1. Privacy at a glance
GeneralThe following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed under this text.
Data collection on our websiteWho is responsible for data collection on this website? The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website. How do we collect your data? On the one hand, your data is collected when you communicate it to us. This can, for example, be data that you enter in a contact form. Other data is automatically recorded by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website. What do we use your data for? Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior. What rights do you have regarding your data? You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Details can be found in the data protection declaration under "Right to restriction of processing".
Analysis tools and third-party toolsWhen you visit our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration. You can object to this analysis. We will inform you about the possibilities of objection in this data protection declaration.
2. General information and mandatory information
Note on the responsible bodyThe responsible body for data processing on this website is: WINTO GmbH - Wirtschafts-, Innovations- und Tourismusförderung Oberhavel GmbH Niederlassung Ziegeleipark Ziegelei 10 16792 Zehdenick (OT Mildenberg) Telephone: +49 (0) 3307 310410 E-Mail: email@example.com The responsible body is the natural or legal person who, alone or together with others, is responsible for the purposes and means of processing personal data ( e.g. names, e-mail addresses, etc.) decides.
Revocation of your consent to data processingMany data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. An informal message by e-mail to us is sufficient. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.
Right of appeal to the competent supervisory authorityIn the case of violations of the GDPR, the persons concerned have a right of appeal to a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged infringement. The right of appeal is without prejudice to any other administrative or judicial remedies.
Right to data portabilityYou have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
SSL or TLS encryptionFor security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Information, blocking, deletion and correctionWithin the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.
Right to restriction of processingYou have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
- If you deny the accuracy of your personal information stored with us, we usually need time to verify this. For the duration of the audit you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data is unlawful, you may request the restriction of data processing instead of deletion.
- If we no longer need your personal information, but you need it to exercise, defend or enforce legal claims, you have the right to demand that your personal information be restricted instead of being deleted.
- If you have filed an objection under Art. 21 para. 1 DSGVO, a balance must be made between your interests and ours. As long as it is not clear whose interests prevail, you have the right to demand the restriction of the processing of your personal data.
Opposition to advertising emailsWe hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.
3. Data Protection Officer
Statutory data protection officerWe have appointed a data protection officer for our company. Markus Richter Annahofer Straße 1 a 16515 Oranienburg OT Germendorf Email: firstname.lastname@example.org Phone: 03301 / 699-376
4. Data collection on our website
CookiesSome of the websites use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions you want (e.g. shopping cart function) are stored on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these are treated separately in this data protection declaration.
Server log filesThe provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version
- - Operating system used
- - Referrer URL
- - Host name of the accessing computer
- - Time of the server request
- IP address
Contact FormIf you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent. The processing of the data entered in the contact form is therefore exclusively based on your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation. The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
5. Analysis tools and advertising
Matomo (formerly Piwik)This website uses the open source web analysis service Matomo. Matomo uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is saved. Matomo cookies remain on your end device until you delete them. The storage of Matomo cookies and the use of this analysis tool are based on Article 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising. The information generated by the cookie about the use of this website will not be passed on to third parties. You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full.
If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie is stored in your browser, which prevents Matomo from storing usage data. If you delete your cookies, this means that the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit our site again.
6. Plugins and Tools
YouTubeOur website uses plugins from the Google-operated YouTube site. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited. Furthermore, YouTube can store various cookies on your end device. With the help of these cookies, YouTube can receive information about visitors to our website. This information is used, among other things, to collect video statistics, to improve user-friendliness and to prevent attempts at fraud. The cookies remain on your end device until you delete them. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. You can find further information on the handling of user data in YouTube's data protection declaration at: https://www.google.de/intl/de/policies/privacy.
VimeoOur website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. Vimeo is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. You can find further information on the handling of user data in Vimeo's data protection declaration at: https://vimeo.com/privacy.
Google Web FontsThis site uses so-called web fonts provided by Google for the uniform representation of fonts. The Google fonts are installed locally. There is no connection to Google servers.
Google MapsThis site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. Google Maps is used in the interest of an attractive presentation of our online offers and to make it easier to find the places we have indicated on the website. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. You can find more information on the handling of user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.
Data protection information driving info appLink to BVG data protection
1. Download the FahrInfo appYou can download our FahrInfo app from the relevant app store for your operating system. The information required for the download is transmitted to the App Store, in particular user data from your account (user name, e-mail address), time of download, payment information and the individual device number. The data is collected by the provider of the App Store as the person responsible. We only process this data to the extent that it is necessary for downloading the FahrInfo app. If you download the FahrInfo app directly onto your mobile device via our website, further personal data will be processed via our website. You can find information on this in the data protection declaration of our website [www.bvg.de/datenschutz]. The legal basis is Article 6 Paragraph 1 Sentence 1 Letter b GDPR.
2. Use of the AppWhen using our FahrInfo app, we only collect personal data when using the mobile shop within the app and save it in a log file. The following data is recorded here: IP address, model and manufacturer designation of the end device used as well as version information and, depending on the tariff product, the starting stop (required for ticket inspection), data processed or collected in the course of the ordering process (also if the ordering process is canceled). Data processing is justified in accordance with Article 6 Paragraph 1 Sentence 1 lit. b and f GDPR. The legitimate interest is to ensure the best possible use of the app for you. If there are communication problems or disconnections between the FahrInfo app and the background system, we also save the data related to the error (request/enquiry, error) in your account in the FahrInfo app. The geographical location of the device is only recorded with your consent (Art. 6 Para. 1 S. 1 lit. a DSGVO) for footpath routing within the timetable information and for determining the nearest stop when purchasing tariff products that require a starting stop. In the last-mentioned case, the collection is necessary in accordance with Article 6 Paragraph 1 Sentence 1 lit. b GDPR to fulfill the contract. This data is collected and processed for the purpose of enabling use of the app or ticket purchase, optimizing the app and ensuring system security. This data is deleted when it is no longer needed.
3. Use of the mobile shop in the appa) Registration We only process your personal data insofar as this is necessary to provide the service you have requested (Art. 6 Para. 1 Sentence 1 lit. b GDPR). If you want to purchase the products available through the mobile shop, you need to register in the app or at www.BVG.de (My BVG) required. There is no obligation to provide your personal data (Art. 13 Para. 2 Sentence 1 lit. e GDPR). However, the service cannot be provided without registration. Alternatively, you can get the tickets offered at all BVG sales outlets, private sales outlets and at our ticket machines. When registering, you will be asked for the personal data required to use the ticket shop in the FahrInfo app. This includes your name and e-mail address as well as information about whether you are an adult or a minor. To use the mobile shop via the app, you will also be asked for your home address. Depending on the payment method selected, you must also enter the data required for the payment method (e.g. IBAN, credit card number, PayPal account information, mobile phone number, etc.). The data is used and processed exclusively in the specified manner. Automated decision-making - including profiling - does not take place. b) Disclosure of personal data (1) Payment by credit card, SEPA direct debit For all payment methods except PayPal (e.g. SEPA direct debit, credit card), your personal data (first and last name, date of birth, address, e-mail address, account details, credit card data, mobile phone number if applicable and data on your respective ticket purchases) will be sent to our external financial service provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn) for the purpose of selling and assigning our claims against you, which arise in connection with your ticket purchase. Payment data is transmitted in a secure and encrypted form. The legal basis is Article 6 Paragraph 1 Clause 1 Letter f GDPR. We have a legitimate interest in outsourcing the processing of payments and administration of claims. You can object to the transmission of the data to LogPay at any time, but it will then no longer be possible to place an order via the electronic sales channel. The data protection information of LogPay Financial Services GmbH can be found at https://www.logpay.de/DE/datenschutzinformationen recall. In the case of processing of personal data for the performance of tasks in the public interest (Art. 6 Para. 1 S. 1 lit. e DS-GVO) or for the protection of legitimate interests (Art. 6 Para. 1 S. 1 lit. f DS -GVO), you can object to the processing of your personal data at any time with effect for the future. In this case, we must refrain from any further processing of your data for this purpose, unless
- there are compelling, legitimate reasons for processing that outweigh your interests, rights and freedoms, or
- The processing is necessary for the establishment, exercise or defense of legal claims.
4. Use of Live NavigationWhen using the live navigation function, we collect the personal data described below, which is technically necessary for us to offer you the live navigation functions and to ensure the stability and security of the app: a. device identifiers or ~information • IP address • device~ or Correlation ID • Operating system of the mobile device incl. Version This information is processed in order to technically enable you to use our app, Art. 6 para. 1 S. 1 lit. b GDPR, since we need the automatically collected data to provide a functional app (e.g by adapting the app to the needs of your device). In addition, this information is processed for our legitimate interest in optimizing live navigation and ensuring the stability and security of the app and our information technology systems, Art. 6 para. 1 S. 1 lit f GDPR. Furthermore, we evaluate app usage data (technical usage data, app version, click flows, functions used) on a purely anonymous basis in order to identify preferences and to be able to further develop the app. b. Geo and sensor data (all users) • GPS coordinates • Speed (motion sensor) • Alignment (gyroscope) • Magnetometer As part of the live navigation function, we collect your location data (GPS data, ie motion or direction generated mobile sensor data) to enable you to use route guidance updated by real-time data that takes users step-by-step to their destination in an easy-to-understand manner. For this purpose it is necessary that you allow the app to access location services via the operating system of the mobile device you are using and its authorization system ("location function" of your mobile device). In this context, however, we only record the location determined by your device if the live navigation function is open and you have touched the location symbol. If the location survey is active, the iPhone, for example, shows this via a compass symbol in the top bar. A comparable function can be found on Android devices. The legality of this data processing results from Art. 6 para. 1 S. 1 lit. b DS-GVO, since your location is only recorded and transmitted to us if you want to use functions when using the app that we can only offer you if we know your location. When using route guidance updated by real-time data, your location must be processed in order to bring you to your destination. However, you can allow or revoke this function (automated position determination) in the settings of your operating system at any time. c. Disclosure of your data to third parties aa. Service providers used Personal data may be disclosed to third parties who act on our behalf in order to further process the personal data in accordance with their original underlying purpose, for example fulfillment of the services offered, evaluation of user behavior on our website or technical support. These third parties are authorized by us by means of statutory agreements (Art. 28 GDPR) contractually obliged to use personal data only for the agreed purpose or not to pass on your personal data to other parties without permission, unless this is required by law. In particular, we use the following external service providers to process your data: - Mobimeo GmbH, Hallesches Ufer 60, 10963 Berlin bb. Transfer of personal data to third countries Please note that data processed in other countries may subject to foreign laws and accessible to local governments, courts, law enforcement and regulatory agencies. However, when transferring your personal data to third countries, we will take appropriate measures to adequately secure your data. When transferring your data to a third country, the transfer is protected in that the recipient either complies with the provisions of the EU-US http://privacyshield.gov/) is certified, or with this EU standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en) have been completed.
6. affected rightsDepending on the circumstances of the specific case, you have the following data protection rights:
- To receive information about your personal data processed by us and to request access to your personal data and / or copies of this data. This includes information about the purpose of use, the category of data used, their recipients and authorized users and, if possible, the planned duration of the data storage or, if this is not possible, the criteria for determining this duration.
- to request the correction, deletion or restriction of the processing of your personal data, insofar as their use is inadmissible under data protection law, in particular because (i) the data are incomplete or incorrect, (ii) they are no longer necessary for the purposes for which they were collected (iii) the consent on which the processing was based has been withdrawn, or (iv) you have successfully exercised a right to object to data processing; in cases where the data is processed by third parties, we will forward your requests for rectification, erasure or restriction of processing to those third parties, unless this proves impossible or involves disproportionate effort;
- to refuse consent or to revoke your consent to the processing of your personal data at any time without affecting the lawfulness of the data processing carried out before the revocation;
- to object to the processing for reasons arising from your particular situation;
- to request the personal data concerning you that you have provided to us in a structured, common and machine-readable format and to transmit this data to another person responsible without hindrance from us; If necessary, you also have the right to request that we transfer the personal data directly to another person responsible, insofar as this is technically feasible;
- to complain to a competent supervisory authority, e.g. because you are of the opinion that your rights have been violated as a result of the processing of your personal data that is not in accordance with data protection regulations.