Panther Cars § 1. General Provisions This Privacy Policy defines the principles of processing and protecting personal data provided by Users in connection with the use of transport services provided by the company Panther Cars (hereinafter referred to as the "Administrator"). We respect the privacy of our Clients and make every effort to ensure the security of their personal data, in accordance with applicable laws, in particular with the Regulation of the European Parliament and of the Council (EU) 2016/679 (GDPR). § 2. Personal Data Controller The administrator of your personal data is the company: Panther Cars with its registered office at: [CITY, STREET AND HOUSE NO.] NIP (Tax ID): — E-mail address for data protection contact: kontakt@panthercars.pl § 3. What data do we process and for what purpose? We process personal data solely to the extent necessary to provide services. This data is collected via telephone contact, e-mail, forms on the website, and messengers (WhatsApp, Messenger, Instagram). Execution of the transport service (Art. 6(1)(b) GDPR): Data scope: First and last name, phone number, e-mail address, pick-up and destination address, flight numbers (for delay monitoring purposes). Purpose: Enabling booking, contact with the driver, execution of the ride. Settlements and accounting (Art. 6(1)(c) GDPR): Data scope: Company data (Tax ID, name, address) or personal data of a natural person necessary to issue an invoice. Purpose: Issuing a VAT invoice, fulfilling tax obligations. Contact and handling inquiries (Art. 6(1)(f) GDPR): Data scope: Phone number, correspondence history. Purpose: Responding to inquiries, agreeing on technical details. § 4. Data Recipients Your data may be transferred solely to entities cooperating with the Administrator, necessary for the provision of the service, i.e.: Accounting office (for tax settlement purposes). IT system providers (website hosting, mail server). Payment operators (in case of online/card payments). Cooperating drivers (solely to the extent necessary to execute a specific order – name, phone, route). We do not sell or share your data with third parties for marketing purposes. § 5. Data retention period Data related to the contract execution and invoicing are stored for a period of 5 years, counting from the end of the calendar year in which the tax payment deadline expired (in accordance with tax ordinance regulations). Contact data (inquiries that did not result in a service execution) are deleted after 6 months. § 6. User Rights In accordance with GDPR, you have the right to: Access your data and receive a copy of it. Rectify (correct) your data. Delete data ("right to be forgotten") – provided that this does not conflict with a legal obligation (e.g., the necessity to keep invoices). Limit data processing. Lodge a complaint to the President of the Personal Data Protection Office (PUODO) if you believe that the processing violates GDPR regulations. § 7. Cookies The Administrator's website uses cookies, which are saved on the User's end device. We use cookies for the following purposes: Technical (necessary for the proper display of the website). Analytical (e.g., Google Analytics) – to create anonymous statistics that help us improve the functionality of the website. The User may change browser settings at any time to block the handling of cookies, however, this may affect the proper functioning of some website features. § 8. External Messengers By contacting us via external messengers (WhatsApp, Messenger, Telegram), the User also accepts the privacy policies of these service providers (respectively: Meta Platforms Inc., Telegram FZ-LLC). We recommend not sending sensitive data (e.g., full credit card numbers) via messengers. § 9. Changes to the Privacy Policy The Administrator reserves the right to introduce changes to the Privacy Policy, which may result from the development of internet technology or changes in the law. The current content of the Policy is always available on our website.