• Why is it worth it?
  • Telematics
  • Driver Pay
  • For the Carrier
  • For the Sender
    • ONYXTMS.com Privacy Policy

    Privacy Policy

    This Privacy Policy sets out the rules for the processing and protection of personal data provided by Users in connection with their use of the Services provided by ONYX Sp. z o.o.

    § 1. General Information

    1. This policy applies to the Services, which consist of
      • The website operating at the URL: app.onyxtms.com
      • Mobile applications for Android and iOS platforms.
    2. The operator of the Services and the Administrator of personal data is: ONYX Sp. z o.o., ul. Lubowidzka 33, 80-174 Gdańsk, Poland.
    3. The operator's contact email address: contact@onyxtms.com
    4. The operator is the Administrator of your personal data in relation to the data provided voluntarily within the Services.
    5. The Services use personal data for the following purposes:
      • Handling inquiries through contact forms or other communication channels.
      • Presenting offers or information.
      • Implementing basic functions of mobile applications.
      • Analyzing the use of the Services to improve them.
    6. The Services acquire information about users and their behavior in the following way:
      • Through data voluntarily entered in forms or other data entry fields, which are entered into the Operator's systems.
      • By saving cookie files (so-called "cookies") on end devices in the case of the website.
      • By collecting data automatically, such as IP address, device data, operating system, and its version (in the case of mobile applications).

    § 2. Selected data protection methods used by the Operator

    1. Login and personal data entry points are protected in the transmission layer (SSL/TLS encryption). As a result, personal data and login data entered in the Services are encrypted on the user's device and can only be read on the target server.
    2. Personal data stored in the database is encrypted in such a way that only the Operator holding the key can read it.
    3. User passwords are stored in a hashed form. The hashing function is one-way - it is not possible to reverse its operation, which is currently the modern standard for storing user passwords.
    4. Two-factor authentication may be used in the Services, which provides an additional form of login protection.

    § 3. Hosting and Third Parties

    1. The Services are hosted (technically maintained) on the operator's servers: cloudways.com.
    2. In some situations, the Administrator has the right to transfer your personal data to other recipients if it is necessary to perform the contract concluded with you or to fulfill the obligations incumbent on the Administrator. This applies to the following groups of recipients:
      • Hosting company on the basis of a data processing agreement.
      • Providers of analytical services (e.g., Google Analytics).
      • Operators of mobile application distribution platforms (Google Play, Apple App Store) to the extent necessary to provide the services.

    § 4. Your rights and additional information on how data is used

    1. Your personal data processed by the Administrator is stored for no longer than is necessary to perform the activities related to them, as specified by separate regulations (e.g., on accounting). With regard to marketing data, the data will not be processed for more than 3 years.
    2. You have the right to request from the Administrator:
      • access to your personal data,
      • their rectification,
      • their erasure,
      • restriction of processing,
      • and data portability.
    3. You have the right to object to the processing of personal data for the purposes of the legitimate interests pursued by the Administrator (including profiling), provided that the right to object cannot be exercised if there are valid legitimate grounds for the processing which override your interests, rights and freedoms, in particular for the establishment, exercise or defense of legal claims.
    4. You have the right to lodge a complaint with the President of the Personal Data Protection Office, ul. Stawki 2, 00-193 Warsaw, Poland.
    5. Providing personal data is voluntary, but it may be necessary for the full use of the Services.
    6. Automated decision-making, including profiling, may be undertaken in relation to you in order to provide services under the concluded contract and for the purpose of direct marketing by the Administrator.
    7. Personal data is not transferred to third countries within the meaning of data protection regulations. This means that we do not send it outside the European Union.

    § 5. Information about data collected in the Services

    1. The Services collect information provided voluntarily by the user, including personal data, if provided.
    2. The Services may save information about connection parameters (timestamp, IP address).
    3. In the case of mobile applications, the Services may collect additional information automatically, such as:
      • unique device identifier (e.g., advertising ID),
      • operating system type and version,
      • crash information (crash logs),
      • data on in-app activity.
    4. The data provided in the forms are processed for the purpose resulting from the function of a specific form, e.g., to handle a service request or commercial contact.
    5. Information about user behavior in the Services may be logged. This data is used to administer and optimize the Services.

    § 6. Mobile App Permissions

    1. To ensure full functionality, mobile applications may request access (permissions) to certain resources or functions on your device.
    2. Such permissions may include, among others, access to the camera, device storage, location, or push notifications.
    3. Each permission is voluntary and required only to perform specific functions. You can manage the granted consents at any time in your device's system settings. Refusing to grant consent may limit the functionality of some application features.

    § 7. Key Analytical and Marketing Techniques

    1. The Operator uses statistical analysis of traffic in the Services, including through Google Analytics (Google Inc. based in the USA) or similar tools (e.g., Firebase Analytics). The Operator does not transfer personal data to the operators of these services, but only anonymized information. These services are based on the use of cookies or other tracking technologies on the user's end device.
    2. Regarding information about user preferences collected by the Google advertising network, the user can view and edit information resulting from cookies and identifiers using the tool: https://www.google.com/ads/preferences/

    § 8. Information about cookies and similar technologies

    1. The website uses cookies. Mobile applications may use similar technologies (e.g., local storage, device identifiers).
    2. Cookies (so-called "cookies") are IT data, in particular text files, which are stored on the end device of the website User. Cookies usually contain the name of the website from which they originate, their storage time on the end device, and a unique number.
    3. Similar technologies in mobile applications, such as advertising identifiers (IDFA on iOS, AAID on Android), allow for usage analysis and content personalization in a manner analogous to cookies.
    4. The entity placing cookies and accessing them is the Operator of the Services.
    5. These technologies are used for the following purposes:
      • Maintaining the user's session (after logging in).
      • Saving user settings and preferences.
      • Achieving the goals set out above in the "Key Analytical and Marketing Techniques" section.
    6. Restrictions on the use of these technologies may affect some of the functionalities available in the Services.

    § 9. Managing cookies and consents - how to express and withdraw consent in practice?

    1. Website (browsers): If the user does not want to receive cookies, they can change their browser settings. Disabling cookies necessary for authentication, security, or maintaining user preferences may make it difficult, and in extreme cases, impossible to use websites. To manage cookie settings, follow the instructions for your browser (e.g., Chrome, Safari, Firefox, Edge).
    2. Mobile devices (Android/iOS): The user can manage their advertising identifier and related consents directly in their device's settings.
      • iOS: Settings → Privacy & Security → Tracking.
      • Android: Settings → Google → Ads.

      You can reset your advertising identifier there or limit its tracking.