GDPR Cookie Compliance

1. Cookie Policy

1.1 Introduction

This cookie policy applies to all users of the www.mirtrans-express.com website. The information below aims to inform users of this website about the placement, use, and management of cookies by Mirtrans-Express in the context of users’ browsing on this site.

1.2 What are cookies?

We use the term “cookie” to refer to cookies and similar technologies through which information can be collected automatically. An “Internet Cookie” (also known as a “browser cookie” or “HTTP cookie”) is a small file consisting of letters and numbers that is stored on a user’s computer, mobile device, or other equipment through which the internet is accessed. Cookies are installed at the request of a web server to a browser (e.g., Internet Explorer, Firefox, Chrome). Once installed, cookies have a fixed lifespan and remain “passive,” meaning they do not contain software, viruses, or spyware and do not access information on the user’s hard drive.

A cookie consists of two parts:

• the cookie name;
• the cookie content or value.

Technically, only the web server that sent the cookie can access it again when a user returns to the web page associated with that server.

1.3 For what purposes are cookies used on this website?

Cookies are used to provide users of this website with a better browsing experience and services tailored to each user’s needs and interests, namely to:

• improve the use of this website, including by identifying any errors that occur during visits/use;
• provide anonymous statistics on how this website is used to the website owner as the owner of this page;
• anticipate future goods/services that may be made available to users through this site, depending on the services/products accessed.

Based on feedback transmitted via cookies regarding use of the site, the website owner may take measures to make the page more efficient and accessible. Thus, cookies allow the site to remember certain settings/preferences of users, such as: the language in which a page is viewed, the currency of prices/fees, easy account access, posting comments on the site.

1.4 What is the lifespan of cookies?

The lifespan of cookies can vary significantly depending on their purpose. The following categories determine their duration:

• session cookies — deleted automatically when the user closes the browser;
• persistent (fixed) cookies — remain stored on the user’s device until a set expiration date (from minutes or days up to several years) or until deleted by the user via the browser settings.

1.5 What are third-party cookies?

Certain content sections on the site may be provided by third parties, i.e., not by Mirtrans-Express, in which case these are called third-party cookies. Third-party cookie providers must also comply with data protection rules and the Privacy Policy available on this site. These cookies may come from the following third parties: Google Analytics, Facebook.

1.6 What cookies are used on this website

When using/visiting the site, the following cookies may be placed:

• performance cookies: remember user preferences so that settings do not need to be reconfigured on subsequent visits;
• user analytics cookies: indicate whether a specific user has visited/used the site before; used for statistical purposes only;
• geotargeting cookies: used by software that determines the user’s country. The same ads will be received regardless of the selected language;
• registration cookies: when you register on the site, cookies are generated to remember this step. Servers use these cookies to show the account with which you are logged in and to associate any posted comment with your account’s username. If “keep me logged in” is not selected, these cookies are deleted automatically when the session ends;
• advertising cookies: allow detection of whether a user has viewed an online ad, its type, and the time since it was shown. Such cookies are used for targeting online advertising. They are anonymous, storing information about content viewed, not about users.

1.7 What information is stored and accessed by cookies?

Cookies store information in a small text file that allows the browser to be recognized. This website recognizes the browser until cookies expire or are deleted.

1.8 Customizing browser settings regarding cookies

If the use of cookies is not inconvenient and the computer/device used to browse this website is used only by you, long expiration terms may be set for storing browsing history. If the device is used by multiple people, consider setting it to delete individual browsing data each time the browser is closed.

1.9 How can cookies be disabled?

Disabling and refusing cookies may make this website difficult to visit and can lead to limitations of its usability. Users can configure their browser to reject cookies or to accept cookies from a specific website. All modern browsers allow changing cookie settings, usually found in the “options” or “preferences” menu. However, refusing or disabling cookies does not mean you will no longer receive online advertising — it only means it will not be tailored to your preferences and interests inferred from browsing behavior.

To understand these settings, the following may help:

• Cookie settings in Internet Explorer
• Cookie settings in Mozilla Firefox
• Cookie settings in Google Chrome
• Cookie settings in Safari

For any further questions about how cookies are used on this website, please contact: office@mirtrans-express.com.

2. Necessary cookies

Cookies necessary for navigating this site should remain enabled at all times in order to save your preferences for cookie settings.

3. Third-party cookies

This site uses Google Analytics to collect anonymous information such as the number of website visitors and the most popular pages.

Enabling cookies helps us improve your experience on our site.

Keeping this cookie enabled helps us improve our website.

4. Privacy Policy

Mirtrans-Express is committed to protecting your privacy. If you have questions or concerns about the use of your personal data, write to us at office@mirtrans-express.com and we will gladly help. By using this website and/or our services, you agree to the processing of your personal data as described in this Privacy Policy.

Contents

• Definitions used
• Data protection principles
• What rights do you have regarding your personal data?
• What personal data do we collect?
• How do we use your personal data?
• Who else has access to your personal data?
• How can we secure your data?
• Information about cookies
• Contact information

4.1 Definitions

Personal data — any information relating to an identified or identifiable natural person.

Processing — any operation or set of operations performed on personal data or on sets of personal data.

Data subject — the natural person whose personal data are processed.

Child — a natural person under 18 years of age.

4.2 Data protection principles

• Processing is lawful, fair, and transparent. Our processing activities have legal grounds. We always consider your rights before processing and provide information upon request.
• Purpose limitation. Our processing activities match the purpose for which personal data were collected.
• Data minimization. We collect and process only the minimum amount of personal data necessary for any purpose.
• Limited storage period (up to 10 years). We will not store personal data longer than necessary.
• Accuracy. We do our best to ensure data accuracy.
• Integrity and confidentiality. We do our best to ensure data security and confidentiality.

4.3 Rights of data subjects

The data subject has the following rights:

• Right to be informed — to know whether your personal data are processed; what data are collected, from where, why, and by whom.
• Right of access — to access data collected about you, including obtaining a copy of your personal data.
• Right to rectification/updates — to request correction or deletion of inaccurate or incomplete personal data.
• Right to erasure — in certain circumstances, to request deletion of your personal data.
• Right to restrict processing — where certain conditions apply.
• Right to object to processing — in certain cases, e.g., direct marketing.
• Right to object to automated processing — including profiling, and the right not to be subject to a decision based solely on automated processing.
• Right to data portability — to obtain your personal data in a suitable format or, if possible, as a direct transfer to another controller.
• Right to lodge a complaint — if we refuse your request under access rights, we will provide reasons; if you are not satisfied, please contact us.
• Right to assistance from the supervisory authority — to seek help and other remedies.
• Right to withdraw consent — to withdraw any consent given for processing your personal data.

4.4 What personal data do we collect?

Contact forms on all site pages: name, e-mail, phone.

4.5 How do we use your personal data?

We use your personal data to:

• identify customer needs and provide personalized solutions;
• compile internal reports and statistics of the association.

Based on completion of a membership/adhesion form, we process your personal data for the following purposes:

• to identify you;
• to provide a service or send you a product offer;
• to communicate with you;
• for the association’s internal reports and statistics.

With your consent we process your personal data for:

• sending newsletters and/or offers in different marketing campaigns;
• other purposes for which we requested your consent.

We process personal data to fulfill legal obligations and/or to use options provided by law. We store information about you as long as necessary for accounting or other legal obligations, but not longer than 5 years.

We process personal data until:

• members/clients fall outside the scope of the adhesion form; or
• we jointly decide that we no longer have a valuable collaboration.

We will inform you about any subsequent processing and its purposes.

4.6 Who else has access to personal data?

Your data are stored at the association’s office, on an association computer in Excel format, with no internet access. Internet access to these data is restricted and secured by firewalls. Access to personal data is possible only physically, at the computer. We will not disclose your personal data to third parties or public institutions unless legally required to do so. We may disclose your personal data to third parties if you have given consent or if other legal grounds exist.

4.7 How can we secure your data?

We do our best to keep your personal data safe. We use secure protocols for communication and data transfer (such as HTTPS). We use anonymization and pseudonymization where appropriate and monitor our systems for possible vulnerabilities and attacks. While we strive to protect information, we cannot guarantee absolute security. However, we commit to notifying the competent authorities of data protection breaches and will inform you if there is a threat to your rights or interests. We will take all reasonably possible measures to prevent security breaches and assist authorities in case of incidents.

4.8 Cookies and other technologies we use

We use cookies and/or similar technologies to analyze user behavior on the site, administer the site, and collect information about users — to personalize and improve your experience with us. A cookie is a text file stored on your computer. Cookies store information that is used to help websites work better. Only we can access the cookies created by our site. You can control cookies at the browser level. Choosing to disable cookies may prevent the use of certain features.

We use cookies for the following purposes:

• necessary cookies — required to use important functions on our site (e.g., login). These cookies do not collect personal information;
• functionality cookies — provide features that make our service more convenient and enable more personalized options (e.g., remembering name and email in forms);
• analytics cookies — used to track the usage and performance of the website and our services.

You can remove cookies stored on your computer via your browser settings, or manage certain third-party cookies using privacy enhancement platforms such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.

We use Google Analytics to measure traffic on our website. Google has its own Privacy Policy. If you wish to opt out of tracking by Google Analytics, use the Google Analytics opt-out tool.

Policy regarding minors

We do not intend to knowingly collect information from minors. We do not target minors as potential beneficiaries of our services.

5. MirtransExpress Driver App — Location Data

The MirtransExpress Driver app is intended exclusively for Mirtrans Express drivers and enables real-time tracking of bus routes so that passengers can see the bus’s current position and the estimated arrival time on the official website www.mirtrans-express.com.

5.1 What data are collected

The app collects only the GPS coordinates of the driver’s device (latitude, longitude, and timestamp). No other personal information is collected or transmitted, such as name, phone number, device identifiers, contacts, or other phone data.

5.2 When data are collected

Location is enabled only during active routes, after the driver signs in. The app may send position updates while running in the background to maintain accuracy. After the route ends or the driver logs out, location tracking stops automatically.

5.3 Purpose of data use

Location data are used solely to display the bus position on the passenger map, allowing passengers to view their route in real time based on the booking code.

5.4 Security and privacy

Data are transmitted securely over an encrypted connection (HTTPS) directly to Mirtrans Express servers. They are not shared, sold, or used for advertising and are accessible only to authorized personnel. Data are stored temporarily, strictly for the time necessary for the tracking system to function, then deleted or anonymized.

6. Contact information

Supervisory Authority
Website: http://www.dataprotection.ro/
Email: anspdcp@dataprotection.ro
Phone: +40 21 252 5599