Privacy Policy Fahrinfo-App

A. General information

Thank you for your interest in our Fahrinfo app. We take the protection of your personal data very seriously. The personal data you provide when using the Fahrinfo app and our services is treated confidentially and in accordance with both statutory data protection regulations and this privacy policy. We would like to give you detailed information about what personal data we process, for what purposes we process it, whom we share it with, and what control and information rights you may have. We therefore recommend that you read through this privacy policy carefully.

B. Responsibility and contact

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (referred to below as “BVG” or “we” or “our” or “us”) is responsible for the Fahrinfo app. If you have any questions regarding this privacy policy or the processing of your personal data, please feel free to contact us by email at appsupport@bvg.de.

If you have any questions, suggestions, or criticisms relating to our services, please contact us by email at appsupport@bvg.de.

C. General information on data processing

The Fahrinfo app allows you to plan journeys and purchase tickets. Customers can search for connections and then buy and download the tickets they need to their mobile devices. We collect personal data from our users only to the extent necessary to ensure a functioning Fahrinfo app and provide our content and services, conditional upon you having given your consent for us to employ other data processing functions.

D. Summary of our processing activities

  • If the Fahrinfo app is used purely for informational purposes (i.e. no user registration), we process data about your device to enable use of the app. The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also I.).
  • The first time you install the Fahrinfo app, you can choose to enable additional features to increase the app’s ease of use. The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.II.).
  • We process data for troubleshooting purposes to ensure the stability and security of the app and our IT systems. The legal basis in this case is Article 6(1)(f) of the GDPR (see also III.).
  • If you wish to purchase tickets, you can create a customer account in the Fahrinfo app, or otherwise sign in with an existing BVG account. In these cases, we process all the data required for registration and login (e.g. name, email address, login data). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also  D. IV).
  • You can use the Fahrinfo app to search for connections. If you do so, we will process your request data (in particular the starting and destination stop or station, connections, potentially also location data) for the purpose of displaying appropriate route suggestions. The legal basis in this case is Article 6(1)(b) of the GDPR (see also V.). We also use some of the data to improve the BVG’s transport services. The legal basis in this case is Article 6(1)(e) of the GDPR (see also V. 2).
  • When using the Fahrinfo app, you can search for connections and also save stops and stations as favourites. Your route information (starting and destination stop or station, departure or arrival time) is processed in the Fahrinfo app for this purpose. The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D V. 3).
  • The Fahrinfo app can also be used to purchase tickets. If you do so, we will process the data required to provide you with your desired ticket in the app (ticket type, starting location, fare information, and information on selected payment method). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.VI.).
  • If you contact our customer service, we will process data for the purpose of dealing with your request (e.g. name, email address, reason for contacting us). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.VII.).
  • We use external service providers for some of these data processing operations. This is particularly the case for payment processing (see also D.VIII­.). 

Definitions

Personal data means any information relating to an identified or identifiable natural person (Article 4(1) of the GDPR). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

I.    Processing of your data when using the Fahrinfo app for informational purposes

If you use the Fahrinfo app purely for informational purposes, i.e. you do not register of otherwise provide us with information, we will collect the following personal data, which is technically necessary for us to provide you with the functions of the Fahrinfo app and ensure the stability and security of the app:

  • IP address
  • App language and version
  • Operating system
  • Date and time of request, incl. start and destination for routing
  • Type of device, i.e. smartphone or tablet
  • Transferred data volume, to maintain performance when transferring larger volumes of data and to check whether responses were transmitted in full
  • Information on interactions with the Fahrinfo app.

This information is processed to enable use of our app (Article 6(1)(b) of the GDPR), as we require automatically collected data to provide a functioning app (e.g. adapting the app to the requirements of your device). This information is also processed to allow us to pursue our legitimate interest in ensuring the stability and security of both the app and our IT systems (Article 6(1)(f) of the GDPR). The automatically collected data is stored in anonymised form for at least six months (see also E.). If you use the app for timetable information, only your IP address will be stored for the time during which information is requested/processed. We store the IP address separately from timetable information for a further 30 days in order to be able to recognize promptly if an extremely high volume of requests emanates from individual IP addresses, which can not only cause disruptions but also violate the terms of use. It is then erased.

II.    Features to increase ease of use

The Fahrinfo app provides several features to increase the app’s ease of use. These features are only used if you enable them when you first install the app or later while using it. Once enabled, you can configure these features by going to the settings in the Fahrinfo app or adjusting your the settings in your operating system. We cannot provide you with the use of these features unless you consent. You can still use all the basic functions of the Fahrinfo app without enabling these ease-of-use features.

1.    Notification services

You can enable push notifications in the Fahrinfo app. If you do so, we will be able to notify you of upcoming events, for example notifications to remind you to change, board, or alight, or if using the commuter or delay alerts. When using push services, an Apple device token or a Google registration ID will be generated. We use it only for the purpose of providing the push services. These IDs are encrypted, anonymised device IDs. The BVG cannot use them to identify individual users. The legal basis is Article 6(1)(b) of the GDPR. The data is required in order to provide you with this service.

We also use in-app notifications to inform our users about technical malfunctions. In the event of a disruption to services, for example, all users who open the app during a period of time specified by us will be shown a one-off pop-up with information on the current status of the disruption. In addition, we may from time to time provide information on the app or available products (e.g. including fare products) on banners within the app. No customer or device data is processed in these cases. The services are always enabled, since they are required for us to fulfil our obligations arising from the contractual relationship. We also have a legitimate interest in notifying our users if the app is not working as it should. We assume that this is also in our users’ interest. The legal basis is Article 6(1)(f) of the GDPR.

Any data collected is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also E.).

2.    Other user-friendly features

You can also enable the use of your fingerprint sensor (TouchID feature or FaceID) to confirm purchase of a ticket (see also D.V.6.). In addition, you may use the camera on your device to scan in your credit card details if using this form of payment (see also D.VIII.1.).

III.    Processing of your data for troubleshooting purposes

If there is a problem with the connection between the app and the background system or if the connection is lost, we will save the data associated with the error (request, error) in your Fahrinfo app account. This data is collected and processed to troubleshoot the error, optimise the app, and ensure system security.

The Google Play Store collects anonymised crash reports (number of crashes only), as does the Apple AppStore, if you have provided Apple with your consent. We can view the crash reports on a dashboard in the Google Play Store.

If a technical error occurs during use of the Fahrinfo app or during the processing of data from journey planning requests in the technical systems used for this purpose (e.g. in the system used to improve BVG’s service, see D.V.2.), we process information related to the error (including information on journey planning requests, if applicable). We do this in order to correct errors in the technical systems used to operate the Fahrinfo app and in which data from Fahrinfo requests are processed, and to ensure system security.

This information is processed to allow us to pursue our legitimate interest in ensuring the stability and security of both the app and our IT systems (Article 6(1)(f) of the GDPR). The data is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also E.).

IV.    Processing of your data during registration and/or use of a customer account

You may create a customer account to purchase tickets in the Fahrinfo app or sign in using an existing BVG account. You can erase your customer account at any time.

1.    Registration process

We provide the option for you to register or create a customer account for ticket purchases, which requires you to enter personal data. During the registration process, we will process the following personal data, which you provide on an input form:

  • First name and surname
  • Exact date of birth
  • Email address
  • Address
  • Payment information (depending on payment method)

We use the double opt-in procedure for registration. After you register in the app, this means that you will receive an email containing a link that you must click on to confirm that you are the owner of the email address and wish to create a customer account in the Fahrinfo app.

The legal basis for this data processing is Article 6(1)(b) of the GDPR. The data is used to provide customer account functions and for management of your customer account. We will also process your contact data, including your email address, in order to provide you with information on contract-related changes relating to the services we offer in compliance with relevant legislation and provide you with other information required by law.

2.    Signing in with an existing BVG customer account

You can also use an existing BVG account to sign in to the Fahrinfo app. To do so, please enter the email address and password you use to sign in to the BVG Ticket app, the BVG Jelbi app, or BVG.de. Your BVG account will then be associated with the Fahrinfo app and the above data from your BVG account (surname, first name, login, password) will be used (“single sign-on”, SSO). The SSO service is provided by our service provider akquinet (see also D.VII.).

The first time you purchase a ticket, you will then be required to enter further information (address, date of birth, payment method). We store the data you provide in the app’s backend system. You can manage and change any of the data you provide in your password-protected customer account, although you may need to contact customer service to change some information (see also D.VI).

The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as this information is required for the purpose of signing in with an existing account.

3.    Erasing your customer account

You can erase individual items of data in your BVG account by going to MY BVG on our website. If you decide to do so, your account data will first be blocked from further processing, with the exception of processing that is required in compliance with legal obligations or rights (see E. below) and then permanently erased. Your request for erasure may, however, conflict with statutory provisions or rights on the part of the BVG. As such, your data may not be erased if the BVG is required to comply with legal obligations to retain data (e.g. for commercial or tax law reasons) or if processing of your data is required for the establishment, exercise, or defence of legal claims, e.g. if we initiate legal proceedings against you for misconduct during use of our services or for payment reasons. In such cases, we will notify you of the reasons conflicting with your right to erasure.

V.    Planning journeys

1.    Searching for connections

If you search for a connection, we will collect the following data:

  • Starting stop or station
  • Destination stop or station
  • Depending on the request: date and desired departure/arrival time
  • Depending on the request: changes, sections on foot, forms of transport, route numbers
  • Time of request
  • Device type (iPhone or Android)
  • As applicable, location data (GPS data) (see D.V.4)
  • IP address

We process this data in order to show you connections based on your search criteria. We also use the data to determine the ticket required for the route. The legal basis is Article 6(1)(b) of the GDPR.

If you use the app for timetable information, only your IP address will be stored, and only for the time during which this information is requested and processed. We store the IP address separately from journey planning data for a further 90 days in order to quickly identify any IP addresses sending extremely high volumes of enquiries, which can not only cause disruptions but also violates the terms and conditions of use. It is then erased.

In order to allow you to use our services as comfortably as possible and to provide these services in line with demand, we also use the journey planning requests we receive to evaluate how busy our services are and to predict and ensure smooth connections wherever possible. To allow us to carry out these evaluations, the data associated with your journey planning requests is separated from your IP address to prevent it from being used to identify you personally. Evaluation of requests we receive allows us to predict passenger numbers on our different forms of transport if you actually take the route we suggest.

The legal basis for this data processing is Article 6(1)(f) of the GDPR (legitimate interest). The BVG has a legitimate interest in providing efficient, economical, and demand-oriented transport services. It also has a legitimate interest in providing comfortable, pleasant transport for its customers, including during peak and rush hours.

2.   Improvements to BVG services

We also use the journey planning requests we receive to carry out evaluations that allow us to provide passenger information and guidance, to optimise our services, for infrastructure planning, and to improve safety. Before these evaluations are carried out, the data associated with your journey planning request is separated from your IP address and device information and then stored on a separate server. We also take further steps to pseudonymise or aggregate the data. Pseudonymisation of request data is carried out to prevent you from being identified personally in the absence of further data.

Evaluating these pseudonymised requests allows us to estimate traffic flows on the assumption that at least some passengers will actually use the routes we suggest. We use this information to perform various tasks that are in the public interest and that the BVG is required to fulfil. Ultimately, it is used to better align the BVG’s services with customer requirements (e.g. demand-oriented route planning and smooth connections).

The legal basis for this data processing is Article 6(1)(e) of the GDPR (performance of a task carried out in the public interest) in conjunction with Section 24(1) of the Berlin Public Services Act (BerlBG). Specifically, the BVG, acting as the body responsible for providing public transport services in Berlin (Section 3(4) of the BerlBG in conjunction with Section 1(1)(a) of the BVG byelaws), assumes tasks relating to the development of public transport services set out in the Berlin Mobility Act (Sections 27(3), 1, 16(6)(3)) in conjunction with the Berlin Public Transport Plan and in conjunction with the Mobility and Transport Urban Development Plan. The BVG is responsible for providing passenger information and guidance during disruptions and engineering works, including the provision of replacement services. The BVG is also responsible for optimising its public transport services. This includes planning routes and services in line with demand, finding and closing gaps in the network, and improving the quality of connections. The BVG also performs tasks in the areas of infrastructure planning and passenger safety.

Supplementary to the information on your rights provided in section F., we would like to point out that you have, in particular, the right to object to processing of your personal data for the performance of tasks that are in the public interest at any time, provided there are grounds relating to your particular situation. To exercise your right to object to processing, please use the contact details provided in section F. If you exercise your right to object to processing, we will check whether the conditions of Article 21(1) of the GDPR are met. This means that we will check the grounds you state for objecting to processing and any grounds for further processing in the specific case as set out in Article 21(1)(2) of the GDPR, and, as necessary, weigh them against each other. We will inform you of the result of this check within the legal deadlines. If it finds in your favour, we will also uphold your objection within the legal deadlines.

We store the data collected for these purposes for the period of time set out in section E. After that time, we erase or anonymise the data. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person. The lawfulness of anonymisation is set out in Article 6(1)(e) of the GDPR in conjunction with the regulations set out above, and in Article 6(1)(f) of the GDPR. We have a legitimate interest in anonymising the data we collect in order to enable its long-term storage for transport planning purposes.

3.     Saving favourites

When planning journeys in the Fahrinfo app, you may save starting stops/stations and connections as favourites. This allows you to personalise the Fahrinfo app to your needs and speed up the journey information process. The legal basis for saving favourites in the Fahrinfo app is Article 6(1)(b) of the GDPR, as we are otherwise unable to offer the service. Favourites are saved until you change or erase your settings. The data is deleted if you erase or uninstall the app.

4.    Activating location tracking

Instead of manually entering a starting location, you have the option to activate location tracking to allow the app to determine your location (see also D.V.4.). We will then suggest stops or stations located nearby your location.

For this purpose, you need to allow the app to access location services through your device’s operating system and its permissions system (“location tracking”). In this case, however, we only collect the location determined by your device if you tap the location icon. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function.

The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as your location is only determined and transmitted to us if you use app functions that we can only provide if we are aware of your location. You can, however, enable or disable this function by going to your operating system’s settings.

Please note that location data is also processed for the purpose of improving the BVG’s transport services. More information can be found in section D.V.2.

VI.    Ticket purchases

You can buy BVG tickets directly within the Fahrinfo app and download them to app for use when you need them.

1.    Purchase

The BVG will process the following data required for ticket sales:

  • Ticket type
  • Starting stop or station, if applicable
  • Fare information
  • Mobile device information
  • Payment method information
  • Duplicate purchase confirmation (if buying two identical tickets)
  • Confirmation of ticket receipt
  • Device information (incl. operating system version and build)
  • Whether the customer is blocked and if so, why (note function)
  • “Berlin pass” number when purchasing the Berlin S ticket

This data is required in order to process your ticket purchase. The legal basis is Article 6(1)(b) of the GDPR. The data will be stored for a period of ten years.

2.    Activating location tracking

Instead of manually entering a starting location, you have the option to activate location tracking to allow the app to determine your location (see also D.IV.3.). We will then suggest stops or stations located nearby your location.

3.    Enabling authentication using biometric data

You have the option to enable verification by fingerprint/biometric data in the app. If you select this feature, we will authorise your purchases using the biometric method. We do not process any data for this purpose, as the biometric method is carried out locally and by your operating system. The only information the app receives is whether authorisation was successful or not. You can enable and disable this feature. This form of verification replaces the need to enter a password. The legal basis is Article 6(1)(b) of the GDPR, as without this data the function cannot be provided.

4.    Purchase of tickets without user registration

You can also purchase tickets without registering by using one of the third-party payment methods “Google Pay,” “Apple Pay,” or “PayPal”. In this case, the data associated with your payment method (first name, surname, address, email address) will be requested by the provider and stored by us in the backend system together with the payment method, device type, and information regarding your agreement with the T&Cs/privacy policy. You will not be registered with the BVG’s single sign-on system, and the data will also not be merged with data from any other purchase. The legal basis for this data processing is Article 6(1)(b) of the GDPR, as the service cannot be provided unless you data is stored in the shop’s backend system. The data will be stored for a period of ten years and then erased.

You can alternatively purchase our range of tickets at all BVG sales outlets, private sales outlets, and at our ticket machines.

VII.    Processing of your data when you contact customer service

If you contact us by email or using the BVG contact form, we will process your personal data in order to determine your reason for contacting us and to allow us to assist or reply to you. This may include, for example, processing of your purchase history in order to find tickets for reimbursement.

If you contact us by e-mail or by using our contact form, we will save the reason for your contact, your e-mail address, and your name for the purpose of responding to your questions.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment functions.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

VIII.    Disclosure of your data

Contracted service providers Personal data may be disclosed to our contracted service providers for processing in accordance with the purposes for which it was originally provided, e.g. to provide offered services, evaluate user behaviour on our website and app, or for technical support. Under statutory agreements (Article 28 of the GDPR), we contractually oblige our contracted service providers to use personal data solely for the agreed purposes and not to disclose your personal data to other parties without our consent, unless this is required by law. We make use of the following external service providers to process your data:

  • RingCentral Engage Digital (RingCentral Engage Digital, 32 rue de Trévise, 75009 Paris, Frankreich) – Customer Care Tool.
  • akquinet AG – (Paul-Stritter-Weg 5, 22297 Hamburg)– provision of single sign-on. Single sign-on makes it possible to access our various products with one-time registration, e.g. the "BVG account" portal on our website, the Fahrinfo app, the Jelbi app, and the Ticket app. For this purpose we process the data categories in accordance with the information on the registration process (see D.IV.1.). We use the solution provided by akquinet for this purpose.
  • Hacon Ingenieurgesellschaft mbH (Lister Str. 15, 30163 Hannover) - Development of the frontend of the Fahrinfo app,for collecting, processing, and displaying the results of timetable/connection requests, provision of the system for improving the BVG’s services, correcting technical errors in the provided system.
  • eos.uptrade (Schanzenstraße 70, 20357 Hamburg) - Development and operation of the background and front-end system of the Fahrinfo app, where ticket purchase data is received and stored.
  • Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Irland) – use of Google Analytics. We use Google Analytics for tracking and analysing user behaviour regarding the use of the Fahrinfo app and to help make decisions regarding product and marketing optimisation based on the results. For Google Analytics, data about the use of the app, such as app version, device information, location data, user ID and information on individual requests within the app (events) are processed. The data is used to analyse user behaviour. The legal basis is your consent (Art. 6 (1) a) DSGVO). Google acts as our processor pursuant to Art. 28 DSGVO, however, it is not excluded that Google uses the tracking and analysis data obtained from you for its own purposes, e.g. for profiling and for linking with other data available at Google, such as your Google Account data. We have no influence on the type and scope of the data processed by Google, the type of processing and use or the transfer of this data to third parties. In this respect, we have no effective means of control. If you agree to tracking and analysis, then you also consent to your data being sent to the USA. The USA is considered to be a country with an insufficient level of data protection according to EU standards. There is a risk that US authorities can access your data even without legal protection.

We also disclose data to the following third parties, which act as separate controllers when processing the data:

1.    LogPay Financial Services GmbH

When using any payment method, except PayPal (i.e. SEPA direct debit, credit card, Google Pay, Apple Pay), your customer data (first name and surname, date of birth, address, gender, email address) will be transmitted to our external financial services provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn, referred to below as “LogPay”). The payment method data (account details, credit card details, information on your ticket purchases) is collected directly by LogPay, as claims against you are assigned to LogPay when you purchase a ticket. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing, as the involvement of a large number of mobility providers gives rise to considerable complexity in payment processing.

If you choose to pay by credit card, you may allow the app to access your photos and the camera on your mobile device. This is required if you want to capture your credit card information using the camera. The process automatically completes all required credit card information in the app. The legal basis is Article 6(1)(b) of the GDPR. Data processing is required for the purpose of automatically reading the data.

When paying via the guest checkout (Google Pay, Apple Pay) we will also collect your payment information and transmit it to LogPay. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing, as the involvement of a large number of mobility providers gives rise to considerable complexity in payment processing.

LogPay is the sole controller responsible for processing your personal data. More information on how LogPay processes data can be found at https://www.LogPay.de/DE/datenschutzinformationen/.

Please note: as set out in these policies, if you are not yet a customer of LogPay, LogPay will transmit your data to credit agencies (e.g. Schufa) in order to check your details and creditworthiness to prevent payment defaults.

2.     PayPal

You can pay for purchases in the FahrInfo app using the online payment service provider PayPal. The provider of this payment service is (Europe) S.à.r.l. et Cie, S.C.A.., 22-24 Boulevard Royal, L-2449 Luxembourg (hereafter “PayPal”). If you select PayPal as your payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. These data typically include your name, your address, your telephone number, your IP address, your e-mail address, and other information required for order handling and your specific order.

PayPal is the controller responsible for processing your personal data. The legal basis for the data processing when using PayPal is Article 6(1)(f) of the GDPR. We have a legitimate interest in offering you a wide range of payment options and outsourcing payment processing.

If required for the purpose of completing the order, PayPal may also disclose data to third parties. PayPal will also transmit personal data to credit agencies, e.g. SCHUFA, in order to establish your identity and creditworthiness.

More information on how PayPal processes data can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.

3.    Google Maps

We use the Google Maps service via an API. The provider is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Irland) (“Google”). Google Maps makes it possible to quickly and accurately determine your location and show both available mobility services and the routes that you request. Your IP address must be disclosed to use Google Maps functions. This information is typically sent to and stored on Google servers in the USA. We have no influence over this data transmission.

We use Google Maps in the interest of increasing the attractive and ease of use of our app. This represents a legitimate interest as set out in Article 6(1)(f) of the GDPR. We assume that an increase in user-friendliness is also in your interest. More information on how Google handles user data can be found in the Google privacy policy: https://www.google.de/intl/de/policies/privacy/. Instead of Google Maps, you may tap on the location icon to enter your starting stop or station via GPS positioning.

4.    Disclosure of personal data to the authorities

We will only transmit your personal data to public authorities if the information is requested on the basis of statutory requests for information or if the BVG is otherwise legally obliged to transmit the data (Article 6(1)(c) of the GDPR).

5.    Disclosure of data within the BVG

We reserve the right to allow another company in the BVG Group to operate the Fahrinfo app in the future; in the event of such a change of operator, user data will also be disclosed to the new operator. The new operator will then assume all relevant rights and obligations and process personal data in accordance with this privacy policy.

IX.    Transfer of personal data to third countries

Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement authorities, and regulatory authorities of those countries. If your personal data is transferred to third countries, however, we will take appropriate measures to adequately secure your data.

Unless an adequacy decision has been adopted by the EU Commission for the recipient country, the transfer of your data to a third country is protected by the fact that EU standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en) have been concluded with the recipient or that binding corporate rules exist. Otherwise, the data will only be transferred if a derogation pursuant to Article 49 of the GDPR is applicable.

E. Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or there is legal justification to do so. The following time limits for storage and erasure generally apply:

  • Data during informational use of the app: Data is stored in anonymised form
  • Customer account data: Storage while account is active and for up to one month after erasure of account
  • Journey planning data: Data is stored for crowdedness predictions. The IP address is separated from this data.
  • Data to improve the BVG’s services: data to improve the BVG’s services is stored in pseudonymised form for 90 days. Evaluations produced using this data are stored for three years and then erased or anonymised. This means that the data will only be stored further if it is impossible or would involve disproportionate effort to use it to identify a natural person.
  • Ticket purchase data: Storage for 10 years
  • Data on selected payment method: Storage while account is active and for one month after erasure of account
  • Data from customer service queries: Storage for a maximum of three years following handling of the request (time starts at end of respective calendar year)

F. Your data protection rights

Depending on the circumstances in your specific case, you have the right

  • to obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • to request the rectification, erasure, or restriction of processing of your personal data, provided that its use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • to refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • to request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • to take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

You also have the right to object to processing of your personal data at any time, free of charge, and with effect for the future:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation
  • where we process your personal data to perform tasks that are in the public interest and on grounds relating to your particular situation

You can exercise your rights at any time by sending an email to appsupport@bvg.de.

If you would like to contact the BVG’s data protection officer directly, please send an email to datenschutz@bvg.de.

G. Amendment clause

We reserve the right to make changes to this privacy policy from time to time. Updated versions are published at [https://www.bvg.de/de/tickets-und-tarife/alle-apps/fahrinfo-app/datenschutz] and [https://www.bvg.de/en/tickets-tariffs/all-apps/fahrinfo-app/privacy-policy].

Last updated: 06/04/2022