BVG Muva privacy policy

A. General information

Thank you for your interest in the BVG Muva mobility service. We take the protection of your personal data very seriously. The personal data collected when using BVG Muva services is treated confidentially and in accordance with both statutory data protection regulations and this privacy policy. We would like to give you detailed information about what personal data we process, for what purposes we process it, whom we share it with, and what control and information rights you may have. We therefore recommend that you read through this privacy policy carefully.

B. Responsibility and contact

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (referred to below as “BVG” or “we” or “our” or “us”) is responsible for the BVG Muva service. If you have any questions regarding this privacy policy or the processing of your personal data, please feel free to contact us by email at datenschutz.bvgmuva@bvg.de.

If you have any general questions, suggestions, or criticisms relating to our services, please contact us by email at appsupport@bvg.de.

C. Summary of our processing activities

  • When you create a customer account in the BVG Muva app or via the BVG Muva call centre, we will process all the data required for sign-up (e.g. name, mobile phone number, email address). We can only provide you with the option to book mobility services on the basis of this information. The legal basis in this case is the contract concluded with you as set out in Article 6(1)(b) of the GDPR (see also D.I.1).
  • If you book a ride in the BVG Muva app or via the BVG Muva call centre, we will process your location data, including your starting point and destination. This allows us to display mobility services located nearby or for a specific route. The legal basis in this case is the contract concluded with you, Article 6(1)(b) of the GDPR (see also D.II.1).
  • In addition, when booking in the BVG Muva app or via the BVG Muva call centre, your data will be processed for the purposes of processing the booking and invoicing (e.g. name, location, method of payment). The legal basis in this case is the contract concluded with you, Article 6(1)(b) of the GDPR (see also D.II.2).
  • If you are dependent on any aids that you need to take with you on the ride and which allow the identification of any physical restrictions you may have, we may process your health data. We will only process your health data with your express consent and only in order to provide a vehicle that is suitable for you. The legal basis for this data processing is Article 9(2)(a) of the GDPR (see also D.II.1).
  • When signing up and also at any later time, you have the option to subscribe to notifications regarding interesting information and offers on our products and services, as well as to allow us to contact you for market research purposes. The legal basis for such processing of your data is your consent as set out in Article 6(1)(a) of the GDPR (see also D.I.2 and D.II.3).
  • We evaluate your data in order to improve our mobility service and to prepare and create marketing offers that are suitable for you. The legal basis for this data processing is Article 6(1)(a) of the GDPR (see also D.II.4).
  • If you contact our customer service, we will process data for the purpose of dealing with your request (e.g. name, email address, reason for contacting us). The legal basis in this case is the contract concluded with you as set out in Article 6(1)(b) of the GDPR (see also D.III).

We use external service providers for some of these data processing operations, e.g. for payment processing (see also D.IV). This may also involve personal data being transferred to countries outside the European Union (see D.V).

D. Details of our processing activities

Definitions

Personal data means any information relating to an identified or identifiable natural person (Article 4(1) of the GDPR). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

I. Processing of your data when signing up for a customer account

Our app/our call centre provides services (e.g. creation and management of customer account, mobility service, customer service) that, if used, require your personal data, e.g. name, email address, and other information as necessary. If you do not provide this data, we may not be able to provide you with the request service or may not be able to reply to your request. A summary of relevant processing operations and legal bases is provided below.

1. Sign-up process

In order to use the BVG Muva mobility service, you must sign up by providing personal data and create a customer account. A customer account is required for the purpose of booking the mobility service in the BVG Muva app or via the call centre. During the sign-up process, we will process the following personal data, which you provide on an input form:

  • Surname (from an existing BVG account if signing up with existing BVG login credentials)
  • First name (from an existing BVG account if signing up with existing BVG login credentials)
  • Email address
  • Mobile number
  • Date and time of sign-up
  • Login and password (from existing BVG account)
  • Version number of applicable terms and conditions of use and privacy policy
  • Payment information, depending on payment method (see D.IV.2.a)
  • Optional: Request for accessible transport

In order to sign up, we require your first name, surname, telephone number, and email address to identify you and contact you if necessary.

If you use an existing BVG account to sign up, please enter the email address and password that you use to log in to the BVG Ticket app, the Fahrinfo app, or on BVG.de for the BVG Muva app sign-up process; your BVG account will then be associated with the BVG Muva app and the above data from your BVG account (surname, first name, login, password) will be used (single sign-on, SSO). The SSO service is provided by our service provider akquinet AG (see also D.IV).

We will also verify that you are the owner of the mobile number used during sign-up by sending a text containing a code to the number you provide. When prompted, enter this code in the BVG Muva app (Android recognises the code on its own in most cases).

We store the data you provide in your personal customer account in the BVG Muva app. You can manage and change any of the data you provide in your password-protected customer account in the BVG Muva app yourself, or have any changes made via the call centre.

The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as this information is required to establish, formulate, or modify the contractual relationship between you and the BVG. If you have indicated that you require an accessible ride, the data processing is based on your consent, Art. 9(2)(a) of the GDPR. The data is also used to provide customer account functions and for management of your customer account. You cannot use the BVG Muva mobility service if you do not provide the data required during sign-up. We will process your contact data, including your email address, in order to provide you with information on contract-related changes relating to the services we offer in compliance with relevant legislation and provide you with other information required by law.

2. Notifications with interesting, relevant offers and surveys

When you sign up or at any time later, you can choose to receive relevant messages from the BVG via email, push notification, in-app message, postal address, or phone and to be informed about special offers, discounts, and market research surveys related to the BVG Muva mobility service.

You can also enable and disable this function at a any later time in the BVG Muva app or via the call centre. We will process the personal data you provide for this purpose (e.g. name, address, email address) to send you the relevant information. The legal basis for processing your personal data in connection with sign-up for these services is your consent as set out in Article 6(1)(a) of the GDPR.

Right to withdraw consent: You may withdraw your consent to be sent such notifications or to the processing of your personal data for direct marketing purposes with future effect at any time and without giving reasons by unchecking the box in your profile for contact for market research and marketing purposes or by declaring your withdrawal by telephone in the call centre.

Push notifications can also be disabled and also re-enabled at any time in your device settings.
 

Please note that the adjustments in the data protection settings will take effect with a time delay for technical reasons. We apologize for the inconvenience.

If you have purchased goods or services from us, we may send you information about other similar goods and services from us to your email address that we received when you purchased the original goods or services, even without your consent, provided you have not objected to us sending such information. You can object to us sending information without incurring any costs other than the standard rates for data transmission. Objections must be sent to datenschutz.bvgmuva@bvg.de. Every email also contains a link that you can use to exercise your right to withdraw.

II. Processing of your data when using BVG Muva mobility services

1. Ride booking

When you book and use the BVG Muva mobility service, a mobility contract is concluded between you and the BVG. In addition to the personal data collected during sign-up (see D.I.1), we process further information about you in order to adapt the equipment of the vehicle to your individual wishes and needs, to be able to estimate the capacities of the vehicle in advance, to determine the route, and to be able to invoice the mobility service. This data is processed for the purpose of forming and processing the contract. The key required data is listed below:

  • GPS location data (if the BVG Muva app is permitted to access your phone’s localisation function)
  • Address of the starting point or information on this
  • Address of the destination or information on this
  • Information provided by the passenger (including any aids):
  •  Number of passengers
  • Child up to 9 kg
  • Child of 9-18 kg
  • Child of 15-25 kg
  • Passenger with manual wheelchair
  • Passenger with electric wheelchair
  • Passenger with large electric wheelchair or mobility scooter
  • Person entitled to free carriage
  • Additional luggage (e.g. suitcase, foldable buggy, or wheeled walking aid)
  • Additional dog
  • Ride costs

The legal basis of this data processing is derived from Article 6(1)(b) of the GDPR, as it is required for the purpose of providing mobility services. If you have indicated medically relevant aids, the data processing of your health data is based on your consent as set out in Article 9(2)(a) of the GDPR.

2. Billing

Full payment information is not transmitted to the BVG for the purpose of billing used mobility services; only information on the selected payment service is transmitted. The data required for payment (payment service provider token and total amount) is processed by LogPay, acting as a separate controller.

In order to use mobility services via the BVG Muva app or the BVG Muva call centre, you must therefore provide payment information directly to LogPay during the sign-up process (see also D.IV.2.a). LogPay is the controller responsible for processing your personal data.

Invoices are created for each ride. You can view and download the invoice in your customer account in the BVG Muva app. After each journey, you will also receive a receipt by email.

3. Market research

If you have given your consent to be contacted (see D.I.2), we may contact you again after your ride has been completed and ask you to fill in a questionnaire with information about your travel experience. This allows us to review how we can further optimise the BVG Muva service for you. For this purpose, your answers will also be merged with data about your ride and analysed.

This market research service is enabled by our service provider Rogator AG (see also D.IV).

The legal basis for processing your personal data in connection with this market research service is your consent as set out in Article 6(1)(a) of the GDPR.

Right to withdraw consent: You may withdraw your consent to be sent such requests with future effect at any time and without giving reasons by unchecking the box in your profile for contact for market research and marketing purposes or by declaring your withdrawal by telephone in the call centre.

4. Tracking and analysis technologies

We use certain tracking and analysis technologies in the BVG Muva app to improve the BVG Muva mobility service and to develop suitable offers for you. For this purpose, our processor ViaVan GmbH provides external services that we use as a sub-processor (see also D.IV.1).

Some of these services are mandatory for technical reasons in order to guarantee the basic functions of the BVG Muva app (essential). Other services help to measure use of the app in order to improve its functions (functional). Still others allow us to analyse user behaviour and thereby improve our marketing campaigns and show you more relevant offers (marketing).

The legal basis for processing your personal data through essential services is our legitimate interest in the proper provision of the BVG Muva app and in maintaining its basic functions. If your data is processed for functional or marketing purposes, the legal basis is your consent pursuant to Article 6(1)(a) of the GDPR.

Some services store information on your device or access information stored on your device. Where these services are not technically absolutely necessary to be able to provide the BVG Muva app, the services will only be used on the basis of your consent in accordance with Article 25(1) of the TTDSG. We regularly obtain the consents together in accordance with the GDPR and the TTDSG.

Right to withdraw consent: You can withdraw your consent with future effect at any time and without giving reasons by rejecting or setting the corresponding technologies in your profile.

Further details on the specific services used can be found in D.IV.1.

III. Processing of your data when you contact customer service

When you contact our customer service (e.g. via the BVG Muva app, by email, or by telephone at the call centre), we will store the reason for contacting us, your contact data (e.g. email address), your name, and our replies for the purpose of responding to your questions. To allow us to diagnose and correct errors, the following technical information is also collected: Operating system (iOS or Android), app version, device model, device ID. We also save all the information you provide on a voluntary basis with your query. The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as this data processing is required for the purpose of providing customer service during the contractual relationship.

IV. Disclosure of your data

1. Contracted service providers

Your personal data may be disclosed to our contracted service providers for processing in accordance with the purposes for which it was originally provided, e.g. to provide the mobility services, evaluate user behaviour in the app, or for technical support. Under statutory agreements (Article 28 of the GDPR), we contractually oblige our contracted service providers to use personal data solely for the agreed purposes and not to disclose your personal data to other parties without your consent, unless this is required by law. We make use of the following external service providers to process your data:

  • ViaVan GmbH, Rosa-Luxemburg-Straße 14, 10178 Berlin – development and operation of the BVG Muva app as well as organisation and implementation of the ride service
  • VBB Verkehrsverbund Berlin-Brandenburg GmbH, Stralauer Platz 29, 10243 Berlin – customer contact and ride booking via the call centre
  • D&B Dienstleistung und Bildung Gemeinnützige GmbH, Leunaer Str. 7, 12681 Berlin – customer contact and ride booking via the call centre
  • Rhenus :people! Bamberg GmbH, Hafenstraße 13, 96052 Bamberg 
  • Rogator AG, Emmericher Straße 17, 90411 Nürnberg – conducting customer surveys for market research purposes
  • akquinet AG, Paul-Stritter-Weg 5, 22297 Hamburg – provision of single sign-on
  • Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA – hosting servers (sub-processor of ViaVan GmbH)
  • Tracking and analysis technologies: We employ the following services for BVG Muva, which are used by our processor ViaVan GmbH:
  • Google LLC, Firebase Crashlytics, 1600 Amphitheatre Parkway, Mountain View, USA (essential):

Firebase Crashlytics processes data on the operation of the app, including the type of operating system used, information on malfunctions in use (type of malfunction, time of malfunction, duration of malfunction, use of the app at the time of the malfunction), and device information. When malfunctions or problems occur during use of the app, we can use this data to obtain an overview of malfunctions and weight them according to their relevance for use in order to ensure efficient troubleshooting and ensure the stability of the app. The legal basis for data processing is Article 6(1)(f) of the GDPR and Section 25(2)(2) of the TTDSG. We have a legitimate interest in identifying and eliminating stability issues that affect the quality of the app. This also increases the user-friendliness of the app for our customers.

Google LLC, Google Analytics for Firebase, 1600 Amphitheatre Parkway, Mountain View, USA (functional):
Device information, information on the used app, data on app usage, location data, user ID, and information on individual requests within the app (events) are processed for Analytics. The data is used to analyse user behaviour and, based on the result, make decisions relating to product and marketing optimisation. Analytics is only used if you have given your consent (Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG)

o mParticle, Inc., 257 Park Ave S Floor 9, New York, USA
(essential, functional, and marketing):
mParticle provides a central customer data platform in which user data is managed and, where applicable, passed on to the other tracking and analysis services set out in this privacy policy without the need for separate technical integration. Depending on the purpose for which mParticle passes on data, its services are considered as essential, functional, or marketing-related. The legal basis is accordingly either our legitimate interest (Article 6(1)(f) of the GDPR and Section 25(2)(2) of the TTDSG), insofar as the data is used for essential purposes, or your consent (Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG), insofar as the data is used for functional or marketing purposes.

o LeanPlum, Inc., 1550 Bryant Street, Ste. 525, San Francisco, USA (essential):
LeanPlum is a mobile marketing platform that we use to test various technical functions in our BVG Muva app. In particular, Leanplum helps us to set up and deliver notifications to improve your user experience. LeanPlum allows other services to set up complex in-app messages, for example, without the need for complex technical integration. Leanplum processes users’ names, email addresses, certain device data, and location data. The legal basis for data processing is Article 6(1)(f) of the GDPR and Section 25(2)(2) of the TTDSG. We have a legitimate interest in the efficient and reliable design of app notifications, which is also in the interest of our users.

o AppsFlyer Ltd., 111 New Montgomery St #400, San Francisco, USA (marketing):
AppsFlyer processes certain device data, especially in relation to the installation. This allows us to obtain insights into the success of our app campaigns and learn through which channel, via which platform, and on the basis of which campaign the app was installed. The legal basis for this is your consent pursuant to Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG.

o Branch Metrics, Inc., 1400 Seaport Blvd, Building B, 2nd Floor Redwood City, USA (functional):
Branch provides deep linking solutions to securely and reliably connect the BVG Muva app with other apps and services, such as integration with external trip planning apps (e.g. BVG Fahrinfo) or mobility as a service apps (e.g. Jelbi). For this purpose, Branch collects your email address and certain device data. The legal basis for this is your consent pursuant to Article 6(1)(a) of the GDPR and Section 25(1) of the TTDSG.

2. Other controllers

a. LogPay Financial Services GmbH

When using any payment method (e.g. SEPA direct debit, credit card, PayPal), your customer data (in particular first name, surname, and email address) will be transmitted to our external financial services provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn, referred to below as ‘LogPay’). The payment method data (account details, credit card details, information on your ticket purchases) is collected directly by LogPay, as claims against you are assigned to LogPay when you use the mobility service. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing, as payment processing involves considerable complexity.

LogPay is the sole controller responsible for processing your personal data. More information on how LogPay processes data can be found at https://www.LogPay.de/DE/datenschutzinformationen/.

Please note that, as set out in this policy, if you are not yet a customer of LogPay, LogPay will transmit your data to credit agencies (e.g. Schufa) in order to check your details and creditworthiness to prevent payment defaults.

b. Google Maps

We use the Google Maps service via an API. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). Google Maps makes it possible to quickly and accurately determine your location and show both the mobility service at your location and the route that you request. Your IP address must be stored to use Google Maps functions.

This information is typically sent to and stored on Google servers in the USA. We have no influence over this data transmission.

We use Google Maps in the interest of increasing the attractive and ease of use of our app. This represents a legitimate interest as set out in Article 6(1)(f) of the GDPR. We assume that an increase in user-friendliness is also in your interest. More information on how Google handles user data can be found in the Google privacy policy: https://www.google.de/intl/de/policies/privacy/.

3. Disclosure of personal data to the authorities

We may be obliged to report on the use of the BVG Muva mobility service to certain public authorities under transport policy and law. For this purpose, we prepare aggregated and anonymised evaluations, which we then submit to the public authority concerned as reports. It is, however, possible that personal data may also be disclosed to the public authority. The legal basis for the evaluation and any disclosure of your personal data is Article 6(1)(e) of the GDPR.

Otherwise, we will only transmit your personal data to public authorities if the information is requested on the basis of statutory requests for information or if the BVG is otherwise legally obliged to transmit the data (Article 6(1)(c) of the GDPR).

4. Disclosure of data within the BVG

We reserve the right to allow another company in the BVG Group to operate the BVG Muva service in the future; in the event of such a change of operator, user data will also be disclosed to the new operator. The new operator will then assume all relevant rights and obligations and process personal data in accordance with this privacy policy.

V. Transfer of personal data to third countries

The use of the BVG Muva mobility service may require the transfer of personal data to countries outside the European Union or the European Economic Area where the GDPR does not apply. Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement authorities, and regulatory authorities of those countries. If your personal data is transferred to third countries, however, we will take appropriate measures to adequately secure your data.

Unless an adequacy decision has been adopted by the EU Commission for the recipient country, the transfer of your data to a third country is protected by the fact that EU standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en) have been concluded with the recipient or that binding corporate rules exist. Otherwise, the data will only be transferred if a derogation pursuant to Article 49 of the GDPR is applicable. If standard contractual clauses have been agreed, we check that their provisions can generally be complied with in the recipient country. The BVG also takes additional protective measures where necessary to ensure an appropriate level of data protection in the recipient country.

In the case of the service providers we use as processors, we also ensure that these service providers only transfer your personal data to any data recipients in third countries under the conditions set out in Chapter V of the GDPR.

E. Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or there is legal justification to do so. The following time limits for storage and erasure generally apply:

  • Customer account data (including customer data, contact data, and booking history): Storage while the account is active and for up to one month after erasure of account, unless there are legal reasons (e.g. tax reasons, HGB, etc.) to the contrary
  • Special personal data on type of physical limitation and medical aids: Storage while the account is active and for up to one month after erasure of account
  • Data on selected payment method: Storage while the account is active and for up to one month after erasure of account, unless there are legal reasons (e.g. tax reasons, HGB, etc.) to the contrary
  • Receipt data for BVG services, i.e. data on specific use of the BVG Muva service (e.g. data and time of booking and use, invoice, information on specific tickets, etc.): Storage for 10 years
  • Data from customer service queries: Storage for a maximum of three years following handling of the request (time starts at end of respective calendar year)

F. Your data protection rights

Depending on the circumstances in your specific case, you have the right

  • to obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • to request the rectification, erasure, or restriction of processing of your personal data, provided that its  use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • to refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • to request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • to take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

You also have the right to object to processing of your personal data at any time, free of charge, and with effect for the future:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation
  • where we process your personal data for the performance of tasks carried out in the public interest and there are grounds relating to your particular situation

You can exercise your rights at any time by sending an email to datenschutz.bvgmuva@bvg.de.

If you would like to contact the BVG Muva data protection officer directly, please send an email to datenschutz.bvgmuva@bvg.de.

G. Amendment clause

We reserve the right to make changes to this privacy policy from time to time.