The following items provide an explanation of how and for what purpose personal data is collected when you use our website. Personal data includes all data that directly relates to you and can be used to identify you as a person, e.g. your name, address, e-mail addresses and user behavior.
The data controller pursuant to Art. 4 Sect. 7 General Data Protection Regulation (GDPR) is HanseCom Public Transport Ticketing Solutions GmbH. The contact details are as follows:
HanseCom Public Transport Ticketing Solutions GmbH
Amsinckstraße 34
20097 Hamburg, Germany
+49 1520 907 3406
hallo@hansecom.com
You can contact our data protection officer as follows:
Mag. Jur. Djoko Lukic
datenschutzbuero.hamburg
Phone: +49 40 414 313 070
Website: https://datenschutzbuero.hamburg
E-mail: hansecom@datenschutzbuero.hamburg
The relevant supervisory authority is:
Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Str. 22, 7. OG
20459 Hamburg, Germany
Phone: +49 40 428 544 040
E-mail: mailbox@datenschutz.hamburg.de
As regards personal data relating to you, you have the following rights vis-à-vis us:
· Right to information,
· Right to rectification or deletion,
· Right to restrict processing,
· Right of objection to processing,
· Right to data portability.
You also have the right to file a complaint with a data protection supervisory authority regarding the processing of your personal data by us.
When you visit the website for the sole purpose of obtaining information, we only collect the personal data that your browser transmits to our server. When you decide to view our website, we collect the following data to obtain the technical information necessary to display our website to you and to guarantee its stable and secure operation (legal basis is Art. 6 Sec. 1 S. 1 lit. f GDPR):
· IP address,
· Date and time of the request,
· Time zone difference to Greenwich Mean Time (GMT),
· Content of the request (specific page),
· Access status/HTTP status code,
· The amount of data transferred in each case,
· Web page from which the request originated,
· Browser,
· Operating system and interface used,
· Language and version of the browser software.
Your data will not be disclosed to unauthorized parties. We will only disclose your data where this is necessary to fulfill legal or contractual obligations. Examples of this include the disclosure of data to tax authorities or to public prosecutors in the context of preliminary proceedings. We will also transfer your data to service providers who are necessary for the provision of services (e.g. technical service providers).
If our service providers are based outside the EU, we ensure that an adequate level of data protection as set forth in Art. 45 GDPR is adhered to or that the data importer has provided suitable guarantees pursuant to Art. 46 I GDPR.
1. Revocation of consent
If you have given your consent to the processing of your data, you can revoke it at any time.
2. Objection based on balancing interests
Insofar as we base the processing of your personal data on a balancing of interests, you may object to the processing. This is the case if the processing is not necessary in particular for the fulfillment of a contract with you. This is indicated by us in each case in the description of the functions below. In the event of such an objection, we ask you to explain the reasons why we should not process your personal data in the way we have done. In the event of your justified objection, we will examine the facts and either discontinue or adapt the data processing or point out our compelling legitimate grounds on the basis of which we will continue the processing.
3. Objection to use for advertising purposes
You naturally have the right to object to the processing of your personal data for advertising and data analysis purposes at any time.
4. Contact address for revocations or objections
In the event of a revocation or objection, please send an e-mail to hello@hansecom.com.
1. What are (http) cookies?
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are text files used by the opened website to store data (e.g. the time of your last visit, etc.).
2. Expiration date, persistent cookies
Cookies have a predefined expiration date. As soon as the date is reached, the cookie or the information stored with it will be deleted from your browser. These are persistent cookies.
3. What are transient cookies?
Transient cookies are automatically deleted when you close your browser. This includes in particular the session cookies. These store a so-called session ID, which is used to assign different requests of your browser to a session.
4. What does ‘local storage’ mean?
‘Local storage’ refers to the temporary storage of your browser. Web pages can use it to store data. The functionality corresponds to that of (http) cookies, which is why this data is treated the same as cookies.
5. How to reject cookies
You can configure your browser settings according to your wishes and, for example, refuse to accept third-party cookies or all cookies. Please note that in this case you may not be able to use all functions of this website.
1. What is Google Analytics?
Google Analytics is a service provided by Google Inc. (“Google”) to analyze website usage.
2. Purpose of processing
We use Google Analytics to analyze the use of our website. The statistics gained through this service allow us to improve our offering and make it more attractive to you as a user.
3. How does Google Analytics work?
Google Analytics stores the website usage behavior, e.g. the duration of the visit, in “cookies” (see above).
4. Where is the data processed?
The information about your use of this website is stored on servers located in both the EU and the USA. EU standard contractual clauses pursuant to Art. 46 I in conjunction with Art. 46 II lit. c) GDPR have been concluded with Google.
5. Prevention of processing by Google
You can prevent cookies from being stored on your computer by making the corresponding settings in your browser. Furthermore, you can prevent Google from collecting, transferring and processing the data generated by these cookies about your website utilization (incl. your IP address) by downloading and installing the browser plugin available at this link: http://tools.google.com/dlpage/gaoptout?hl=de.
6. Legal basis
The legal basis for the use of Google Analytics is your implied consent pursuant to Art. 6 Sec. 1 S. 1 lit. a GDPR and our legitimate interest pursuant to Art. 6 Sec. 1 S. 1 lit. f GDPR.
7. Further information
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Terms of use: http://www.google.com/analytics/terms/de.html
Overview of data privacy: http://www.google.com/intl/de/analytics/learn/priv...
Privacy policy: http://www.google.de/intl/de/policies/privacy
You can share the content of our website on Facebook. We do not use any plugins for this purpose. You can share our website by clicking Internet links. Once you select the share website feature, you will be using Facebook’s website services. You will leave our website, and Facebook will likely process the personal data that is usually collected when you visit websites.
1. What are Google Web Fonts?
Google Web Fonts are free character sets provided by Google that can be used on client computers to display web pages.
2. Purpose of processing
We use Google Web Fonts for the uniform presentation of our website.
3. Is personal data processed in this case?
When the website is displayed, the visitor’s computer downloads the character sets from Google. Google registers this process and can identify which website was opened by the user.
4. Where is the data processed?
The information about your use of this website generated by the retrieval of the character sets is stored on servers located both in the EU and in the USA. EU standard contractual clauses pursuant to Art. 46 I in conjunction with Art. 46 II lit. c) GDPR have been concluded with Google.
5. Legal basis
The legal basis for the use of Google Web Fonts is Art. 6 Sec. 1 S. 1 lit. f GDPR.
6. Further information
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Information about Google Web Fonts: https://developers.google.com/fonts/faq
Privacy statement: http://www.google.de/intl/de/policies/privacy
1. What Are YouTube Videos?
These are videos embedded in our website. The technology for playing the videos is provided by Google.
2. Purpose of processing
We process the data in order to provide you with videos on our website.
3. What data is processed by YouTube?
YouTube videos are provided in ‘Advanced Privacy Mode’. This means that no personal data is processed by YouTube when you access the website on which the YouTube video was integrated. Only when you play videos will YouTube process the personal data that is usually required for the rendering of web services (IP address, time, etc.). For more information on these data categories, please consult § 6 of this declaration. The processing will take place regardless of whether you are logged in with your Google Account.
If you are logged in at Google, your data will be directly associated with your account. If you do not want this action to be associated with your Google profile, you must log out before activating the button. YouTube stores your data in user profiles and uses it for the purposes of advertising, market research and/or the need-based design of its website. This evaluation is carried out in particular (even for users who are not logged in) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, but you must contact YouTube to exercise this right.
4. Legal basis
The legal basis is Art. 6 Sec. 1 S. 1 lit. f GDPR.
5. Further information
YouTube is a service offered by Google. The information generated by the retrieval of the videos is stored on servers located both in the EU and in the USA. EU standard contractual clauses pursuant to Art. 46 I in conjunction with Art. 46 II lit. c) GDPR have been concluded with Google. Further information on the purpose and scope of data collection and processing can be found in the privacy statement. It also provides you with more information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.
Third-party information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Information about Google Web Fonts: https://developers.google.com/fonts/faq
Privacy statement: http://www.google.de/intl/de/policies/privacy
1. Purpose and legal basis
Data is processed to inform you about products, services and further marketing measures via e-mail. The basis for this is the digitally granted consent in accordance with Art. 6 I S. 1 lit. a GDPR. Furthermore, we process your data in our own interest in accordance with Art. 6 I S. 1 lit. f GDPR.
2. Data categories
We process your e-mail address in order to be able to send you e-mails. We also process your first name and surname to address you personally.
3. Transmission of your data to our service provider
The data is transmitted to the operators of our IT infrastructure. It is also possible that external IT service providers may have access to this data during troubleshooting activities.
We use the services of the following providers to send out e-mails:
- Orange Marketing (Christian Harms, Schumannstr. 49, 60325 Frankfurt am Main, Germany)
The service provider integrates a so-called ‘tracking pixel’ into the dispatched newsletters. This tracking pixel enables the provider to analyze user behavior, such as whether the newsletter has been read by the recipient.
4. Access authorization
Your data can only be accessed by employees who are authorized to do so.
5. Voluntary nature and revocation of consent
Your consent is voluntary. The use of our services and offers is not affected by this consent. You can revoke your consent at any time. To do so, use the corresponding link in the e-mail or send an e-mail to hallo@hansecom.com.
6. Retention period
If no obligations of retention exist, we will delete your data after you withdraw your consent.
1. Purpose and legal basis
Data processing is carried out in order to be able to communicate with you via electronic mail. We perform this processing in order to fulfill our agreed obligations defined in Art. 6 I S. 1 lit. b GDPR. Furthermore, the operation of the e-mail server and the communication made possible by it are also in our own interest in accordance with Art. 6 I S. 1 lit. f GDPR.
2. Data categories
When operating the e-mail system, all data that you send us via electronic mail is captured. This includes, for example, e-mail addresses, your name, your address and other communication data.
3. Recipient of your data
The data is transmitted to the responsible persons named under § 1 and the operators of our IT infrastructure. It is also possible that external IT service providers may have access to this data during troubleshooting activities. We draw on a service from Microsoft to send out e-mails. Your data can only be accessed by employees who are authorized to do so.
4. Access authorization
Your data can only be accessed by employees who are authorized to do so.
5. Retention period
If no obligations of retention exist, we will delete your data after you withdraw your consent.
An obligation of retention can result, for example, from Section 147 of the German Fiscal Code. If a separate contract has been concluded or a contract has been initiated with you, we are obliged under this provision to store the data for 10 years.
6. Disclosure of data
The e-mail server is operated and maintained by Microsoft. For this reason, e-mails are also stored in Microsoft’s infrastructure. Although Microsoft is a company based outside the EU (USA), it has subjected itself to the Privacy Shield framework and thus guarantees a data protection standard that corresponds to that of the European Union. For more information on this, please use the following link: http://www.microsoftvolumelicensing.com/Downloader...
7. Encryption
In order to prevent unauthorized access to your personal data by third parties, our e-mail servers support transport-encrypted transmissions. All synchronizations are carried out in encrypted form. Furthermore, our contact form is provided on an encrypted website.
1. Purpose and legal basis
We carry out this processing in order to enable you to purchase tickets and to comply with our obligations defined in Art. 6 I S. 1 lit. b GDPR.
2. Order processing and responsibilities
The processing activities connected with the app are carried out as part of order processing. The transportation operators are responsible for the respective processing activities. The transportation operators are our clients, and we act as a service company working on behalf these clients. The responsible parties are listed under § 17 Item 10 of this data privacy declaration.
3. Your rights
Analogous to § 5, you are entitled to the following rights vis-à-vis your transportation company:
The right to information pursuant to Art. 15 GDPR,
The right to rectification pursuant to Art. 16 GDPR,
The right to cancellation pursuant to Art. 17 GDPR,
The right to limit processing pursuant to Art. 18 GDPR,
The right to information pursuant to Art. 19 GDPR,
The right to data portability pursuant to Art. 20 GDPR,
The right to revoke consent granted pursuant to Art. 7 Sec. 3 GDPR, and
The right of appeal pursuant to Art. 77 GDPR.
Please note that we are not allowed to process any inquiries regarding data processing within HandyTicket Deutschland. Please contact the relevant transportation operator or their data protection officer. The contact data is listed under § 17 Item 10 of this data privacy declaration.
4. Data categories
The app processes the following data categories: your name, address, payment information, location, mobile phone number, uploaded documents and/or photographs, WLAN connection information, and technical information (such as log data and software information) about your phone.
5. App authorizations
The app used requires different access rights. The access rights and the purpose of the respective data processing are listed below:
Location
Approximate location (network-based) precise location (GPS and network-based)
The location is determined in order to select the correct region. This function is also used to determine and display the nearest railway or bus stations and the travel connections available.
Phone
Read phone status and identity
To make it easier for the user to fill out the data fields during registration, the name and telephone number are read from the telephone. This function is only used with Android telephones.
Photos/media/files
Read the contents of your USB storagemodify or delete the contents of your USB storage
Memory
Read the contents of your USB storagemodify or delete the contents of your USB storage
If documents or photographs are required for the registration of certain tickets or subscription cards, they can be uploaded through the app. The above authorizations are necessary for the app to access these photos. Without this authorization, our app will not be able to access the image documents.
Google’s designation ‘USB storage’ is misleading. Rather, the authorization refers to access to additional storage media, such as memory cards. This is where photos are frequently stored.
Camera
Take pictures and videos
In order to record and upload documents directly, the software requires access to the camera function.
WLAN connection information
View Wi-Fi connections
Payments can also be made by the mobile operator. The payments made will then be billed to you by your mobile operator. In order to implement this payment method, mobile operators were required to ensure that the smartphone is not connected to a WLAN during the payment process. In order to meet this requirement, the app needs to check whether an active WLAN connection exists, which is why the corresponding authorization is required.
Device ID & call information
Read phone status and identity
Within the scope of this authorization, the application checks whether required Google services are available on the phone. If these are not available, essential program components no longer function. Even though it is possible to query the IMEI within the scope of this authorization, we will not do so.
Miscellaneous
Receive data from Internetview network connectionsfull network access
The purchase of tickets is only possible if the purchase is processed on our technical infrastructure. The data transmission required for this is carried out via the Internet and therefore also requires the authorization to send and receive data via the Internet.
Control vibration
This function is no longer required and will be disabled in future versions. No personal data is processed with this function.
Prevent device from sleeping
To receive instant messages (push messages), the standby function is temporarily disabled and the phone is activated. This function is relevant, for example, in order to be able to report cancelled routes or delays at short notice.
Read Google service configuration
This authorization, too, is necessary to determine whether required services are provided by the smartphone’s operating system. Without this check, software errors can occur.
6. Recipient of your data
The data is transmitted to the responsible persons (clients) named under § 17 Item 10 of this data privacy declaration and to the operators of our IT infrastructure. It is also possible that external IT service providers may have access to this data during troubleshooting activities.
7. Access authorization
Your data can be accessed by employees who are authorized to do so.
8. Retention period
If no obligations of retention exist, we will delete your data. An obligation of retention can result, for example, from Section 147 of the German Fiscal Code. If a separate contract has been concluded or a contract has been initiated with you, we are obliged under this provision to store the data for 10 years.
9. Encryption
In order to prevent unauthorized access to your personal data by third parties, the data is transferred in transport-encrypted format.
10. Clients
Dresdner Verkehrsbetriebe AG
Postfach 10 09 55
01079 Dresden, Germany
Privacy statement: https://www.dvb.de/en-gb/meta/legal-notice/
Data protection officer: datenschutz@dvbag.de
--
Verkehrsverbund Mittelsachsen GmbH representing the transportation operators in the VMS
Am Rathaus 2
09111 Chemnitz, Germany
Privacy statement: https://www.vms.de/service/datenschutz/
Data protection officer: datenschutz@vms.de
--
Verkehrsverbund Vogtland GmbH
Göltzschtalstrasse 16
08209 Auerbach, Germany
Phone: +49 (0) 3744 8302 – 0
Privacy statement: https://vogtlandauskunft.de/datenschutz.html
Data protection officer: datenschutz@vvvogtland.de
--
Städtische Nahverkehrsgesellschaft mbH Suhl/ Zella-Mehlis
Am Bahndamm 1
98527 Suhl, Germany
Privacy statement: https://www.sngonline.de/de/kontakt/
Data protection officer: SNG@Dresden.Brands-Consulting.eu
--
SWE Stadtwerke Erfurt GmbH
Magdeburger Allee 34
99086 Erfurt, Germany
Privacy statement: https://www.stadtwerke-erfurt.de/pb/swe/datenschut...
Data protection officer: evag-datenschutz@stadtwerke-erfurt.de
--
moBiel GmbH
Otto-Brenner-Strasse 242
33604 Bielefeld
Germany
Privacy statement: https://www.mobiel.de/datenschutz/mobielde/
Data protection officer: Datenschutz@Stadtwerke-Bielefeld.de
--
Stadtwerke Münster GmbH
Hafenplatz 1
48155 Münster, Germany
Privacy statement: https://www.stadtwerke-muenster.de/privatkunden/so...
Data protection officer: datenschutz@stadtwerke-muenster.de
--
Duisburger Verkehrsgesellschaft AG
Bungertstrasse 27
47053 Duisburg, Germany
Privacy statement: https://www.dvg-duisburg.de/datenschutz/
Data protection officer: datenschutzbeauftragter@dvv.de
--
Hagener Versorgungs- und Verkehrs-GmbH
Am Pfannenofen 5
58097 Hagen, Germany
Privacy statement: https://www.strassenbahn-hagen.de/footer/datenschu...
Data protection officer: datenschutz@hvg-hagen.de
--
NEW AG
Odenkirchener Strasse 201
41236 Mönchengladbach, Germany
Privacy statement: https://www.new-mobil.de/datenschutz/
Data protection officer: datenschutz@new.de
--
Niederrheinische Verkehrsbetriebe
Aktiengesellschaft NIAG
Rheinberger Strasse 95a
Privacy statement: https://www.niag-online.de/kontakt/datenschutz/
Data protection officer: datenschutz@de.rhenus.com
--
Rheinbahn AG
Lierenfelder Strasse 42
40231 Düsseldorf, Germany
Privacy statement: https://www.rheinbahn.de/info/Seiten/Datenschutz-u...
Data protection officer: datenschutzbeauftragter@rheinbahn.de
--
Ruhrbahn GmbH
Zweigertstrasse 34
45130 Essen, Germany
Privacy statement: https://www.ruhrbahn.de/essen/sonstige-seiten/date...
Data protection officer: datenschutz@ruhrbahn.de
--
Stadtbus Dormagen GmbH
Willy-Brandt-Platz 1
41539 Dormagen, Germany
Privacy statement: https://stadtbus-dormagen.de/impressum/index.php
Data protection officer: info@stadtbus-dormagen.de
--
SWK STADTWERKE KREFELD AG
St. Töniser Str. 124
47804 Krefeld, Germany
Privacy statement: https://www.swk.de/datenschutzerklaerung-sowie-nut...
Data protection officer: datenschutzbeauftragter@swk.de
--
Stadtwerke Neuss GmbH
Moselstrasse 25-27
41464 Neuss, Germany
Privacy statement: https://www.stadtwerke-neuss.de/impressum-datensch...
Data protection officer: datenschutz@stadtwerke-neuss.de
--
STOAG Stadtwerke Oberhausen GmbH
Max-Eyth-Strasse 62
46149 Oberhausen, Germany
Privacy statement: https://www.stoag.de/servicenavigation/datenschutz...
Data protection officer: dsb@fox-on.com
--
Stadtwerke Remscheid GmbH
Neuenkamper Strasse 81-87
42855 Remscheid, Germany
Privacy statement: https://www.stadtwerke-remscheid.de/datenschutz/
Data protection officer: datenschutz@ewr-gmbh.de
--
Stadtwerke Solingen GmbH
Beethovenstrasse 210
42655 Solingen, Germany
Privacy statement: http://www.sobus.net/datenschutz/
Data protection officer: swsg.datenschutz@stadtwerke-solingen.de
--
Straßenbahn Herne - Castrop-Rauxel GmbH
An der Linde 41
44627 Herne, Germany
Privacy statement: https://www.hcr-herne.de/de/datenschutzerklaerung....
Data protection officer: datenschutz@hcr-herne.de
--
Verkehrsgesellschaft der Stadt Velbert mbH (VGV mbH)
Am Lindenkamp 33
42549 Velbert, Germany
Privacy statement: https://www.vgv-velbert.de/datenschutz/
Data protection officer: datenschutz@vgv-velbert.de
--
WSW Wuppertaler Stadtwerke GmbH
Bromberger Str. 39-41
42281 Wuppertal, Germany
Privacy statement: https://www.wsw-online.de/datenschutzbestimmungen/
Data protection officer: datenschutz@wsw-online.de
--
Dortmunder Stadtwerke AG (DSW21)
Deggingstrasse 40
44141 Dortmund, Germany
Privacy statement: https://www.bus-und-bahn.de/rel2012newp/32707.html
Data protection officer: datenschutz@dsw21.de
--
BVR Busverkehr Rheinland GmbH
Graf-Adolf-Strasse 67-69
40210 Düsseldorf, Germany
Privacy statement: https://www.rheinlandbus.de/rheinlandbus/view/home...
Data protection officer: datenschutz.regio@deutschebahn.com
--
Bahnen der Stadt Monheim GmbH
Daimlerstrasse 10a
40789 Monheim am Rhein, Germany
Germany
Privacy statement: https://www.bahnen-monheim.de/Datenschutz/
Data protection officer: Datenschutz@bahnen-monheim.de
--
ASEAG
Aachener Straßenbahn- und Energieversorgungs-AG
Neuköllner Strasse 1
52068 Aachen, Germany
Privacy statement: https://www.aseag.de/datenschutz/
Data protection officer: dsb@aseag.de
--
Verkehrsverbund Pforzheim-Enzkreis GmbH (VPE)
Luitgardstrasse 14-18
75177 Pforzheim, Germany
Privacy statement: https://www.vpe.de/datenschutz/
Data protection officer https://www.vpe.de/datenschutz/
--
SWU Verkehr GmbH
Karlstrasse 1-3
89073 Ulm, Germany
Privacy statement: https://www.swu.de/fileadmin/content/mobilitaet/SW...
Data protection officer: datenschutz@swu.de
--
Bodensee-Oberschwaben Verkehrsverbund GmbH
Bahnhofplatz 5
88214 Ravensburg, Germany
Privacy statement: https://www.bodo.de/datenschutz.html
Data protection officer: datenschutz@bodo.de
--
Katamaran-Reederei Bodensee GmbH & Co. KG
Kornblumenstr. 7/1
Privacy statement: https://www.der-katamaran.de/datenschutz.html
Data protection officer: datenschutz@stadtwerk-am-see.de
--
DB Vertrieb GmbH
Stephensonstr. 1
60326 Frankfurt, Germany
Privacy statement: https://www.bahn.de/p/view/home/datenschutz/schutz...
Data protection officer: ecommerce-datenschutz@bahn.de
--
Regio Verkehrsverbund Lörrach GmbH
Luisenstrasse 16
79539 Lörrach, Germany
Privacy statement: https://www.triregio.info/#/impressum_datenschutz
Data protection officer: not provided
--
Verkehrsverbund Oberlausitz-Niederschlesien GmbH (VON GmbH)
Rosenstrasse 31
02625 Bautzen, Germany
Privacy statement: https://www.zvon.de/de/Datenschutz/
Data protection officer: datenschutz@pcs-bz.de
--
Neubrandenburger Stadtwerke GmbH
John-Schehr-Straße 1
17033 Neubrandenburg
Privacy statement: https://www.neu-sw.de/datenschutzerklaerung
Data protection officer: datenschutz@neu-sw.de
--
Verkehrsunternehmen Wartburgmobil (VUW) gkAöR
Hersfelder Straße 4
36433 Bad Salzungen
Privacy statement: https://www.wartburgmobil.info/servicelinks/datenschutzbestimmung
Data protection officer: datenschutz@vu-wartburgmobil.de
1. Purpose and Legal Basis
We process your data to making payments, receive payments and to record incoming and outgoing payments for accounting purposes.
Since the payments are made within the framework of contractual service agreements, the legal basis for this is provided in Art. 6 I lit. b GDPR.
2. Data Categories
We process your name, the payment amount and the type of ticket purchased.
3. Recipient of Your Data
Incoming payments are processed by our banking institution and are therefore also disclosed to it.
4. Access Authority
Your data can only be accessed by employees who are authorized to do so.
5. Retention Period
The data must be retained for 10 years due to statutory retention obligations.
1. Purpose and Legal Basis
We do not perform credit checks. Purchase price claims are assigned to the LogPay payment service provider by our clients. Further details as well as the contact data of the respective responsible persons can be found in Section 19 of this data privacy declaration. For more information on data processing at LogPay, click the following link: https://www.logpay.de/DE/datenschutzinformationen/
The legal basis for the assignment of claims is Art. 6 I lit. f GDPR. The outsourcing of payment processing and receivables management constitute the legitimate interest.
LogPay, as the responsible party, performs credit checks at its discretion during initial registration. Our own legitimate interest pursuant to Art. 6 I lit. f GDPR is the avoidance of payment defaults.
2. Data Categories
The name, date of birth, address, e-mail address, bank account details, credit card information as well as information about the data and the services received are processed.
3. Further Details
Since the principals listed under Section 17 Item 10 are responsible for this data processing, you can obtain further details from the relevant contacts listed there.
Information on data processing and credit assessment by LogPay (LogPay Financial Services GmbH, Schwalbacher Strasse 72, 65760 Eschborn, Germany) is provided via the following link: https://www.logpay.de/DE/datenschutz/
Other data transmissions will be encrypted, where possible.
Date: 20 November 2020