Privacy policy

Privacy Policy

Bearing in mind how important the protection of personal data is, Email2TMS Prosta Spółka Akcyjna has created this Privacy Policy, from which you will learn what data we collect, for what purpose, on what basis and how you can manage it. In addition, here you will find information on what rights you have in relation to your Personal Data and how you can contact us.

The detailed rules and purposes of the processing of Personal Data collected during the User's use of the Platform are described below.

This Privacy Policy applies to the services offered by the Data Controller through:

the website

b. Email2TMS Platform

The scope of the Privacy Policy does not extend to third-party websites and services that can be accessed via links on the website. Detailed information on personal data protection is available from each of the providers of these services separately. The Data Controller recommends reading each of the documents in question on the providers’ websites.

I. Definitions

Whenever the following terms are used in the Privacy Policy, they shall be understood to mean:

1. Data Controller / Service Provider – Email2TMS prosta spółka akcyjna with its headquarter in Zabrze (41-800) at Wolności 262 St., entered into the Register of Entrepreneurs kept by the District Court in Gliwice, X Economic Department of the National Court Register (KRS) under number 0000924894, TIN: 6482806100, REGON: 520092821

2. Email2TMS Platform / Platform – an internet platform available on the website used to optimise the freight forwarder's work, which through its functionalities supports the process of transferring data contained in transport orders from e-mail or uploaded directly to the Platform by the User to the TMSs used by the freight forwarder, available on the address

3. Personal Data – information about an identified or identifiable natural person,

4. GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46 / EC,

5. Service Recipient – User who is bound to the Service Provider by the Agreement.

6. User – a natural person, an organisational unit without legal personality, which is granted legal capacity by an appropriate act, or a legal person - conducting business related to freight forwarding, who registered an Account on the Email2TMS Platform and concluded the Agreement.

7. "Manager" User – the User’s representative, entitled to represent the User at least in the terms of submitting declarations of will and knowledge to the Service Provider and who may contact the Service Provider in all matters related to the Email2TMS Platform.

8. "Employee" User – a natural person who has an Employee Account created under the Manager Account.

II. Data collection

a. Account of the User/User “Manager”

  1. In order to use the Platform, the User may create an account via the form made available on the website and log in to the Platform.

  2. An e-mail address must be provided during registration. In addition, the User provides the following data as part of registration: name and surname, company name, contact e-mail address, country, tax identification number (TIN), company address. Some data is also collected passively, i.e. by using the website (e.g. IP address, resolution, location, browser type).

Providing personal data is voluntary, although necessary to conclude and perform the agreement, operate the Account and contact the Data Controller.

b. "Employee" Account

1. In order to use the Platform, the User may add his employees / co-workers who are authorised to use the Employee Account. The Employee User may create an account via the form available on the website and log in to the Platform.

2. In order to use the Platform, the Employee User, after being added by the User, will receive an activation link to the Platform at the e-mail address provided, and then will be asked to provide his/her data necessary to registration of the Employee Account, i.e. name, surname. Some data is also collected passively, i.e. by using the website (e.g. IP address, resolution, location, browser type).

The provision of data is voluntary but necessary for the operation of the Employee Account.

III. Aims and legal basis of data processing

1. The Data Controller processes personal data:

a. in order to provide services related to the maintenance and operation of Users' accounts on the Platform - the legal basis of the processing is the necessity of processing for the performance of the agreement concluded between the Service Recipient and the Data Controller (pursuant to Article 6(1)(b) of the GDPR),

b. In order to service Users, in particular to provide a response to a question/complaint - the basis for processing is the Data Controller’s legitimate interest (Article 6 (1)(f) of the GDPR),

c. for the purpose of sending the Data Controller's newsletter regarding changes to the software, Regulations and other documents of the Data Controller, on the basis of the Data Controller’s legitimate interest (Article 6(1)(f) of the GDPR),

d. For the purpose of providing the Service Recipient with information concerning services, if the Service Recipient shows interest - based on the consent expressed by the User and/or the "Manager" User (Article 6(1)(a) of the GDPR),

e. for marketing purposes - on the basis of the consent expressed by the User and/or the "Manager" User (Article 6(1)(a) of the GDPR),

f. for analytical and statistical purposes - the legal basis for processing is the Data Controller’s legitimate interest (Article 6(1)(f) of the GDPR), consisting of conducting analyses of Users' activities and use the website and the Platform, as well as their preferences,

g. for the purposes of creating, improving and enhancing the Platform offered to Users - the legal basis for the processing is the legitimate interest of the Administrator (Article 6(1)(f) RODO), consisting of carrying out work related to the production - programming of the Email2TMS Platform, creating and offering new Platform functionalities to Users, as well as broadly understood software development.

h. in order to assert or defend against claims - the legal basis for processing is the Data Controller’s legitimate interest (Article 6(1)(f) of the GDPR).

2. The Data Controller may also process personal data in order to send the User, with their consent, information on current and future products and services. This information will be sent via the Platform or by e-mail in the form of information or advertising campaigns. The User may opt out of receiving such content by sending a message to the address (so-called withdrawal of consent to receive commercial information). The withdrawal of consent is possible at any time and does not affect the processing of personal data before the withdrawal.

3. After withdrawing the consent to receive commercial information, the User may receive messages within the newsletter regarding changes in the software, Regulations and other Data Controller’s documents (content that is not commercial information).

IV. Recipients of the data

1. The Data Controller informs that the recipients of the personal data may be its subcontractors to the extent necessary to provide technical and administrative facilities for the provision of services, such as IT service providers and entities dealing with the Platform. The Data Controller exercises due diligence in the transfer of personal data by applying measures and safeguards to prevent unauthorised access to the data (e.g. SSL, encrypted connections).

2. Without the User’s consent, personal data will not be made available to third parties (other than those mentioned above), except in circumstances where the transfer takes place as a result of a legally justified request of an authorised entity (e.g. law enforcement authorities or the judiciary).

3. We would like to inform you that the Data Controller’s website may contain plugins of social networks, among others: Facebook, LinkedIn etc. In connection with their inclusion on the Data Controller’s website, the user is obliged to read the privacy policy of these providers on his/her own in order to receive up-to-date information on the protection of personal data.

V. User rights

The user has the right to access personal data, rectify it, object to data processing, delete data, limit processing as well as transfer personal data, and when the processing is based on consent - to withdraw it at any time. The user also has the right to lodge a complaint with a supervisory authority if the user considers that the processing of his/her data violates the provisions of the GDPR. The supervisory authority in the Republic of Poland is the Chairman of the Office for Personal Data Protection. Upon confirmation of the User's identity, the Data Controller will exercise the rights indicated on the basis of the law. The Data Controller will use all reasonable endeavours to meet Users' requests for personal data, unless such data must be retained due to applicable law or other legitimate interests of the Data Controller.

VI. Data storage period

Personal data will be processed by the Data Controller for the period necessary for the execution of the agreement concluded between the Service Recipient and the Data Controller. To the extent that the data is processed on the basis of consent - the Data Controller will process them until the consent is withdrawn. In turn, personal data processed on the basis of a legitimate interest will be processed up to maximum of the time until an effective objection to processing is made. Furthermore, data will not be processed if it is no longer necessary for the purpose for which it was collected.

VII. Cookies

The Data Controller uses the so-called "Cookies" to track Users' visits to websites and save their preferences, e.g. language, login data, as well as adjust the content. Cookies are used to compile general statistics on the User’s use of the website. Cookies will be stored until they become outdated or no longer useful and will not be shared with third parties. It is possible to disable or delete cookies in the web browser on the User's device, but this may hinder the use of all the possibilities of the websites. The information on cookies also applies to other similar technologies used on websites.

VIII. Data in Google Analytics

Traffic on the Data Controller's websites is monitored by the analytics system: Google Analytics, the purpose of which is to collect data on the use of the websites and their popularity, i.e. to collect and analyse statistics on the operation of the Platform and the User's movements. This data (e.g. the browser used or the IP address) will never be made available by the Data Controller to third parties.

IX. Security

In order to ensure security, the Data Controller:

a. uses SSL encryption,

b. enables access to the account only after entering a correct login and password (it is recommended to set passwords consisting of at least 6 characters and containing upper and lower case letters, special characters and digits), which the User should keep in secret,

c. controls the methods of collecting, storing and processing information, including physical security measures to protect against unauthorised access to the system,

d. grants access to personal data only to those employees, contractors and representatives who need to have access to it in order to process it for the purpose of the Data Controller's needs. Furthermore, they are contractually obliged to maintain strict confidentiality, and in the case of entrustment data - by data entrustment contracts.

X. Transmission of personal data

The level of protection of personal data outside the European Economic Area (EEA) may differ from that provided by European law. With this in mind, the Data Controller transfers personal data outside the EEA only when it is necessary. In case of such a transfer, the Data Controller ensures an adequate level of personal data protection, particular by: a. transferring personal data to countries for which a European Commission decision has been issued recognising the country in question as providing an adequate level of personal data protection b. applying standard contractual clauses issued by the European Commission , c. applying other adequate safeguards.

1. Privacy Policy Statement. This Privacy Policy came into force on 01.03.2022 . We may update the Privacy Policy from time to time to reflect changes to our information processing practices and standards. Such modifications may take place without notifying the User. If there are any changes that significantly modify the rules for processing personal data, the User may be notified by e-mail or by means of a notification made available on the website. Changes will be effective from the date of their publication on the website together with an indication of the date of their introduction.

2. Contact information. If you have any questions or comments about the Privacy Policy, please contact the Data Controller: Email2TMS P.S.A., Wolności 262 St., 41-800 Zabrze or by e-mail to the following address:>