Privacy Policy

Last update: November 8th, 2021

At Trafi, we take the protection of your personal data very seriously. The goal of this privacy policy is to help you understand what personal data we collect from you, why it is collected, who we share it with, and how you can exercise your rights when you trust us to handle your data for you. We ask that you  read this privacy policy carefully and familiarize yourself with its content.

How and why do we use your personal data?

You may visit our trafi.com website or access some of our services without revealing any information. However, if you wish to use some of our features (e.g. to receive our newsletter or provide other details by filling a form) then you may provide personal data to us. The personal data we collect therefore depends on the services you are using. See the services we have below: 

1. Subscribing to our Newsletter 

2. Channels of Communication

3. Trafi Ads

4. Trafi Analytics 

5. Cookies on our Website  


1. Subscribing to our Newsletter 

You may voluntarily subscribe at any time to our newsletter (“Sign up for our newsletter”) on our trafi.com website to stay ahead of the curve on the latest in Mobility-as-a-Service and Trafi. By providing your email address you will receive our newsletters with news, blogs, white papers, information about webinars, podcasts and/or other relevant material. We will only send you the newsletter based on your consent and you may choose, at any time, to stop receiving our newsletter by following the unsubscribe instructions included in the email.


2. Channels of Communication

2.1 Contacting us

If you’d like to schedule a demo, learn more about Trafi, or ask us a question, you may contact us directly and/or fill out a ‘Contact Form’ (e.g. “Contact us”) on the trafi.com website and provide us with your personal data: name, surname, work email address, phone (optional), other information on your request. You may also send us an email with your email address and other personal contact information included. We will process this personal data only to assist you with your request.

2.2 Whistleblowing Channel

If you are aware of any suspected or actual illegal, unethical or inappropriate events relating to Trafi, you may report them on the trafi.com website via our whistleblowing channel. You are welcome to submit a report in any form of your choice; including by email to legal@trafi.com or by post to the ‘Trafi Legal Department’ at any of our offices. We ask you to provide us with all the relevant details to help us to investigate the reported inappropriate behaviour. We ask that you provide the following information, but solely at your discretion: 

  • Details about you: (first name, last name, personal identification number/date of birth, workplace, position, relation with Trafi, telephone number or other contact information). You are not obligated to share these details with us. However, if you do, then we guarantee your confidentiality. 
  • Details about the person or persons who committed the breach: (first name, last name, workplace, position). Are there other persons who were, or could have been, involved in the breach? If so, please indicate who they are.
  • Details of the witness or witnesses to the breach: Are there other witnesses to the violation? If so, provide their contact details.
  • Information on the breach. What breach are you reporting? What kind of breach is this? Place and time of the breach. When did you learn about it or notice it? Have you already reported this breach to anyone? If so, who did you notify, and did you receive a reply? If you have received an answer, please outline its content.
  • Any additional remarks and comments you have in relation to the  breach: If there are documents to support the investigation of the breach, please also include these with your report.

We will keep your provided personal data no longer as we consider necessary for the purposes why your data were collected and to comply with our legal obligations and contractual obligations, resolve disputes and investigate reported breach or inappropriate behaviour.

2.3 Filling in LinkedIn Forms

We use LinkedIn Lead Gen Forms as part of our marketing activity. If you choose to, you can provide your information to Trafi by submitting one of these forms on LinkedIn with your pre-filled personal data: first name, last name, email address, job title, job function and company name. 

You might choose to provide this information in order to register for one of our events, to access specific content of your interest, or to sign up to receive direct marketing communications from us.

Please note that ‘direct marketing’ includes sending you content deemed relevant to you based on your professional profile or your interactions with Trafi content (e.g. downloading white papers, attending webinars, interest in our newsletter, etc.) Examples of the type of content we might send via direct marketing include arranging a demo, registering for a webinar, sharing industry reports, or an invite to participate in surveys. You may choose to stop receiving our marketing emails at any time by following the unsubscribe instruction.

This data will only be transferred from your LinkedIn profile to us with your specific consent to do so. You can revoke your consent at any time by unsubscribing from our marketing and/or send an email to privacy@trafi.com

Please note that LinkedIn is an external third party that may process your personal data for many other purposes. Please consult LinkedIn’s privacy policy to get that information. If you have any questions or concerns don’t hesitate to contact us at privacy@trafi.com

2.4 Other Channels

We might have communications through other channels or you might also enter into contact with us directly; for instance, by sending an email to any of our employees, to our generic emails (e.g. privacy@trafi.com) and/or by other platforms. In these situations we will use the data only if based on your consent, if we have a contract with you or if we have a legitimate business interest to do so. We may also use the data as required or permitted by law to comply with our legal obligations. 


3. Trafi Ads

3.1 Trafi Ads on LinkedIn 

Trafi also uses another LinkedIn service: the Linkedin Ad Campaigns. As such, Trafi requests LinkedIn to match our campaigns with target audience profiles (e.g. based on a relevant country, industry and/or based on similar profiles of our interested users in the Lead Gen Forms). Note that when requesting LinkedIn to send ads to similar profiles of our interested users in the Lead Gen Forms, Trafi does it solely with a legitimate and business interest to improve our visibility and optimize our campaigns on the social media LinkedIn. 

To ensure data minimization, Trafi only sees the data reports from the ad campaign on an aggregate level so we can assess the performance and effectiveness of our advertisements and campaigns without having access to any data that identifies each individual. We will see the data of our target’s audience aggregated like their locations or impressions. 

Note that to receive these aggregated reports, LinkedIn may track you and send you target advertisements. Please check out LinkedIn’s privacy policy to get further information and LinkedIn Ad preferences to manage your ad preferences. If you don’t wish to receive ads, please manage your preferences on LinkedIn accordingly. Again, if you have any questions or concerns don’t hesitate to contact us at privacy@trafi.com to help you. 

3.2 Trafi Ads on Google

Similarly, we also use Google Ads (including AdWords) to display adverts for Trafi within Google Search results. For example, if you search on Google for “MAAS providers”, “transport and mobility” or “city mobility” you may see an ad from us on your Google Search as we have bid to appear at the top of your search results. With this technology, we aim to reach out to our target audience and interested parties to promote our business to them. 

To set up the campaign, we only provide general information to Google, such as the search engine keywords that will trigger the ad (e.g. “MAAS providers”); or the locations from where the target audience should be (e.g. Germany, United Kingdom, etc.). 

The campaign statistics we receive from Google are aggregated and we can’t identify individuals from the data – for example, the number of people that clicked on our website link (e.g. 725k). But be aware that Google might need to process personal data from you, e.g. IP address or location, to send you the ads; amongst other purposes. 

Please consult Google Privacy & Terms. You can also adjust your privacy settings to block these ads on Google Ad settings. Any questions feel free to reach out to us: privacy@trafi.com


4. Trafi Analytics in our Marketing Strategies 

Additionally, for analytics on our marketing strategies and communication activities we might use some of your aggregated data. Reports could include stats such as “20% of the attendees in a Trafi conference are from Germany”, “Client interest is coming from the Tech industry”, or “In 2021/Q3 we’ve increased our newsletter subscriptions by 35%”

We will not report, in any way, either internally or externally, data that could identify any person. Our analytics aim to measure and accomplish our company’s legitimate interests in increasing our market presence and supporting our commercial objectives. 


5. Cookies on our Website 

A cookie is a text file that is placed on your device by a web page server. Cookies are uniquely assigned to you and therefore they might include personal data.

The trafi.com website uses cookies and similar technologies to enable the website to work properly, to improve and measure the performance of the website, to send marketing information and/or to build profiles and show ads. 

You must have control over your data so you can give consent or withdraw your consent for each cookie category (except for the strictly necessary cookies) at any time by selecting your preferences in “Cookie Preferences” at the bottom of our website.

More information on cookies is available in a separate Cookie Policy


Who do we share your data with? 

We are committed to keeping your data confidential and will not disclose it to third parties, unless this is required and/or allowed by law and will ensure that proper security measures apply. We share your data with Trafi Group companies, i.e. affiliates (an entity that is directly or indirectly controlled by Trafi). Also we have integrated services from third parties. Under agreements with these service providers, we contractually define that our contracted service providers must use personal data solely for the agreed purposes and not to disclose your personal data to other parties, unless this is required and/or allowed by law. 

Our processors are the following service providers:

Entity Purpose and Data Location
Mailchimp Mailchimp is an online marketing platform operated by The Rocket Science Group LLC that we use to send you newsletters. Mailchimp stores data in the USA and in other locations worldwide. and therefore, Mailchimp has incorporated the EU’s Standard Contractual Clauses as part of their Standard Terms of Use and applies to customer data protected by EU laws. 
Pipedrive Pipedrive is a customer relationship management (CRM) tool, it helps us to get in touch with you,  manage  your requests, organize demos and support us in dealing with your provided requests by contacting us. Pipedrive hosts the data in a datacenter in an EU location, in Germany. 
LinkedIn Ads and Gen FromLinkedIn Ads and Lead Gen Form Services are owned by LinkedIn which is a professional network with users and companies profiles that we use to get in contact with you and to send out our ads and campaigns. To protect your data, LinkedIn relies on the EU’s Standard Contractual Clauses as a legal mechanism for data transfers outside the EU.
Google Search Console Google Search Console is a web service of Google which allows Trafi to optimize visibility of our websites and campaigns. Google also uses EU Standard Contractual Clauses to transfer your data outside the EU borders. 
G-Suite G-suite is provided by Google and it is used by Trafi to process and store personal data such as an email platform to receive and send emails from data subjects and data storage platform. Google hosts the data in a datacenter in an EU location, in Ireland. 

How long will we store your data for?

We will keep your data for as long as necessary and/or for as long as you give us consent to do so. If you withdraw your consent, we will not send you any further communications and delete your personal data, unless we have a legitimate interest to keep it or if we need the data to comply with any of our legal or contractual obligations. We may use anonymous data derived from or incorporating your personal data after we delete it, but no longer in a manner that could identify you personally. 

What rights do you have in relation to your data?

We understand that you may at times need further information from us regarding your personal data and how it is processed or that you may wish to update or correct the personal data you have provided us with. In light hereof, you have the following rights within the limits of the applicable data protection laws and appropriateness : 

  • Right to access your personal data: you have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and information.
  • Right to data portability: you have the right to  request that we provide you with your personal data in a machine-readable format as well as the right to request its transmission to another data controller.
  • Right to rectification of personal data: if you find that personal data which we process about you is inaccurate, you have the right to have us correct such personal data. 
  • Right to erasure of personal data (right to be forgotten): under certain circumstances, such as if your personal data has been unlawfully processed or you have withdrawn your consent (if the processing of your personal data is based on consent), you have the right to request and obtain erasure of your personal data from us. 
  • Right to restriction of processing: under certain circumstances, such as if you question the accuracy of your personal data or you have objected to our legitimate purpose to process your personal data, you have the right to request that we restrict the processing of your personal data until a solution has been found.
  • Right to object to processing: under certain circumstances, such as if you question the legitimate interest to process your personal data, you have the right to object, on grounds relating to your particular situation, to such processing. Moreover, with regard to our optional activities, for instance our personalized information, you have the right to object at any time and free of charge. 
  • Right to lodge a complaint with a supervisory authority: you have the right to lodge a complaint regarding our processing of your personal data with your supervisory authority. However, we always seek to resolve any  dispute relating to us and our activities by negotiations, therefore please contact us by email to  privacy@trafi.com.

If our processing of your personal data is based on your consent, you have the right to withdraw such consent at any time (this will however not affect the processing based on your consent before its withdrawal) by contacting us or unsubscribing (where applicable).

To exercise your rights, you may contact us at privacy@trafi.com

How can you contact Trafi?

Trafi GmbH, registration number HRB 106876 B (Amtsgericht Charlottenburg), address of registered office Chausseestrasse 6, 10115 Berlin, Germany, is the data controllers in respect of your personal data being used and processed for the purposes described in this Policy. Please feel free to contact us by email at privacy@trafi.com.

Changes to this privacy policy

Our Privacy Policy may change from time to time at our discretion. Therefore, you should make sure to review the latest version of this policy on a regular basis. Any updated version of this Privacy Policy will be effective immediately upon the posting of the Privacy Policy unless otherwise specified. 

This page was last updated on November 8th, 2021.