Privacy Policy as of April, 2026

1. Introduction and Overview

The protection of your personal data is our highest priority. This website, Hamburg-Truck-Abschleppdienst.De, is part of the nationwide network for truck towing services, TruckNetz.DE. In the following, we inform you about how we collect, process, and store your personal data when you use our online services.

2. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws is:

OPTILIFE DOO RAKOVAC Stošin Do 28A 21299 Rakovac Republic of Serbia 

Commercial Register/Tax ID (PIB): 108482914 

Phone: +381 63 8015320 

E-Mail: [email protected] 

Website of the operating company: https://optilife.rs/en/

Data Protection Officer: Ivan Feofanov, tel: +381 65 815 1541. For questions regarding data protection, please contact us at any time via email: [email protected] 

3. Legal Basis for Data Processing

We process personal data based on the following legal norms:

  • Art. 6 (1) (a) GDPR: If you have given us express consent.
  • Art. 6 (1) (b) GDPR: For the performance of a contract (e.g., commissioning a truck tow) or pre-contractual measures.
  • Art. 6 (1) (c) GDPR: To fulfill legal obligations.
  • Art. 6 (1) (f) GDPR: To safeguard our legitimate interests (optimization of website stability and security).

4. Data Transfer to Third Countries (Standard Contractual Clauses)

As our company headquarters are located in the Republic of Serbia, data processing takes place in a third country outside the European Union. To ensure an adequate level of data protection, we have implemented EU Standard Contractual Clauses (SCC) in accordance with Art. 46 (2) (c) GDPR. These regulate the secure handling of your data between European users and our location in Serbia. We would like to clarify that we use SCCs in accordance with European Commission Decision (EU) 2021/914 and have implemented technical and organizational measures, as well as a data transfer impact assessment (TIA). We are guided in our work by the Data Protection Act of the Republic of Serbia (Zakon o zaštiti podataka o ličnosti, ZZPL), which is largely compatible with the GDPR.

5. Hosting and Infrastructure

  • This website is hosted by an external service provider, DigitalOcean, LLC (105 Edgeview Drive, Suite 425, Broomfield, Colorado 80021, USA) https://www.digitalocean.com/. The personal data collected on this website is stored on the host's servers. We have entered into a data processing agreement (DPA) with our hosting provider to ensure that your data is processed only on our instructions and in accordance with the GDPR.
  • Cloudflare: We use Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA) http://cloudflare.com/ as a Content Delivery Network (CDN) and Web Application Firewall (WAF). Your data traffic is routed through Cloudflare's infrastructure to protect our website from attacks (e.g., DDoS). Data transfers to the USA are based on the EU-US Privacy Shield Framework and Standard Contractual Clauses (SCCs). Cloudflare's privacy policy.

Further services to ensure website functionality and security:

  • Google Fonts (Local Use) from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland): To ensure consistent font display, we use Google Web Fonts. For data protection reasons, these are hosted locally on our server. No connection is established to Google servers, and your IP address is not transmitted to Google. Information on data protection at Google Fonts can be found at: https://policies.google.com/privacy
  • Google reCAPTCHA from Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland): To ensure security when submitting forms (e.g., in the contact section), we use Google reCAPTCHA. This service detects whether data was entered by a human or by an automated program (bot) intended for misuse. (Legal basis: Art. 6 para. 1 lit. f GDPR). Information on data protection at Google reCAPTCHA can be found at: https://policies.google.com/privacy.
  • Google services (General Information) of Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland): We use Google's shared infrastructure services to optimize the technical stability, performance, and security of our website's APIs. Information on data protection at Google services can be found at: https://policies.google.com/privacy.

6. Communication, Contacts, and Processing of Contact Information

If you send us inquiries via telephone, messenger (Viber, WhatsApp, Telegram, etc.), contact form, or e-mail (e.g., in the event of a truck breakdown), your details, including the contact data you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass this data on without your consent, except for the purpose of processing the order by third parties who execute your orders. They will only receive your data if this is necessary to fulfill your order.

Communication via WhatsApp, Telegram, and Viber: We offer you the option of contacting us via instant messaging services. When using these services, personal data is collected and processed by the respective messenger provider.

A. WhatsApp

Provider: WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (subsidiary of Meta Platforms, Inc.).
Data processed: Mobile phone number, profile name, IP address, and metadata (time of message, device data). Message content is protected by end-to-end encryption; however, WhatsApp collects metadata to analyze user behavior.
Legal basis: Art. 6 para. 1 lit. b GDPR (contract initiation/performance) and Art. 6 para. 1 lit. f GDPR (our legitimate interest in fast communication).
Third-country transfer: Data may be transferred to servers of Meta Platforms, Inc. in the USA. This transfer is based on the EU Standard Contractual Clauses and the EU-U.S. Data Privacy Framework.
Privacy policy:https://www.whatsapp.com/legal/privacy-policy-eea 

B. Telegram

Provider: Telegram Messenger Inc., 71-75 Shelton Street, Covent Garden, London, UK / Telegram FZ-LLC, Dubai, UAE
Data processed: Mobile phone number, profile name, IP address, message content (cloud storage for standard chats).
Legal basis: Art. 6 para. 1 lit. f GDPR (Legitimate interest in platform-independent communication).
Third-country transfer: Transfer to third countries (including the UAE) is possible. Telegram assures that it maintains an adequate level of data protection.
Privacy policy:https://telegram.org/privacy 

C. Viber

Provider: Viber Media S.à r.l., 2, rue Edward Steichen, L-2540 Luxembourg.
Data processed: Mobile phone number, device identifier, IP address, metadata. Messages are end-to-end encrypted by default.
Legal basis: Art. 6 para. 1 lit. f GDPR (Legitimate interest in modern customer communication).
Third-country transfer: Data may be processed worldwide. Viber uses standard contractual clauses for protection.
Privacy Policy:https://www.viber.com/en/terms/viber-privacy-policy/ 

7. Cookies and Analysis Tools

Our website uses cookies. These are small text files that are stored on your device.

  • Necessary Cookies: These are technically required for the operation of the website.
  • Optional Cookies (Marketing/Analysis): We only use these if you give us your express consent via our consent banner (cookie banner). You can revoke or change your settings at any time.
  • Google Forms: We use Google Forms provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) to collect structured inquiries (e.g., partner registrations or specific service requests). When you fill out a form, the data you enter is transmitted to Google's servers. The use is based on your consent (Art. 6 (1) (a) GDPR) or for the initiation of a partner contract (Art. 6 (1) (b) GDPR). For information on data protection regarding Google Forms, please visit: https://policies.google.com/privacy.

We use the open-source consent management tool Klaro to obtain your consent for the storage of certain cookies on your device or the use of certain technologies and to document this consent in accordance with data protection regulations.

  • Provider: KIProtect GmbH, Bismarckstr. 10-12, 10625 Berlin, Germany.
  • How it works: Klaro stores your decision (consent or refusal) locally in your browser so that it can be applied on subsequent visits.
  • Legal basis: This service is used to fulfill the legally required obligation to obtain consent for the use of cookies (Art. 6 para. 1 lit. c GDPR).
  • Klaro's privacy policy: https://klaro.org/de/ressourcen/datenschutz

8. Data Collection when Visiting the Website (Server Log Files)

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is stored in so-called server log files:

  • Browser type and version
  • Operating system used
  • Referrer URL (the previously visited page)
  • Hostname of the accessing computer (IP address)
  • Time of the server request This data is technically necessary to display the website correctly and to ensure the security of our IT systems. This data is not merged with other data sources.

9. Data Security (SSL/TLS Encryption)

To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g., SSL/TLS) via HTTPS. You can recognize an encrypted connection by the string "https://" and the lock symbol in your browser line.

10. Map Services: Leaflet

To show you locations and areas of operation, we use the open-source library Leaflet https://leafletjs.com/. Leaflet itself does not collect any personal data. However, when loading map data (tiles) from third-party providers (e.g., OpenStreetMap), your IP address is transmitted to their servers for technical reasons. This is based on our legitimate interest in a visual representation of our services (Art. 6 (1) (f) GDPR).

11. Security and Quality Assurance

  • Browser Fingerprinting: To defend against cyberattacks, spam, and bot networks, we use browser fingerprinting. This data is automatically deleted after 7 days.
  • Call Tracking: To measure the quality of our brokerage service, we collect metadata of calls (time, duration). Conversations are not recorded without separate consent.

12. Your Rights as a Data Subject

Within the framework of the applicable legal provisions, you have the right at any time to:

  • Access (Art. 15 GDPR): About your data stored by us.
  • Rectification (Art. 16 GDPR): Correction of incorrect data.
  • Erasure (Art. 17 GDPR): "Right to be forgotten."
  • Restriction of processing (Art. 18 GDPR).
  • Data portability (Art. 20 GDPR).
  • Objection (Art. 21 GDPR): Against processing based on a legitimate interest. To exercise these rights, please contact the contact details provided above ([email protected]).

13. Supervisory Authorities (Right of Complaint)

According to Art. 77 GDPR, you have the right to complain to a supervisory authority if you believe that the processing of your personal data violates the GDPR.

Competent supervisory authorities for Optilife DOO (Serbia):

  • Ministry of Information and Telecommunications:https://mit.gov.rs/, Nemanjina 22-26, 11000 Belgrade, Serbia.
  • Chamber of Commerce and Industry of Serbia (PKS) – RPK Novi Sad:https://novi-sad.pks.rs/, Narodnog fronta 10, 21000 Novi Sad, Serbia.
  • Office of the Commissioner for Information of Public Importance and Personal Data Protection:https://www.poverenik.rs/en/home.html, Bulevar kralja Aleksandra 15, 11000 Belgrade.

Competent supervisory authority for the German market (Hamburg):

14. Information for Partner Companies and Complaints

Optilife DOO acts purely as an information technology intermediary.

  • For complaints regarding the technical platform, please contact us (Optilife DOO).
  • For complaints regarding the physical execution (e.g., damage during towing, quality of repair or tire service by partners in Hamburg), please contact the competent specialist authorities in Hamburg:

15. Dispute Resolution

Our email address can be found above in the part 2 of this article. We are neither willing nor obliged to participate in dispute resolution proceedings before a consumer arbitration board.

16. Registration and Data Processing for Partner Companies (B2B)

Should you register or apply on our website as a service partner (e.g., towing service, workshop), we collect additional company-related data. This is necessary to include you in the TruckNetz.DE network and to be able to broker orders to you. This data includes:

  • Name of the company and legal form
  • Location(s) and service radius
  • Business contact details (phone, e-mail, website)
  • Information on the fleet and services offered
  • VAT identification number (USt-IdNr.) or tax number 

Legal basis: Processing is based on Art. 6 (1) (b) GDPR (initiation and fulfillment of a partner contract) as well as Art. 6 (1) (f) GDPR (our legitimate interest in quality assurance and brokerage of specialist companies).

17. Publication of Partner Data and Order Brokerage

As part of the TruckNetz.DE network, this website serves to broker orders.

  • Public Profiles: By being accepted as a partner, you agree that your business contact details (company name, address, phone number, services offered) will be publicly displayed on our website so that drivers seeking help can contact you directly.
  • Disclosure to Customers: In the event of a specific brokerage, your data will be transmitted to the customer (driver/forwarding agent). In return, you will receive the customer data necessary for order processing (location, vehicle data, driver contact).

18. Duration of Storage of Partner Data

Data of partner companies is stored for the duration of the active cooperation. After termination of the partnership, the data will be deleted unless there are statutory retention obligations (e.g., from tax law, 10 years for invoices).