Privacy Policy

Privacy Policy

This Privacy Policy sets out rules for storing and access to information on the User's devices with Cookie files used for execution of services rendered by electronic means required by the User.

PKP Polskie Linie Kolejowe cares and respects the right to privacy of the Users of the website. Paying special attention to the protection of their personal data and the application of appropriate organizational and technical measures ensuring the privacy of Users and blocking the interference of third parties with the privacy of users. Through our actions, we fulfill the obligations arising from the law:

1. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Journal of Laws UE L 119 of 2016, pp. 1-88).

2. The Act of 18 July, 2002 on Providing Services by Electronic Means.

3. The Act of 16 July 2004. Telecommunications Law.

I. Definitions

1. Administrator - means the owner of the website, which is PKP PKP Polskie Linie Kolejowe S.A. with the registered seat in 74 Targowa Street, Warsaw 03-734, entered into the register of entrepreneurs of the National Court Register kept for the District Court for the Capital City of Warsaw 14th Commercial Division of the National Court Register, KRS 0000037568, NIP: 113-23-16-427, Regon: 017319027, which provides services by electronic means and stores and obtains access to information on the User's devices.

2. Cookies - means computer data, in particular small text files, recorded and stored on devices by means of which the User uses the Website pages.

3. Administrator Cookies - means Cookies placed by the Administrator related to provision of services by electronic means by the Administrator through the Website.

4. External Cookies - means Cookies installed by the Administrator's partners through the Website page.

5. Service - means an Internet web page or application where the Administrator runs its website operating under the following domains 

6. Device - means an electronic device by means of which the User obtains access to the Website.

7. User - means an entity for whom under the Regulations and applicable laws service may be rendered by electronic means or the Agreement for Rendering Services by Electronic Means may be concluded.

II. Type of Cookies used

1. The Cookies used by the Administrator are safe to the User's Device. In particular, it is not possible that viruses or other unwanted or malicious software enter Users' Devices through this channel. These files allow to identify the software used by the User and adjust the Website individually to each User. Cookies usually contain the name of a domain they originate from, time of their storage on the Device and a value assigned to them.

2. The Administrator uses the below types of Cookie files:

a. Session Cookies: Cookies stored on the User's Device until the session of a given search engine has been terminated. The recorded information are then permanently removed from the memory of the Device. The mechanism of session cookies does not allow for collection neither of any personal data nor confidential information from the User's Device.

b. Permanent Cookies: they are stored on the User's Device and stay there until they have been deleted. Termination a given search engine session or switching off the Device does not delete them from the User's Device. The mechanism of permanent cookies does not allow for collection neither of any personal data nor confidential information from the User's Device.

c. Own Cookies: - posted by the Website;

d. External Cookies: - from websites other than the Website

3. The mechanisms of the above cookies do not allow the collection of any personal data or any confidential information from the User's Device.

4. The User can limit or disable the access of cookie files to his/her Device. When this option is used it will be possible to use the website, apart from functions which due to their nature require cookie files.

III. The purposes for which Cookies are used

1. The Administrator uses its Own Cookies for the following purposes:

a) Optimizing the use of the Website pages, in particular these files allow to recognize the basic parameters of the User's Device and properly display the website, tailored to his individual preferences.

b) Implementation of processes necessary for the full functionality of the Website.

c) Ensuring the safety and reliability of the website.

2. The service administrator does not use external cookies.

IV. Possibilities for determining the conditions of storage and obtaining access through Cookies

1. The User may independently and at each time change the settings related to Cookie files while specifying the conditions of their storage and obtaining access through Cookie files to the User's Device. The User can change settings, which are referred to in the preceding sentence, by the Internet search engine settings or by the service configuration. The instructions on how to change cookie settings in the most popular web browsers can be found below:

Internet Explorer
Microsoft Edge
Mozilla Firefox
Google Chrome

2. These settings can be changed in particular in such a way as to block the automatic handling of cookies in the web browser settings or to inform about each posting of Cookies on the User's device. Detailed information on the possibilities and methods of handling cookies is available in the software (web browser) settings.

3.  The User may remove Cookie files at any time by using functions available in the Internet search engine he/she uses.

4. Limitation of the use of Cookie files may influence some of the functions available on the Website page.

V. Personal data protection

1. Data Administrator

The Data Administrator is PKP Polskie Linie Kolejowe Spółka Akcyjna, hereinafter referred to as the Company, with its registered office at: 74 Targowa Street, Warsaw 03-734.

2. Data Protection Inspector

The administrator has appointed a Data Protection Officer. The e-mail address: is made available to persons whose personal data is processed by the Company.

3. Processing of personal data

Through this website, personal data is processed on the basis of the consent expressed directly by the User. The scope of personal data processed depends on the forms available on this website. The data collected through the Website regarding the Use may be used to determine the adaptation of the Website to the user's needs and to respond to inquiries submitted by the User via forms. During the visit to the website, information about the User's visit is also automatically collected, e.g. the public IP address of the User's end device from which the query was sent, the name of the User's station, identified using the http protocol, if possible, the domain name, information about the browser User, operating system type, time of arrival of the query, the first line of the http request, the http response code, the number of data sent by the server, the URL of the page previously used by the user (the so-called referrer link) - if the Website was accessed by clicking on an external link.

4. Rights of data subjects

The company ensures the implementation of the rights under the GDPR, in particular the right to request access to the content of your data, rectification, deletion or limitation of processing and the right to object to the processing, as well as the right to transfer data. In addition, Users have the right to withdraw their consent at any time, but the withdrawal of consent does not have retroactive effect, i.e. it does not affect the lawfulness of the processing of personal data that the Company will perform before the consent is withdrawn, and the right to submit a complaint to the supervisory authority, i.e. The President of the Personal Data Protection Office. Users provide their personal data on the portal voluntarily.

5. Protection of personal data

The Data Administrator declares that he applies technical and organizational measures to ensure the protection of personal data processing appropriate to the threats and categories of data, and in particular, protects Users' personal data against loss, misuse, unlawful processing or modification. Access to personal data is granted only to persons authorized to process them and obliged to keep such data confidential.


VI. Links to other sites

The website contains links to other websites. We are not responsible for the privacy practices of these websites. After switching to these websites, read the privacy policy or cookies policy of a given website.