M3Cargo sp. z o.o. (hereinafter also referred to as M3Cargo, we, us/our) ensures the privacy of the data of users of this website www.m3cargo.com.
In this policy, we understand that Client - any capable natural person or legal entity that uses the services of M3Cargo and has accepted the terms of this Рolicy. On behalf of a legal entity, the use of M3Cargo services is carried out by its authorized body/representative; it is considered that on behalf of a legal entity, its authorized body/representative contacts M3Cargo.
Services - services provided by M3Cargo and indicated on this website or otherwise made public, M3Cargo is committed to respecting the privacy and security of personal data and any other information we collect from website users. We collect only the information that allows us to provide users with the services of the website at the highest level. It also helps us protect the site and users from third party fraud and spam.
In compliance with applicable data protection legislation, we inform you herewith that we are the controller of the personal information collected, received or otherwise processed about you as described below. Such legislation includes Regulation (EU) 2016/679 of April 27th 2016 (GDPR) and any other national statutory law applicable to us.
The responsible party in terms of the GDPR within the scope of this website is M3Cargo sp. z o.o., a company with registered office situated at Ul. Gesia 8/205, reg Krakow; Poland, Postal Code: 31-535and registered in the register of Polish companies KRS under the number 0000981648. In its capacity as data controller, M3Cargo is responsible to ensure that the personal data is being processed in a correct manner and in accordance with applicable legislation.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. If you do not agree with this policy, do not access or use our Services like this website or interact with any other aspect of our business
By placing an order or opening a M3Cargo account you are accepting and consenting to the terms described in this policy. Furthermore, you guarantee that all persons, whose personal information is given to us by you related to your order or your account, are aware of this policy, accept and consent to the practices described in this policy and are willing and able, upon request of the Information Commissioner or any other Data Protection Authority, to provide a written proof of their consent and acceptance.
1. Information we may collect from you
We may collect and process the following data about you:
1.1 Information you give us
You may give us information about yourself by filling in forms on https://www.m3cargo.com (our website) or by sending us your application/order or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our Services, place an order on our website or otherwise, other activities commonly carried out on the website and when you report a problem with our website. The information you give us may include:
∙ information about the customer: your name (your first name and surname or name of the company and first name and surname of the person in charge), VAT ID, address and phone number, financial and credit card information,
∙ information related to the pick up: (first name and surname of the person handing in the cargo, telephone number, pick-up address),
∙ information related to the delivery: (first name and surname of the person to which the cargo will be delivered, telephone number and delivery address),
∙ information related to the confirmation: (email address, telephone number),
∙ information you provide through our support channels, where you may choose to submit information regarding a problem you are experiencing with a shipment. Whether you speak to one of our representatives directly or otherwise engage with our support team, you will provide to us contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue, including type of device, operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data.
1.2 Information we collect automatically when you use the website
We collect information about you when you use M3Cargo services, including while you are browsing our websites.
∙ Your use of the websites: we keep track of certain information about you when you visit and interact with our website. This information includes the features you use; the services you select, payment options preferred, frequently used addresses, links you click on.
∙ Cookies and other technologies: we use them in order to provide functionality and to recognize you when you’re trying to use our services. "Cookies" are small files that enable us to store information related to your device and you, the user, specifically, while you visit one of our websites. Cookies help us to determine how frequently our internet pages are accessed as well as the number of users. And they help us configure our offers so that they are as convenient and efficient as possible for you.
On the basis of Art. 6 (1) f) GDPR, we are using "session cookies" in order to optimize our website and to guarantee and convenient and undisturbed user experience. These cookies are stored exclusively for the duration of your visit to our internet pages. They are automatically deleted when you close your browser.
In addition, we use "persistent cookies" for retaining information about visitors who repeatedly access one of our internet pages. The purpose of using cookies is to be able to offer you optimal user guidance as well as to "recognize" you and thus be able to present (as much as possible) diversified internet pages and new contents during repeated use.
Generally, we do not create an individual profile of your online activities. The content of a persistent cookie is limited to an identification number. Name, email address, IP address, etc., are not saved on the majority of our sites.
1.3 Information we receive from other sources
We may receive information about you if you use other Services we provide or from public registers. We are also working closely with third parties (including, for example, carriers, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
2. Period of retention
It is our aim to process your personal data to the least extent possible. If the exact storage periods are not mentioned in this statement, we will only store your personal data as long as it is necessary to fulfil the purpose for which it was originally collected and, if appropriate, as long as legally stipulated.
When the processing of the personal data is no longer necessary for the purpose of which it was collected, we will erase such personal data.
3. Purposes of the processing
3.1 Information about the customer you give to us
We will use this information in order to: ∙ carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us, including to process transactions with you, send you transactional information, authenticate when you log in on websites, provide customer support, and operate and maintain our services;
∙ provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about, in case that you have given direct consent to receiving this type of communications and have not withdrawn it;
∙ provide you with information about goods or services we feel may interest you, in case that you have given direct consent to receiving this type of communications and have not withdrawn it;
∙ notify you about changes to our services;
∙ ensure that content from our site is presented in the most effective manner for you and for your computer;
∙ conduct research for development: we learn about how our customers use our services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of our services;
∙ protect our legitimate business interests and legal rights, whenever it is required for us to do so in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
The legal basis for the processing of the aforementioned data categories is Art. 6 (1) of the European General Data Protection Regulation (GDPR)
3.2 Information you give to us relating to the pick-up, the delivery and to the confirmation
We will use this information in order to:
- carry out our obligations arising from any contracts entered into between you and us;
- provide you with the information, products and services that you request from us.
3.3 Information we receive from other sources
We may combine this information with information you give to us. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
4. Disclosure of your information Depending on the nature and scope of our assignment or the services requested from us, we may share personal information with the following recipients to the extent that such disclosure or transmission is deemed reasonably necessary or desirable for satisfying the purposes mentioned above or at the specific legitimate request of our clients, the data subjects concerned. We may share your personal data with:
∙ authorized M3Cargo personnel that need access to the information for the performance of any contract we enter into with you;
∙ companies part of the M3Cargo nder group in order to operate and improve products and services;
∙ selected third parties including carriers and other business partners, suppliers and sub contractors for the performance of any contract we enter into with them or you, including: carriers, providers of website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processors, accounting firms, phone system providers, analytics systems providers, etc.
When choosing third parties to whom we may share your information, M3Cargo takes all the necessary precautions to ensure their adequate level of protection with regards to personal data.
We may also disclose your personal information to third parties:
∙ In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets, but only in case that it is strictly necessary for the transaction to be concluded.
∙ If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and other agreements; or to protect the rights, property, or safety of M3Cargo, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
M3Cargo would like to point out that it takes its duties towards customers, partners and personnel seriously; hence, does not disclose data to anyone, unless it is required to do so in order to comply with the law or a valid and binding order of a government or regulatory body, or in order to fulfil a contractual obligation for which the data subject has given consent to the processing (such as cases mentioned above). In such cases, the government or regulatory bodies need to follow the applicable legal process to obtain valid and binding orders, and such orders are reviewed by M3Cargo, which may object to too broad or otherwise inappropriate or inadequate orders.
Unless prohibited from doing so, or if there is a clear indication of illegal conduct in connection with the use of M3Cargo’s products or services, M3Cargo gives a notice to its customers before disclosing a customer’s contact, so that they can seek and prepare protection from disclosure.
M3Cargo takes all of the necessary technical and organizational security measures to protect your personal data from being lost or misused. For instance, your data is saved in a secure operating environment which is not accessible to the public. In certain cases, your personal data is encrypted by Secure Socket Layer technology (SSL) during transmission. This means that an approved encryption procedure is used for communication between your computer and the M3Cargo servers if your browser supports SSL. Should you wish to contact M3Cargo by e-mail, we would like to point out that the confidentiality of the information sent cannot be guaranteed. The contents of e-mail messages can be read by third parties. We therefore recommend you send us confidential information only by post.
5. Legal basis
In order to be a lawful processing, a controller must always base its processing activities of personal data on one of the legal grounds enumerated within the GDPR. We will process your personal data only when we have an appropriate legal basis for doing so.
Your personal data shall be processed when:
- you have given your consent;
- it is necessary for the performance of a contract to which you are a party or in order to take steps at your request before entering into a contract;
- it is necessary for compliance with a legal obligation to which we are subject;
- it is necessary for the purposes of our legitimate interests as long as our interests are not overridden by your interests or fundamental rights and freedoms. For instance:
- to establish, exercise or defend our legal rights in case of a legal claim;
- to maintain and update our list of contacts;
- to deal with communications received from you, contacts via phone or email, and responding to your queries;
- to ensure network and information security and stability.
6. Your rights & Remedies
6.1 Right to access
You have the right to obtain from us confirmation as to whether or not personal information concerning you is being processed, and, where that is the case, access the personal information and relevant information in that regard.
6.2 Right to correction
You have the right to obtain from us without undue delay the rectification of inaccurate personal information concerning you and taking into account the purposes of the processing, the right to have incomplete personal information completed.
6.3 Right to object
You have the right to object to the processing of your personal data in certain circumstances stated by GDPR.
6.4 Right to erasure (Right to be forgotten)
You have the right to be forgotten whenever the original purposes are no longer relevant and that we do not have legitimate grounds to decline your request to be forgotten.
6.5 Right to request the restriction of processing
If you do not agree with a decision to process personal data based on our legitimate interest you may request that such processing be restricted. You may also request a restriction of processing if you consider that we process incorrect data or that the personal data is no longer necessary for the purposes of processing.
6.6 Right to transportability
You may ask for the transfer of your personal data to another party.
6.7 Right to withdraw your consent
You have the right to withdraw your consent at any time when the processing of personal data was based on your consent.
6.8 Rights related to automatic decision making
You have the right to opt out of automated decision-making, including legal consequences for you or otherwise affecting your rights and legitimate interests. If you do not agree with the decision made automatically, you can contact us at the contact details above and request a review of the decision.
6.9 Right to lodge a complaint with the supervisory authority
You have the right to file a complaint with the data protection authority in your country. Nevertheless, we invite you to contact us before making any complaint to the competent authority.
To exercise your rights, you can send a written request to email: email@example.com.
7. Notification of breach
We will notify the National Data Protection Commission in case of a breach of personal data without undue delay and no later than 72 hours after detecting the breach.
Pursuant to the provisions of GDPR, clients and contacts will be personally notified of a personal data breach, without undue delay, only when the personal data breach is likely to result in a high risk to their rights and freedoms.
This version of the Policy enters into force on December 8th, 2022