eIDAS
Most documents are signed using a qualified electronic signature compliant with the eIDAS Regulation (Regulation (EU) No 910/2014 of the European Parliament and of the Council).
By operating remotely, we:
• reduce document turnaround time from days to minutes, eliminating the need for printing, manual signing, and postal delivery,
• ensure full compliance with regulatory requirements, including those of the Road Transport Inspection Authority,
• enable our clients to archive documentation in digital form,
• guarantee the validity of signatures across the entire European Union.
E2EE and PGP
Given the nature of consultations concerning dangerous goods (including those in the high-consequence group), it is essential to prevent third parties from accessing the content of communications.
Our communication security policy is based on End-to-End Encryption (E2EE) using the OpenPGP/GPG standard (asymmetric encryption). The PGP/GPG protocol uses public and private keys to ensure confidentiality (encryption) and authenticity (digital signature) of information exchange:
1. Encryption: the client encrypts the message content using our public key (available ››here‹‹).
2. Signature (optional): the client can additionally sign the message with a digital signature (using their private key).
3. Decryption: we receive the message and use our private key to read its content.
4. Sending a reply: in order for us to reply in an encrypted manner, the client must first provide us with their public key. Once this condition is met, our reply is encrypted with the client's public key (for confidentiality) and signed with our private key (for identity verification).
FIDO2 & TOTP
Access to systems that store personal data of elevated sensitivity—including payment information, identity credentials, and training certificate data—is protected using strong multi-factor authentication (MFA) mechanisms.
We employ hardware security keys compliant with the FIDO2 standard, which leverage asymmetric cryptography to eliminate the risks associated with password interception, phishing, and unauthorized access. In selected systems, we additionally use time-based one-time passwords (TOTP) generated by standalone hardware tokens, enabling offline authentication that is fully independent of mobile devices.
This approach combines the highest level of authentication security with operational independence, ensuring identity and data protection in line with current industry standards.
ePUAP
(Applies to Poland only)
We submit annual ADR reports electronically, in accordance with Article 16(1)(1) of the Polish Act on the Transport of Dangerous Goods.
For this purpose, we use the ePUAP / mObywatel platform, sending documents signed with a qualified electronic signature directly to the relevant Provincial Road Transport Inspectorates.
The entire process is carried out remotely, in compliance with the required procedures, and includes obtaining the electronic submission confirmation (UPP).