Privacy Policy


  1. Who are we?

Arco Transport AS (“We“) offers international transport services.

Our customers are companies that need road transport, container transport, multimodal transport, and/or related customs services or cargo insurance to transport their goods. We rarely provide services to individuals.

  1. Whose personal information do we process? Are we the controller or authorized processor of personal data?

We process the personal data of our customers ‘and partners’ representatives, as well as the personal data of those who contacted us via our Website (“You“).

Personal data may be processed either as a controller or as an authorized processor. The controller shall determine the purposes and means of the processing of personal data. The authorized processor must process the personal data in accordance with the written instructions of the controller.

We process personal data both as a controller and as an authorized processor, and we are mainly in the role of an authorized processor.

As the controller, we receive personal data directly from you if you contact us as an individual through our Website. As an authorized processor, we receive personal data from our legal entity customers with whom we have entered into a service agreement. The personal data received is the personal data of the representatives of the customers (incl. the customers’ cooperation partners).

  1. What kind of personal information do we process?

We process personal data as little as possible and only on a sound legal basis (Section 4).

Among other things, we process the following personal data:

  • personal data, e.g., first name, surname, personal identification code, date of birth.
  • contact information, e.g., address, telephone number, e-mail address;
  • document data, i.e., data on an identity document (e.g., a copy of a passport or ID card, document number, issuer, and validity);
  1. Why do we process personal data? Legal basis for the processing of personal data

The processing of personal data is part of our daily business activities. We do not provide the service to an anonymous customer, as a result of which we know who our customer is and who our customer’s representatives are.

We process personal data legally and transparently and in accordance with the requirements of the legislation in force in Estonia.

Me tööWe process personal data for the following purposes:

No.Purpose of the processing of personal dataLegal basis for the processing of personal data
1Provision of the service, negotiation of the conditions for the provision of the service, incl. submission of a price offer, analysis of the provided service.To fulfill the contract concluded with you.
2Exercising of our rights and fulfillment of obligations arising from legislation, including fulfillment of accounting obligations.To fulfill the contract concluded with you and to fulfill our legal obligation.
3Processing your inquiries and requests.       To fulfill the contract concluded with you and to fulfill our legal obligation.
4To send you messages.In case of our legitimate interest.
5To receive and process your inquiries, to answer your inquiries.In case of our legitimate interest.
  1. What are “cookies” and why do we use them?

We use “cookies” on our Website, which you can accept if you decide to use our Website. “Cookies” are small text files that are stored on the hard drive of the website visitor’s computer and that help us to improve the website services offered to you and make them more convenient for you.

We collect information about how you interact with our Website. In addition, we may collect information from your computer or device, such as your IP address, the web browser you use, and your language settings. We use this data for statistical purposes to improve our Website and display customized content for you.

If you prefer not to have your personal data processed on the Website, you can activate the private browsing function of your web browser.

  1. What values and general principles do we follow when processing personal data?

We protect your personal information. We treat your personal data with care and do our best to protect your personal data. We implement various measures (physical, technical, organizational) to protect personal data against illegal or unauthorized destruction, loss, alteration, disclosure, acquisition or unauthorized access to them.

We act legally. We always have a legal basis for processing your personal data and we process your personal data on that basis.

We are based on the purpose. We designate personal data for a legitimate purpose and process personal data only for that purpose. We will disclose to you the purpose of the processing of personal data clearly and intelligibly..

We choose our partners carefully. We transfer personal data to our authorized processors, with whom we have previously entered into a data processing agreement. We require and expect our contractual partners to be careful and ethical in the processing of personal data and to maintain the security of personal data..

We process personal data minimally. We only collect relevant and necessary personal information. When collecting personal data, we proceed from the purpose of processing personal data, ie we do not collect more personal data than necessary.

Restriction on retention. We retain personal data only for as long as the retention is required by law or agreement or necessary to achieve the purposes set out in the data protection rules. We retain personal data related to disputes until the claim expires. After the expiry of the term of storage of personal data, we will permanently delete the personal data.

  1. What are your rights regarding personal data?

The General Data Protection Regulation gives you extensive rights regarding your personal data. You have the right to access personal data, request their correction or even deletion, restrict the use of your personal data, object to the use of personal data.

You have the right to request the transfer of personal data if this is technically feasible. You have the right to know when we make a decision based on automated processing for regarding you.

If you wish to exercise any rights related to the processing of personal data or you have a question about the processing of personal data, please send us an e-mail to . We will usually respond within one month, and if the response requires the release of personal information, we will verify the identity of the applicant in advance.

If you are not satisfied with our answer, you can always file a complaint with the supervisory authority (

More detailed information on the rights of the data subject can be found in Chapter 3 of the General Data Protection Regulation.

  1. What to do in case of personal data violation?

Please notify us immediately of any personal data processing violation or threat of violation known to you at . We take the issue of personal data security seriously and will respond immediately to any breach.

  1. Where are the current Data Protection Rules published?

The current Data Protection Rules are available on our Website . Please note that we may update the Privacy Policy from time to time.

Renewed: 06.09.2021