Skip to content

Privacy Policy

1 General information

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (“BVG” or “we”) complies with statutory data protection regulations. User data is treated with confidentiality. It is only disclosed to third parties to the extent permitted by data protection regulations or if the user provides their consent.

Personal data is any information relating to an identified or identifiable natural person (Article 4(1) of the EU General Data Protection Regulation (“GDPR”)). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.

Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, telephones, and other devices. Cookies cannot run programs or transmit viruses to your computer. They are used to make our website more user-friendly and effective as a whole. When we use the term “cookies” here, we always also mean comparable technologies that are used for similar purposes. We use both first-party cookies and cookies from integrated third-party services on our website.

We use functional cookies to ensure a smooth user experience on our website. We also use marketing cookies to measure the success of our online advertising and to allow us to allocate our advertising budget as effectively as possible. In addition, we use analysis cookies that help us to better understand the use of our website and to tailor our services better to your needs.

If you wish to contact our data protection officer directly, please see section 7.2 for details of how to do so.

2 Introduction to data processing when using the website

The data we process on our website encompasses the personal data required to enable the informational use of our website, to allow you to contact us by email or our contact form, and to use the “My BVG” service. We also use functional cookies and similar technologies (see 3.1 and 4.1) to enable the use of our website. We do not carry out any other processing of personal data unless you have given consent to the processing or there is another legal basis that allows us to do so. This, in particular, covers data you provide on a voluntary basis when contacting us or using the “My BVG” service, as well as data for analysis and marketing purposes (see 4.2 and 4.3).It also includes, for example, data that is processed for the purpose of providing you with your requested journey planning information and, in this context, improving the BVG’s transport services (see 3.7.). You are under no obligation to provide your personal data. If you do not provide your personal data, however, we will not be able to provide the service for which it is required.

If you use our website for purely informational purposes, i.e. not to log in, register, or transmit any other data to us, we do not process any personal data except for the data that is transmitted by your browser to make it possible for you to visit our website and ensure the IT security of the website. This includes your IP address, the date and time of the request, the browser used, and the content of the request. The legal bases for the data processing are Articles 6(1)(b) and (f) of the GDPR. We have a legitimate interest in ensuring the stability and security of the website.

If you have provided your consent to this as set out in Article 6(1)(a) of the GDPR, the aforementioned data will also be processed for marketing and analysis purposes and shared with third parties (see 4.2 and 4.3). In order to securely transfer data between your computer and the website, we use the latest version of the TLS 1.3 encryption protocol, which protects the data from access and manipulation by unauthorized third parties.

Please make sure that your browser is up to date and supports the TLS 1.3 encryption standard. If your browser is not up to date, data is automatically exchanged using a reduced version of TLS that matches your browser's configuration.

3 Use of functions on our website

Below, we set out the ways in which we ourselves process data in connection with the various available functions on our website.

3.1 First-party cookies

3.1.1 Permanently required cookies

3.1.1.1 Type and purpose of cookies

We use first-party cookies on this website. Our cookies are functional cookies required to ensure a smooth user experience on our website. They cannot be disabled.

These cookies enable numerous basic functions such as the following:

  • Order processing for online subscriptions
  • Access to the website’s login area
  • Saving the language selection
  • Saving the font size selection
  • Saving the start and end points of connection enquiries

These are session cookies that are erased when you close your browser.

3.1.1.2 Data processed

The following categories of data are routinely processed:

  • IP address
  • Time of request
  • Device data, e.g. operating system, browser version, screen resolution
  • Settings you make when using our website (e.g. language selection)

3.1.1.3 Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): ensuring a smooth user experience and enabling key basic functions of the website.

3.1.2 Temporarily required cookies

3.1.2.1 A/B testing

     3.1.2.1.1 Purpose of cookies

To help improve our website, we use A/B testing, a method of evaluating two versions of a page on our website. This involves testing the original version of a page against a slightly modified version. Which page version you see is chosen at random.

By setting the cookie, we ensure that you will be shown the same version when you return to our website during the A/B testing period.

3.1.2.1.2 Cookie storage duration

A/B testing is usually carried out over a maximum of 60 days, but the exact period depends on the complexity of the page being tested. The lifetime of the cookies corresponds to the period of the testing, after which they are erased.

3.1.2.1.3 Data processed

The following categories of data are processed:

  • IP address
  • VersionA/version B (which version was shown the last time the website was visited)

3.1.2.1.4 Legal basis for setting cookies

Setting the cookies represents a legitimate interest of the BVG (Article 6(1)(f) of the GDPR): ensuring that the customer is always shown the same version of the website during the A/B testing period.
 

3.2 Contacting us by email or on the contact form

If you contact us by email or on the BVG contact form, your request and the information contained therein will be evaluated in order to determine your reason for contacting us and to allow us to assist you accordingly. We will store your reason for contacting us, your email address, and your name for the purpose of replying to your questions. When you contact us, it is helpful if you limit yourself to submitting information that is only absolutely necessary for your concerns.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment function.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

3.3 Contacting us by telephone

The legal basis for this data processing is Article 6(1)(b) of the GDPR. The data will be erased after thirty days.

The external call centre is provided by our processor Majorel Berlin GmbH. The external call centre provides both staff and a voicebot (see 3.3.1) to answer your questions. We have concluded a processing contract with Majorel pursuant to Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed or processed for other purposes.

If Majorel uses other processors, your data may be processed in countries outside the European Union. This specifically concerns the data processing based on your consent set out in section 3.3.1. Data protection regulations in the United States, in particular, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data. For more information on safeguards to secure data transfers, please see section 4.4 below.

3.3.1 Voicebot replies to telephone enquiries

When you call us, you will be asked if you wish to speak to a voicebot about certain questions (e.g. regarding the Deutschland ticket).

If you have consented to the use of the voicebot, the following data will be processed:

  • Opt-in selection
  • Reason for the call/query (customer free text)
  • Session date
  • Session start (time)
  • Session end (time)
  • Session duration
  • Session ID
  • Forwarding to call centre staff

The legal basis for this data processing (also for anonymisation) is your consent (Article 6(1)(a), Article 49 of the GDPR): If you consent, you also consent to your data being processed in the US.

We will only store the aforementioned data and perform associated data processing operations if you grant us your voluntary and revocable consent to do so during the call. You can withdraw your consent at any time during the call by saying the word ‘cancel’. If you have objected to the data processing, you will be connected to an employee in the call centre. A subsequent withdrawal of consent or a request for erasure is not possible due to the immediate high-level pseudonymisation and the additional anonymisation that then takes place, as your data can no longer be identified after its immediate pseudonymisation.

In order to constantly improve the quality of the voicebot, your personal data mentioned above will be pseudonymised immediately after using the voicebot so that identification is no longer possible and will be completely anonymised after 30 days, taking semantic structures in the text into account, and then stored for a period of 90 days.

3.4 Career page functions and Online Test

3.4.1  Job applications

In the course of making an application, your name, your contact details, your qualifications, and other data you transmit to us will be processed for the purpose of selecting applicants for employment. You are required to enter personal data so that we may review your application and, as applicable, later conclude an employment contract with you. Your application will not be considered if you do not enter personal data. Your application and the personal data it contains will be forwarded internally to the employees who are responsible for making the relevant decisions.

The bases for data processing are Article 6(1)(b) of the GDPR  and Section 18 of the Berlin Data Protection Act (BlnDSG). We will process information you provide voluntarily in your application on the basis of Article 6(1)(a) of the GDPR and Section 18 of the BlnDSG .

3.4.1.1 Implementation of the application process

In order to carry out the application process - regardless of whether you submit your application in paper form or online - we require some of your personal data:

First name, last name, address (in the case of the online application process/ video interviews: also email address, for telephone interviews: also telephone number), date of birth, and salary requirement, information on your professional qualifications  (including school education, vocational training, other skills) as well as evidence of corresponding information (including certificates) that you submit with the application. The legal basis for processing this data is Article 6(1)(a) of the GDPR and Section 18 of the BlnDSG.

We must inquire your citizenship or the existence of a valid residence title permitting gainful employment. The legal basis for this query is BVG's obligation to employ persons only if they have a valid work permit (Section 4 (3) Sentence 4 of the Residence Act). A valid work permit is either given if you are in possession of an EU citizenship or a valid residence title permitting gainful employment.

3.4.1.2 Processing of special categories of personal data

The application you submit, including any attached documents, should not contain sensitive personal data. Sensitive data means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data uniquely identifying a natural person, health data, or data concerning a natural person's sex life or sexual orientation.

However, you are free to provide information on your status as a severely disabled person as part of your application.

In some cases, BVG uses telephone or live video interviews as a medium for selection interviews. Conversations are not recorded and no software-based evaluations of verbal and non-verbal behavior are made. The legal basis for conducting a live video interview is your consent pursuant to Art. 6 (1) a) DSGVO.

3.4.1.3 Duration of Storage

The personal data that the BVG processes in relation to applicants is erased six months after the end of the application process, provided this data is not legitimately required for other purposes (e.g. for legal reasons or if you commence employment with us). No recordings are made of audio/video transmissions, so there is also no data stored on completion of these transmissions.

3.4.2 Chatbot

We use a chatbot on our career pages (for more details, see also section 4.1.3). The chatbot also gives you the opportunity to upload application-related documents in connection with a job posting. From this upload, we generate an email with the documents you uploaded as attachment(s). This email is forwarded exclusively to those people within BVG who are involved in carrying out the application procedures.

3.4.3 Online test for certain job advertisements

An online test is required for certain vacancies, e.g. apprenticeships, driving personnel for qualification, security service employees. If you apply for such a job posting, you will receive an email with a link to the online test after entering your applicant data.

The following personal data will be processed for this purpose: First name, last name, date of birth, gender. The legal basis for this is Article 6(1)(a) of the GDPR,  Section 18 of the BlnDSG. The IP address, time and date of access, browser activities and settings as well as login ID data are required for security reasons for authentication and input control; the legal basis for this is Art. 6 (1) f) DSGVO. The evaluation includes the speed of answering the tasks and the correctness of the answers as well as the number of correct answers. An automated decision does not take place.

The legal basis for data processing in connection with the online test, including the evaluation of the online test, is your consent pursuant to Art. 6 (1) a) DSGVO.

As part of the online application process, we have commissioned a service provider who collects the above-mentioned data on our behalf and evaluates the online test.

The commissioned service provider is:

ALPHA-TEST GmbH
Dynamostr. 15
68165 Mannheim
Email: Kontakt@alpha-test.de

We have concluded a commissioned processing agreement with ALPHA-TEST GmbH in accordance with Art. 28 DSGVO. This order processing ensures that your personal data is only processed as instructed by BVG and in accordance with data protection regulations.

Data will only be passed on to third parties if we are legally permitted or obliged to do so, or if you consent to this.

3.4.4 Evaluation platform

As part of the application process, you will be given the opportunity to consent to us contacting you to evaluate our application process. If you choose not to consent, this will not affect your application or the application process itself. If you have consented to be contacted, your personal data (name, first name, email address, job category, and location) will be processed. To contact you by email, we work with softgarden e-recruiting GmbH, Tauentzienstraße 14, D-10789 Berlin (‘softgarden’) and New Work SE, Am Strandkai 1, D-20457 Hamburg (‘kununu’). In cooperating with softgarden and kununu, we have concluded processing agreements pursuant to Article 28 of the GDPR for GDPR-compliant processing of your personal data.

If you consent, softgarden/kununu will contact you once by email within 48 hours of your consent and send you a link to submit your feedback anonymously.

You may at any time object to the processing of your personal data for the future. However, depending on when you object, you may not be able to submit an evaluation.

3.4.5 Applicant pool

BVG has an applicant pool in which certain data of applicants can be included. Individual consent is obtained from applicants for this purpose. If you have any queries about the applicant pool, please contact recruiting@bvg.de.

We process the data in the applicant pool based on the consent of the applicants. The legal basis for the processing is Art. 6 (1) a) DSGVO.

3.4.6 “Jobalert” newsletter

You can subscribe to our “Jobalert” newsletter if you provide your email address, your name, and your job interests. The “Jobalert” newsletter will notify you when a job that matches your search criteria is advertised.

If you subscribe to the “Jobalert” newsletter, we will store the sign-up date, and your confirmation of sign-up. This information is stored only as a means of proof in the event that a third party misuses an email address and signs up for “Jobalert” without the valid user’s knowledge.

The legal basis for this processing is your consent as set out in Article 6(1)(a) of the GDPR. We will store your email for as long as you are subscribed to “Jobalert”.

Your consent is obtained with the aid of the double opt-in procedure. You will receive an email containing a link that you must click on to confirm that you are the owner of the email address and wish to receive notifications through our email service. If you do not confirm your subscription to the newsletter within two weeks following receipt of the confirmation email, we will not process the personal data you provided. Instead, this data will be automatically erased. You can unsubscribe from “Jobalert” at any time by clicking on the link contained in every “Jobalert” or by sending us a message using the contact details set out above. The data you provided during sign-up will be erased when you unsubscribe.

3.5 BVG-Account

If you would like to use the BVG-Account, you must sign up to do so, providing your name, first name, your email address, and a password you choose. We use the double opt-in procedure for sign-ups, i.e. your sign-up is not completed until you have confirmed that you wish to sign up by clicking on the link in a confirmation email we send you for this purpose. If your confirmation is not received within 24 hours, the personal data you provided is automatically erased from our database.

You can also use an existing BVG-Account to sign into the BVG apps as well as  the Abo-Online self service. Your BVG-Account will then be associated with the corresponding BVG Service and the above-mentioned data from your BVG-Account (surname, first name, password) will be used (“single sign-on”, or SSO for short).

3.5.1 Duration of storage

We will also save the data you provide for the duration of your use of the account, unless you erase it yourself. You can manage and change any of the data you provide in your password-protected customer account yourself.

Your personal data is processed solely for the purpose of using the BVG-Account.

If you decide to delete your BVG-Account, your account data will first be blocked from further processing, with the exception of processing that is required in compliance with legal obligations or rights (see the respective chapters in the privacy notices of the BVG apps.) and then deleted. Your request for erasure may, however, conflict with statutory provisions or rights on the part of the BVG. As such, your data may not be erased if the BVG is required to comply with legal obligations to retain data (e.g. for commercial or tax law reasons) or if processing of your data is required for the establishment, exercise, or defence of legal claims, e.g. if we initiate legal proceedings against you for misconduct during use of our services or for payment reasons.

The legal bases for the data processing are Articles 6(1)(a) and (b) of the GDPR.

3.5.2 Disclosure to third parties

The single sign-on service is provided by our service provider akquinet AG - (Paul-Stritter-Weg 5, 22297 Hamburg).

The disclosure of personal data to these service provider for the single sign-on service is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.6 Ticket subscriptions and corporate tickets

If you want to sign up for a ticket subscription (transferable and personal tickets) and renew an existing subscription, we will process your personal data as set out below.

3.6.1 Ticket subscriptions

3.6.1.1 Categories of personal data for contract performance

We process your personal data in connection with your subscription contract. For transferable season tickets (annual and monthly eco-tickets, 10 o’clock monthly tickets), we require your full name, address, date of birth, gender, account details (except for the school student ticket Berlin AB), payment frequency (monthly or annually), and, as required, the full name, date of birth, gender, and address of your legal representative or guardian/carer.

For personal season tickets (VBB subscription ticket 65plus, school student ticket, trainee ticket), we also require your photo and credentials in addition to the information above. The legal basis for processing this data is Article 6(1)(b) of the GDPR. A photograph is required for us to issue the season ticket in your name. The photograph is electronically processed, digitised as an image file, and stored exclusively for the time and for the purpose of producing the electronic ticket in the form of the non-transferable VBB fahrCard. The stored image file is erased no later than two months following dispatch of the VBB fahrCard. The picture will not be returned; paper-based photographs will be destroyed.

The credentials (e.g. front and back of the student ID for a student ticket; certificate with hologram for the VBB-Abo Azubi; training contract for a trainee / student; personal document as proof of age for a VBB-Abo 65+) is required to check your eligibility for the requested ticket. Submitted proofs with the completion of a subscription will be deleted 10 days after the ticket has been sent. If the credentials are only required for a check (e.g. proof of student status over the age of 16), but not for a new ticket to be issued, the credentials will be deleted no later than two months after the review. The required credential is specified in the respective fare product.

Providing us with your telephone number and email address is voluntary, but if you do, it will be easier for us to contact you if we need to. We process and use this information solely for the purpose of managing contractual matters with you. The legal basis for this is your consent as set out in Article 6(1)(a) of the GDPR. You can withdraw your consent at any time.

In addition, we process pseudonymised ID numbers on the chip card in order to verify its authenticity, as well as our customers’ personal data, if this is required in the course of providing our services. This may include, for example, personal data processed during ticket inspections (e.g. name of passenger not in possession of a valid ticket, time and place of inspection, penalty charge amount) or data in connection with operational incidents. The legal bases are Articles 6(1)(b) and (f) of the GDPR.

We would like to point out that you are generally not obliged to provide personal data. Under certain circumstances, however, it may be necessary to provide the data for conclusion or performance of a contract with the BVG. In such cases, failure to provide personal data may mean that you cannot enter into a subscription contract with us. In the event of ticket inspections, refusal to provide data may result in the identification of persons and the provision of necessary data having to be carried out with the assistance of the police.

3.6.1.2 Disclosure to third parties

We will only disclose your personal data to third parties if this is necessary for the above-mentioned purposes. We will only disclose data that a service provider needs to fulfil its tasks for the BVG. This may involve the disclosure of personal data to marketing service providers for ticket sales, to service providers for printing tickets/chip cards and to check the authenticity of the VBB fahrCard and to IT service providers for data storage and maintenance purposes. If the recipients are processors, we will have signed processing contracts with them pursuant to Article 28 of the GDPR. Specifically, these are the following service providers that we use to administer an existing contract with you (BVG subscription) and to administer subscriptions:

  • Service provider for printing the fahrCard (for personalised smart cards) (PAV Card GmbH, Hamburger Str. 6, 22952 Lütjensee)
  • IT service provider for data storage and maintenance (HanseCom Public Transport Ticketing Solutions GmbH, Weidestraße 120 b, 22083 Hamburg)
  • IT service provider for data storage (Cronon AG, Pascalstraße 10, 10587 Berlin)
  • Service providers for ticket checks (B.O.S. Eltan GmbH, Bayreuther Straße 3, 10787 Berlin; Kötter Sicherheits- und Ordnungsdienst SE & Co. KG, Niederlassung Berlin, Am Borsigturm 100, 13507 Berlin)
  • Service provider for creating and sending postal and/or electronic correspondence (Richard Scholz GmbH, Bessemerstraße 36 - 42, 12103 Berlin)

Other data recipients without processing contract

  • Postal company for sending the fahrCard and other contractual documents (PIN AG, Alt-Moabit 91, 10559 Berlin; Deutsche Post AG, Stolkgasse 4, 50667 Cologne)

Sal.A iT-Services GmbH
Albertstr. 12, D-10827 Berlin
Email: info@sal-a.de

We will disclose the personal data required and provided in connection with your SEPA direct debit mandate to the bank that we use to collect payments (Berliner Sparkasse, Niederlassung der Landesbank Berlin AG, Alexanderplatz 2, 10178 Berlin), which will carry out this transfer of funds and the associated processing of your personal data as an independent entity.

We have contracted the IT service provider to verify photographs and proof of eligibility. In this case, too, a processing contract has been concluded in accordance with Article 28 of the GDPR.

If, during the order or verification process, it becomes apparent that the proof of eligibility or the photograph you upload cannot be verified, we will notify you through our service provider and provide instructions on how to proceed. The legal basis for this is Article 6(1)(b) of the GDPR. Contact is necessary in order to be able to conclude or execute the contract you have requested.

In some cases, we also transmit personal data to credit agencies prior to the conclusion of a subscription contract and prior to substantial changes to a subscription contract in order to check the creditworthiness of the subscriber. The legal basis for this is Article 6(1)(f) of the GDPR. Our legitimate interest is in avoiding payment defaults.

If we disclose personal data to debt collection agencies in accordance with Article 6(1)(f) of the GDPR, we are pursuing our legitimate interest in asserting, exercising, and defending our legal claims.

3.6.1.3 Duration of storage

We store the personal data concerning you for as long as it is required for the respective purposes for which it was processed. If there is a legal obligation to retain data (e.g. for tax reasons), personal data required for this purpose we will process for the duration of this retention period.

3.6.2 Corporate tickets

We process your personal data in connection with your corporate ticket contract (photograph, name, address, company affiliation, account details, payment information). The legal basis is Article 6(1)(b) of the GDPR.

Your photo is required because the corporate ticket is a personal, non-transferable season ticket. If you do not provide one, a corporate ticket cannot be issued in your name. The picture is electronically processed; it is digitised as an image file and stored exclusively for the time and for the purpose of producing the electronic ticket in the form of the non-transferable VBB fahrCard (here as a corporate ticket). The stored image file is erased no later than two months following dispatch of the VBB fahrCard. If you require a replacement for your non-transferable ticket, you will need to resubmit your photo.

In addition, we will send your corporate ticket application to your employer so that they can confirm that you are eligible to participate in the corporate Ticket.

We would like to point out that you are generally not obliged to provide personal data. Under certain circumstances, however, it may be necessary to provide the data for conclusion or performance of a contract with the BVG. In such cases, failure to provide personal data may mean that we are unable to provide you with your requested corporate ticket or any other services.

Sections 3.6.1.2. (Disclosure to third parties) and 3.6.1.3 (Duration of storage) apply accordingly.

In addition to the recipients mentioned in 3.6.1.2, there are the following data recipients for corporate tickets:

  • Service provider for the provision of the online application (for corporate ticket framework agreements concluded online): IBM iX Berlin GmbH (Chausseestraße 5, 10115 Berlin)
  • Service provider for provision of online application (for companies and participants): Sal.A iT-Services GmbH (Albertstr. 12, 10827 Berlin)

These recipients are processors with whom we have concluded processing contracts in accordance with Art. 28 of the GDPR.

3.6.2.1 Digital information events for the corporate tickets

BVG offers digital information events for interested companies. These events are held online (video conference) via Microsoft Teams. For your registration and participation in the online event, the processing of your e-mail address by BVG is required. You can find more information about the processing of your data by Microsoft at: https://privacy.microsoft.com/en-us/privacystatement.

The legal basis is Article 6(1)(b) of the GDPR. 

3.6.2.2 Call-back service for interested companies

BVG offers a call-back service for interested companies. For your registration and participation in this service, the processing of your contact data (name, company and telephone number) by BVG is required. Registration takes place via the chatbot (see chapter 4.1.5). The legal basis for the data processing is Article 6(1)(b) of the GDPR.

3.6.3      Deutschland Ticket

If you signed up for a Deutschland Ticket subscription on our website at https://abo.bvg.de/, you can display the ticket as a digital ticket (mobile ticket) in the following BVG apps: Fahrinfo app, Ticket app, or Jelbi app.

The following data is transmitted to the BVG apps via an encrypted data connection:

  • SSO-ID (Fahrinfo app, Ticket app, Jelbi app; in the Fahrinfo app, also your email address)
  • Class (type of ticket)
  • Valid from
  • Valid to

When you log in to one of the apps, the Deutschland Ticket is displayed as a valid, checkable ticket.

Disclosure to third parties

Your data will be disclosed to the following service providers if you have chosen to use the digital Deutschland Ticket:

  • SYSTEMTECHNIK GmbH, (Wielandstraße 12, D-99610 Sömmerda) – development of the Ticket app front-end and background systems
  • eos.uptrade (Schanzenstraße 70, D-20357 Hamburg) – development and operation of the Fahrinfo app background and front-end systems
  • Trafi (UAB Intelligent Communications, Labdarių 5, LT-01120, Vilnius, Litauen) – hosting and operation of the central IT system for the Jelbi app

The disclosure of personal data to our service providers for display of the Deutschland Ticket is based on Article 28 of the GDPR in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

If your ticket is checked by another transport company in the VBB fare network, or another transport company outside the network, the privacy policies of the company carrying out the check apply. Under certain circumstances, the transport company carrying out the check may record the fact that your ticket was checked on your fahrCard.

3.6.4 Data stored on the VBB fahrCard

For customers with non-personalised, transferable season tickets, the tariff product, the tariff area of validity, the time and geographical validity, and the card number are stored on the chip of the VBB fahrCard.

For customers with personalised, non-transferable season tickets, the tariff product, the tariff area of validity, the time and geographical validity, and the card number are stored on the chip of the VBB fahrCard. In addition, your first name and surname are stored in encoded form (only the first and last letters are readable) in your electronic ticket. Your photo and your first name and surname are printed on the card.

When anything is written to the chip on the VBB fahrCard, this information is logged in a transparent and understandable way for the customer. This includes ticket issuing, ticket inspections, and the blocking of eTickets or the entire VBB fahrCard (application blocking). The log contains a maximum of ten entries. The following data is collected:

  • Transaction type and name: issue/block
  • Terminal ID
    • Terminal ID number: indicates the type of terminal and terminal number
    • Organisation ID number of the transport company to which the terminal belongs
  • Transaction time: date and time of issue/block
  • Transaction location ID
    • Location type code: indicates the type of issue/block location (e.g. bus stop, railway station)
    • Location number: unique ID number per issue/block location
    • Organisation ID number of the transport company to which the issue/block location is assigned
  • Authorisation ID
    • Authorisation number of the issued/blocked ticket
    • Organisation ID number of the transport company that issued the ticket
  • Product ID
    • Product number of the tariff product issued as an authorisation
    • Organisation ID number of the tariff manager (usually VBB)

You may view the data from the log of your VBB fahrCard at any time at a customer centre of the BVG or another transport company. You can also view this data yourself at a customer information terminal, or info terminal, of your choice.

Info terminals are installed in the customer centres of the BVG and other transport companies, but can also be found in partner agencies. You can access the info terminals during the normal business hours of the customer centres or the agencies.

The VBB fahrCard can also be read using commercial smartphone apps, provided the smartphone has an NFC interface.

The eTicket can be read or written to contactlessly if the reader/writer is no more than one centimetre away from the card. This means that cards in jacket pockets or purses cannot usually be read. You may also fit a protective cover to your eTicket that prevents electronic contact with the card.

Please note that the protective cover must be removed for inspection processes at bus terminals and for mobile controls by inspection staff of the transport companies.

If you are checked with your VBB fahrCard outside the VBB area, the generated data records may differ. In this case, please contact the local transport company directly. At all transport companies, the only data that can be read out is that specified in the section ‘Type and scope of data collection’.

3.6.5 Communication data in the VBB background systems

For all communication processes (ticket issue, ticket inspection, and, if necessary, ticket blocking) that take place with the VBB fahrCard, data records are created by the issue and inspection terminals of the transport companies in the Verkehrsverbund Berlin-Brandenburg and transmitted to the background systems of the transport companies.

In the case of personal tickets, your first name and surname are encoded in the data records for ticket issue (only the first and last letters are readable).

All data records contain the time, place and type of communication process (ticket issue, ticket inspection, or ticket blocking) as well as the ID numbers for the ticket, for the tariff product on which the ticket is based, for the issue or inspection terminal, and the date and time of the start and end of validity of the ticket.

In the case of blocking procedures, the ID number of the line and the journey on which the communication process took place is also written into the corresponding data record.

If you are checked with your VBB fahrCard outside the VBB area, the generated data records may differ. In this case, please contact the local transport company directly. At all transport companies, the only data that can be read out is that specified in the section ‘Type and scope of data collection’.

Recipient of the data

The data collected via the terminals of the transport companies are processed by the sales background systems (issue/inspection systems) of the transport companies and transmitted to a central data control system of the VBB (issuing and control data records) as well as the central, Germany-wide blocking management system of VDV eTicket-Service GmbH & Co. KG (blocking data records).

The central data control system at the VBB receives the ticket inspection and issue data records (first name, surname and, if applicable, year of birth are erased before being entered into the system) directly from the systems of the transport companies as well as the ticket/card blocking data records that have been collected by the control systems of the transport companies via the blocking management system of VDV eTicket-Service GmbH & Co. KG in order to check them against each other so that system security can be guaranteed and, if necessary, errors in the systems can be detected and rectified.

Erasure of data

All communication data received by the sales background systems of the transport companies and the central data control system at the VBB are stored for the duration of the procedure. A precise specification of the storage duration and erasure periods is made in coordination with the data protection officers of VBB GmbH and the transport companies, based on a data protection impact assessment, external requirements, and technical possibilities of the systems.

3.6.6 Ticket inspections and and penalty fares

During ticket inspections, the validity of the respective tickets is checked. In the case of personalised tickets, the ticket may be checked against an official photo ID (e.g., for mobile phone and print tickets). When checking fahrCards, the following data stored on the fahrCards is visible to the control personnel:

  • Maximum period of validity for the fahrCard
  • Card number
  • Customer contract partner
  • Surname, first name (for personal tickets)

If the validity cannot be determined, the increased transportation charge is forfeited. In this case, the following data may be collected from you:

  • Name, first name,
  • date of birth,
  • sex,
  • address,
  • email address,
  • bank details,
  • name and address of legal representatives,
  • Time, place and other circumstances of the incident relevant for legal prosecution, including claims.

The data processing required in this respect is based on § 4 of the "Ordinance on the Processing of Personal Data at Berliner Stadtreinigungsbetriebe, Berliner Verkehrsbetriebe and Berliner Wasserbetriebe" (BlnBetrDatVO). The data will be deleted or blocked two years after the last relevant incident, but at the earliest when the transaction - in your case the receipt of payment - has been processed.

In the event of ticket inspections, refusal to provide  personal data may result in the identification of persons and the provision of necessary data having to be carried out with the assistance of the police.

3.6.7 BVG Club

If you have a BVG ticket subscription (except for school student, trainees and corporate tickets), you can register for the BVG Club. Registering for the BVG Club opens up access to the world of benefits via the platform of the company cb loyality GmbH, on which various providers have offers available.

Your surname, first name, e-mail address and the expiry date of the subscription will be transmitted to cb loyalty GmbH for the purpose of legitimisation or to prove that you are entitled to use the world of benefits. The legal basis for the data transfer is Article 6 (1) (a) GDPR.

Further data may be processed directly by cb loyalty GmbH as an independently responsible entity. For further information on data processing, please visit the website of cb loyalty.

3.7 Purchases of tickets for special events

Special events are trips on the open-roofed underground train, on historical vehicles, etc.

3.7.1 Purchase process

You can buy tickets for special events in our online shop.

The BVG will process the following data required to process the transaction and to perform the contract:

  • Surname
  • First name
  • Email address
  • The ticket user (if different to the purchaser) and any further ticket users
  • Date of birth
  • Company (if applicable)
  • Telephone number (if applicable)
  • Full postal address
  • Mobile device information
  • Payment method information
  • Confirmation of ticket download
  • Device information (incl. operating system version and build)

This data is required in order to process your ticket purchase. The legal basis is Article 6(1)(b) of the GDPR. The data will be stored for a period of ten years and then erased.

Tickets for special trips can be paid for using one of the third-party payment methods “PayPal”, VISA, or Mastercard. The data associated with your payment method (first name, surname, address, email address) will be requested by the provider and used for the purchase. We will also store it in our backend system together with the payment method, device type, and information regarding your agreement with the T&Cs.

The ticket shop is operated by eos.uptrade (Schanzenstraße 70, D-20357 Hamburg). eos.uptrade processes your data on behalf of the BVG and in accordance with a processing contract concluded with eos.uptrade as set out to Article 28 of the GDPR.

3.7.2 Payments by credit card [LogPay Financial Services GmbH]

If using a credit card (VISA, Mastercard), your customer data (first name and surname, date of birth, address, gender, email address) will be transmitted to our external financial services provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, D-65760 Eschborn, referred to below as “LogPay”). The payment method data (credit card details, information on your ticket purchases) is collected directly by LogPay, as claims against you are assigned to LogPay when you purchase a ticket. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing.

LogPay is the sole controller responsible for processing your personal data. More information on how LogPay processes data can be found at here.

3.7.3 Payments by PayPal

You can pay for special trip purchases in the ticket shop using the online payment service provider PayPal. The provider of this payment service is (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter “PayPal”). If you select PayPal as your payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. This data typically includes your name, your address, your telephone number, your IP address, your email address, and other information required for order handling and your specific order.

PayPal is the controller responsible for processing your personal data. The legal basis for the data processing when using PayPal is Article 6(1)(f) of the GDPR. We have a legitimate interest in offering you a wide range of payment options and outsourcing payment processing.

If required for the purpose of completing the order, PayPal may also disclose data to third parties. PayPal will also transmit personal data to credit agencies, e.g. SCHUFA, in order to establish your identity and creditworthiness.

More information on how PayPal processes data can be found at PayPal

3.8 Ticket sales via third parties

You can purchase personalised 24-hour tickets and tourist products such as the BVG Berlin Welcome Card and Berlin City Tour Card as digital tickets from third-party providers. These third-party providers use agents (here: Distribusion or Tranzer) to make these digital tickets available to customers. The payments are processed directly via the third-party providers’ booking platforms. Their privacy policies apply. In order to be able to issue a digital ticket, the following customer data is transmitted to BVG via the agents:

  • First name
  • Surname
  • Fare type
  • Valid-from date

BVG then creates the digital ticket with the first name and surname of the customer. The BVG will process the following data required to process the transaction and to perform the contract:

  • Information on the order object:
    • Ident (database id for a current request)
    • IdentExternal (class)
    • Description (product description)
    • Product type
    • Valid-from date
    • Product manager
    • Fare version
    • Product group
    • Number of authorisations
    • Price

The digital ticket is then made available to the customer by the third-party provider used by the customer.

3.8.1 Disclosure to third parties

In order to create a digital ticket, the data of the contracted third-party provider is disclosed to our service provider Systemtechnik GmbH (Wielandstraße 12, 99610 Sömmerda) via our agents Distribusion Technologies GmbH (Wattstraße 10, 13355 Berlin) or Tranzer B.V. (Stationsplein 61, 3818 LE Amersfoort, Netherlands). Systemtechnik GmbH is the developer and system operator of the background system in which the ticket purchase data is processed in order to create the digital tickets. Systemtechnik and Distribusion or Tranzer process the customer data provided by the third-party providers on behalf of BVG and in accordance with the respective processing contract concluded pursuant to Article 28 of the GDPR. The processing of customer data within the scope of the third-party providers is carried out by the respective operator of the external booking platform as an independent responsible entity. Further information on this data processing can be obtained from the respective operator.

3.8.2 Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or other legal reasons to retain it. For tax-related reasons, ticket purchase data will be stored for a period of ten years and then erased.

3.9 Kombitickets

In cooperation with various event organisers, special tariff offers (special tickets or Sonderfahrausweise) with a limited period of validity and/or limited area of validity can be issued for special and major events. This also applies to our combination tickets (Kombitickets). These Kombitickets are admission tickets, theatre box office receipts, invitations, hotel passes, or participant passes with travel authorisation. Insofar as such event tickets with travel authorisation are issued online or digitally or made available as print tickets, they are personal tickets. For this purpose, the organiser shall only provide BVG with the surname and first name for the purpose of issuing this personal ticket for the event ticket.

BVG shall provide the organiser with personal download links for retrieving the ticket from the BVG ticket shop. When the event participant retrieves the ticket, the IP address is processed.

The mentioned personal data will be processed until full settlement with the organiser and then deleted. Legal basis Article 6 (1) (b) GDPR.

The BVG ticket shop is operated by eos.Uptrade (Schanzenstraße 70, 20357 Hamburg). eos.Uptrade processes the data on behalf of BVG and in accordance with the order processing agreement concluded with eos.Uptrade in accordance with Article 28 GDPR.

3.10 VBB customer card Berlin S

3.10.1 Purpose of data processing

To purchase the Berlin ticket S, a valid VBB customer card Berlin S with photograph is required. You can apply for the VBB customer card Berlin S by providing the required information (see 3.9.2) on the BVG’s web portal (www.vbb-kundenkarte-Berlin-S.de). The purpose of data processing is to check and process applications for the VBB customer card Berlin S and – if the requirements are met – to issue the VBB customer card Berlin S.

3.10.2 Categories of personal data

Application for VBB customer card Berlin S:

  • Surname
  • First name
  • Date of birth
  • Period of eligibility
  • Delivery address
  • Where applicable, legal guardian (surname, first name)
  • Email address
  • Declaration of consent to data storage and processing
  • IP address
  • Proof of eligibility, with approved benefit period and barcode information for each person who receives benefits
  • Photograph (passport photo (410 x 530 px) or a photo file in a common format)
  • Copy of ID card or another ID document

Imprint on carrier card ‘VBB customer card Berlin S’:

  • Surname
  • First name
  • Period of eligibility
  • Photograph
  • Card number (8 digits, taken from QR code or barcode sticker).

3.10.3 Legal basis for data processing

The data is required for the application and creation of the VBB customer card Berlin S. The legal basis is Article 6(1)(b) of the GDPR.

3.10.4 Data erasure and duration of storage

Your personal data will be stored for as long as is necessary to process your application and create the VBB customer card Berlin S. Once the card has been sent out, the data is retained for 90 days to ensure secure dispatch, processing mail returns and answering customer requests. Your data will subsequently be erased after no more than 30 days.

3.10.5 Disclosure to third parties

The web portal for applying for the VBB customer card Berlin S is provided by our service provider TCS CARDS & SERVICES GMBH (Kronacher Straße 61, D-96052 Bamberg). The dispatch of the customer card and the processing of returned mail is also carried out by the service provider TCS CARDS & SERVICES GMBH.

We have contracted the service provider Majorel (Wilhelmshaven GmbH, Olympiastraße 1, 26419 Schortens) to digitise the applications submitted in paper form and to answer telephone and written enquiries regarding the VBB customer card Berlin S.

The processing of personal data by our service providers for creation of the VBB customer card Berlin S is based on Article 28 of the GDPR in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.10.6 Use of cookies

The web portal for applying for the VBB customer card Berlin S uses session cookies that are automatically erased when the browser is closed.

3.10.7 Friendly Captcha

To protect the web portal from cyber attacks, we use the Friendly Captcha tool.

There is an order processing contract with Friendly Captcha GmbH (Am Anger 3-5, 82237 Wörthsee) in accordance with Art. 28 DSGVO. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

When you enter data in the web portal, a cryptographic puzzle is solved in the background. The following data is processed:

  • Request headers User-Agent, Origin and Referer, 
  • the puzzle itself, which contains information about the account and website key it is related to,
  • version of the widget,
  • Timestamp.

An anonymized counter per IP address is stored for dynamic puzzle difficulty on the edge network to detect malicious users and minimize blocking legitimate users. This data is stored entirely separately from the rest of the data and cannot be correlated to specific websites or anything else. We anonymize IP addresses using a one-way hash of certain values so they cannot be personally identified.

More information can be found on the website of Friendly Captcha.

The legal basis for data processing in connection with Friendly Captcha is Article 6(1)(b) of the GDPR.

3.11 Planning journeys

3.11.1  Categories of personal data

If you search for a connection, we will collect the following data:

  • Starting stop or station
  • Destination stop or station
  • Depending on the request: date and desired departure/arrival time
  • Depending on the request: changes, sections on foot, forms of transport, route numbers
  • Time of request
  • Device type (iPhone or Android)
  • Location data (GPS data), if applicable
  • IP address

3.11.2 Purposes of data processing

3.11.2.1 Planning journeys

We process this data in order to provide you with the journey planning information you request. For this purpose, we suggest possible connections and the ticket required for the route based on your search criteria. The legal basis is Article 6(1)(b) of the GDPR.

If you use the app for timetable information, only your IP address will be stored, and only for the time during which this information is requested and processed. We store the IP address separately from journey planning data for a further 90 days in order to quickly identify any IP addresses sending extremely high volumes of enquiries, which can not only cause disruptions but also violates the terms and conditions of use. It is then erased.

3.11.2.2 Crowdedness predictions

In order to allow you to use our services as comfortably as possible and to best provide these services in line with demand, we also use the journey planning requests we receive to evaluate how busy our services are and to predict and ensure smooth connections wherever possible. To allow us to carry out these evaluations, the data associated with your journey planning requests is separated from your IP address to prevent it from being used to identify you personally. Evaluation of requests we receive allows us to predict passenger numbers on our different forms of transport if you actually take the route we suggest.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest). The BVG has a legitimate interest in providing efficient, economical, and demand-oriented transport services. It also has a legitimate interest in providing comfortable, pleasant transport for its customers, including during peak and rush hours.

3.11.2.3 Improvements to BVG services

We also use the journey planning requests we receive to carry out evaluations that allow us to provide passenger information and guidance, to optimise our services, for infrastructure planning, and to improve safety. Before these evaluations are carried out, the data associated with your journey planning request is separated from your IP address and device information and then stored on a separate server. We also take further steps to pseudonymise or aggregate the data. Pseudonymisation of request data is carried out to prevent you from being identified personally in the absence of further data.

Evaluating these pseudonymised requests allows us to estimate traffic flows on the assumption that at least some passengers will actually use the routes we suggest. We use this information to perform various tasks that are in the public interest and that the BVG is required to fulfil. Ultimately, it is used to better align the BVG’s services with customer requirements (e.g. demand-oriented route planning and smooth connections).

The legal basis for this data processing is Article 6(1)(e) of the GDPR (performance of a task carried out in the public interest) in conjunction with Section 24(1) of the Berlin Public Services Act (BerlBG). Specifically, the BVG, acting as the body responsible for providing public transport services in Berlin (Section 3(4) of the BerlBG in conjunction with Section 1(1)(a) of the BVG byelaws), assumes tasks relating to the development of public transport services set out in the Berlin Mobility Act (Sections 27(3), 1, 16(6)(3)) in conjunction with the Berlin Public Transport Plan and in conjunction with the Mobility and Transport Urban Development Plan. The BVG is responsible for providing passenger information and guidance during disruptions and engineering works, including the provision of replacement services. The BVG is also responsible for optimising its public transport services. This includes planning routes and services in line with demand, finding and closing gaps in the network, and improving the quality of connections. The BVG also performs tasks in the areas of infrastructure planning and passenger safety.

Supplementary to the information on your rights provided in section 5, we would like to point out that you have, in particular, the right to object to processing of your personal data for the performance of tasks that are in the public interest at any time, provided there are grounds relating to your particular situation. To exercise your right to object to processing, please use the contact details provided in section 6.2. If you exercise your right to object to processing, we will check whether the conditions of Article 21(1) of the GDPR are met. This means that we will check the grounds you state for objecting to processing and any grounds for further processing in the specific case as set out in Article 21(1)(2) of the GDPR, and, as necessary, weigh them against each other. We will inform you of the result of this check within the legal deadlines. If it finds in your favour, we will also uphold your objection within the legal deadlines.

We store the data collected for the aforementioned purposes for 90 days and the evaluations generated from the data for three years. After that time, we erase or anonymise the data. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person. The lawfulness of anonymisation is set out in Article 6(1)(e) of the GDPR in conjunction with the regulations set out above, and in Article 6(1)(f) of the GDPR. We have a legitimate interest in anonymising the data we collect in order to enable its long-term storage for transport planning purposes.

3.11.2.4 Processing of GPS data

In order to determine the nearest starting stop or station and any sections of the route to be taken on foot, you can set your browser to automatically enable location data. We process GPS data for this purpose, i.e. mobile sensor data generated by movement or direction.

For this purpose, you need to allow your browser to access location services through your device’s operating system and its permissions system (“location tracking”). In this case, however, we only collect the location determined by your device if you tap the location icon. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function, as do browsers on local devices. The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as your location is only determined and transmitted to us if you use journey planning functions that we can only provide if we are aware of your location. You can enable or disable this function at any time by going to your browser’s or operating system’s settings.

Please note that GPS data is also processed for the purpose of improving the BVG’s transport services. More information can be found in section 3.9.2.3.

3.11.2.5 Call-a-bus service

If you book a call-a-bus service by telephone, your telephone number will be stored for 24 hours on completion of the journey and then erased. This data is saved to ensure a record of booked and completed trips, and to notify you of information relevant to your trip, such as delays.

If you book a call-a-bus service online on the BVG website or in the Fahrinfo app, we will process the following data:

  • Line
  • Starting stop or station
  • Departure day
  • Departure time
  • Name (optional)
  • Telephone number
  • Number of passengers

Your optionally provided name and telephone number will be stored for 24 hours on completion of the journey and then erased. The legal basis is Article 6(1)(b) of the GDPR.

Please note that the above-mentioned data (except name and telephone number) is also processed to help improve the BVG’s services. For more information, please see section 3.11.2.3 Improvement of BVG services.

We have contracted the service provider IT Service Omikron GmbH (Wilhelm-Kabus-Str. 9, D-10829 Berlin) to handle call-a-bus orders and have concluded a processing contract with this provider pursuant to Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to third parties or processed for other purposes.

3.11.2.6 Door-to-door service

If you book the night-time door-to-door service online on the BVG website or in the Fahrinfo app, we will process the following data:

  • Line
  • Starting stop or station
  • Departure day
  • Departure time
  • Destination stop or station
  • Destination address (street, number), as applicable
  • Number of passengers

The legal basis is Article 6(1)(b) of the GDPR. If you enter a destination address with street and house number, the house number will be stored and erased after 24 hours.

Please note that the above-mentioned data (except house number) is also processed to help improve the BVG’s services. For more information, please see section 3.11.2.3 Improvement of BVG services.

We have contracted the service provider IT Service Omikron GmbH (Wilhelm-Kabus-Str. 9, D-10829 Berlin) to handle door-to-door service orders and have concluded a processing contract with this provider pursuant to Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed or processed for other purposes.

3.11.2.7 Troubleshooting

If a technical error occurs during the processing of data from journey planning requests in the technical systems used for this purpose (e.g. in the system used to improve the BVG’s services), we process information related to the error (including information on journey planning requests, if applicable). We do this in order to correct errors in the technical systems used to provide journey planning information and in which data from journey planning requests are processed, and to ensure system security.

This information is processed to allow us to pursue our legitimate interest in ensuring the stability and security of our IT systems (Article 6(1)(f) of the GDPR).

3.11.3 Duration of storage

Unless specifically stated otherwise, all data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

3.11.4 Disclosure to third parties

For the aforementioned data processing operations, we use the service provider Hacon Ingenieurgesellschaft mbH (Lister Str. 15, D-30163 Hannover), with which we have concluded a processing contract as set out in Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instruction and is not disclosed or processed for other purposes.

Where Hacon Ingenieurgesellschaft GmbH uses other processors, your data may be processed in countries outside the European Union. Specifically, this concerns the data processing set out in section 3.11.2.3. Data protection regulations in the United States, in particular, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data. Further information on safeguards to ensure secure data transfer can be found in section 4.4 below.

3.12 Participation in competitions

3.12.1 General information

We organise competitions. Anyone is eligible to take part, unless the rules stipulate otherwise: employees of the BVG or its wholly-owned subsidiaries (hereafter: “BVG”), for example, may not be eligible to participate in certain competitions, or entry to the competition may be restricted to persons above a certain age. Details for each competition can be found in their conditions of participation.

3.12.2 Categories of personal data

In general, we process personal data in the form you use to provide it for the purpose of entering the competition. This means that we will store your postcard or your email address with the personal data they contain that is required to participate, determine the winner(s), and issue the prize. The data required is always dependent on the specifics of the competition, and may include your name, your contact details, your address or email address, your telephone number, as well as, for employees of the BVG or its wholly-owned subsidiaries, your organisation unit and company ID number. Any and all data you provide is on a purely voluntary basis. If you do not provide the required data, however, you cannot take part in the competition.

On competitions accessed via the “Profil” app (only for use by BVG employees), an email address must generally be provided. We also process the following personal data: data you enter when logging in (email address, first name, last name), a login time stamp, and your solution. The general information on data processing for use of the PROFIL app www.profil-app.de/legal/datenschutzerklaerung further applies.

We process personal data by storing it in analogue form (i.e. correspondence received by post) in a location that is only accessible to authorised personnel, or by storing emails, to which again only authorised BVG personnel have access. The data is processed exclusively for the purpose of running the competition, in particular to determine a winner. If you are a winner, we will contact you at the postal or email address you provided.

The legal basis is Article 6(1)(b) of the GDPR.

Your personal data is not used for any purpose other than the competition. In particular, your data will not be used for marketing purposes or disclosed to third parties.

We do, however, reserve the right to publish the first and last name of winners, as well as their place of residence and prize. This is a condition of participation in the competition. The legal basis is Article 6(1)(f) of the GDPR. The BVG’s legitimate interest is in making it transparent that the competition has taken place and a winner has been selected.

3.12.3 Duration of storage

In general, we only store personal data until the competition has ended and a winner has been selected. Following this, the postcards are destroyed (shredded) and emails are erased.

The only exception is if the winner is a BVG employee, in which case the following personal data must be processed further for tax-related reasons: last name, first name, value of prize.  We only store this data for as long as is required by the relevant taxation law. The legal basis is Article 6(1)(c) of the GDPR in conjunction with the relevant tax regulations.

3.12.4 Disclosure to third parties

The personal data concerning you that is required for participation in a competition may be transmitted to service providers contracted by us to run competitions for the purpose set out above.

The disclosure of personal data to our service providers for running competitions is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.13 Market research

3.13.1 Purpose of data processing

We conduct market research through our website from time to time. Hyperlinks direct visitors interested in participating to the G3plus market research tool provided by our contracted company Rogator AG, Emmericher Str. 17, D-90411 Nürnberg (“Rogator”).

Anyone is eligible to take part, unless the market research exercise requires otherwise: employees of the BVG or its wholly-owned subsidiaries (hereafter: “BVG”), for example, may not be eligible to participate in market research exercises, or participation may be restricted to persons above a certain age. Details for each market research exercise can be found in their conditions of participation.

3.13.2 Categories of personal data

In general, we process and save personal data in the form you use to provide it for the purpose of entering the competition. The data required is always dependent on the specifics of the market research exercise. As a rule and in most cases, however, we do not request data such as your name, address, or email address when conducting market research.

On some projects, it may be necessary for us to request your name, contact details, address, or email address. In such cases, all information relevant to data protection will be listed separately and all necessary declarations of consent will be obtained before data is stored. Any and all data you provide is on a purely voluntary basis.

Data processing is carried out solely for the purpose of conducting and evaluating the market research exercise. The data will be stored on Rogator AG servers and, for the purpose of evaluation, on BVG servers, to which only authorised BVG personnel have access. The legal basis is Article 6(1)(a) of the GDPR.

3.13.3 Duration of storage

In general, personal data is stored for as long as it is required for the market research (i.e. the collection of data) and evaluation. The data is then erased.

3.13.4 Disclosure to third parties

The personal data concerning you that is required for a market research exercise and that you provide with your voluntary consent may be transmitted to other service providers contracted by us to conduct market research exercises for the purpose set out above.

The disclosure of personal data to these service providers for conducting market research is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.14   BVG prepaid card

The BVG prepaid card can be used to pay for tickets on BVG buses and in BVG customer centres. For this purpose, the BVG is cooperating with its partners AVS – Abrechnungs- und Verwaltungs-Systeme GmbH, part of Landesbank Hessen-Thüringen (Helaba), and transact Elektronische Zahlungssysteme GmbH. The partners each process the data under their own responsibility.

The BVG prepaid card is issued by Helaba. Helaba is the independent controller responsible for processing the data. Information on how Helaba processes data can be found on the Helaba website

The prepaid card can be topped up at the e-pay website https://www.bvg-guthabenkarte.de, provided by transact Elektronische Zahlungssysteme GmbH. transact is the independent controller responsible for processing the data. Information about what data transact processes and for which purposes can be found in the transact privacy policy at https://www.bvg-guthabenkarte.de/datenschutz.

3.15 Automated decision-making

We do not use automated decision-making, including profiling.

4 Integrated third-party services

We integrate the services of third-party providers for some of the features on our website. In the following, we distinguish between functional services, analysis services, and marketing services.

4.1 Functional services

Functional services enable you to use our website smoothly and are mandatory for using our website.

4.1.1 Consent manager

4.1.1.1 Purpose and scope of data processing

We use the “Consent Management Provider” cookie consent manager (hereafter: “consent manager”) provided by consentmanager AB, Sweden, to obtain consent for data processing or the use of cookies and comparable technologies. With the help of the consent manager, you can grant or deny your consent for all functions or grant your consent for specific purposes or specific functions.

Settings you make can be changed later (link in the footer of the BVG website). The purpose of integrating this service is to allow users of our website to decide whether to allow the use of non-functional cookies and to give them the option to adjust any settings they have made during further use of our website.

The consent manager stores your data for as long as your user settings are active. You will be prompted to provide your consent again if there are changes to the relevant cookies or other applications to which you have consented and which may result in changes to the processing of your data, or at the latest one year from the last time your user settings were processed. Your user settings will then be stored again for this period of time.

4.1.1.2 Use of cookies

The consent manager uses cookies. These cookies have a maximum lifetime of one year.

4.1.1.3 Processed data

The following categories of data are routinely processed:

  • IP address
  • Time and duration of visit
  • Device data, e.g. operating system, browser version, screen resolution
  • Pages visited
  • Consent information

4.1.1.4 Contract processor as set out in Article 28 of the GDPR

consentmanager AB
Håltegelvägen 1b
72348 Västerås
Sweden

4.1.1.5 Relationship between the BVG and the data processor

The consent manager is used in connection with a processing contract as set out in Article 28 of the GDPR, under which consentmanager AB may only use your data in accordance with our instructions.

4.1.1.6 Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): ensuring that non-functional cookies are only used if consent has been granted.

4.1.1.7 Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

4.1.2  Google Tag Manager

4.1.2.1 Purpose of data processing

This website uses Google Tag Manager, provided by Google Ireland Limited (hereafter: “Tag Manager”).

We use Google Tag Manager to control the use of code snippets (tags), e.g. tracking code, on our website. Google Tag Manager allows us to replace website code quickly and easily using a web interface, without the need to access the source code.

If Google Tag Manager is used to perform other functions that may collect and process your data, details can be found in the relevant sections elsewhere (e.g. Google Analytics).

4.1.2.2 Use of cookies

Google Tag Manager does not use cookies.

4.1.2.3 Processed data

When you visit our website, Google Tag Manager will process and store user data. This includes the following:

  • IP address
  • Device data, e.g. operating system, browser version, screen resolution

4.1.2.4 Contract processor as set out in Article 28 of the GDPR

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Your data that Google uses may be processed in countries outside the European Union. Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.1.2.5 Relationship between the BVG and the data processor

Google Tag Manager is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Google may only use your data in accordance with our instructions.

4.1.2.6 Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): quick and easy management of website tags.

4.1.2.7 Duration of data processing

Google will anonymise your personal data after nine months, provided there is no legal obligation to store it for a longer period.

4.1.3 Contacting us using the chatbot

For the purposes of this privacy notice, "chatbot" refers to all service bots offered by BVG, such as the career bot, service bot and corporate ticket bot.

4.1.3.1 Purpose of data processing

The chatbot provides the fastest way for you to send and receive a reply to enquiries and is available 24 hours a day. You can also use online forms or text input boxes in the chatbot to send requests to the BVG for processing. Based on the content of your request, the chatbot will forward it to the relevant BVG agent to ensure it is dealt with as quickly as possible.

If you contact us using the chatbot, your conversation with the chatbot will be evaluated in order to determine your reason for contacting us, to allow us to assist or reply to you, and to enable resumption of the conversation at a later time.

4.1.3.2 Use of cookies

The chatbot uses cookies (local storage). Their lifetime is unlimited.

4.1.3.3 Processed data

If you use our chatbot, your data will be processed.  These are:

  • IP address
  • UserID
  • ConversationID
  • if necessary any data you enter

When you use the chatbot for the first time, a randomly generated UserID will be assigned to you. The UserID is stored in your browser until you erase your browser history. If you want to use the bot again after deleting your browser history, a new UserID will be randomly generated. In this case, you may have to re-enter any answers you previously clicked on or any questions and other information you previously entered. When you use the bot again, your browser will transmit the UserID to the bot. This allows you to continue a previously interrupted conversation, search, or input in the bot at any time (similar to setting cookies on websites). Any conversations, searches, or inputs you started are also created and stored in your browser events. To help us constantly improve the bot, we record events such as “bot was displayed” and click events such as “user clicked on answer X”. For this purpose, we use ConversationIDs, which are generated within the bot’s database in a similar way to the UserID. They are used as an object identifier and are integral to the design of the bot, as database entries require a unique identifier.

The user data entered using the chatbot is collected by our service provider and made available to the BVG for further processing.

4.1.3.4 Contract processor as set out in Article 28 of the GDPR

Dixa GmbH
Tempelhofer Ufer 1
10961 Berlin
Germany

4.1.3.5 Relationship between the BVG and the data processor

The chatbot is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Dixa may only use your data in accordance with our instructions.

4.1.3.6 Legal basis for data processing, purpose of data processing

(1) Performance of a contract (Article 6(1)(b) of the GDPR): processing requests from customers with whom we have a contract.

(2) Legitimate interest (Article 6(1)(f) of the GDPR): providing a smooth customer service experience, ensuring that our services function properly, improving and expediting our data processing processes, e.g. by means of optimised assignment functions.

4.1.3.7 Duration of data processing

If the legal basis for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

4.1.4 Crowdedness info

4.1.4.1 Purpose of data processing

The utilization info provides an overview of the average utilization of the BVG's means of transportation. The information on capacity utilization is based on data collected anonymously by the BVG from the Automatic Passenger Counting System (AFZS). These can be up to a few weeks old. The utilization information is provided to you as colored graphic table on a Microsoft Power BI page.

4.1.4.2 Use of cookies

Microsoft Power BI uses session cookies that are automatically deleted when the browser is closed. The ai_user cookie is deleted after one year and stores a unique identifier to recognize users on recurring visits over time. You can also manually delete the cookie from your browser at any time. Microsoft sets these cookies as a separate responsible party.

4.1.4.3 Processed data

For information about what data is processed by Microsoft and for what purposes, see Microsoft's Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement.

4.1.4.4 Service provider

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.2 Analysis services

Analysis services help us to better understand how our website is used.

4.2.1 Google Analytics

4.2.1.1 Purpose of data processing

This website uses functions of the web analytics service Google Analytics 4, provided by Google LLC. The responsible entity for users in the EU, the EEA and Switzerland is Google Ireland Limited.

We use Google Analytics to analyse user behaviour and, based on the results, make decisions relating to product and marketing optimisation.

In Google Analytics 4, the "IP anonymisation" function is activated by default. This means that Google will truncate your IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be sent to and shortened by Google servers in the United States.

On behalf of the BVG, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website provider. Google states that it will not associate your IP address with any other data held by Google.

4.2.1.2 Consent to data processing

You can consent to the processing of your data by Google Analytics, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager. To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.2.1.3 Use of cookies

Google Analytics uses cookies. These cookies have a maximum lifetime of two years. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.2.1.4 Processed data

The following categories of data are processed:

  • Time of the request
  • IP address (in truncated form)
  • Online identifiers (incl. cookie IDs)
  • Device identifiers
  • User device data (e.g. browser type and version, device type, operating system)
  • User behaviour (e.g. pages/content accessed, access of content from specific website areas, session duration/duration of visit, bounce rate)
  • Use of specific website functions (e.g. journey planner, search queries, downloads)
  • e-commerce activity (e.g. purchased products, sales)
  • Referrer URL (the previously visited page)

4.2.1.5 Contract processor as set out in Article 28 of the GDPR

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Irland

The information processed by Google about your use of the website will generally be transmitted to and processed by Google on servers in the United States.

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

4.2.1.6 Relationship between the BVG and the data processor

Google Analytics is used in connection with a processing contract in accordance with Article 28 of the GDPR.

We have no influence, however, over the type and scope of data processed by Google, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Google uses your data. In particular, Google may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Google, such as your Google account data.

4.2.1.7 Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): we will only store Google Optimize cookies and perform associated data processing operations if you have granted us your voluntary and revocable consent to do so.

4.2.1.8 Duration of data processing

Google will anonymise your personal data 14 months after your last activity, provided there is no legal obligation to store it for a longer period.

4.3 Marketing services

4.3.1 YouTube

4.3.1.1 Purpose of data processing

We use a YouTube channel provided by Google Ireland Limited for our promotional videos. We embed our YouTube videos on our website to provide you with a smooth video experience without the need to switch websites.

4.3.1.2 Consent to data processing

You can consent to the processing of your data by YouTube, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.3.1.3 Use of cookies

YouTube uses cookies. These cookies have a maximum lifetime of two years. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.3.1.4 Processed data

As soon as you access a video, Google will process your personal data (at minimum IP address, browser data, settings).
Prior to viewing the video, you will be asked for your consent to display the video and for Google to set cookies in your browser. Information about what data Google processes and for which purposes can be found in the Google LLC privacy policy: https://policies.google.com/privacy?hl=de&gl=de#infocollect.

We have no influence over the type and scope of data processed by Google, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Google uses your data. In particular, Google may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Google, such as your Google account data.

In all cases, Google will also receive information about the content you view, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile provider, the device you are using (including device ID and application ID), the search terms you used, and cookie information.

4.3.1.5 Controller

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

It is possible that Google Ireland will transfer the data processed from you to a server operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and process this data there.

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.3.1.6 Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): storage of the above-mentioned data and the cookies set in your browser, as well as associated data processing operations, will only be carried out if you have granted your voluntary and revocable consent prior to viewing our videos.

4.3.2 Google Ads (formerly Google Adwords) 

4.3.2.1 Purpose of data processing:  

Google Ads conversion measurement 

We use Google Ads to draw attention to our services on external websites using advertisements (‘Google Ads’). By analysing the data obtained in the advertising campaigns, we can determine the success of our advertising. We do this because our concern is to display advertising that is of interest to you, to make our website more attractive, and to enable a fair calculation of our advertising costs.  

These advertisements are delivered by Google via ‘Ad Servers’. For this purpose, we use Ad Server cookies, which can be used to track certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google Ad, Google Ads will store a cookie on your system. These cookies usually expire after 30 days and are not used to identify you personally. The unique cookie ID, Google Click Identifier (gclid), number of ad impressions per placement (frequency), last impression (relevant to post-view conversions), and opt-out information (marking to indicate that the user does not want to be contacted again) are usually stored as analysis values for this cookie. 

These cookies allow Google to recognise your internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can see that the user has clicked on the ad and been redirected to that website. Each Ads customer is allocated a different cookie. This means that cookies cannot be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data on these advertising campaigns. We receive only statistical evaluations from Google. Using these evaluations, we are able to see which of our advertising is particularly effective. We do not receive any further data collected from the use of the advertising; in particular, we are unable to identify users from this information. 

Based on the marketing tools used, your browser automatically makes a direct connection with the Google server. We have no influence on the scope and further use of data collected by Google by means of this tool and therefore inform you on the basis of our present knowledge that, by integrating Ads Conversion, Google receives the information that you have accessed a part of our website or clicked on one of our ads. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or have not logged in, it is still possible for the provider to obtain and store your IP address. 

Google Ads remarketing 

We use the remarketing function within the Google Ads service. This function allows us to show advertisements to users of our website based on their interests on other websites within the Google advertising network (in Google Search or on YouTube, ‘Google Ads,’ or on other websites). It enables analysis of how users interact with our website, e.g. which services a user is interested in, in order to be able to display personalised advertising to users on other sites after they have visited our website. For this purpose, Google stores cookies on the systems of users who visit certain Google services or websites in the Google Display Network. These cookies are used to record the visits of these users. The cookies are used to uniquely identify a web browser on a particular device, not to identify a person. 

4.3.2.2 Recipient of the data 

Google Ireland Limited 
Gordon House 
Barrow Street 
Dublin 4 
Ireland

More information on Google’s data protection policies can be found here: https://policies.google.com/privacy?hl=en  and https://services.google.com/sitestats/de.html. You can also visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org

4.3.2.3 Use of cookies 

Google Ads uses cookies. These cookies have a lifetime of up to 180 days (only cookies set via this website). You can find detailed information in the list available at the following link: https://business.safety.google/adscookies/.  

4.3.2.4 Data processed 

The following categories of data are processed: 

  • Unique cookie ID  

  • Google Click Identifier (gclid) 

  • Number of ad impressions per placement (frequency)  

  • Last impression (relevant to post-view conversions)  

  • Opt-out information (marking that the user does not want to be contacted again) 

  • User interaction on our website 

  • IP address 

4.3.2.5 Relationship between the BVG and the data processor 

Google acts as a separate controller when processing data as part of Google Ads. Data may be transferred to third countries. More information on this can be found at the end of this privacy policy and here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de.  

4.3.2.6 Legal basis for data processing  

Consent (Article 6(1)(a), 49(1)(a) of the GDPR): we will only store Google Ad cookies and perform associated data processing operations if you have granted us your voluntary and revocable consent to do so. Your consent means that your data may be processed in the USA and other third countries outside the EU. The USA is assessed as a country with an insufficient level of data protection by EU standards. There is a risk that US authorities may access your data, without the possibility of you lodging an appeal.  

You can consent to the processing of your data by Google Ads, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager You can withdraw your consent – with effect for the future but without effect on data processing carried out in the past – in various ways: 

a) by installing the plug-in provided by Google at the following link: https://support.google.com/ads/answer/7395996?hl=en ;  

b) by changing your cookie settings at the bottom of our website pages (grant or withdraw consent).  

4.3.2.7 Duration of data processing 

All data is stored for as long as is necessary to fulfil the state.

4.3.3 Twitter

4.3.3.1 Purpose of data processing

We display short messages (so-called tweets) on our website that we have published on our communication channels on Twitter (embedded tweets). We integrate the messages we publish on Twitter via frame on our website to provide you with a smooth access without the need to switch websites.

4.3.3.2 Consent to data processing

You can consent to the processing of your data by Twitter, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager. To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.3.3.3 Use of cookies

Twitter uses cookies. These cookies have a maximum lifetime of 13 months. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.3.3.4 Processed data

Already when calling up the embedded tweet, Twitter will process your personal data (at minimum the website you visited, your IP address, browser type, operating system and cookie information).

Prior to viewing the embedded tweet, you will be asked for your consent to display the tweet and for Twitter to set cookies in your browser. Information about what data Twitter processes and for which purposes can be found in the Twitter privacy policy.

By including an appropriate code snippet, we have ruled out the possibility of Twitter also using your data to personalise content.

We have no influence over the type and scope of data processed by Twitter, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Twitter uses your data. In particular, Twitter may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Twitter, such as your Twitter account data.

In all cases, Google will also receive information about the content you view, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile provider, the device you are using (including device ID and application ID), the search terms you used, and cookie information.

4.3.3.5 Controller

Twitter International Company
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07
IRLAND

It is possible that Twitter Ireland will transfer the data processed from you to a server operated by Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA, 94103) and process this data there.

Data protection regulations in the United States, however, are not as rigorous as those within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.3.3.6 Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): storage of the above-mentioned data and the cookies set in your browser, as well as associated data processing operations, will only be carried out if you have granted your voluntary and revocable consent prior to viewing our Tweets.

4.4 Transfer of personal data to third countries

Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement and regulatory authorities of those countries. However, if your personal data is transferred to third countries, we will take appropriate measures to adequately secure your data.

Unless an adequacy finding has been made by the EU Commission for the recipient country, the transfer of your data to a third country is protected by standard EU contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en ) concluded with the recipient or by binding internal data protection guidelines. Otherwise, a transfer will only take place if an exception under Art. 49 DSGVO is fulfilled.

5 Facebook fan page

5.1 Purpose of data processing

We operate a Facebook fan page (‘fan page’) in order to draw attention to our services and offers and to enable visitors to the fan page to interact.

5.2 Recipient of the data

Facebook Ireland Limited (‘Facebook’)
4 Grand Canal Square,
Grand Canal Harbour
Dublin 2, Ireland

The BVG has no influence on whether Facebook transfers personal data within its area of responsibility to third countries, for example to Facebook Inc. in the USA, and processes it there. More information can be found in the Facebook Privacy Policy.

5.3 Use of cookies

Facebook sets cookies when you visit the fan page. More information can be found in the Facebook Cookie Policy.

5.4 Data processed

When you visit the fan page, Facebook will process your personal data. More information can be found in the Facebook Privacy Policy.

5.5. Controller

Independent processing by Facebook

When you visit our fan page, Facebook will collect usage data. Under data protection law, Facebook alone is responsible for this data processing. Facebook provides information on this in the Facebook Privacy Policy and its Cookie Policy.

Independent processing by the BVG

When you visit the fan page, you can contact us using the messaging function, the Like buttons, and comments, which we can associate with individual users. The BVG alone is responsible for this data processing.

Processing with Facebook and the BVG as joint controllers

Facebook also collects certain usage data in order to provide us with aggregated and anonymised usage statistics (‘page insights’). Page insights do not allow us to identify the behaviour of individual users, but merely provide us with an overview of the use of the fan page. We ourselves do not have access to the personal data processed for the generation of statistics. Facebook alone determines which usage actions are logged by Facebook; we cannot change or otherwise influence this. This function is a part of the usage agreement with Facebook that cannot be waived by us. This means that we cannot unilaterally decide whether the ‘insights’ data is collected or not.

The BVG and Facebook are jointly responsible for this part of the processing. The BVG and Facebook have concluded an agreement on joint controllership (page insights supplement), which stipulates that Facebook bears primary responsibility for the fulfilment of all obligations with regard to the processing of page insights, and in particular for the exercise of the rights of data subjects.

5.6 Legal basis for data processing:

Insofar as we process personal data when you visit the fan page: Legitimate interest (Article 6(1)(f) of the GDPR): Legitimate interest in tracking usage behaviour on our fan page and consequently being able to optimise the services offered on the fan page, as well as interacting with you.

5.7 Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period. With regard to the data processed by Facebook, we refer to the Facebook Privacy Policy.

6 Your data protection rights

Depending on the circumstances in your specific case, you have the right to:

  • obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • request the rectification, erasure, or restriction of processing of your personal data, provided that its use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

If you wish to assert your rights as a data subject, please send an e-mail to the e-mail address specially set up for this purpose info-datenschutz@bvg.de.

You also have the right to object to processing of your personal data at any time:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation
  • where we process your personal data to perform tasks that are in the public interest and on grounds relating to your particular situation

7 Other information 

7.1 Privacy policy updates

We update this privacy policy to reflect modified functions or changes to the law. We therefore recommend that you read the privacy policy from time to time.

7.2 Contact

If you have any questions, suggestions, or comments on the topic of data protection, please feel free to contact our data protection officer.

Contact information:

Data protection officer
Berliner Verkehrsbetriebe (BVG)
Statutory public body
Holzmarktstraße 15-17
10179 Berlin

or

datenschutz@bvg.de

7.3 Supervisory authority

You can also contact the supervisory authority responsible for Berlin in all questions relating to data protection:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59 - 61 (Visitor entrance Alt-Moabit 60)
10555 Berlin
Phone: +49 (30) 13889-0
Fax: +49 (30) 2155050
E-mail: mailbox@datenschutz-berlin.de

Last updated: 05/10/2023