy Policy requires changes due to the introduction of new features or changes to our Website.

Last modified on: 16.03.2022