Privacy policy

Privacy Policy. Status: April 2026

1. Introduction and Overview

The protection of your personal data is our highest priority. This website, TruckNetz.DE, is the headquarters of the nationwide truck recovery info-service network. Below, we inform you about how we collect, process, and store your personal data when you use our online services.

2. Name and Address of the Controller

The controller in the sense of the General Data Protection Regulation (GDPR) and other national data protection laws is: 

OPTILIFE DOO RAKOVAC 

Stošin Do 28A, 

21299 Rakovac, 

Republic of Serbia 

Commercial Register/Tax ID (PIB): 108482914 

Phone: +381 63 8015320 

E-Mail: stein@trucknetz.de  

Website of the operating company: https://optilife.rs/en/. 

Data Protection Officer: Ivan Feofanov, tel: +381 65 815 1541. For questions regarding data protection, please contact us at any time via email: commander@optilife.house 

EU Representative pursuant to Article 27 GDPR: Aleksandr Zhidrov, +4915258927599. Address: Ilsenhof 16, 12053 Berlin, Germany, Email: eu@trucknetz.de https://optilife.rs/de/

3. Legal Basis for Data Processing

We process personal data based on the following legal norms:

• Art. 6 (1) (a) GDPR: Provided you have given us explicit consent.
• Art. 6 (1) (b) GDPR: For the fulfillment of a contract (e.g., commissioning a truck recovery) or pre-contractual measures.
• Art. 6 (1) (c) GDPR: For the fulfillment of legal obligations.
• Art. 6 (1) (f) GDPR: To safeguard our legitimate interests (optimizing website stability and security).

4. Data Transfer to Third Countries (Standard Contractual Clauses)

Since our company headquarters is located in the Republic of Serbia, data processing takes place in a third country outside the European Union. To ensure an adequate level of data protection, we have implemented EU Standard Contractual Clauses (SCC) pursuant to Art. 46 (2) (c) GDPR. These regulate the secure handling of your data between European users and our location in Serbia. We would like to clarify that we use SCCs in accordance with European Commission Decision (EU) 2021/914 and have implemented technical and organizational measures, as well as a data transfer impact assessment (TIA). We are guided in our work by the Data Protection Act of the Republic of Serbia (Zakon o zaštiti podataka o ličnosti, ZZPL), which is largely compatible with the GDPR.

5. Hosting and Infrastructure

• This website is hosted by an external service provider, DigitalOcean, LLC (105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021, USA) https://www.digitalocean.com/. The personal data collected on this website is stored on the host's servers. We have entered into a data processing agreement (DPA) with our hosting provider to ensure that your data is processed only on our instructions and in accordance with the GDPR.
• Cloudflare: We use Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) http://cloudflare.com/ as a Content Delivery Network (CDN) and Web Application Firewall (WAF). Your data traffic is routed through Cloudflare's infrastructure to protect our website from attacks (e.g., DDoS). Data transfers to the USA are based on the EU-US Privacy Shield Framework and Standard Contractual Clauses (SCCs). Cloudflare's privacy policy.

Further services to ensure website functionality and security:

• Google Fonts (Local usage): To ensure a uniform display of fonts, we use Google Web Fonts from Google Ireland Limited. For data protection reasons, these are hosted locally on our server. No connection to Google servers is established and your IP address is not transmitted to Google. Information on data protection at Google Fonts can be found at: https://policies.google.com/privacyPrivacy Policy.
• Google reCAPTCHA: To ensure security when submitting forms, we use Google reCAPTCHA. This service recognizes whether data was entered by a human or by an automated program (bot). Information on data protection can be found at: https://policies.google.com/privacyPrivacy Policy.
• Google Services (General): We use shared infrastructure services from Google to optimize technical stability, performance, and security. Information on data protection can be found at: https://policies.google.com/privacyPrivacy Policy.

6. Communication, Contacts and Processing of Contact Information

If you send us enquiries by telephone, messenger (Viber, WhatsApp, Telegram, etc.), contact form, live chat system or email (e.g. in the event of a truck breakdown), your details, including the contact data you provide, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent, except exclusively for processing the order to third parties who fulfil your orders. These parties only receive your data if this is necessary for the fulfilment of your order.

Communication via WhatsApp, Telegram and Viber We offer you the possibility of contacting us via instant messaging services. When using these services, personal data is collected and processed by the respective messenger provider.

6.1. WhatsApp

• Provider: WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (subsidiary of Meta Platforms, Inc.).
• Data processed: Mobile phone number, profile name, IP address and metadata (time of message, device data). Message content is protected by end-to-end encryption, however WhatsApp collects metadata to analyse user behaviour.
• Legal basis: Art. 6(1)(b) GDPR (initiation/performance of contract) and Art. 6(1)(f) GDPR (our legitimate interest in rapid communication).
• Third-country transfer: Data may be transferred to servers of Meta Platforms, Inc. in the USA. The transfer is made on the basis of EU Standard Contractual Clauses and the EU-US Data Privacy Framework.
• Privacy policy:https://www.whatsapp.com/legal/privacy-policy-eea.

6.2. Telegram

• Provider: Telegram Messenger Inc., 71-75 Shelton Street, Covent Garden, London, UK / Telegram FZ-LLC, Dubai, UAE.
• Data processed: Mobile phone number, profile name, IP address, message content (cloud storage for standard chats).
• Legal basis: Art. 6(1)(f) GDPR (legitimate interest in platform-independent communication).
• Third-country transfer: Transfer to third countries (including UAE) is possible. Telegram assures that an adequate level of protection is maintained.
• Privacy policy:https://telegram.org/privacy.

6.3. Viber

• Provider: Viber Media S.à r.l., 2, rue Edward Steichen, L-2540 Luxembourg.
• Data processed: Mobile phone number, device identifier, IP address, metadata. Messages are end-to-end encrypted by default.
• Legal basis: Art. 6(1)(f) GDPR (legitimate interest in modern customer communication).
• Third-country transfer: Data may be processed worldwide. Viber uses standard contractual clauses as a safeguard.
• Privacy policy:https://www.viber.com/en/terms/viber-privacy-policy/.

6.4. LiveAgent (Customer Support & Communication)
We use the ticketing and live chat system LiveAgent to efficiently process enquiries from customers and partners.

• Provider: Quality Unit, s.r.o., Pionierska 8, 831 02 Bratislava, Slovakia.
• Purpose: Processing of contact enquiries and cooperation requests.
• Legal basis: Art. 6(1)(b) GDPR (performance of contract/pre-contractual measures) and Art. 6(1)(f) GDPR (legitimate interest in efficient support).
• Privacy policy: Further information can be found at: https://www.liveagent.com/gdpr/.

7. Cookies, Consent Management and Analysis Tools

Our website uses cookies. These are small text files that are stored on your device.

7.1. Necessary Cookies: These are technically required for the operation of the website.

7.2. Optional Cookies (Marketing/Analytics)
We only use these if you have given us your explicit consent via our consent banner (see 7. Cookie Banner). You can revoke or change your settings at any time.

7.3. Google Forms
We use Google Forms from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to collect structured enquiries (e.g. partner registrations or specific service requests). When you fill in a form, the data you enter is transmitted to Google's servers. The use is based on your consent (Art. 6(1)(a) GDPR) or for the initiation of a partner agreement (Art. 6(1)(b) GDPR). Information on data protection at Google Forms can be found at: https://policies.google.com/privacy.

7.4. Consent Management Tool Klaro
We use the open-source consent management tool Klaro to obtain your consent to the storage of certain cookies on your device or to the use of certain technologies, and to document this in a data-protection-compliant manner.

• Provider: KIProtect GmbH, Bismarckstr. 10-12, 10625 Berlin, Germany.
• How it works: Klaro stores your decision (consent or refusal) locally in your browser so that it can be taken into account on a return visit.
• Legal basis: The use is made to fulfil the legally prescribed obligation to obtain consent for the use of cookies (Art. 6(1)(c) GDPR).
• Privacy policy of Klaro: https://klaro.org/de/ressourcen/datenschutz.

Klaro is configured to fully support Google Consent Mode v2 and to transmit the corresponding consent signals to Google.

The following consent parameters are transmitted:

• analytics_storage – for Google Analytics
• ad_storage – for Google Ads / advertising cookies
• ad_user_data – use of user data for advertising purposes
• ad_personalization – personalised advertising / remarketing

Without your consent, no advertising or analytics cookies will be set and no personal data will be transmitted to Google. In this case, Google can only use anonymised modelling data (Modeling) to estimate conversions and traffic.

The current configuration of Klaro and the transmission of consent signals is regularly reviewed and meets the requirements of the GDPR as well as Google's requirements for the European Economic Area.

7.5. Google Analytics (with anonymisation function)
We use Google Analytics from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). We have activated the IP anonymisation function, so that your IP address is truncated by Google within member states of the EU.

• Protective measures: We have concluded a data processing agreement. Data is not shared with other Google services. The transfer to the USA is made on the basis of the EU-US Data Privacy Framework.
• Legal basis: Art. 6(1)(a) GDPR (consent via Klaro).
• Privacy policy:https://policies.google.com/privacy.

7.6. Google Ads (Conversion Tracking & Remarketing)
We use Google Ads from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to place advertisements.

• Protective measures: No data is transmitted that personally identifies you. We use Google Ads within the framework of the EU-US Data Privacy Framework.
• Legal basis: Art. 6(1)(a) GDPR (consent via Klaro).
• Privacy policy:https://policies.google.com/privacy.

8. Data Collection during Website Visit (Server Log Files)

Our system automatically collects data from the calling computer: browser type/version, operating system, referrer URL, IP address, and time of request. This data is technically necessary to display the website correctly and ensure IT security.

9. Data Security (SSL/TLS Encryption)

To protect your data during transmission, we use state-of-the-art encryption methods (e.g., SSL/TLS) via HTTPS. You can recognize an encrypted connection by the "https://" prefix and the lock symbol in your browser bar.

10. Map Services

To display locations and service areas, we use the open-source library Leaflet https://leafletjs.com/https://leafletjs.com/. Leaflet itself does not collect personal data. However, when loading map tiles from third-party providers (e.g., OpenStreetMap), your IP address is technically transmitted to their servers (Art. 6 (1) (f) GDPR).

11. Security and Quality Assurance

• Browser-Fingerprinting: Used to defend against cyber attacks and bots. Data is automatically deleted after 7 days.
• Call-Tracking: We collect call metadata (time, duration) to measure service quality. No recording takes place without separate consent.

12. Your Rights as a Data Subject

Within the framework of legal provisions, you have the right to: Access (Art. 15), Rectification (Art. 16), Erasure (Art. 17), Restriction (Art. 18), Data Portability (Art. 20), and Objection (Art. 21). Contact: stein@trucknetz.de.

13. Supervisory Authorities (Right to Lodge a Complaint)

You have the right to complain to a supervisory authority pursuant to Art. 77 GDPR. Authorities for Optilife DOO (Serbia):

• Ministry of Information and TelecommunicationsMinistry of Information and Telecommunications (Ministarstvo informisanja i telekomunikacija):https://mit.gov.rs/, Nemanjina 22-26, 11000 Belgrade, Serbia.
• Chamber of Commerce Office of Serbia (PKS) – Novi Sad Office:https://novi-sad.pks.rs/, Narodnog fronta 10, 21000 Novi Sad, Serbia. 
• Office of the Commissioner for Information of Public Importance and the Protection of Personal Data:https://www.poverenik.rs/en/home.html, Bulevar kralja Aleksandra 15, 11000 Belgrade.Chamber of Commerce (PKS)

Commissioner for Information and Personal Data ProtectionAuthority for Germany: The Federal Commissioner for Data Protection and Freedom of Information - https://www.bfdi.bund.de/DE/Meta/Datenschutz/datenschutz_node.html, Graurheindorfer Str. 153, 53117 Bonn, Central telephone number: 0228/997799-0, Central email address: poststelle@bfdi.bund.de.

14. Information for Partner Companies and Complaints

Optilife DOO acts as a purely IT-technical mediator. For technical platform complaints, contact us. 
For complaints regarding the physical execution of services (e.g., damage during towing, quality of repairs, or tire service provided by our network partners), the respective partner is your direct contact. 

If mediation at the company level is not possible, you can contact the relevant authorities responsible for the partner's location: 

• The relevant Chamber of Industry and Commerce (IHK): https://www.dihk.de/ For general transport and towing services at the partner's location.
• The relevant Chamber of Skilled Crafts (HWK): https://www.kammerfinder.de/ For deficiencies in workshop, repair, or tire services.
• Trade office / regulatory office: https://www.bundesjustizamt.de/DE/Themen/ZentraleRegister/Gewerbezentralregister/Gewerbezentralregister_node.html The general supervisory authority at the respective business location of the executing partner company.

15. Dispute Resolution

Our email address can be found above in the part 2 of this article. We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.

16. Registration and Data Processing for Partner Companies (B2B)

When registering as a service partner, we collect company name, legal form, location, contact details, fleet info, and tax IDs. This is necessary for network inclusion and order mediation (Art. 6 (1) (b) and (f) GDPR).

17. Publication of Partner Data and Order Mediation

As part of the network, partner profiles (company name, address, phone, services) are displayed publicly so that drivers can contact you directly. In the event of mediation, your data is passed to the customer, and you receive the customer's data (location, vehicle, driver contact).

18. Duration of Storage of Partner Data

Partner data is stored for the duration of the active cooperation. Upon termination, data is deleted unless legal retention obligations (e.g., tax law, 10 years) apply.