privacy

Gordon Rohde 18 Feb , 2022

1. Data protection at a glance

General notes

The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed under this text.  

Data collection on our website

Who is responsible for data collection on this website? The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.   How do we collect your data? On the one hand, your data is collected when you communicate it to us. This can, for example, be data that you enter in a contact form. Other data is automatically recorded by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page view). This data is collected automatically as soon as you enter our website.   What do we use your data for? Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.   What are your rights regarding your data? You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority. You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Details can be found in the data protection declaration under "Right to restriction of processing".  

Analytics tools and third-party tools

When you visit our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration. You can object to this analysis. We will inform you about the possibilities of objection in this data protection declaration.  

2. General information and mandatory information

Privacy Policy

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. If you use this website, various personal data will be collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this happens. We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.  

Note on the responsible body

The responsible body for data processing on this website is:   WINTO GmbH - Economic, Innovation and Tourism Promotion Oberhavel GmbH Brickyard Park branch brick factory 10 16792 Zehdenick (OT Mildenberg) Telephone: +49 (0) 3307 310410 Email: info@ziegeleipark.de   The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).  

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. An informal message by e-mail to us is sufficient. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.  

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If the data processing is based on Article 6 Paragraph 1 lit. e or f GDPR, you have the right at any time, for reasons arising from your bspecial situation to object to the processing of your personal data; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims ( Objection according to Art. 21 Para. 1 GDPR). If your personal data is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object, your personal data will then no longer be used for the purpose of direct advertising (objection according to Art. 21 Para. 2 DSGVO).  

Right of appeal to the competent supervisory authority

In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.  

Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.  

SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.  

Information, blocking, deletion and correction

Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.  

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
  • If you contest the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.
  • If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need them to exercise, defend or assert legal claims, you have the right to request that the processing of your personal data be restricted instead of being deleted.
  • If you have lodged an objection in accordance with Art. 21 (1) GDPR, your interests and ours must be weighed up. As long as it is not clear whose interests prevail, you have the right to demand that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State are processed.  

Objection to promotional emails

The use of We hereby object to the contact data published as part of the imprint obligation for sending unsolicited advertising and information material. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.  

3. Data Protection Officer

Legally required data protection officer

We have appointed a data protection officer for our company.   Markus Richter Annahofer Strasse 1 a 16515 Oranienburg OT Germendorf Email: m.richter@ohbv.de Phone: 03301 / 699-376   4. Data collection on our website  

Cookies

Some of the websites use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted. Cookies that are required to carry out the electronic communication process or to provide certain functions you want (e.g. shopping cart function) are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behaviour) are stored, these are treated separately in this data protection declaration.  

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request
  • IP address
This data is not merged with other data sources. This data is collected on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this purpose.  

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We do not pass on this data without your consent. The processing of the data entered in the contact form is therefore exclusively based on your consent (Article 6 (1) (a) GDPR). You can revoke this consent at any time. An informal message by e-mail to us is sufficient. The legality of the data processing operations that took place up until the revocation remains unaffected by the revocation. The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.  

5. Analysis tools and advertising

Google Analytics

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. The storage of Google Analytics cookies and the use of this analysis tool are based on Article 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to to optimize both its website and its advertising.   IP anonymization We have activated the IP anonymization function on this website. As a result, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.   Browser plugin You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full. You can also prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/ gaoptout?hl=de.   Objection to data collection You can prevent Google Analytics from collecting your data by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this website: Disable Google Analytics. You can find more information on how Google Analytics handles user data in the Google data protection declaration: https://support.google.com/analytics/answer/6004245?hl=de.   Order processing We have concluded an order processing contract with Google and fully implement the strict requirements of the German data protection authorities when using Google Analytics.   Demographics in Google Analytics This website uses the "demographic characteristics" function of Google Analytics. This allows reports to be created that contain statements about the age, gender and interests of the site visitors. This data comes from interest-based advertising from Google and visitor data from third-party providers. This data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as described in the point "Objection to data collection".  

Matomo (formerly Piwik)

This website uses the open source web analysis service Matomo. Matomo uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is saved. Matomo cookies remain on your end device until you delete them. The storage of Matomo cookies and the use of this analysis tool are based on Article 6 Paragraph 1 lit. f GDPR. The website operator has a legitimate interest in the anonymous analysis of user behavior in order to optimize both its website and its advertising. The information generated by the cookie about the use of this website will not be passed on to third parties. You can prevent the storage of cookies by setting your browser software accordingly; we would like to point out to you however that in this case you will if applicable not be able to use all functions of this website in full.

If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie will be stored in your browser, which prevents Matomo from saving usage data. If you delete your cookies, the Matomo opt-out cookie will also be deleted. The opt-out must be reactivated when you visit our site again.

 

6. Plugins and Tools

YouTube

Our website uses plugins from the Google-operated YouTube site. The site operator is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers will be established. The YouTube server is informed which of our pages you have visited. Furthermore, YouTube can store various cookies on your end device. With the help of these cookies, YouTube can receive information about visitors to our website. This information is used i.a. used to collect video statistics, improve usability and prevent fraud attempts. The cookies remain on your end device until you delete them. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. Further information on handling user data can be found in YouTube's data protection declaration at: https://www.google.de/intl/de/policies/privacy.  

Vimeo

Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA. If you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged into Vimeo or do not have a Vimeo account. The information collected by Vimeo is transmitted to the Vimeo server in the USA. If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. Vimeo is used in the interest of an attractive presentation of our online offers. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. For more information on how to handle user data, see Vimeo's privacy policy at: https://vimeo.com/ privacy.  

Google Web Fonts

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.  

Google Maps

This site uses the Google Maps map service via an API. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we have indicated on the website. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. You can find more information on handling user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/.  

Privacy Policy-Fahrinfoapp

Link to BVG data protection

Privacy Policy

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (“BVG”) provides you with our mobile BVG app “FahrInfo plus” (hereinafter referred to as “FahrInfo -App") available for download to your mobile device. The following data protection information contains information about the processing of personal data for the use of the FahrInfo app. Basically, the protection of your privacy is of the utmost importance to us. Therefore, compliance with the applicable legal provisions, such as the General Data Protection Regulation ung (hereinafter "GDPR") and the Berlin Data Protection Act (BlnDSG), for us a matter of course. In addition, it is important to us that you always know when we collect and store which data and how we use it. The BVG undertakes to comply with all legal data protection regulations. This is monitored by the data protection officer of the BVG. If you have any questions, suggestions or comments on the subject of data protection, please contact our data protection officer at the e-mail address datenschutz@bvg.de available. Definitions Personal data is any information that relates to an identified or identifiable natural person (Art. 4 No. 1 EU General Data Protection Regulation ("GDPR")). This includes information such as your name, your e-mail address, your postal address or your telephone number as well as e.g. your IP address. This does not include information that is not directly associated with your identity, such as the number of users of a website. Processing is any process carried out with or without the help of automated procedures or any such series of processes in connection with personal data such as collecting, recording, organizing, arranging, storing, adapting or changing, reading out, querying, using, disclosure by transmission, distribution or any other form of making available, matching or linking, restriction, deletion or destruction.

1. Download the FahrInfo app

You can download our FahrInfo app from the relevant app store for your operating system. The information required for the download is transmitted to the App Store, in particular user data from your account (user name, e-mail address), time of download, payment information and the individual device number. The data is collected by the provider of the App Store as the person responsible. We only process this data to the extent that it is necessary for downloading the FahrInfo app. If you download the FahrInfo app directly onto your mobile device via our website, further personal data will be processed via our website. You can find information on this in the data protection declaration on our website [www.bvg.de/datenschutz ]. The legal basis is Article 6 Paragraph 1 Sentence 1 Letter b GDPR.

2. Use of the App

When using our FahrInfo app, we only collect personal data when using the mobile shop within the app and save it in a log file. The following data is recorded here: IP address, model and manufacturer designation of the end device used as well as version information and, depending on the tariff product, the starting stop (required for ticket inspection), data processed or collected in the course of the ordering process (also if the ordering process is canceled). Data processing is justified in accordance with Article 6 Paragraph 1 Sentence 1 lit. b and f GDPR. The legitimate interest is to ensure the best possible use of the app for you. If there are communication problems or disconnections between the FahrInfo app and the background system, then we also save the data related to the error (request/inquiry, error) in your account in the FahrInfo app. The geographical location of the device is only recorded with your consent (Art. 6 Para. 1 S. 1 lit. a DSGVO) for footpath routing within the timetable information and for determining the nearest stop when purchasing tariff products that require a starting stop. In the last-mentioned case, the collection is necessary in accordance with Article 6 Paragraph 1 Sentence 1 lit. b GDPR to fulfill the contract. This data is collected and processed for the purpose of enabling use of the app or ticket purchase, optimizing the app and ensuring system security. This data is deleted when it is no longer needed.

3. Use of the mobile shop in the app

a) Registration We only process your personal data insofar as this is necessary to provide the service you have requested (Art. 6 Para. 1 Sentence 1 lit. b GDPR). If you would like to purchase the products available via the mobile shop, you must register in the app or at www.BVG.de (My BVG ) necessary. There is no obligation to provide your personal data (Art. 13 Para. 2 Sentence 1 lit. e GDPR). However, the service cannot be provided without registration. Alternatively, you can get the tickets offered in all BVG sales points, private sales points and at our ticket machines. When registering, you will be asked for the personal data required to use the ticket shop in the FahrInfo app. This includes your name and e-mail address as well as information about whether you are an adult or a minor. To use the mobile shop via the app, you will also be asked for your home address. Depending on the payment method selected, you must also enter the data required for the payment method (e.g. IBAN, credit card number, PayPal account information, mobile phone number or similar). The data is used and processed exclusively in the specified manner. Automated decision-making - including profiling - does not take place. b) Disclosure of Personal Information (1) Payment by credit card, SEPA direct debit For all payment methods except PayPal (e.g. SEPA direct debit, credit card), your personal data (first and last name, date of birth, address, e-mail address, account details, credit card data, mobile phone number if applicable and data on your respective ticket purchases) will be sent to our external financial service provider (currently LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn) for the purpose of selling and assigning our claims against you, which arise in connection with your ticket purchase. Payment data is transmitted in a secure and encrypted form. The legal basis is Article 6 Paragraph 1 Clause 1 Letter f GDPR. We have a legitimate interest in outsourcing the processing of payments and administration of claims. You can object to the transmission of the data to LogPay at any time, but it will then no longer be possible to place an order via the electronic sales channel. You can access the data protection information from LogPay Financial Services GmbH at https://www.logpay.de/DE/datenschutzinformation. In the case of processing of personal data for the performance of tasks in the public interest (Art. 6 Para. 1 S. 1 lit. e DS-GVO) or for the protection of legitimate interests (Art. 6 Para. 1 S. 1 lit. f DS -GVO), you can object to the processing of your personal data at any time with effect for the future. In this case, we must refrain from any further processing of your data for this purpose, unless
  • there are compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or
  • The processing is necessary to assert, exercise or defend legal claims.
For security reasons, credit card data is not stored in the FahrInfo app or the background system of the FahrInfo app. (2) "Google Pay" payment method Payment via Google Pay is also possible in the FahrInfo app. The service provider is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. If you choose Google Pay for the payment, Google Pay transmits your credit card data to LogPay in encrypted form via a virtual card number. LogPay does not receive any other personal data. Your payment will be processed by LogPay in accordance with the principles set out under (1). The legal basis for processing in connection with Google Pay is Article 6 (1) sentence 1 lit. f GDPR. We have a legitimate interest in offering you expanded payment options and outsourcing the processing of payments. For more information on how Google Pay works and data processing, see https://pay.google.com/intl/de_de/about/ and https://payments.google.com/files/privacy/new_privacy/privacynotice_ZZ_de.html. (3) "Apple Pay" payment method You can also pay with Apple Pay in the FahrInfo app. The service provider is Apple Inc., 1 Apple Park Way, Cupertino, CA 95014, USA. When paying with Apple Pay, Apple Pay transmits your credit card data in encrypted form to LogPay via a device account number. LogPay does not receive any other personal data. Your payment will be processed by LogPay in accordance with the principles set out under (1). The legal basis for processing in connection with Apple Pay is Article 6 (1) sentence 1 lit. f GDPR. We have a legitimate interest in offering you expanded payment options and outsourcing the processing of payments. For more information on how Apple Pay works and how data is processed, see https://support.apple.com/ de-de/HT201469 and https://support.apple.com/en-us/HT203027. (4) "PayPal" payment method In the FahrInfo app we offer payment via the online payment service provider PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). If you select PayPal as the payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. This usually includes your name, address, telephone number, IP address, e-mail address or other information required for order processing, including information about your order. The personal data is processed by PayPal as the responsible body. Insofar as this is necessary for the fulfillment of the order, data can also be passed on to third parties by PayPal. PayPal also transmits personal data to credit agencies such as SCHUFA for identity and creditworthiness checks. legal basis is. Article 6 paragraph 1 sentence 1 lit. f GDPR. The legitimate interest consists in ensuring the solvency of the customer. Further information about data processing by PayPal is available at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE. (5) Payment method "Amazon Pay" When paying via amazon pay, we give your payment data primarily to Amazon Payments Europe sca, and secondarily to Amazon EU SARL, Amazon Services Europe SARL and Amazon Media EU SARL, all three located at 5, Rue Plaetis L 2338 Luxembourg ( hereinafter »Amazon Payments«), continue. Amazon Payments reserves the right to carry out a credit check. Amazon Payments uses the result of the credit check in relation to the statistical probability of non-payment for the purpose of deciding whether to provide the respective payment method. The credit report can contain probability values ​​(so-called score values). As far as score values ​​are included in the result of the credit report, they are based on a scientifically recognized mathematical-statistical process. Address data, among other things, is included in the calculation of the score values. In addition, Amazon Payments is entitled to pass on your data to unnamed third parties (banks, e-service providers, service partners, but also auditors, analysis services, credit agencies, marketing partners, cloud service providers, retargeting providers, affiliated companies). Further data protection information, including information on the credit agencies used, can be found in the Amazon Payments data protection declaration: https://pay.amazon.de/ help/201751600. The legal basis for this is Art. 6 (1) sentence 1 lit. b GDPR. (6) Collection In the event that you do not meet your payment obligations, your personal data will be used for the purpose of collecting the claims (e.g. through payment reminders/dunning notices) and enforcing the claims (e.g. as part of a judicial dunning procedure or cooperation with a law firm in the event of judicial enforcement ) to the debt collection company diagonal inkasso GmbH, Bremer Straße 11, 21244 Buchholz idN passed on. In this case, the transmission of your personal data is based on Article 6 Paragraph 1 Sentence 1 lit. (7) Google Maps This app uses the Google Maps map service via an interface. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google Maps is used in the interest of an attractive presentation of our online offers and to make it easy to find the places we have specified in the app. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR. When using the service, your browser communicates directly with Google Inc. This information is usually transmitted to a Google server in the USA and stored there. We have no influence on this data transfer. You can find more information on how Google handles user data in Google's data protection declaration: https://www.google.de/intl/de/policies/privacy/. You can find the terms of use for Google Maps at https://www.google.com/intl/de_US/help/terms_maps.html. Full details can be found in the data protection center of google.de: https://privacy.google.com/intl/de/index.html# . In the data protection center you can also change the settings so that you can manage and protect your data.

4. Use of live navigation

When using the live navigation function, we collect the personal data described below, which is technically necessary for us to offer you the live navigation functions and to ensure the stability and security of the app: a. Device identifiers or ~information • IP address • Device~ or Correlation ID • Operating system of the mobile device incl. version This information is processed in order to technically enable you to use our app, Art. 6 Para. 1 S. 1 lit. b GDPR, since we need the automatically collected data to provide a functional app (e.g. by adapting the app to the needs of your device). In addition, this information is processed for our legitimate interest in optimizing live navigation and ensuring the stability and security of the app and our information technology systems, Art. 6 Para. 1 S. 1 lit f GDPR. Furthermore, we evaluate app usage data (technical usage data, app version, click flows, functions used) on a purely anonymous basis in order to identify preferences and to be able to further develop the app. b. Geo and sensor data (all users) • GPS coordinates • Speed ​​(motion sensor) • Alignment (gyroscope) • Magnetometer As part of the live navigation function, we collect your location data (GPS data, i.e. mobile sensor data generated by movement or direction) in order to enable you to use real-time data-updated route guidance that guides users step-by-step in an easily understandable manner to their goal brings to enable. For this purpose it is necessary that you allow the app to access location services via the operating system of the mobile device you are using and its authorization system ("location function" of your mobile device). In this context, however, we only record the location determined by your device if the live navigation function is open and you have touched the location symbol. If the location survey is active, the iPhone, for example, shows this via a compass symbol in the top bar. A comparable function can be found on Android devices. The lawfulness of this data processing results from Article 6 Paragraph 1 S. 1 lit. b GDPR, since your location is only recorded and transmitted to us if you want to use functions when using the app that we We can only offer you if we know your location. When using route guidance updated by real-time data, your location must be processed in order to bring you to your destination. However, you can allow or revoke this function (automated position determination) in the settings of your operating system at any time. c. Disclosure of your data to third parties ah. Service providers used Personal data may be disclosed to third parties who act on our behalf in order to further process the personal data in accordance with their original underlying purpose, for example fulfillment of the services offered, evaluation of user behavior on our website or technical support. These third parties are contractually obliged by us by means of statutory agreements (Article 28 GDPR) to use personal data only for the agreed purpose or not to pass on your personal data to other parties without permission, unless this is required by law. In particular, we use the following external service providers to process your data: - Mobimeo GmbH, Hallesches Ufer 60, 10963 Berlin bb Transfer of personal data to third countries Please note that data processed in other countries may be subject to foreign laws and may be accessible to local governments, courts, law enforcement and regulatory authorities. However, when transferring your personal data to third countries, we will take appropriate measures to adequately secure your data. When your data is transferred to a third country, the transfer is protected in that the recipient either complies with the provisions of the EU-U.S. Privacy Shield (http://privacyshield.gov/) is certified, or with this EU standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en ) have been completed.

5. App Analysis

Our app uses Google Analytics for Firebase, a function for evaluating user behavior in the app and for marketing analysis. The analysis tool automatically collects the following app usage data: • Number of users and sessions • Session duration • Operating systems • Device models • Region • First-time launches • App runs • App updates • In-app purchases This data is made available in Google Analytics and Google Analytics for Firebase and evaluated by Google in an anonymous form. Google uses a so-called device identifier (device ID, cookie or similar technology) on the user's end device. Based on the above, it can be determined how long users interact with the FahrInfo app, how often they make in-app purchases and how many of them were active in a certain period of time. The legal basis for data processing is Article 6 Paragraph 1 Clause 1 Letter f GDPR. We have a legitimate interest in analyzing and regularly improving the use of the app. The transfer of data to Google is based on Art. 28 GDPR in conjunction with the order processing contract. You can prevent the analysis by making the appropriate settings in your device settings (iOS: settings  usage statistics; Android: settings  usage statistics). You can also object to the transmission of usage information in the FahrInfo app under data protection. The data is stored for a period of 14 months and then deleted. Further information on data processing by Google and Google Analytics for Firebase is available at https://policies.google.com/ technologies/partner-sites?hl=de and in Google's privacy policy at http://www. google.de/intl/de/policies/privacy.

6. Rights of data subjects

Depending on the circumstances of the specific case, you have the following data protection rights:
  • To obtain information about your personal data processed by us and to request access to your personal data and/or copies of this data. This includes information about the purpose of use, the category of data used, their recipients and authorized users and, if possible, the planned duration of data storage or, if this is not possible, the criteria for determining this duration.
  • To demand the correction, deletion or restriction of the processing of your personal data, insofar as their use is inadmissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) they are used for the purposes for which they were collected are no longer necessary, (iii) the consent on which the processing was based has been withdrawn, or (iv) you have successfully exercised a right to object to data processing; in cases where the data is processed by third parties, we will forward your requests for rectification, erasure or restriction of processing to these third parties, unless this proves impossible or involves disproportionate effort;
  • to refuse consent or to withdraw your consent to the processing of your personal data at any time without affecting the lawfulness of the data processing that took place before the withdrawal;
  • Object to the processing on grounds relating to your particular situation;
  • to request the personal data that you have provided to us in a structured, common and machine-readable format and to transmit this data to another person responsible without hindrance from us; You may also have the right to request that we transmit the personal data directly to another person responsible, insofar as this is technically feasible;
  • To complain to a competent supervisory authority, e.g. because you believe that your rights have been violated as a result of the processing of your personal data not being in accordance with data protection regulations.

7. Duration of storage of personal data

Your personal data will be automatically deleted by the BVG if the purpose of storage no longer applies and no legal regulations require further storage. Statistical evaluations are only made anonymously .

8. Updated the privacy policy

The above data protection information is valid from September 2nd, 2019. They can be retrieved from our website and saved/printed out at any time. We reserve the right to adapt the data protection information in the event of technical or legal changes. Status: 02.09.2019