At this point, we would like to familiarize you with the events that have taken place recently. We obtained these events from our Appeals and Complaints Department and from the Inspector for Personal Data Protection. We present here incidents related to the protection of personal data and a number of content of persons fined with an additional fee and other passengers, as well as information and findings on the presented case obtained during the investigation.

In this way, we would like to introduce you to the work of the auditors and our employees dealing with complaints about them. Based on these cases, it is not difficult to form an opinion about the legitimacy of many complaints about the work of the inspectors. As you will see for yourself, the work of ticket controllers is not the easiest one, and it is not well perceived by the majority of the society. It is a big social problem, because the great tolerance of the local community towards "free riders" means that such people do not feel any pressure from this side. Unfortunately, such a situation leads to the belief that the use of public means of municipal or communal transport without payment for the service is becoming the norm. However, we are convinced that this situation will improve, thanks, among other things, to activities such as ours.


Below we present our statistics. Our Complaints Department presents the results of the Department's work for you each year.

Complaint Statistics for 2018

Month Total number of complaints Unjustified complaints Well-founded complaints
January 2 1 1
February 1 1 0
March 2 0 2
April 3 0 3
May 2 0 2
June 3 2 1
July 2 0 2
August 1 1 0
September 3 3 0
October 6 6 0
November 7 4 3
December 1 1 0
Sum 33 19 14

Complaint statistics for 2019

Month Total number of complaints Unjustified complaints Well-founded complaints
January 5 4 1
February 3 1 2
March 3 3 0
April 1 1 0
May 6 6 0
June 4 3 1
July 7 6 1
August 3 3 0
September 1 1 0
October 0 0 0
November 2 2 0
December 2 1 1
Sum 37 31 6


Comments to the above incidents.

Possible consequences of the violation may be the unauthorized use of personal data, e.g. in order to

  1. obtaining by third parties, to the detriment of the person whose data has been breached, loans from non-banking institutions because many such institutions allow you to obtain a loan or credit in an easy and quick way, e.g. via the Internet or by phone without the need to show an identity document
  2. gaining access to the health care services due to the person whose data has been violated and to his or her health data, because often access to patient registration systems can be obtained by phone confirming your identity with the PESEL number
  3. exercising the citizens 'rights of the data subject, e.g. to vote on the means of the citizens' budget. This would prevent the right person from exercising his right
  4. extortion of insurance or insurance funds, which may have negative consequences for the data subject, in the form of problems related to the attempt to assign him responsibility for such fraud
  5. concluding a contract for the provision of services, i.e. cable TV, telephone, Internet, and then ceasing to pay bills and causing negative consequences in the form of indebtedness for the data subject

Recommendations on how to minimize the possible negative effects of the breach

In order to minimize the above-mentioned consequences, you can take the following remedial measures:

  1. the ability to set up an account in the credit and economic information system to monitor your credit activity
  2. exercise caution when providing personal data to other people, especially over the Internet or telephone
  3. reporting the data breach to the competent authorities in order to prevent the so-called "identity theft"
The above cases concern the loss of personal data at the stage of their acquisition by the ticket controller. These data never reached the Trans Kontrol office and were not processed by us. The scope of lost data described in the above-mentioned Incidents is only approximate, because the information comes from the controller, on the basis of a memory report prepared by him. Finally, it may turn out that the scope of lost data was smaller than reported by the DPO. In the notification, the DPO quoted the largest possible range of data that could have been breached. Currently, appropriate procedures have been implemented to identify data subjects. To this end, an action plan was developed and implemented, which consisted, inter alia, of the continuous and regular monitoring of ancillary charges and money transfers related to ancillary charges in a database. In the event of disclosure of persons affected by the violation, appropriate remedial steps will be taken (as above, but personalized).

Information on the Data Inspector (DI)

DI accepts calls by phone at the above number during the office hours of Trans Kontrol, i.e. 12pm - 4pm on business days. In the remaining time, you should contact the DI only by e-mail.