Skip to content

Privacy policy new Fahrinfo-App (beta test)

1 General information

Thank you for your interest in our Fahrinfo-App. We take the protection of your personal data very seriously. The personal data you provide when using the Fahrinfo-App and our services is treated confidentially and in accordance with both statutory data protection regulations and this privacy policy. We would like to give you detailed information about what personal data we process, for what purposes we process it, whom we share it with, and what control and information rights you may have. We therefore recommend that you read through this privacy policy carefully.

B Responsibility and contact

Berliner Verkehrsbetriebe AöR (BVG), Holzmarktstraße 15-17, 10179 Berlin (referred to below as “BVG” or “we” or “our” or “us”) is responsible for data processing in connection with the Fahrinfo-App. If you have any questions regarding this privacy policy or the processing of your personal data, please feel free to contact us by email at appsupport@bvg.de.

If you have any questions, suggestions, or criticisms relating to our services, please contact us by email at appsupport@bvg.de.

C General information on data processing

The Fahrinfo-App allows you to plan journeys and purchase tickets. Customers can search for connections and then buy and download the tickets they need to their mobile devices. We collect personal data from our users only to the extent necessary to ensure a functioning Fahrinfo-App and provide our content and services, conditional upon you having given your consent for us to employ other data processing functions.

D Summary of our processing activities

  • We process data for troubleshooting purposes to ensure the stability and security of the app and our IT systems. This also includes ensuring tax and accounting audit compliance and GoBD conformity. The legal basis in this case is Article 6(1)(f) of the GDPR (see also III.).
  • If the Fahrinfo-App is used purely for informational purposes (i.e. no user registration), we process data about your device to enable use of the app. The legal basis in this case is Article 6(1)(b) of the GDPR (see also I.).
  • The first time you install the Fahrinfo-App, you can choose to enable additional features to increase the app’s ease of use. The legal basis in this case is Article 6(1)(a) and (b) of the GDPR (see also D.II.).
  • If you wish to purchase tickets, you can create a customer account in the Fahrinfo-App, or otherwise sign in with an existing BVG account. In these cases, we process all the data required for registration and login (e.g. name, email address, login data). The legal basis in this case is Article 6(1)(b) of the GDPR (see also  D. IV).
  • You can use the Fahrinfo-App to search for connections. If you do so, we will process your request data (in particular the starting and destination stop or station, connections, potentially also location data) for the purpose of displaying appropriate route suggestions. The legal basis in this case is Article 6(1)(b) of the GDPR (see also V.). We also use some of the data to improve the BVG’s transport services. The legal basis in this case is Article 6(1)(e) of the GDPR (see also V. 3).
  • When using the Fahrinfo-App, you can search for connections and also save stops and stations as favourites. Your route information (starting and destination stop or station, departure or arrival time) is processed in the Fahrinfo-App for this purpose. The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D V. 4).
  • The Fahrinfo-App can also be used to purchase tickets. If you do so, we will process the data required to provide you with your desired ticket in the app (ticket type, starting location, fare information, and information on selected payment method). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.VI.).
  • If you contact our customer service, we will process data for the purpose of dealing with your request (e.g. name, email address, reason for contacting us). The legal basis in this case is Article 6(1)(b) of the GDPR (see also D.VII.).
  • We use external service providers for some of these data processing operations. This is particularly the case for payment processing (see also D.VIII.). 

Definitions

Personal data means any information relating to an identified or identifiable natural person (Article 4(1) of the GDPR). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

I Processing of your data when using the Fahrinfo-App for informational purposes​​​​

If you use the Fahrinfo-App purely for informational purposes, i.e. you do not register of otherwise provide us with information, we will collect the following personal data, which is technically necessary for us to provide you with the functions of the Fahrinfo app and ensure the stability and security of the app:

  • IP address
  • App language and version
  • Operating system
  • Date and time of request, incl. start and destination for routing
  • Type of device, i.e. smartphone or tablet
  • Transferred data volume, to maintain performance when transferring larger volumes of data and to check whether responses were transmitted in full
  • Information on interactions with the Fahrinfo app.

This information is processed to enable use of our app (Article 6(1)(b) of the GDPR), as we require automatically collected data to provide a functioning app (e.g. adapting the app to the requirements of your device). This information is also processed to allow us to pursue our legitimate interest in ensuring the stability and security of both the app and our IT systems (Article 6(1)(f) of the GDPR). The automatically collected data is stored in anonymised form for at least six months (see also E.). If you use the app for timetable information, only your IP address will be stored, and only for the time during which this information is requested and processed. We store the IP address separately from journey planning data for a further 90 days in order to quickly identify any IP addresses sending extremely high volumes of enquiries, which can not only cause disruptions but also violates the terms and conditions of use. It is then erased.

II Features to increase ease of use

The Fahrinfo-App provides several features to increase the app’s ease of use. These features are only used if you enable them when you first install the app or later while using it. Once enabled, you can configure these features by going to the settings in the Fahrinfo-App or adjusting your the settings in your operating system. We cannot provide you with the use of these features unless you consent. You can still use all the basic functions of the Fahrinfo-App without enabling these ease-of-use features.

1 Notification services

You can enable push notifications in the Fahrinfo-App. If you do so, we will be able to notify you of upcoming events, for example notifications to remind you to change, board, or alight, or if using the commuter or delay alerts. When using push services, an Apple device token or a Google registration ID will be generated. We use it only for the purpose of providing the push services. These IDs are encrypted, anonymised device IDs. The BVG cannot use them to identify individual users. The legal basis is Article 6(1)(b) of the GDPR. The data is required in order to provide you with this service.

We also use in-app notifications to inform our users about technical malfunctions. In the event of a disruption to services, for example, all users who open the app during a period of time specified by us will be shown a one-off pop-up with information on the current status of the disruption. In addition, we may from time to time provide information on the app or available products (e.g. including fare products) on banners within the app. No customer or device data is processed in these cases. The services are always enabled, since they are required for us to fulfil our obligations arising from the contractual relationship. This also includes notifying our users if the app is not working as it should. We assume that this is also in our users’ interest. The legal basis is Article 6(1)(b) of the GDPR.

We also invite you to take part in surveys that are implemented using the G3plus tool from our service provider Rogator AG. We have concluded an order processing contract with this service provider in accordance with Article 28 GDPR. Further details can be found in the privacy policy on BVG.de in the Market research section.

Any data collected is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also E.).

2 Running the app in the foreground

Permission to run the app as a foreground service is required for live navigation, as this feature needs to be active even if the screen is locked.

3 Other user-friendly features

You can also enable the use of your fingerprint sensor (TouchID feature or FaceID) to confirm purchase of a ticket (see also D.VI.3.).

III Processing your data for system security, troubleshooting purposes a.o.

Your purchases are made and processed for accounting purposes via the Fahrinfo app. The system must therefore be designed to be audit-proof for both tax and accounting purposes. This is checked before a system goes live using randomly selected data.

If there is a problem with the connection between the app and the background system or if the connection is lost, we will save the data associated with the error (request, error) in your Fahrinfo-App account. This data is collected and processed to troubleshoot the error, optimise the app, and ensure system security.

The Google Play Store collects anonymised crash reports (number of crashes only), as does the Apple AppStore, if you have provided Apple with your consent. We can view the crash reports on a dashboard in the Google Play Store.

If a technical error occurs during use of the Fahrinfo-App or during the processing of data from journey planning requests in the technical systems used for this purpose (e.g. in the system used to improve BVG’s service, see D.V.2.), we process information related to the error (including information on journey planning requests, if applicable). We do this in order to correct errors in the technical systems used to operate the Fahrinfo-App and in which data from Fahrinfo requests are processed, and to ensure system security.

This information is processed to allow us to pursue our legitimate interest in ensuring the stability and security of both the app and our IT systems (Article 6(1)(f) of the GDPR). The data is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also E.).

IV Processing of your data during registration and/or use of a customer account

You may create a customer account to purchase tickets in the Fahrinfo-App or sign in using an existing BVG account. You can erase your customer account at any time.

1 Registation process

We provide the option for you to register or create a customer account for ticket purchases, which requires you to enter personal data. During the registration process, we will process the following personal data, which you provide on an input form:

  • First name and surname
  • Email address
  • Address
  • Payment information (depending on payment method)

We use the double opt-in procedure for registration. After you register in the app, this means that you will receive an email containing a link that you must click on to confirm that you are the owner of the email address and wish to create a customer account in the Fahrinfo-App.

The legal basis for this data processing is Article 6(1)(b) of the GDPR. The data is used to provide customer account functions and for management of your customer account. We will also process your contact data, including your email address, in order to provide you with information on contract-related changes relating to the services we offer in compliance with relevant legislation and provide you with other information required by law. 

2 Signing in with an existing BVG customer account

You can also use an existing BVG account to sign in to the Fahrinfo-App. To do so, please enter the email address and password you use to sign in to the BVG Ticket app, the BVG Jelbi app, or BVG.de. Your BVG account will then be associated with the Fahrinfo-App and the above data from your BVG account (surname, first name, login, password) will be used (“single sign-on”, SSO). The SSO service is provided by our service provider akquinet (see also D.VIII.).

The first time you purchase a ticket, you will then be required to enter further information (address, date of birth, payment method). We store the data you provide in the app’s backend system. You can manage and change any of the data you provide in your password-protected customer account, although you may need to contact customer service to change some information (see also D.VII).

The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as this information is required for the purpose of signing in with an existing account.

3 Erasing your customer account

You can erase individual items of data in your BVG account by going to “BVG account” on our website. If you decide to do so, your account data will first be blocked from further processing, with the exception of processing that is required in compliance with legal obligations or rights (see E. below) and then permanently erased. Your request for erasure may, however, conflict with statutory provisions or rights on the part of the BVG. As such, your data may not be erased if the BVG is required to comply with legal obligations to retain data (e.g. for commercial or tax law reasons) or if processing of your data is required for the establishment, exercise, or defence of legal claims, e.g. if we initiate legal proceedings against you for misconduct during use of our services or for payment reasons. In such cases, we will notify you of the reasons conflicting with your right to erasure.

V Planning journeys

1 Searching for connections

If you search for a connection, we will collect the following data:

  • Starting stop or station
  • Destination stop or station
  • Depending on the request: date and desired departure/arrival time
  • Depending on the request: changes, sections on foot, forms of transport, route numbers
  • Time of request
  • Device type (iPhone or Android)
  • As applicable, location data (GPS data) (seeD.V.7)
  • IP address

We process this data in order to show you connections based on your search criteria. We also use the data to determine the ticket required for the route. The legal basis is Article 6(1)(b) of the GDPR.

If you use the app for timetable information, only your IP address will be stored, and only for the time during which this information is requested and processed. We store the IP address separately from journey planning data for a further 90 days in order to quickly identify any IP addresses sending extremely high volumes of enquiries, which can not only cause disruptions but also violates the terms and conditions of use. It is then erased.

In order to allow you to use our services as comfortably as possible and to provide these services in line with demand, we also use the journey planning requests we receive to evaluate how busy our services are and to predict and ensure smooth connections wherever possible. To allow us to carry out these evaluations, the data associated with your journey planning requests is separated from your IP address to prevent it from being used to identify you personally. Evaluation of requests we receive allows us to predict passenger numbers on our different forms of transport if you actually take the route we suggest.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest). The BVG has a legitimate interest in providing efficient, economical, and demand-oriented transport services. It also has a legitimate interest in providing comfortable, pleasant transport for its customers, including during peak and rush hours.

2 Crowdedness predictions

In order to allow you to use our services as comfortably as possible and to best provide these services in line with demand, we also use the journey planning requests we receive to evaluate how busy our services are and to predict and ensure smooth connections wherever possible. To allow us to carry out these evaluations, the data associated with your journey planning requests is separated from your IP address to prevent it from being used to identify you personally. Evaluation of requests we receive allows us to predict passenger numbers on our different forms of transport if you actually take the route we suggest.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest). The BVG has a legitimate interest in providing efficient, economical, and demand-oriented transport services. It also has a legitimate interest in providing comfortable, pleasant transport for its customers, including during peak and rush hours.

3 Improvements to BVG services

We also use the journey planning requests we receive to carry out evaluations that allow us to provide passenger information and guidance, to optimise our services, for infrastructure planning, and to improve safety. Before these evaluations are carried out, the data associated with your journey planning request is separated from your IP address and device information and then stored on a separate server. We also take further steps to pseudonymise or aggregate the data. Pseudonymisation of request data is carried out to prevent you from being identified personally in the absence of further data.

Evaluating these pseudonymised requests allows us to estimate traffic flows on the assumption that at least some passengers will actually use the routes we suggest. We use this information to perform various tasks that are in the public interest and that the BVG is required to fulfil. Ultimately, it is used to better align the BVG’s services with customer requirements (e.g. demand-oriented route planning and smooth connections).

The legal basis for this data processing is Article 6(1)(e) of the GDPR (performance of a task carried out in the public interest) in conjunction with Section 24(1) of the Berlin Public Services Act (BerlBG). Specifically, the BVG, acting as the body responsible for providing public transport services in Berlin (Section 3(4) of the BerlBG in conjunction with Section 1(1)(a) of the BVG byelaws), assumes tasks relating to the development of public transport services set out in the Berlin Mobility Act (Sections 27(3), 1, 16(6)(3)) in conjunction with the Berlin Public Transport Plan and in conjunction with the Mobility and Transport Urban Development Plan. The BVG is responsible for providing passenger information and guidance during disruptions and engineering works, including the provision of replacement services. The BVG is also responsible for optimising its public transport services. This includes planning routes and services in line with demand, finding and closing gaps in the network, and improving the quality of connections. The BVG also performs tasks in the areas of infrastructure planning and passenger safety.

Supplementary to the information on your rights provided in section F., we would like to point out that you have, in particular, the right to object to processing of your personal data for the performance of tasks that are in the public interest at any time, provided there are grounds relating to your particular situation. To exercise your right to object to processing, please use the contact details provided in section F. If you exercise your right to object to processing, we will check whether the conditions of Article 21(1) of the GDPR are met. This means that we will check the grounds you state for objecting to processing and any grounds for further processing in the specific case as set out in Article 21(1)(2) of the GDPR, and, as necessary, weigh them against each other. We will inform you of the result of this check within the legal deadlines. If it finds in your favour, we will also uphold your objection within the legal deadlines.

We store the data collected for these purposes for the period of time set out in section E. After that time, we erase or anonymise the data. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person. The lawfulness of anonymisation is set out in Article 6(1)(e) of the GDPR in conjunction with the regulations set out above, and in Article 6(1)(f) of the GDPR. We have a legitimate interest in anonymising the data we collect in order to enable its long-term storage for transport planning purposes.

4 Call-a-bus service

If you book a call-a-bus service by telephone, your telephone number will be stored for 24 hours on completion of the journey and then erased. This data is saved to ensure a record of booked and completed trips, and to notify you of information relevant to your trip, such as delays.

If you book a call-a-bus service online on the BVG website or in the Fahrinfo app, we will process the following data.

  • Line
  • Starting stop or station
  • Departure day
  • Departure time
  • Name (optional)
  • Telephone number
  • Number of passengers

Your optionally provided name and telephone number will be stored for 24 hours on completion of the journey and then erased. The legal basis is Article 6(1)(b) of the GDPR.

Please note that the above-mentioned data (except name and telephone number) is also processed to help improve the BVG’s services. For more information, please see section V.3 Improvement to BVG services.

We have contracted the service provider IT Service Omikron GmbH (Wilhelm-Kabus-Str. 9, D-10829 Berlin) to handle call-a-bus orders and have concluded a processing contract with this provider pursuant to Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed to third parties or processed for other purposes.

5 Door-to-door service

If you book the night-time door-to-door service online on the BVG website or in the Fahrinfo app, we will process the following data:

  • Line
  • Starting stop or station
  • Departure day
  • Departure time
  • Destination stop or station
  • Destination address (street, number), as applicable
  • Number of passengers

The legal basis is Article 6(1)(b) of the GDPR. If you enter a destination address with street and house number, the house number will be stored and erased after 24 hours.

Please note that the above-mentioned data (except house number) is also processed to help improve the BVG’s services. For more information, please see section V. 3 Improvement to BVG services.

We have contracted the service provider IT Service Omikron GmbH (Wilhelm-Kabus-Str. 9, D-10829 Berlin) to handle door-to-door service orders and have concluded a processing contract with this provider pursuant to Article 28 of the GDPR. This processing contract ensures that your personal data is only processed in accordance with the BVG’s instructions and is not disclosed or processed for other purposes.

6 Saving favourites

When planning journeys in the Fahrinfo app, you may save starting stops/stations and connections as favourites. This allows you to personalise the Fahrinfo app to your needs and speed up the journey information process. The legal basis for saving favourites in the Fahrinfo-App is Article 6(1)(b) of the GDPR, as we are otherwise unable to offer the service. Favourites are saved until you change or erase your settings. The data is deleted if you erase or uninstall the app.

7 Activating location tracking

Instead of manually entering a starting location, you have the option to activate location tracking to allow the app to determine your location. We will then suggest stops or stations located nearby your location.

For this purpose, you need to allow the app to access location services through your device’s operating system and its permissions system (“location tracking”). In this case, however, we only collect the location determined by your device if you tap the location icon. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function.

The legal basis of this data processing is set out in Article 6(1)(a) of the GDPR, as your location is only determined and transmitted to us if you use app functions that we can only provide if we are aware of your location. You can, however, enable or disable this function by going to your operating system’s settings.

Please note that location data is also processed for the purpose of improving the BVG’s transport services. More information can be found in section D.V.3.

8 Using live navigation

When you use the live navigation feature, we will collect the following personal data, which is technically necessary for us to provide you with the live navigation functions:

  • Geographical coordinates (e.g. GPS, WLAN, mobile network) GPS coordinates
  • Speed (motion sensor)
  • Orientation (gyroscope)
  • Magnetometer

When you use the live navigation feature, we will collect your location data (GPS data, i.e. motion or orientation-generated mobile sensor data) to provide you with real-time routing that directs you to your destination step by step in a way that is easy to understand. We use the data to determine nearby stops or stations and, for example, any sections of the route to be taken on foot.

For this purpose, you need to allow the app to access location services through your device’s operating system and its permissions system (“location tracking”). In this case, however, we only collect the location determined by your device if the live navigation feature is active and you tap the location icon. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function. The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as your location is only determined and transmitted to us if you use app functions that we can only provide if we are aware of your location. When using real-time routing, we need to process your location in order to get you to your destination. You can enable or disable this function (automated positioning) at any time by going to your operating system’s settings.

VI Ticket purchase

You can buy BVG tickets directly within the Fahrinfo app and download them to app for use when you need them.

1 Purchase

When a ticket is purchased, BVG processes the data required to process ticket purchase:

  • Selected ticket (Ticket type, fare information, price, starting stop or station, “VBB-Kundenkarte” number when purchasing the Berlin S ticket, customer card number when purchasing the VBB Trainee ticket, order data of the shopping cart)
  • Payment information (selected payment method, owner, external reference number, external customer number of the financial service provider, database ID, validity of the credit card and masked credit card number if applicable, masked IBAN if applicable, date of birth if applicable)  
  • Customer master data (Account reference to SSO account, surname, first name, email address)
  • Adress data, if an invoice is requested

This data is required in order to process your ticket purchase, ticket creation and ticket delivery and the invoice request. The legal basis is Article 6(1)(b) of the GDPR. The data will be stored for a period of ten years.

The complete payment information is processed by Riverty GmbH ("Riverty") or via PayPal (Europe) S.à.r.l. et Cie, S.C.A. ("PayPal"), each of which acts as an independent controller within the meaning of data protection (see sections VIII.1 and VIII.2).

2 Activating location tracking

Instead of manually entering a starting location, you have the option to activate location tracking to allow the app to determine your location (see also D.V.8.). We will then suggest stops or stations located nearby your location.

3 Enabling authentication using biometric data

You have the option to enable verification by fingerprint/biometric data in the app. If you select this feature, we will authorise your purchases using the biometric method. We do not process any data for this purpose, as the biometric method is carried out locally and by your operating system. The only information the app receives is whether authorisation was successful or not. You can enable and disable this feature. This form of verification replaces the need to enter a password. The legal basis is Article 6(1)(b) of the GDPR, as without this data the function cannot be provided.

4 Fraud analysis/prevention

In the course of ticket sales, fraudulent activity may occur during the payment process. In order to track and in future prevent these fraudulent activities, we process your personal data, in particular master data (e.g. surname, first name, address), label data (e.g. fraud label, label time, label details), payment data (e.g. payment method, shopping cart, order time), customer account data (e.g. account creation date, sales history), and potentially also customer journey data and risk data. For processing of your personal data, we work closely with our service provider Risk.Ident GmbH (Risk Ident), An Sandtorkai 50, D-20457 Hamburg. In cooperating with Risk Ident, we have concluded a processing agreement pursuant to Article 28 of the GDPR for GDPR-compliant processing of your personal data.

We process your personal data on the basis of our legitimate interest, in particular our interest in preventing fraudulent activities, Article 6(1)(f) of the GDPR. We process your personal data until the purpose of processing no longer applies.

VII Processing of your data when you contact customer service

If you contact us by BVG Chatbot, email or using the BVG contact form, we will process your personal data in order to determine your reason for contacting us and to allow us to assist or reply to you. This may include, for example, processing of your purchase history in order to find tickets for reimbursement.

The chatbot provides the fastest way for you to send and receive a reply to enquiries and is available 24 hours a day. You can also use online forms or text input boxes in the chatbot to send requests to the BVG for processing. Based on the content of your request, the chatbot will forward it to the relevant BVG agent to ensure it is dealt with as quickly as possible.

When you use the chatbot for the first time, a randomly generated “universally unique identifier” (UUID) will be assigned to you. The UUID is stored in your browser until you erase your browser history. If you want to use the bot again after deleting your browser history, a new UUID will be randomly generated. In this case, you may have to re-enter any answers you previously clicked on or any questions and other information you previously entered. When you use the bot again, your browser will transmit the UUID to the bot. This allows you to continue a previously interrupted conversation, search, or input in the bot at any time (similar to setting cookies on websites). Any conversations, searches, or inputs you started are also created and stored in your browser events. To help us constantly improve the bot, we record events such as “bot was displayed” and click events such as “user clicked on answer X”. For this purpose we use conversation IDs, which are generated within the bot’s database in a similar way to the UUID. They are used as an object identifier and are integral to the design of the bot, as database entries require a unique identifier. Both IDs are used exclusively to ensure smooth support and the continuous quality improvement of the chatbot. In addition, we store the device model and the operating system of the device in order to be able to detect and rectify device-specific errors. The data entered using the chatbot is collected by our service provider (Dixa GmbH, Tempelhofer Ufer 1, D-10961 Berlin) and made available to the BVG for evaluation.

The chatbot hands over the data entered in the text input boxes to the Customer Care Tool (seealso VI).

If you contact us by email or by using our contact form, we will save the reason for your contact, your email address, and your name for the purpose of responding to your questions.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment functions.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

VIII Disclosure of your data

Contracted service providers

Personal data may be disclosed to our contracted service providers for processing in accordance with the purposes for which it was originally provided, e.g. to provide offered services, evaluate user behaviour on our website and app, or for technical support We have concluded processing contracts (Article 28 of the GDPR) which contractually oblige the service providers to use personal data solely for the agreed purposes and not to disclose your personal data to other parties without our consent, unless this is required by law. We make use of the following external service providers to process your data:

  • Dixa GmbH (Tempelhofer Ufer 1, 10961 Berlin) – provision of the chatbot (see D.V.).
  • Zendesk, Inc. (989 Market Street, San Francisco, California 94103 U.S.A.) – customer care tool.
  • akquinet AG – (Paul-Stritter-Weg 5, 22297 Hamburg) – provision of single sign-on. Single sign-on makes it possible to access our various products with one-time registration, e.g. the “BVG account” section on our website, the Fahrinfo app, the Jelbi app, and the Ticket app. For this purpose we process the data categories in accordance with the information on the registration process (see D IV.1). We use the solution provided by akquinet for this purpose.
  • Hacon Ingenieurgesellschaft mbH (Lister Str. 15, 30163 Hannover) – development of the Fahrinfo app frontend and backends, for collecting, processing, and displaying the results of timetable/connection requests, for live navigation, provision of the system for improving the BVG’s services, correcting technical errors in the provided system.
  • eos.uptrade (Schanzenstraße 70, 20357 Hamburg) – development and operation of the Fahrinfo app background systems, in which ticket purchase data is received and stored, to correct technical errors in the system provided

We also disclose data to the following third parties, which act as separate controllers when processing the data:

1 Riverty GmbH

When using any payment method, (except PayPal), your customer data (first name and surname, address, email address) will be transmitted to our external financial services provider (currently Riverty GmbH, Gütersloher Str. 123, 33415 Verl, nachfolgend „Riverty“). The payment method data (account details, credit card details, information on your ticket purchases) is collected directly by Riverty, as claims against you are assigned to Riverty when you purchase a ticket. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing.

If you choose to pay by credit card, you may allow the app to access your photos and the camera on your mobile device. This is required if you want to capture your credit card information using the camera. The process automatically completes all required credit card information in the app.  The legal basis is Article 6(1)(b) of the GDPR. Data processing is required for the purpose of automatically reading the data.

Riverty is the sole controller responsible for processing your personal data. More information on how Riverty processes data can be found at https://documents.riverty.com/privacy_statement/ticket_payments/en.

Please note: as set out in these policies, if you are not yet a customer of Riverty, Riverty will transmit your data to credit agencies (e.g. Schufa) in order to check your details and creditworthiness to prevent payment defaults.

2 PayPal

You can pay for purchases in the FahrInfo app using the online payment service provider PayPal. The provider of this payment service is (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter “PayPal”). If you select PayPal as your payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. This data typically includes your name, your address, your telephone number, your IP address, your email address, and other information required for order handling and your specific order.

PayPal is the controller responsible for processing your personal data. The legal basis for the data processing when using PayPal is Article 6(1)(f) of the GDPR. We have a legitimate interest in offering you a wide range of payment options and outsourcing payment processing.

If required for the purpose of completing the order, PayPal may also disclose data to third parties. PayPal will also transmit personal data to credit agencies, e.g. SCHUFA, in order to establish your identity and creditworthiness.

More information on how PayPal processes data can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.

3 Google Maps

We use the Google Maps service via an API. The provider is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) (“Google”). Google Maps makes it possible to quickly and accurately determine your location and show both available mobility services and the routes that you request. Your IP address must be disclosed to use Google Maps functions. This information is typically sent to and stored on Google servers in the USA. We have no influence over this data transmission.

We use Google Maps in the interest of increasing the attractive and ease of use of our app. This represents a legitimate interest as set out in Article 6(1)(f) of the GDPR. We assume that an increase in user-friendliness is also in your interest. More information on how Google handles user data can be found in the Google privacy policy: https://www.google.de/intl/de/policies/privacy/. Instead of Google Maps, you may tap on the location icon to enter your starting stop or station via GPS positioning.

4 Disclosure of personal data to the authorities

We will only transmit your personal data to public authorities if the information is requested on the basis of statutory requests for information or if the BVG is otherwise legally obliged to transmit the data (Article 6(1)(c) of the GDPR).

5 Disclosure of data within the BVG

We reserve the right to allow another company in the BVG Group to operate the Fahrinfo app in the future; in the event of such a change of operator, user data will also be disclosed to the new operator. The new operator will then assume all relevant rights and obligations and process personal data in accordance with this privacy policy.

IX Transfer of personal data to third countried

Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement authorities, and regulatory authorities of those countries. If your personal data is transferred to third countries, however, we will take appropriate measures to adequately secure your data.

Unless an adequacy decision has been adopted by the EU Commission for the recipient country, the transfer of your data to a third country is protected by the fact that EU standard contractual clauses have been concluded with the recipient or that binding corporate rules exist. Otherwise, the data will only be transferred if a derogation as set out in Article 49 of the GDPR is applicable.

E Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or there is legal justification to do so. The following time limits for storage and erasure generally apply:

  • Data during informational use of the app: data is stored in anonymised form.
  • Customer account data: Storage while account is active
  • Journey planning data: data is stored for the crowdedness predictions. The IP address is separated from this data.
  • Data to improve the BVG’s services: data to improve the BVG’s services is stored in pseudonymised form for 90 days. Evaluations produced using this data are stored for three years and then erased or anonymised. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person.
  • Ticket purchase data: Storage for 10 years
  • Data on selected payment method: Storage while account is active
  • Data from customer service queries: Storage for a maximum of three years following handling of the request (time starts at end of respective calendar year)

F Your data protection rights

Depending on the circumstances in your specific case, you have the right

  • to obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • to request the rectification, erasure, or restriction of processing of your personal data, provided that its  use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • to refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • to request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • to take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

You also have the right to object to processing of your personal data at any time, free of charge, and with effect for the future:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation
  • where we process your personal data to perform tasks that are in the public interest and on grounds relating to your particular situation

You can exercise your rights at any time by sending an email to appsupport@bvg.de.

If you would like to contact the BVG’s data protection officer directly, please send an email to datenschutz@bvg.de.

G Contact

If you have any questions, suggestions, or comments on the topic of data protection, please feel free to contact our data protection officer.

Contact information:

Data protection officer
Berliner Verkehrsbetriebe (BVG)
Statutory public body
Holzmarktstraße 15-17
10179 Berlin

or

datenschutz@bvg.de

H Supervisory authority

You can also contact the supervisory authority responsible for Berlin in all questions relating to data protection:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59 - 61 (Visitor entrance Alt-Moabit 60)
10555 Berlin

Phone: +49 (30) 13889-0
Fax: +49 (30) 2155050
Email: mailbox@datenschutz-berlin.de

I Amendment clause

We reserve the right to make changes to this privacy policy from time to time. Updated versions will be published at the privacy policy page of the Fahrinfo-App or on the English privacy policy page of the Fahrinfo-App.

Last updated:  31/05/2024

App version: 7.9 Android; 7.9 iOS