TRANS KONTROL

STATISTICS, EVENTS, PERSONAL DATA INCIDENTS

At this point, we would like to familiarize you with the events that have taken place recently. We obtained these events from our Appeals and Complaints Department and from the Inspector for Personal Data Protection. We present here incidents related to the protection of personal data and a number of content of persons fined with an additional fee and other passengers, as well as information and findings on the presented case obtained during the investigation.

In this way, we would like to introduce you to the work of the auditors and our employees dealing with complaints about them. Based on these cases, it is not difficult to form an opinion about the legitimacy of many complaints about the work of the inspectors. As you will see for yourself, the work of ticket controllers is not the easiest one, and it is not well perceived by the majority of the society. It is a big social problem, because the great tolerance of the local community towards "free riders" means that such people do not feel any pressure from this side. Unfortunately, such a situation leads to the belief that the use of public means of municipal or communal transport without payment for the service is becoming the norm. However, we are convinced that this situation will improve, thanks, among other things, to activities such as ours.

STATISTICS

Below we present our statistics. Our Complaints Department presents the results of the Department's work for you each year.

Complaint Statistics for 2018

Month Total number of complaints Unjustified complaints Well-founded complaints
January 2 1 1
February 1 1 0
March 2 0 2
April 3 0 3
May 2 0 2
June 3 2 1
July 2 0 2
August 1 1 0
September 3 3 0
October 6 6 0
November 7 4 3
December 1 1 0
Sum 33 19 14

Complaint statistics for 2019

Month Total number of complaints Unjustified complaints Well-founded complaints
January 5 4 1
February 3 1 2
March 3 3 0
April 1 1 0
May 6 6 0
June 4 3 1
July 7 6 1
August 3 3 0
September 1 1 0
October 0 0 0
November 2 2 0
December 2 1 1
Sum 37 31 6

CURRENT INCIDENTS RELATED TO THE PROTECTION OF PERSONAL DATA

INCIDENT NO. 1 date of event 12/03/2018; loss of completed ODK forms

We would like to inform you that due to the loss of the forms of additional credit fees by our ticket inspector on 03/12/2018, personal data of two passengers was lost. We would like to sincerely apologize for the situation that has arisen and we undertake to help in the event of negative consequences for this reason. If the matter may concern you, please contact our Data Protection Officer - Katarzyna Wawrzyniak, e-mail: k.wawrzyniak@transkontrol.pl, tel. 61 65 62 115. The possible consequences of this incident are the theft of your identity by a third party. Our company conducts a continuous process of increasing the level of personal data security. Thanks to this, the incident was quickly detected and the threats were recognized, thanks to which the consequences of this event were certainly limited. Based on the incident, we have modified our training on the safe transfer of fines on the job.

INCIDENT NO. 2 event date 02/05/2019; loss of the completed ODK form (additional credit fee)

We would like to inform you that due to the loss of the additional credit fee form by our ticket inspector on 05/02/2019, personal data of one passenger was lost. This loss occurred before the personal data reached our office, so they were not registered in our database and thus cannot be identified. This makes it difficult to recognize exactly what data was lost and to whom. We would like to sincerely apologize for the situation that has arisen and we undertake to help in the event of negative consequences for this reason. Due to the nature of the employment of our inspector, in particular, he will be obliged to bear any costs related to this event. The controller is aware of these consequences and our company will provide all possible support in terms of limiting any possible damages in this respect. If the matter may concern you, please contact our Data Protection Officer - Katarzyna Wawrzyniak, e-mail: k.wawrzyniak@transkontrol.pl, tel. 61 65 62 115. The possible consequences of this incident are the theft of your identity by a third party. Our company conducts a continuous process of increasing the level of personal data security. Thanks to this, the incident was quickly detected and the threats were recognized, thanks to which the consequences of this event were certainly limited.

At the same time, we ask the person or persons who came into possession of the above-mentioned print for their immediate return to the Trans Kontrol office, os. St. Batorego 101, 60-687 Poznań, in person or by letter, or please contact our Personal Data Protection Inspector by phone (tel. As above). We also remind you that any attempt to use this personal data unlawfully may result in criminal liability.

Comments to the above incidents.

Possible consequences of the violation may be the unauthorized use of personal data, e.g. in order to

  1. obtaining by third parties, to the detriment of the person whose data has been breached, loans from non-banking institutions because many such institutions allow you to obtain a loan or credit in an easy and quick way, e.g. via the Internet or by phone without the need to show an identity document
  2. gaining access to the health care services due to the person whose data has been violated and to his or her health data, because often access to patient registration systems can be obtained by phone confirming your identity with the PESEL number
  3. exercising the citizens 'rights of the data subject, e.g. to vote on the means of the citizens' budget. This would prevent the right person from exercising his right
  4. extortion of insurance or insurance funds, which may have negative consequences for the data subject, in the form of problems related to the attempt to assign him responsibility for such fraud
  5. concluding a contract for the provision of services, i.e. cable TV, telephone, Internet, and then ceasing to pay bills and causing negative consequences in the form of indebtedness for the data subject

Recommendations on how to minimize the possible negative effects of the breach

In order to minimize the above-mentioned consequences, you can take the following remedial measures:

  1. the ability to set up an account in the credit and economic information system to monitor your credit activity
  2. exercise caution when providing personal data to other people, especially over the Internet or telephone
  3. reporting the data breach to the competent authorities in order to prevent the so-called "identity theft"
The above cases concern the loss of personal data at the stage of their acquisition by the ticket controller. These data never reached the Trans Kontrol office and were not processed by us. The scope of lost data described in the above-mentioned Incidents is only approximate, because the information comes from the controller, on the basis of a memory report prepared by him. Finally, it may turn out that the scope of lost data was smaller than reported by the DPO. In the notification, the DPO quoted the largest possible range of data that could have been breached. Currently, appropriate procedures have been implemented to identify data subjects. To this end, an action plan was developed and implemented, which consisted, inter alia, of the continuous and regular monitoring of ancillary charges and money transfers related to ancillary charges in a database. In the event of disclosure of persons affected by the violation, appropriate remedial steps will be taken (as above, but personalized).

Information on the Data Inspector (DI)

DI accepts calls by phone at the above number during the office hours of Trans Kontrol, i.e. 12pm - 4pm on business days. In the remaining time, you should contact the DI only by e-mail.