Privacy Policy

1        General information

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (“BVG” or “we”) complies with statutory data protection regulations. User data is treated with confidentiality. It is only disclosed to third parties to the extent permitted by data protection regulations or if the user provides their consent.

Personal data is any information relating to an identified or identifiable natural person (Article 4(1) of the EU General Data Protection Regulation (“GDPR”)). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.

Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, telephones, and other devices. Cookies cannot run programs or transmit viruses to your computer. They are used to make our website more user-friendly and effective as a whole. When we use the term “cookies” here, we always also mean comparable technologies that are used for similar purposes. We use both first-party cookies and cookies from integrated third-party services on our website.

We use functional cookies to ensure a smooth user experience on our website. We also use marketing cookies to measure the success of our online advertising and to allow us to allocate our advertising budget as effectively as possible. In addition, we use analysis cookies that help us to better understand the use of our website and to tailor our services better to your needs.

If you wish to contact our data protection officer directly, please see section 6.2 for details of how to do so.

2        Introduction to data processing when using the website

The data we process on our website encompasses the personal data required to enable the informational use of our website, to allow you to contact us by email or our contact form, and to use the “My BVG” service. We also use functional cookies and similar technologies (see 3.1 and 4.1) to enable the use of our website. We do not carry out any other processing of personal data unless you have given consent to the processing or there is another legal basis that allows us to do so. This, in particular, covers data you provide on a voluntary basis when contacting us or using the “My BVG” service, as well as data for analysis and marketing purposes (see 4.2 and 4.3).It also includes, for example, data that is processed for the purpose of providing you with your requested journey planning information and, in this context, improving the BVG’s transport services (see 3.7.). You are under no obligation to provide your personal data. If you do not provide your personal data, however, we will not be able to provide the service for which it is required.

If you use our website for purely informational purposes, i.e. not to log in, register, or transmit any other data to us, we do not process any personal data except for the data that is transmitted by your browser to make it possible for you to visit our website and ensure the IT security of the website. This includes your IP address, the date and time of the request, the browser used, and the content of the request. The legal bases for the data processing are Articles 6(1)(b) and (f) of the GDPR. We have a legitimate interest in ensuring the stability and security of the website.

If you have provided your consent to this as set out in Article 6(1)(a) of the GDPR, the aforementioned data will also be processed for marketing and analysis purposes and shared with third parties (see 4.2 and 4.3). In order to securely transfer data between your computer and the website, we use the latest version of the TLS 1.3 encryption protocol, which protects the data from access and manipulation by unauthorized third parties.

Please make sure that your browser is up to date and supports the TLS 1.3 encryption standard. If your browser is not up to date, data is automatically exchanged using a reduced version of TLS that matches your browser's configuration.

3        Use of functions on our website

Below, we set out the ways in which we ourselves process data in connection with the various available functions on our website.

3.1       First-party cookies

3.1.1      Permanently required cookies

3.1.1.1   Type and purpose of cookies

We use first-party cookies on this website. Our cookies are functional cookies required to ensure a smooth user experience on our website. They cannot be disabled.

These cookies enable numerous basic functions such as the following:

  • Order processing for online subscriptions
  • Access to the website’s login area
  • Saving the language selection
  • Saving the font size selection
  • Saving the start and end points of connection enquiries

These are session cookies that are erased when you close your browser.

3.1.1.2      Data processed

The following categories of data are routinely processed:

  • IP address
  • Time of request
  • Device data, e.g. operating system, browser version, screen resolution
  • Settings you make when using our website (e.g. language selection)

3.1.1.3      Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): ensuring a smooth user experience and enabling key basic functions of the website.

3.1.2 Temporarily required cookies

3.1.2.1 A/B testing

     3.1.2.1.1  Purpose of cookies

To help improve our website, we use A/B testing, a method of evaluating two versions of a page on our website. This involves testing the original version of a page against a slightly modified version. Which page version you see is chosen at random.

By setting the cookie, we ensure that you will be shown the same version when you return to our website during the A/B testing period.

     3.1.2.1.2  Cookie storage duration

A/B testing is usually carried out over a maximum of 60 days, but the exact period depends on the complexity of the page being tested. The lifetime of the cookies corresponds to the period of the testing, after which they are erased.

     3.1.2.1.3  Data processed

The following categories of data are processed:

  • IP address
  • VersionA/version B (which version was shown the last time the website was visited)

     3.1.2.1.4  Legal basis for setting cookies

Setting the cookies represents a legitimate interest of the BVG (Article 6(1)(f) of the GDPR): ensuring that the customer is always shown the same version of the website during the A/B testing period.
 

3.2       Contacting us by email or on the contact form

If you contact us by email or on the BVG contact form, your request and the information contained therein will be evaluated in order to determine your reason for contacting us and to allow us to assist you accordingly. We will store your reason for contacting us, your email address, and your name for the purpose of replying to your questions. When you contact us, it is helpful if you limit yourself to submitting information that is only absolutely necessary for your concerns.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment functions.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

3.3       Career page functions and Online Test

3.3.1  Job applications

In the course of making an application, your name, your contact details, your qualifications, and other data you transmit to us will be processed for the purpose of selecting applicants for employment. You are required to enter personal data so that we may review your application and, as applicable, later conclude an employment contract with you. Your application will not be considered if you do not enter personal data. Your application and the personal data it contains will be forwarded internally to the employees who are responsible for making the relevant decisions.

The bases for data processing are Section 26(1) of the Federal Data Protection Act (BDSG) and Section 18 of the Berlin Data Protection Act (BlnDSG). We will process information you provide voluntarily in your application on the basis of Section 26 of the BDSG and Section 18 of the BlnDSG in conjunction with Article 6(1)(a) of the GDPR.

Should you take up employment with us, the data required for the employment relationship will be processed further. All other data will be erased within three months following the end of the application procedure. This time limit for erasure also applies if an employment contract is not concluded after the application procedure has been completed. Legal retention obligations remain unaffected by this.

3.3.1.1 Implementation of the application process

In order to carry out the application process - regardless of whether you submit your application in paper form or online - we require some of your personal data:

First name, last name, address (in the case of the online application process/ video interviews: also email address, for telephone interviews: also telephone number), date of birth, and salary requirement, information on your professional qualifications  (including school education, vocational training, other skills) as well as evidence of corresponding information (including certificates) that you submit with the application. The legal basis for processing is Section 26 (1) sentence 1 of the German Federal Data Protection Act ("BDSG") in conjunction with Section 18 of the Berlin Data Protection Act (BlnDSG).

We must inquire your citizenship or the existence of a valid residence title permitting gainful employment. The legal basis for this query is BVG's obligation to employ persons only if they have a valid work permit (Section 4 (3) Sentence 4 of the Residence Act). A valid work permit is either given if you are in possession of an EU citizenship or a valid residence title permitting gainful employment.

3.3.1.2 Processing of special categories of personal data

The application you submit, including any attached documents, should not contain sensitive personal data. Sensitive data means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data uniquely identifying a natural person, health data, or data concerning a natural person's sex life or sexual orientation.

However, you are free to provide information on your status as a severely disabled person as part of your application.

In some cases, BVG uses telephone or live video interviews as a medium for selection interviews. Conversations are not recorded and no software-based evaluations of verbal and non-verbal behavior are made. The legal basis for conducting a live video interview is your consent pursuant to Art. 6 (1) a) DSGVO.

3.3.1.3 Duration of Storage

The personal data that BVG processes in relation to applicants will be deleted six months after completion of the application process, unless this data is legitimately required for other purposes (e.g. if you start an employment with us). With regard to audio/video transmissions, no recordings are made, so there is no stored data after the transmissions have ended. 

3.3.2 Chatbot

We use a chatbot on our career pages (for more details, see also section 4.5). The chatbot also gives you the opportunity to upload application-related documents in connection with a job posting. From this upload, we generate an email with the documents you uploaded as attachment(s). This email is forwarded exclusively to those people within BVG who are involved in carrying out the application procedures.

3.3.3 Online test for certain job advertisements

An online test is required for certain vacancies, e.g. apprenticeships, driving personnel for qualification, security service employees. If you apply for such a job posting, you will receive an email with a link to the online test after entering your applicant data.

The following personal data will be processed for this purpose: First name, last name, date of birth, gender. The legal basis for this is § 26 BDSG in conjunction with § 18 BlnDSG). The IP address, time and date of access, browser activities and settings as well as login ID data are required for security reasons for authentication and input control; the legal basis for this is Art. 6 (1) f) DSGVO. The evaluation includes the speed of answering the tasks and the correctness of the answers as well as the number of correct answers. An automated decision does not take place.

The legal basis for data processing in connection with the online test, including the evaluation of the online test, is your consent pursuant to Art. 6 (1) a) DSGVO.

As part of the online application process, we have commissioned a service provider who collects the above-mentioned data on our behalf and evaluates the online test.

The commissioned service provider is:

Aon Assessment GmbH

Großer Burstah 18-32

20457 Hamburg

E-mail: info.germany@cut-e.com

We have concluded a commissioned processing agreement with Aon Assessment GmbH in accordance with Art. 28 DSGVO. This order processing ensures that your personal data is only processed as instructed by BVG and in accordance with data protection regulations.

Data will only be passed on to third parties if we are legally permitted or obliged to do so, or if you consent to this.

3.3.4 Applicant pool

BVG has an applicant pool in which certain data of applicants can be included. Individual consent is obtained from applicants for this purpose. If you have any queries about the applicant pool, please contact recruiting@bvg.de.

We process the data in the applicant pool based on the consent of the applicants. The legal basis for the processing is Art. 6 (1) a) DSGVO.

3.3.5 “Jobalert” newsletter

You can subscribe to our “Jobalert” newsletter if you provide your email address, your name, and your job interests. The “Jobalert” newsletter will notify you when a job that matches your search criteria is advertised.

If you subscribe to the “Jobalert” newsletter, we will store your IP address, the sign-up date, and your confirmation of sign-up. This information is stored only as a means of proof in the event that a third party misuses an email address and signs up for “Jobalert” without the valid user’s knowledge.

The legal basis for this processing is your consent as set out in Article 6(1)(a) of the GDPR. We will store your email for as long as you are subscribed to “Jobalert”.

Your consent is obtained with the aid of the double opt-in procedure. You will receive an email containing a link that you must click on to confirm that you are the owner of the email address and wish to receive notifications through our email service. If you do not confirm your subscription to the newsletter within two weeks following receipt of the confirmation email, we will not process the personal data you provided. Instead, this data will be automatically erased. You can unsubscribe from “Jobalert” at any time by clicking on the link contained in every “Jobalert” or by sending us a message using the contact details set out above. The data you provided during sign-up will be erased when you unsubscribe.

3.4     BVG-Account

If you would like to use the BVG-Account, you must sign up to do so, providing your name, first name, your email address, and a password you choose. We use the double opt-in procedure for sign-ups, i.e. your sign-up is not completed until you have confirmed that you wish to sign up by clicking on the link in a confirmation email we send you for this purpose. If your confirmation is not received within 24 hours, the personal data you provided is automatically erased from our database.

You can also use an existing BVG-Account to sign into the BVG apps as well as  the Abo-Online self service. Your BVG-Account will then be associated with the corresponding BVG Service and the above-mentioned data from your BVG-Account (surname, first name, password) will be used (“single sign-on”, or SSO for short).

3.4.1 Duration of storage

We will also save the data you provide for the duration of your use of the account, unless you erase it yourself. You can manage and change any of the data you provide in your password-protected customer account yourself.

Your personal data is processed solely for the purpose of using the BVG-Account.

If you decide to delete your BVG-Account, your account data will first be blocked from further processing, with the exception of processing that is required in compliance with legal obligations or rights (see the respective chapters in the privacy notices of the BVG apps.) and then deleted. Your request for erasure may, however, conflict with statutory provisions or rights on the part of the BVG. As such, your data may not be erased if the BVG is required to comply with legal obligations to retain data (e.g. for commercial or tax law reasons) or if processing of your data is required for the establishment, exercise, or defence of legal claims, e.g. if we initiate legal proceedings against you for misconduct during use of our services or for payment reasons.

The legal bases for the data processing are Articles 6(1)(a) and (b) of the GDPR.

3.4.2 Disclosure to third parties

The single sign-on service is provided by our service provider akquinet AG - (Paul-Stritter-Weg 5, 22297 Hamburg).

The disclosure of personal data to these service provider for the single sign-on service is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.5       Ticket subscriptions and corporate tickets

If you want to sign up for a ticket subscription (transferable and personal tickets) and renew an existing subscription, we will process your personal data as set out below.

3.5.1      Ticket subscriptions

3.5.1.1     Categories of personal data for contract performance

We process your personal data in connection with your subscription contract. For transferable season tickets (annual and monthly eco-tickets, 10 o’clock monthly tickets), we require your full name, address, date of birth, gender, account details (except for the school student ticket Berlin AB), payment frequency (monthly or annually), and, as required, the full name, date of birth, gender, and address of your legal representative or guardian/carer.

For personal season tickets (VBB subscription ticket 65plus, school student ticket, trainee ticket), we also require your photo and credentials in addition to the information above. The legal basis for processing this data is Article 6(1)(b) of the GDPR. A photograph is required for us to issue the season ticket in your name. The photograph is electronically processed, digitised as an image file, and stored exclusively for the time and for the purpose of producing the electronic ticket in the form of the non-transferable VBB fahrCard. The stored image file is erased no later than two months following dispatch of the VBB fahrCard. The picture will not be returned; paper-based photographs will be destroyed.

The credentials (e.g. front and back of the student ID for a student ticket; certificate with hologram for the VBB-Abo Azubi; training contract for a trainee / student; personal document as proof of age for a VBB-Abo 65+) is required to check your eligibility for the requested ticket. Submitted proofs with the completion of a subscription will be deleted 10 days after the ticket has been sent. If the credentials are only required for a check (e.g. proof of student status over the age of 16), but not for a new ticket to be issued, the credentials will be deleted no later than two months after the review. The required credential is specified in the respective fare product.

Providing us with your telephone number and email address is voluntary, but if you do, it will be easier for us to contact you if we need to. We process and use this information solely for the purpose of managing contractual matters with you. The legal basis for this is your consent as set out in Article 6(1)(a) of the GDPR. You can withdraw your consent at any time.

In addition, we process pseudonymised ID numbers on the chip card in order to verify its authenticity, as well as our customers’ personal data, if this is required in the course of providing our services. This may include, for example, personal data processed during ticket inspections (e.g. name of passenger not in possession of a valid ticket, time and place of inspection, penalty charge amount) or data in connection with operational incidents. The legal bases are Articles 6(1)(b) and (f) of the GDPR.

We would like to point out that you are generally not obliged to provide personal data. Under certain circumstances, however, it may be necessary to provide the data for conclusion or performance of a contract with the BVG. In such cases, failure to provide personal data may mean that you cannot enter into a subscription contract with us. In the event of ticket inspections, refusal to provide data may result in the identification of persons and the provision of necessary data having to be carried out with the assistance of the police.

3.5.1.2     Disclosure to third parties

We will only disclose your personal data to third parties if this is necessary for the above-mentioned purposes. This may involve the disclosure of personal data to marketing service providers for ticket sales, to service providers for printing tickets/chip cards and to check the authenticity of the VBB fahrCard, to debt collection agencies for the enforcement of claims, and to IT service providers for data storage and maintenance purposes. The disclosure of data in the above-mentioned cases is based on Article 28 of the GDPR, in each case in connection with a processing contract.

We will disclose the personal data required and provided in connection with your SEPA direct debit mandate to the bank that we use to collect payments, which will carry out this transfer of funds and the associated processing of your personal data as an independent entity.

We have contracted our IT service provider

Sal.A iT-Services GmbH
Albertstr. 12, D-10827 Berlin,
email: info@sal-a.de

to carry out processing of subscription ticket orders the verification of the photo and the credentials. In this case, too, a processing contract has been concluded in accordance with Article 28 of the GDPR.

If it is determined during the ordering or verification process that the credentials or photos you uploaded are not verifiable, we will inform you of this circumstance via our service provider and provide instructions on how to proceed. The legal basis for this is Art. 6 para. 1 lit. b) DSGVO. The contact is necessary in order to be able to conclude or execute the contract you have requested.

In some cases, we also transmit personal data to credit agencies prior to the conclusion of a subscription contract and prior to substantial changes to a subscription contract in order to check the creditworthiness of the subscriber. The legal basis is Article 6(1)(f) of the GDPR. Our legitimate interest is in avoiding payment defaults.

If we disclose personal data to debt collection agencies in accordance with Article 6(1)(f) of the GDPR, we are pursuing our legitimate interest in asserting, exercising, and defending our legal claims.

3.5.1.3     Duration of storage

We store the personal data concerning you for as long as it is required for the respective purposes for which it was processed. If there is a legal obligation to retain data (e.g. for tax reasons), personal data required for this purpose we will process for the duration of this retention period.

3.5.2      Corporate tickets

We process your personal data in connection with your corporate ticket contract (photograph, name, address, company affiliation, account details, payment information). The legal basis is Article 6(1)(b) of the GDPR.

Your photo is required because the corporate ticket is a personal, non-transferable season ticket. If you do not provide one, a corporate ticket cannot be issued in your name. The picture is electronically processed; it is digitised as an image file and stored exclusively for the time and for the purpose of producing the electronic ticket in the form of the non-transferable VBB fahrCard (here as a corporate ticket). The stored image file is erased no later than two months following dispatch of the VBB fahrCard. If you require a replacement for your non-transferable ticket, you will need to resubmit your photo.

In addition, we will send your corporate ticket application to your employer so that they can confirm that you are eligible to participate in the corporate Ticket.

We would like to point out that you are generally not obliged to provide personal data. Under certain circumstances, however, it may be necessary to provide the data for conclusion or performance of a contract with the BVG. In such cases, failure to provide personal data may mean that we are unable to provide you with your requested corporate ticket or any other services.

Sections 3.5.1.2 (Disclosure to third parties) and 3.5.1.3 (Duration of storage) shall apply accordingly.

3.5.2.1 Digital information events for the corporate tickets

BVG offers digital information events for interested companies. These events are held online (video conference) via Microsoft Teams. For your registration and participation in the online event, the processing of your e-mail address by BVG is required. You can find more information about the processing of your data by Microsoft at: https://privacy.microsoft.com/en-us/privacystatement.

The legal basis is Article 6(1)(b) of the GDPR. 

3.5.2.2 Call-back service for interested companies

BVG offers a call-back service for interested companies. For your registration and participation in this service, the processing of your contact data (name, company and telephone number) by BVG is required. Registration takes place via the chatbot (see chapter 4.1.5). The legal basis for the data processing is Article 6(1)(b) of the GDPR.

3.5.3      Ticket inspections and increased transport charge

During ticket inspections, the validity of the respective tickets is checked. In the case of personalised tickets, the ticket may be checked against an official photo ID (e.g., for mobile phone and print tickets). When checking fahrCards, the following data stored on the fahrCards is visible to the control personnel:

  • Maximum period of validity for the fahrCard
  • Card number
  • Customer contract partner
  • Surname, first name (for personal tickets)

If the validity cannot be determined, the increased transportation charge is forfeited. In this case, the following data may be collected from you:

  • Name, first name,
  • date of birth,
  • sex,
  • address,
  • email address,
  • bank details,
  • name and address of legal representatives,
  • Time, place and other circumstances of the incident relevant for legal prosecution, including claims.

The data processing required in this respect is based on § 4 of the "Ordinance on the Processing of Personal Data at Berliner Stadtreinigungsbetriebe, Berliner Verkehrsbetriebe and Berliner Wasserbetriebe" (BlnBetrDatVO). The data will be deleted or blocked two years after the last relevant incident, but at the earliest when the transaction - in your case the receipt of payment - has been processed.

In the event of ticket inspections, refusal to provide  personal data may result in the identification of persons and the provision of necessary data having to be carried out with the assistance of the police.

3.5.4  BVG Club

If you have a BVG ticket subscription (except for school student, trainees and corporate tickets), you can register for the BVG Club. Registering for the BVG Club opens up access to the world of benefits via the platform of the company cb loyality GmbH, on which various providers have offers available.

Your surname, first name, e-mail address and the expiry date of the subscription will be transmitted to cb loyalty GmbH for the purpose of legitimisation or to prove that you are entitled to use the world of benefits. The legal basis for the data transfer is Article 6 (1) (a) GDPR.

Further data may be processed directly by cb loyalty GmbH as an independently responsible entity. For further information on data processing by cb loyalty, please visit https://www.cb-loyalty.com/datenschutz.html.

3.6 Purchases of tickets for special events

Special events are trips on the open-roofed underground train, on historical vehicles, etc.

3.6.1 Purchase process

You can buy tickets for special events in our online shop.

The BVG will process the following data required to process the transaction and to perform the contract:

  • Surname
  • First name
  • Email address
  • The ticket user (if different to the purchaser) and any further ticket users
  • Date of birth
  • Company (if applicable)
  • Telephone number (if applicable)
  • Full postal address
  • Mobile device information
  • Payment method information
  • Confirmation of ticket download
  • Device information (incl. operating system version and build)

This data is required in order to process your ticket purchase. The legal basis is Article 6(1)(b) of the GDPR. The data will be stored for a period of ten years and then erased.

Tickets for special trips can be paid for using one of the third-party payment methods “PayPal”, VISA, or Mastercard. The data associated with your payment method (first name, surname, address, email address) will be requested by the provider and used for the purchase. We will also store it in our backend system together with the payment method, device type, and information regarding your agreement with the T&Cs.

The ticket shop is operated by eos.uptrade (Schanzenstraße 70, D-20357 Hamburg). eos.uptrade processes your data on behalf of the BVG and in accordance with a processing contract concluded with eos.uptrade as set out to Article 28 of the GDPR.

3.6.2 Payments by credit card [LogPay Financial Services GmbH]

If using a credit card (VISA, Mastercard), your customer data (first name and surname, date of birth, address, gender, email address) will be transmitted to our external financial services provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, D-65760 Eschborn, referred to below as “LogPay”). The payment method data (credit card details, information on your ticket purchases) is collected directly by LogPay, as claims against you are assigned to LogPay when you purchase a ticket. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing, as the involvement of a large number of mobility providers gives rise to considerable complexity in payment processing.

LogPay is the sole controller responsible for processing your personal data. More information on how LogPay processes data can be found at here.

3.6.3 Payments by PayPal

You can pay for special trip purchases in the ticket shop using the online payment service provider PayPal. The provider of this payment service is (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter “PayPal”). If you select PayPal as your payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. This data typically includes your name, your address, your telephone number, your IP address, your email address, and other information required for order handling and your specific order.

PayPal is the controller responsible for processing your personal data. The legal basis for the data processing when using PayPal is Article 6(1)(f) of the GDPR. We have a legitimate interest in offering you a wide range of payment options and outsourcing payment processing.

If required for the purpose of completing the order, PayPal may also disclose data to third parties. PayPal will also transmit personal data to credit agencies, e.g. SCHUFA, in order to establish your identity and creditworthiness.

More information on how PayPal processes data can be found at PayPal

3.7 Ticket sales via third parties

You can purchase personalised 24-hour tickets and tourist products such as the BVG Berlin Welcome Card and Berlin City Tour Card as digital tickets from third-party providers. These third-party providers use agents (here: Distribusion or Tranzer) to make these digital tickets available to customers. The payments are processed directly via the third-party providers’ booking platforms. Their privacy policies apply. In order to be able to issue a digital ticket, the following customer data is transmitted to BVG via the agents:

  • First name
  • Surname
  • Fare type
  • Valid-from date
  • Email address for delivery and invoicing

BVG then creates the digital ticket with the first name and surname of the customer. The BVG will process the following data required to process the transaction and to perform the contract:

  • Information on the order object:
          • Ident (database id for a current request)
          • IdentExternal (class)
          • Description (product description)
          • Product type
          • Valid-from date
          • Product manager
          • Fare version
          • Product group
          • Number of authorisations
          • Price

The digital ticket is then made available to the customer by the third-party provider used by the customer.

3.7.1 Disclosure to third parties

In order to create a digital ticket, the data of the contracted third-party provider is disclosed to our service provider Systemtechnik GmbH (Wielandstraße 12, 99610 Sömmerda) via our agents Distribusion Technologies GmbH (Wattstraße 10, 13355 Berlin) or Tranzer B.V. (Stationsplein 61, 3818 LE Amersfoort, Netherlands). Systemtechnik GmbH is the developer and system operator of the background system in which the ticket purchase data is processed in order to create the digital tickets. Systemtechnik and Distribusion or Tranzer process the customer data provided by the third-party providers on behalf of BVG and in accordance with the respective processing contract concluded pursuant to Article 28 of the GDPR. The processing of customer data within the scope of the third-party providers is carried out by the respective operator of the external booking platform as an independent responsible entity. Further information on this data processing can be obtained from the respective operator.

3.7.2 Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or other legal reasons to retain it. For tax-related reasons, ticket purchase data will be stored for a period of ten years and then erased.

3.8 Kombitickets

In cooperation with various event organisers, special tariff offers (special tickets or Sonderfahrausweise) with a limited period of validity and/or limited area of validity can be issued for special and major events. This also applies to our combination tickets (Kombitickets). These Kombitickets are admission tickets, theatre box office receipts, invitations, hotel passes, or participant passes with travel authorisation. Insofar as such event tickets with travel authorisation are issued online or digitally or made available as print tickets, they are personal tickets. For this purpose, the organiser shall only provide BVG with the surname and first name for the purpose of issuing this personal ticket for the event ticket.

BVG shall provide the organiser with personal download links for retrieving the ticket from the BVG ticket shop. When the event participant retrieves the ticket, the IP address is processed.

The mentioned personal data will be processed until full settlement with the organiser and then deleted. Legal basis Article 6 (1) (b) GDPR.

The BVG ticket shop is operated by eos.Uptrade (Schanzenstraße 70, 20357 Hamburg). eos.Uptrade processes the data on behalf of BVG and in accordance with the order processing agreement concluded with eos.Uptrade in accordance with Article 28 GDPR.

3.9 Planning journeys

If you search for a connection, we will collect the following data:

  • Starting stop or station
  • Destination stop or station
  • Depending on the request: date and desired departure/arrival time
  • Depending on the request: changes, sections on foot, forms of transport, route numbers
  • Time of request
  • Device type (iPhone or Android)
  • Location data (GPS data), if applicable
  • IP address

3.9.2 Purposes of data processing

       3.9.2.1 Planning journeys

We process this data in order to provide you with the journey planning information you request. For this purpose, we suggest possible connections and the ticket required for the route based on your search criteria. The legal basis is Article 6(1)(b) of the GDPR.

If you use the app for timetable information, only your IP address will be stored, and only for the time during which this information is requested and processed. We store the IP address separately from journey planning data for a further 90 days in order to quickly identify any IP addresses sending extremely high volumes of enquiries, which can not only cause disruptions but also violates the terms and conditions of use. It is then erased.

        3.9.2.2 Crowdedness predictions

In order to allow you to use our services as comfortably as possible and to best provide these services in line with demand, we also use the journey planning requests we receive to evaluate how busy our services are and to predict and ensure smooth connections wherever possible. To allow us to carry out these evaluations, the data associated with your journey planning requests is separated from your IP address to prevent it from being used to identify you personally. Evaluation of requests we receive allows us to predict passenger numbers on our different forms of transport if you actually take the route we suggest.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest). The BVG has a legitimate interest in providing efficient, economical, and demand-oriented transport services. It also has a legitimate interest in providing comfortable, pleasant transport for its customers, including during peak and rush hours.

         3.9.2.3 Improvements to BVG services

We also use the journey planning requests we receive to carry out evaluations that allow us to provide passenger information and guidance, to optimise our services, for infrastructure planning, and to improve safety. Before these evaluations are carried out, the data associated with your journey planning request is separated from your IP address and device information and then stored on a separate server. We also take further steps to pseudonymise or aggregate the data. Pseudonymisation of request data is carried out to prevent you from being identified personally in the absence of further data.

Evaluating these pseudonymised requests allows us to estimate traffic flows on the assumption that at least some passengers will actually use the routes we suggest. We use this information to perform various tasks that are in the public interest and that the BVG is required to fulfil. Ultimately, it is used to better align the BVG’s services with customer requirements (e.g. demand-oriented route planning and smooth connections).

The legal basis for this data processing is Article 6(1)(e) of the GDPR (performance of a task carried out in the public interest) in conjunction with Section 24(1) of the Berlin Public Services Act (BerlBG). Specifically, the BVG, acting as the body responsible for providing public transport services in Berlin (Section 3(4) of the BerlBG in conjunction with Section 1(1)(a) of the BVG byelaws), assumes tasks relating to the development of public transport services set out in the Berlin Mobility Act (Sections 27(3), 1, 16(6)(3)) in conjunction with the Berlin Public Transport Plan and in conjunction with the Mobility and Transport Urban Development Plan. The BVG is responsible for providing passenger information and guidance during disruptions and engineering works, including the provision of replacement services. The BVG is also responsible for optimising its public transport services. This includes planning routes and services in line with demand, finding and closing gaps in the network, and improving the quality of connections. The BVG also performs tasks in the areas of infrastructure planning and passenger safety.

Supplementary to the information on your rights provided in section 5, we would like to point out that you have, in particular, the right to object to processing of your personal data for the performance of tasks that are in the public interest at any time, provided there are grounds relating to your particular situation. To exercise your right to object to processing, please use the contact details provided in section 6.2. If you exercise your right to object to processing, we will check whether the conditions of Article 21(1) of the GDPR are met. This means that we will check the grounds you state for objecting to processing and any grounds for further processing in the specific case as set out in Article 21(1)(2) of the GDPR, and, as necessary, weigh them against each other. We will inform you of the result of this check within the legal deadlines. If it finds in your favour, we will also uphold your objection within the legal deadlines.

We store the data collected for the aforementioned purposes for 90 days and the evaluations generated from the data for three years. After that time, we erase or anonymise the data. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person. The lawfulness of anonymisation is set out in Article 6(1)(e) of the GDPR in conjunction with the regulations set out above, and in Article 6(1)(f) of the GDPR. We have a legitimate interest in anonymising the data we collect in order to enable its long-term storage for transport planning purposes.

    3.9.2.4 Processing of GPS data

In order to determine the nearest starting stop or station and any sections of the route to be taken on foot, you can set your browser to automatically enable location data. We process GPS data for this purpose, i.e. mobile sensor data generated by movement or direction.

For this purpose, you need to allow your browser to access location services through your device’s operating system and its permissions system (“location tracking”). In this case, however, we only collect the location determined by your device if you tap the location icon. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function, as do browsers on local devices. The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as your location is only determined and transmitted to us if you use journey planning functions that we can only provide if we are aware of your location. You can enable or disable this function at any time by going to your browser’s or operating system’s settings.

Please note that GPS data is also processed for the purpose of improving the BVG’s transport services. More information can be found in section 3.9.2.3.

    3.9.2.5 Call-a-bus service

In the event that you use the telephone call-a-bus service or the door-to-door service at night, your telephone number will be stored for 24 hours on completion of the journey and then erased. This data is stored for the purpose of tracking booked and completed journeys, and to notify users of journey-related information, e.g. delays. The legal basis is Article 6(1)(b) of the GDPR.

    3.9.2.6 Door-to-door service

For the registration of the door-to-door service at night, the pick-up location is stored until the completion of the journey and then erased. This data is stored for the purpose of tracking booked and completed journeys. The legal basis is Article 6(1)(b) of the GDPR.

    3.9.2.7 Troubleshooting

If a technical error occurs during the processing of data from journey planning requests in the technical systems used for this purpose (e.g. in the system used to improve the BVG’s services), we process information related to the error (including information on journey planning requests, if applicable). We do this in order to correct errors in the technical systems used to provide journey planning information and in which data from journey planning requests are processed, and to ensure system security.

This information is processed to allow us to pursue our legitimate interest in ensuring the stability and security of our IT systems (Article 6(1)(f) of the GDPR).

3.9.3 Duration of storage

Unless specifically stated otherwise, all data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

3.9.4 Disclosure to third parties

For the aforementioned data processing operations, we use the service provider Hacon Ingenieurgesellschaft mbH (Lister Str. 15, D-30163 Hannover), with which we have concluded a processing contract as set out in Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instruction and is not disclosed or processed for other purposes.

Where Hacon Ingenieurgesellschaft GmbH uses other processors, your data may be processed in countries outside the European Union. Specifically, this concerns the data processing set out in section 3.8.2.3. Data protection regulations in the United States, in particular, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data. Further information on safeguards to ensure secure data transfer can be found in section 4.4 below.

3.10 Participation in competitions

3.10.1 General information

We organise competitions. Anyone is eligible to take part, unless the rules stipulate otherwise: employees of the BVG or its wholly-owned subsidiaries (hereafter: “BVG”), for example, may not be eligible to participate in certain competitions, or entry to the competition may be restricted to persons above a certain age. Details for each competition can be found in their conditions of participation.

3.10.2 Categories of personal data

In general, we process personal data in the form you use to provide it for the purpose of entering the competition. This means that we will store your postcard or your email address with the personal data they contain that is required to participate, determine the winner(s), and issue the prize. The data required is always dependent on the specifics of the competition, and may include your name, your contact details, your address or email address, your telephone number, as well as, for employees of the BVG or its wholly-owned subsidiaries, your organisation unit and company ID number. Any and all data you provide is on a purely voluntary basis. If you do not provide the required data, however, you cannot take part in the competition.

On competitions accessed via the “Profil” app (only for use by BVG employees), an email address must generally be provided. We also process the following personal data: data you enter when logging in (email address, first name, last name), a login time stamp, and your solution. The general information on data processing for use of the PROFIL app www.profil-app.de/legal/datenschutzerklaerung further applies.

We process personal data by storing it in analogue form (i.e. correspondence received by post) in a location that is only accessible to authorised personnel, or by storing emails, to which again only authorised BVG personnel have access. The data is processed exclusively for the purpose of running the competition, in particular to determine a winner. If you are a winner, we will contact you at the postal or email address you provided.

The legal basis is Article 6(1)(b) of the GDPR.

Your personal data is not used for any purpose other than the competition. In particular, your data will not be used for marketing purposes or disclosed to third parties.

We do, however, reserve the right to publish the first and last name of winners, as well as their place of residence and prize. This is a condition of participation in the competition. The legal basis is Article 6(1)(f) of the GDPR. The BVG’s legitimate interest is in making it transparent that the competition has taken place and a winner has been selected.

3.10.3 Duration of storage

In general, we only store personal data until the competition has ended and a winner has been selected. Following this, the postcards are destroyed (shredded) and emails are erased.

The only exception is if the winner is a BVG employee, in which case the following personal data must be processed further for tax-related reasons: last name, first name, value of prize.  We only store this data for as long as is required by the relevant taxation law. The legal basis is Article 6(1)(c) of the GDPR in conjunction with the relevant tax regulations.

3.10.4 Disclosure to third parties

The personal data concerning you that is required for participation in a competition may be transmitted to service providers contracted by us to run competitions for the purpose set out above.

The disclosure of personal data to our service providers for running competitions is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.11       Market research

3.11.1      Purpose of data processing

We conduct market research through our website from time to time. Hyperlinks direct visitors interested in participating to the G3plus market research tool provided by our contracted company Rogator AG, Emmericher Str. 17, D-90411 Nürnberg (“Rogator”).

Anyone is eligible to take part, unless the market research exercise requires otherwise: employees of the BVG or its wholly-owned subsidiaries (hereafter: “BVG”), for example, may not be eligible to participate in market research exercises, or participation may be restricted to persons above a certain age. Details for each market research exercise can be found in their conditions of participation.

3.11.2      Categories of personal data

In general, we process and save personal data in the form you use to provide it for the purpose of entering the competition. The data required is always dependent on the specifics of the market research exercise. As a rule and in most cases, however, we do not request data such as your name, address, or email address when conducting market research.

On some projects, it may be necessary for us to request your name, contact details, address, or email address. In such cases, all information relevant to data protection will be listed separately and all necessary declarations of consent will be obtained before data is stored. Any and all data you provide is on a purely voluntary basis.

Data processing is carried out solely for the purpose of conducting and evaluating the market research exercise. The data will be stored on Rogator AG servers and, for the purpose of evaluation, on BVG servers, to which only authorised BVG personnel have access. The legal basis is Article 6(1)(a) of the GDPR.

3.11.3      Duration of storage

In general, personal data is stored for as long as it is required for the market research (i.e. the collection of data) and evaluation. The data is then erased.

3.11.4      Disclosure to third parties

The personal data concerning you that is required for a market research exercise and that you provide with your voluntary consent may be transmitted to other service providers contracted by us to conduct market research exercises for the purpose set out above.

The disclosure of personal data to these service providers for conducting market research is based on Article 28 of the GDPR, in each case in conjunction with a processing contract that ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to any other parties or processed for other purposes.

3.12   BVG prepaid card

The BVG prepaid card can be used to pay for tickets on BVG buses and in BVG customer centres. For this purpose, the BVG is cooperating with its partners AVS – Abrechnungs- und Verwaltungs-Systeme GmbH, part of Landesbank Hessen-Thüringen (Helaba), and transact Elektronische Zahlungssysteme GmbH. The partners each process the data under their own responsibility.

The BVG prepaid card is issued by Helaba. Helaba is the independent controller responsible for processing the data. Information on how Helaba processes data can be found at https://www.helaba.com/de/ueber-uns/rechtliche-hinweise/datenschutz.php

The prepaid card can be topped up at the e-pay website https://www.bvg-guthabenkarte.de, provided by transact Elektronische Zahlungssysteme GmbH. transact is the independent controller responsible for processing the data. Information about what data transact processes and for which purposes can be found in the transact privacy policy at https://www.bvg-guthabenkarte.de/datenschutz.

3.13 Automated decision-making

We do not use automated decision-making, including profiling.

4        Integrated third-party services

We integrate the services of third-party providers for some of the features on our website. In the following, we distinguish between functional services, analysis services, and marketing services.

4.1        Functional services

Functional services enable you to use our website smoothly and are mandatory for using our website.

4.1.1      Consent manager

4.1.1.1     Purpose and scope of data processing

We use the “Consent Management Provider” cookie consent manager (hereafter: “consent manager”) provided by consentmanager AB, Sweden, to obtain consent for data processing or the use of cookies and comparable technologies. With the help of the consent manager, you can grant or deny your consent for all functions or grant your consent for specific purposes or specific functions.

Settings you make can be changed later here. The purpose of integrating this service is to allow users of our website to decide whether to allow the use of non-functional cookies and to give them the option to adjust any settings they have made during further use of our website.

The consent manager stores your data for as long as your user settings are active. You will be prompted to provide your consent again if there are changes to the relevant cookies or other applications to which you have consented and which may result in changes to the processing of your data, or at the latest one year from the last time your user settings were processed. Your user settings will then be stored again for this period of time.

4.1.1.2     Use of cookies

The consent manager uses cookies. These cookies have a maximum lifetime of one year.

4.1.1.3     Processed data

The following categories of data are routinely processed:

  • IP address
  • Time and duration of visit
  • Device data, e.g. operating system, browser version, screen resolution
  • Pages visited
  • Consent information

4.1.1.4     Contract processor as set out in Article 28 of the GDPR

consentmanager AB
Håltegelvägen 1b
72348 Västerås
Sweden

4.1.1.5     Relationship between the BVG and the data processor

The consent manager is used in connection with a processing contract as set out in Article 28 of the GDPR, under which consentmanager AB may only use your data in accordance with our instructions.

4.1.1.6     Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): ensuring that non-functional cookies are only used if consent has been granted.

4.1.1.7     Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

4.1.2      Cloudflare

4.1.2.1     Purpose of data processing

This website uses functions provided by Cloudflare, Inc. (hereafter: “Cloudflare”). Cloudfare operates a content delivery network (CDN) that enables us to maximise the performance of our website.

4.1.2.2     Use of cookies

Cloudfare does not use cookies.

4.1.2.3     Processed data

When you visit our website, Cloudfare will process and store user data. This includes the following:

  • IP address
  • Device data, e.g. operating system, browser version, screen resolution
  • Information about traffic to and from our website

4.1.2.4     Eingesetzter Auftragsverarbeiter gem. Art. 28 DSGVO

Cloudflare, Inc.
101 Townsend St
San Francisco
CA 94107
USA

Your data that Cloudfare uses may be processed in countries outside the European Union. Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the USA or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.1.2.5     Relationship between the BVG and the data processor

Cloudfare is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Cloudfare may only use your data in accordance with our instructions.

4.1.2.6     Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): maximising website performance.

4.1.2.7     Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

4.1.3      Google Tag Manager

4.1.3.1     Purpose of data processing

This website uses Google Tag Manager, provided by Google Ireland Limited (hereafter: “Tag Manager”).

We use Google Tag Manager to control the use of code snippets (tags), e.g. tracking code, on our website. Google Tag Manager allows us to replace website code quickly and easily using a web interface, without the need to access the source code.

If Google Tag Manager is used to perform other functions that may collect and process your data, details can be found in the relevant sections elsewhere (e.g. Google Analytics).

4.1.3.2     Use of cookies

Google Tag Manager does not use cookies.

4.1.3.3     Processed data

When you visit our website, Google Tag Manager will process and store user data. This includes the following:

  • IP address
  • Device data, e.g. operating system, browser version, screen resolution

4.1.3.4     Contract processor as set out in Article 28 of the GDPR

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

Your data that Google uses may be processed in countries outside the European Union. Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.1.3.5    Relationship between the BVG and the data processor

Google Tag Manager is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Google may only use your data in accordance with our instructions.

4.1.3.6     Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): quick and easy management of website tags.

4.1.3.7     Duration of data processing

Google will anonymise your personal data after nine months, provided there is no legal obligation to store it for a longer period.

4.1.4      Instapage

4.1.4.1     Purpose of data processing

We use Instapage, provided by Instapage Inc. (“Instapage”), to display web pages for specific products, product features, or marketing promotions (landing pages). Landing pages may contain contact forms.

4.1.4.2     Use of cookies

Instapage uses cookies. These cookies have a maximum lifetime of one year.

4.1.4.3     Processed data

Instapage will process the following data when you visit one of our landing pages:

  • IP address
  • Date and time
  • Page views, incl. title and URL
  • Referrer URL
  • Accessed and downloaded files
  • Clicks on page elements or links to other pages
  • Time required to display the page
  • Device information (language settings, screen resolution, browser type/version)

If you get in touch with us using one of these contact forms, we will store the following information in addition to the data you provide:

  • IP address
  • Time the form was sent
  • The page on which you completed the form

4.1.4.4     Contract processor as set out in Article 28 of the GDPR

Instapage Inc.
303 Second Street
Suite 901 South Tower
San Francisco, CA 94107
USA

Instapage is based in the US and processes personal data outside the EU. Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.1.4.5     Relationship between the BVG and the data processor

Instapage is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Instapage may only use your data in accordance with our instructions.

4.1.4.6     Legal basis for data processing, purpose of data processing

Legitimate interest (Article 6(1)(f) of the GDPR): we use Instapage in the interest of displaying aspects of our online services in a flexible and appealing way.

4.1.4.7     Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period.

4.1.5      Contacting us using the chatbot

For the purposes of this privacy notice, "chatbot" refers to all service bots offered by BVG, such as the career bot, service bot and corporate ticket bot.

4.1.5.1     Purpose of data processing

The chatbot provides the fastest way for you to send and receive a reply to enquiries and is available 24 hours a day. You can also use online forms or text input boxes in the chatbot to send requests to the BVG for processing. Based on the content of your request, the chatbot will forward it to the relevant BVG agent to ensure it is dealt with as quickly as possible.

If you contact us using the chatbot, your conversation with the chatbot will be evaluated in order to determine your reason for contacting us, to allow us to assist or reply to you, and to enable resumption of the conversation at a later time.

4.1.5.2     Use of cookies

The chatbot uses cookies (local storage). Their lifetime is unlimited.

4.1.5.3     Processed data

If you use our chatbot, your data will be processed.  These are:

  • IP address
  • UserID
  • ConversationID
  • if necessary any data you enter

When you use the chatbot for the first time, a randomly generated UserID will be assigned to you. The UserID is stored in your browser until you erase your browser history. If you want to use the bot again after deleting your browser history, a new UserID will be randomly generated. In this case, you may have to re-enter any answers you previously clicked on or any questions and other information you previously entered. When you use the bot again, your browser will transmit the UserID to the bot. This allows you to continue a previously interrupted conversation, search, or input in the bot at any time (similar to setting cookies on websites). Any conversations, searches, or inputs you started are also created and stored in your browser events. To help us constantly improve the bot, we record events such as “bot was displayed” and click events such as “user clicked on answer X”. For this purpose, we use ConversationIDs, which are generated within the bot’s database in a similar way to the UserID. They are used as an object identifier and are integral to the design of the bot, as database entries require a unique identifier.

The user data entered using the chatbot is collected by our service provider and made available to the BVG for further processing.

4.1.5.4     Contract processor as set out in Article 28 of the GDPR

Solvemate GmbH
Tempelhofer Ufer 1
10961 Berlin
Germany

4.1.5.5     Relationship between the BVG and the data processor

The chatbot is used in connection with a processing contract as set out in Article 28 of the GDPR, under which Solvemate may only use your data in accordance with our instructions.

4.1.5.6     Legal basis for data processing, purpose of data processing

(1) Performance of a contract (Article 6(1)(b) of the GDPR): processing requests from customers with whom we have a contract.

(2) Legitimate interest (Article 6(1)(f) of the GDPR): providing a smooth customer service experience, ensuring that our services function properly, improving and expediting our data processing processes, e.g. by means of optimised assignment functions.

4.1.5.7     Duration of data processing

If the legal basis for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

4.1.5      Utilization info

4.1.6.1 Purpose of data processing

The utilization info provides an overview of the average utilization of the BVG's means of transportation. The information on capacity utilization is based on data collected anonymously by the BVG from the Automatic Passenger Counting System (AFZS). These can be up to a few weeks old. The utilization information is provided to you as colored graphic table on a Microsoft Power BI page.

4.1.6.2 Use of cookies

Microsoft Power BI uses session cookies that are automatically deleted when the browser is closed. The ai_user cookie is deleted after one year and stores a unique identifier to recognize users on recurring visits over time. You can also manually delete the cookie from your browser at any time. Microsoft sets these cookies as a separate responsible party.

4.1.6.3 Processed data

For information about what data is processed by Microsoft and for what purposes, see Microsoft's Privacy Policy: https://privacy.microsoft.com/de-de/privacystatement.

4.1.6.4 Service provider

Microsoft Corporation

One Microsoft Way

Redmond, WA 98052-6399

USA

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.2       Analysis services

Analysis services help us to better understand how our website is used.

4.2.1      Google Analytics

4.2.1.1     Purpose of data processing

This website uses functions of the web analytics service Google Analytics, provided by Google Ireland Limited.

We use Google Analytics to analyse user behaviour and, based on the results, make decisions relating to product and marketing optimisation.

We have activated the “IP anonymisation” function provided by Google on this website. This means that Google will truncate your IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be sent to and shortened by Google servers in the United States.

On behalf of the BVG, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website provider. Google states that it will not associate your IP address with any other data held by Google.

We also use the “Demographics” function in Google Analytics. This enables the creation of reports containing information on the ages, genders, and interests of our website visitors. The data is derived from Google’s advertising services and visitor data from third-party providers. None of the data made available to us can be associated with a specific person. You can disable this function at any time by going to the Ad Settings in your Google account.

4.2.1.2     Consent to data processing

You can consent to the processing of your data by Google Analytics, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager. To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.2.1.3     Use of cookies

Google Analytics uses cookies. These cookies have a maximum lifetime of two years. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.2.1.4     Processed data

The following categories of data are processed:

  • Time of the request
  • IP address
  • Online identifiers (incl. cookie IDs)
  • Device identifiers
  • User device data (e.g. browser type and version, device type, operating system)
  • User behaviour (e.g. pages/content accessed, access of content from specific website areas, session duration/duration of visit, bounce rate)
  • Use of specific website functions (e.g. journey planner, search queries, downloads)
  • e-commerce activity (e.g. purchased products, sales)
  • Referrer URL (the previously visited page)

4.2.1.5     Contract processor as set out in Article 28 of the GDPR

Google Ireland Limited

Gordon House

Barrow Street

Dublin 4

Irland

The information processed by Google about your use of the website will generally be transmitted to and processed by Google on servers in the United States.

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

4.2.1.6     Relationship between the BVG and the data processor

Google Analytics is used in connection with a processing contract in accordance with Article 28 of the GDPR.

We have no influence, however, over the type and scope of data processed by Google, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Google uses your data. In particular, Google may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Google, such as your Google account data.

4.2.1.7     Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): we will only store Google Optimize cookies and perform associated data processing operations if you have granted us your voluntary and revocable consent to do so.

4.2.1.8     Duration of data processing

Google will anonymise your personal data 14 months after your last activity, provided there is no legal obligation to store it for a longer period.

4.3       Marketing services

4.3.1      YouTube

4.3.1.1     Purpose of data processing

We use a YouTube channel provided by Google Ireland Limited for our promotional videos. We embed our YouTube videos on our website to provide you with a smooth video experience without the need to switch websites.

4.3.1.2     Consent to data processing

You can consent to the processing of your data by YouTube, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.3.1.3     Use of cookies

YouTube uses cookies. These cookies have a maximum lifetime of two years. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.3.1.4     Processed data

As soon as you access a video, Google will process your personal data (at minimum IP address, browser data, settings).
Prior to viewing the video, you will be asked for your consent to display the video and for Google to set cookies in your browser. Information about what data Google processes and for which purposes can be found in the Google LLC privacy policy:
https://policies.google.com/privacy?hl=de&gl=de#infocollect

We have no influence over the type and scope of data processed by Google, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Google uses your data. In particular, Google may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Google, such as your Google account data.

In all cases, Google will also receive information about the content you view, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile provider, the device you are using (including device ID and application ID), the search terms you used, and cookie information.

4.3.1.5     Controller

Google Ireland Limited
Gordon House
Barrow Street
Dublin 4
Ireland

It is possible that Google Ireland will transfer the data processed from you to a server operated by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and process this data there.

Data protection regulations in the United States, however, are not as rigorous as those in force within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.3.1.6     Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): storage of the above-mentioned data and the cookies set in your browser, as well as associated data processing operations, will only be carried out if you have granted your voluntary and revocable consent prior to viewing our videos.

4.3.2 Google Ads (formerly Google Adwords) 

4.3.2.1 Purpose of data processing:  

Google Ads conversion measurement 

We use Google Ads to draw attention to our services on external websites using advertisements (‘Google Ads’). By analysing the data obtained in the advertising campaigns, we can determine the success of our advertising. We do this because our concern is to display advertising that is of interest to you, to make our website more attractive, and to enable a fair calculation of our advertising costs.  

These advertisements are delivered by Google via ‘Ad Servers’. For this purpose, we use Ad Server cookies, which can be used to track certain parameters for measuring success, such as the display of ads or clicks by users. If you access our website via a Google Ad, Google Ads will store a cookie on your system. These cookies usually expire after 30 days and are not used to identify you personally. The unique cookie ID, Google Click Identifier (gclid), number of ad impressions per placement (frequency), last impression (relevant to post-view conversions), and opt-out information (marking to indicate that the user does not want to be contacted again) are usually stored as analysis values for this cookie. 

These cookies allow Google to recognise your internet browser. If a user visits certain pages of an Ads customer’s website and the cookie stored on their computer has not yet expired, Google and the customer can see that the user has clicked on the ad and been redirected to that website. Each Ads customer is allocated a different cookie. This means that cookies cannot be tracked via the websites of Ads customers. We ourselves do not collect or process any personal data on these advertising campaigns. We receive only statistical evaluations from Google. Using these evaluations, we are able to see which of our advertising is particularly effective. We do not receive any further data collected from the use of the advertising; in particular, we are unable to identify users from this information. 

Based on the marketing tools used, your browser automatically makes a direct connection with the Google server. We have no influence on the scope and further use of data collected by Google by means of this tool and therefore inform you on the basis of our present knowledge that, by integrating Ads Conversion, Google receives the information that you have accessed a part of our website or clicked on one of our ads. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or have not logged in, it is still possible for the provider to obtain and store your IP address. 

Google Ads remarketing 

We use the remarketing function within the Google Ads service. This function allows us to show advertisements to users of our website based on their interests on other websites within the Google advertising network (in Google Search or on YouTube, ‘Google Ads,’ or on other websites). It enables analysis of how users interact with our website, e.g. which services a user is interested in, in order to be able to display personalised advertising to users on other sites after they have visited our website. For this purpose, Google stores cookies on the systems of users who visit certain Google services or websites in the Google Display Network. These cookies are used to record the visits of these users. The cookies are used to uniquely identify a web browser on a particular device, not to identify a person. 

4.3.2.2 Recipient of the data 

Google Ireland Limited 
Gordon House 
Barrow Street 
Dublin 4 
Ireland  

More information on Google’s data protection policies can be found here: https://policies.google.com/privacy?hl=en  and https://services.google.com/sitestats/de.html. You can also visit the website of the Network Advertising Initiative (NAI) at http://www.networkadvertising.org

4.3.2.3 Use of cookies 

Google Ads uses cookies. These cookies have a lifetime of up to 180 days (only cookies set via this website). You can find detailed information in the list available at the following link: https://business.safety.google/adscookies/.  

4.3.2.4 Data processed 

The following categories of data are processed: 

  • Unique cookie ID  

  • Google Click Identifier (gclid) 

  • Number of ad impressions per placement (frequency)  

  • Last impression (relevant to post-view conversions)  

  • Opt-out information (marking that the user does not want to be contacted again) 

  • User interaction on our website 

  • IP address 

4.3.2.5 Relationship between the BVG and the data processor 

Google acts as a separate controller when processing data as part of Google Ads. Data may be transferred to third countries. More information on this can be found at the end of this privacy policy and here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_de.  

4.3.2.6 Legal basis for data processing  

Consent (Article 6(1)(a), 49(1)(a) of the GDPR): we will only store Google Ad cookies and perform associated data processing operations if you have granted us your voluntary and revocable consent to do so. Your consent means that your data may be processed in the USA and other third countries outside the EU. The USA is assessed as a country with an insufficient level of data protection by EU standards. There is a risk that US authorities may access your data, without the possibility of you lodging an appeal.  

You can consent to the processing of your data by Google Ads, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager You can withdraw your consent – with effect for the future but without effect on data processing carried out in the past – in various ways: 

a) by installing the plug-in provided by Google at the following link: https://support.google.com/ads/answer/7395996?hl=en ;  

b) by changing your cookie settings at the bottom of our website pages (grant or withdraw consent).  

4.3.2.7 Duration of data processing: 

All data is stored for as long as is necessary to fulfil the state.

4.3.3 Twitter

4.3.3.1 Purpose of data processing

We display short messages (so-called tweets) on our website that we have published on our communication channels on Twitter (embedded tweets). We integrate the messages we publish on Twitter via frame on our website to provide you with a smooth access without the need to switch websites.

4.3.3.2 Consent to data processing

You can consent to the processing of your data by Twitter, prevent the collection of your data, or withdraw any consent you may have given with the help of our consent manager. To withdraw your consent, go to the cookie settings at the bottom of our website pages.

4.3.3.3 Use of cookies

Twitter uses cookies. These cookies have a maximum lifetime of 13 months. We will, however, request your consent again after a period of one year and only carry out analysis after this time if you provide this consent.

4.3.3.4 Processed data

Already when calling up the embedded tweet, Twitter will process your personal data (at minimum the website you visited, your IP address, browser type, operating system and cookie information).

Prior to viewing the embedded tweet, you will be asked for your consent to display the tweet and for Twitter to set cookies in your browser. Information about what data Twitter processes and for which purposes can be found in the Twitter privacy policy: Privacy Policy (twitter.com)

By including an appropriate code snippet, we have ruled out the possibility of Twitter also using your data to personalise content.

We have no influence over the type and scope of data processed by Twitter, how it is processed and used, or whether it is disclosed to third parties. As a result, we do not have an effective method of monitoring how Twitter uses your data. In particular, Twitter may use the data for any of its own purposes, for example to create profiles or to link it to other data held by Twitter, such as your Twitter account data.

In all cases, Google will also receive information about the content you view, even if you have not created an account. This “log data” may include your IP address, browser type, operating system, information about the website and pages you previously visited, your location, your mobile provider, the device you are using (including device ID and application ID), the search terms you used, and cookie information.

4.3.3.5 Controller

Twitter International Company
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07
IRLAND

It is possible that Twitter Ireland will transfer the data processed from you to a server operated by Twitter Inc. (1355 Market Street, Suite 900, San Francisco, CA, 94103) and process this data there.

Data protection regulations in the United States, however, are not as rigorous as those within the European Union; we therefore cannot rule out the possibility that government authorities in the United States or in other countries may access your data.

For more information on the protective measures for securing data transfer, see Section 4.4 below.

4.3.3.6 Legal basis for data processing, purpose of data processing

Consent (Article 6(1)(a) of the GDPR): storage of the above-mentioned data and the cookies set in your browser, as well as associated data processing operations, will only be carried out if you have granted your voluntary and revocable consent prior to viewing our Tweets.

4.4     Transfer of personal data to third countries

Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement and regulatory authorities of those countries. However, if your personal data is transferred to third countries, we will take appropriate measures to adequately secure your data.

Unless an adequacy finding has been made by the EU Commission for the recipient country, the transfer of your data to a third country is protected by standard EU contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en ) concluded with the recipient or by binding internal data protection guidelines. Otherwise, a transfer will only take place if an exception under Art. 49 DSGVO is fulfilled.

5. Facebook fan page

5.1 Purpose of data processing

We operate a Facebook fan page (‘fan page’) in order to draw attention to our services and offers and to enable visitors to the fan page to interact.

5.2 Recipient of the data

Facebook Ireland Limited (‘Facebook’)
4 Grand Canal Square,
Grand Canal Harbour
Dublin 2, Ireland

The BVG has no influence on whether Facebook transfers personal data within its area of responsibility to third countries, for example to Facebook Inc. in the USA, and processes it there. More information can be found in the Facebook Privacy Policy.

5.3 Use of cookies

Facebook sets cookies when you visit the fan page. More information can be found in the Facebook Cookie Policy.

5.4 Data processed

When you visit the fan page, Facebook will process your personal data. More information can be found in the Facebook Privacy Policy.

5.5. Controller

Independent processing by Facebook

When you visit our fan page, Facebook will collect usage data. Under data protection law, Facebook alone is responsible for this data processing. Facebook provides information on this in the Facebook Privacy Policy and its Cookie Policy.

Independent processing by the BVG

When you visit the fan page, you can contact us using the messaging function, the Like buttons, and comments, which we can associate with individual users. The BVG alone is responsible for this data processing.

Processing with Facebook and the BVG as joint controllers

Facebook also collects certain usage data in order to provide us with aggregated and anonymised usage statistics (‘page insights’). Page insights do not allow us to identify the behaviour of individual users, but merely provide us with an overview of the use of the fan page. We ourselves do not have access to the personal data processed for the generation of statistics. Facebook alone determines which usage actions are logged by Facebook; we cannot change or otherwise influence this. This function is a part of the usage agreement with Facebook that cannot be waived by us. This means that we cannot unilaterally decide whether the ‘insights’ data is collected or not.

The BVG and Facebook are jointly responsible for this part of the processing. The BVG and Facebook have concluded an agreement on joint controllership (page insights supplement), which stipulates that Facebook bears primary responsibility for the fulfilment of all obligations with regard to the processing of page insights, and in particular for the exercise of the rights of data subjects.

5.6 Legal basis for data processing:

Insofar as we process personal data when you visit the fan page: Legitimate interest (Article 6(1)(f) of the GDPR): Legitimate interest in tracking usage behaviour on our fan page and consequently being able to optimise the services offered on the fan page, as well as interacting with you.

5.7 Duration of data processing

All data is stored for as long as is necessary to fulfil the stated purpose and then erased, provided there is no legal obligation to store it for a longer period. With regard to the data processed by Facebook, we refer to the Facebook Privacy Policy.

6        Your data protection rights

Depending on the circumstances in your specific case, you have the right to:

  • obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • request the rectification, erasure, or restriction of processing of your personal data, provided that its use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

You also have the right to object to processing of your personal data at any time:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation
  • where we process your personal data to perform tasks that are in the public interest and on grounds relating to your particular situation

7        Other information 

7.1       Privacy policy updates

We update this privacy policy to reflect modified functions or changes to the law. We therefore recommend that you read the privacy policy from time to time.

7.2       Contact

If you have any questions, suggestions, or comments on the topic of data protection, please feel free to contact our data protection officer.

Contact information:

Data protection officer

Berliner Verkehrsbetriebe (BVG)
Statutory public body
Holzmarktstraße 15-17
10179 Berlin

or

datenschutz@bvg.de

7.3 Supervisory authority

You can also contact the supervisory authority responsible for Berlin in all questions relating to data protection:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59 - 61 (Visitor entrance Alt-Moabit 60)
10555 Berlin
Phone: +49 (30) 13889-0
Fax: +49 (30) 2155050
E-mail: mailbox@datenschutz-berlin.de

Last updated: 13/10/2022