Skip to content

Ticket app privacy policy

A. General information

Thank you for your interest in our Ticket app.
We take the protection of your personal data very seriously. The personal data you provide when using the Ticket app and our services is treated confidentially and in accordance with both statutory data protection regulations and this privacy policy. We would like to give you detailed information about what personal data we process, for what purposes we process it, whom we share it with, and what control and information rights you may have. We therefore recommend that you read through this privacy policy carefully.

B. Responsibility and contact

Berliner Verkehrsbetriebe AöR, Holzmarktstraße 15-17, 10179 Berlin (referred to below as “BVG” or “we” or “our” or “us”) is responsible for the Ticket app. If you have any questions regarding this privacy policy or the processing of your personal data, please feel free to contact us by email. If you wish to contact our data protection officer directly, please see section H for details of how to do so.

If you have any questions, suggestions, or criticisms relating to our services, please contact us by email at appsupport@bvg.de.

C. General information on data processing

The Ticket app provides a convenient way for customers to buy digital tickets for use on their mobile devices. We collect personal data from our users only to the necessarily extent to ensure a functioning Ticket app and provide our content and services, only upon you having given your consent for us to employ other data processing functions.

D. Summary of our processing activities

  • If the Ticket app is used purely for informational purposes (i.e. no user registration), we process data about your device to enable use of the app. The legal basis for this data processing is Article 6(1)(b) of the GDPR.
  • We also evaluate usage data with Google Analytics to enable optimisation of our app and provide you with a better user experience, if you provide your express consent. The legal basis for this data processing is Article 6(1)(a) of the GDPR (see also VI.).
  • We process data for troubleshooting purposes to ensure the stability and security of the app and our IT systems. The legal basis in this case is Article 6(1)(f) of the GDPR (see also D.I).
  • We send in-app and push notifications to let you know about disruptions, updates, and other relevant information. Some of these services are optional and are only used if you have enabled them. The legal basis for this data processing is Article 6(1)(f) of the GDPR. The data is required to ensure that we can provide you with the selected functions and to allow us to perform the contract without hindrance. We also have a legitimate interest in notifying you of technical malfunctions (see also D.II.).
  • You can create a customer account in the Ticket app, or otherwise sign in with an existing BVG account. In these cases, we process all the data required for registration and login (e.g. name, email address, login data). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.III.).
  • You may use the Ticket app to purchase tickets. If you do so, we will process the data required to provide you with your desired ticket in the app (ticket type, starting location, fare information and information on selected payment method, first name and surname, validity period). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.IV.).
  • If you contact our customer service, we will process data for the purpose of dealing with your request (e.g. name, email address, reason for contacting us). The legal basis for this data processing is Article 6(1)(b) of the GDPR (see also D.V.).We use external service providers for some of these data processing operations. This is particularly the case for payment processing (see also D.VI.). 

Definitions

Personal data means any information relating to an identified or identifiable natural person (Article 4(1) of the GDPR). This includes information such as your name, your email address, your postal address, and your telephone number. It does not include information that cannot be linked directly to your identity, such as the number of users of a website.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

I. Processing of your data for troubleshooting purposes

If there is a problem with the connection between the app and the background system or if the connection is lost, we will save the data associated with the error (request, error) in your Ticket app account. This data is collected and processed to troubleshoot the error, optimise the app, and ensure system security. The Google Play Store collects anonymised crash reports (number of crashes only), as does the Apple AppStore, if you have provided Apple with your consent. We can view the crash reports on a dashboard in the Google Play Store.

This information is processed to allow us to pursue our legitimate interest in ensuring the stability and security of both the app and our IT systems (Article 6(1)(f) of the GDPR). The data is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also F.).

II. Notification services

You have the option to enable in-app notifications within the Ticket app, allowing us to inform you when a new version of the app is available. You can also enable push notifications. In this case, we will notify you of upcoming events; for example, a holder of a monthly ticket will be informed a few days before it expires. For the purpose of sending in-app notifications and push notifications, we process information on the validity of your season ticket and the iOS device token. The legal basis is Article 6(1)(b) of the GDPR. The data is required in order to provide you with this service. You can disable and enable the functions at any time by going to the app settings.

We also use in-app notifications to inform our users about technical malfunctions. In the event of a malfunction, for example, all users who open the app during a period of time specified by us will be shown a one-off pop-up with information on the current status of the malfunction. In connection with this, we save the notification ID once you have read the notification. This service is always enabled, since it is required for us to fulfil our obligations arising from the contractual relationship. We also have a legitimate interest in notifying our users if the app is not working as it should. We assume that this is also in our users’ interest. The legal basis is Article 6(1)(f) of the GDPR.

The data is erased when it is no longer needed, unless a longer period of storage is justified or required by law (see also F.).

We use the services of IMEDIAPP (43 rue Beaubourg, 75003 Paris, Frankreich) (referred to below as “Batch”) for the app communication. We have concluded a processing contract with Batch. Data transmission is therefore privileged in accordance with Article 28 of the GDPR.

III. Processing of your data during registration and/or use of a customer account

You may create a customer account in the Ticket app or sign in using an existing BVG account. You can erase your customer account at any time. A customer account is required in order to purchase tickets.

1. Registration process

We provide the option for you to register or create a customer account, which requires you to enter personal data. BVG uses the so-called single sign-on for registration. You can also use this account to sign into the other BVG apps as well as the Abo-Online self service. The single sign-on service is provided by our service provider akquinet AG (see also . D. VI).

During the registration process, we will process the following personal data, which you provide on an input form:

  • name
  • first name
  • email address

We use the double opt-in procedure for sign-ups, i.e. your sign-up is not completed until you have confirmed that you wish to sign up by clicking on the link in a confirmation email we send you for this purpose. If your confirmation is not received within 24 hours, the personal data you provided is automatically erased from our database.

You may also register through the purchase process. For this purpose, you can choose between  the third-party payment providers “Google Pay”, “Apple Pay”, or “PayPal”. If you do so, the BVG will receive the data associated with your payment method (first name, surname, address, email address) from the provider for the purpose of registration. The third-party provider may collect further data for its own purposes, but this data will not be processed by the BVG. The double-opt-in procedure does not apply in these cases.


The legal basis for this data processing is Article 6(1)(b) of the GDPR. The data is used to provide customer account functions and for management of your customer account. We will also process your contact data, including your email address, in order to provide you with information on contract-related changes connected to the services we offer in compliance with relevant legislation and provide you with other information required by law.

2. Signing in with an existing BVG customer account

You can also use an existing BVG account to sign into the Ticket app. To do so, please enter the email address and password you use to sign into our other BVG services, e.g. the BVG Fahrinfo app, the BVG Jelbi app, or BVG.de. Your BVG account will then be associated with the Ticket app and the above data from your BVG account (surname, first name, login, password) will be used (“single sign-on”, SSO). The SSO service is provided by our service provider akquinet (see also . D. VI).

We store the data you provide in your personal customer account ( BVG-Account) within the Ticket app. You can manage and change any of the data you provide in your password-protected customer account, although you may need to contact customer service to change some information (see also D.V.).

The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as this information is required for the purpose of signing in with an existing account.

3. Erasing your customer account

You can erase your Ticket app customer account by logging in to your account on the BVG website and selecting the “Erase account” option. Your request for erasure will then be processed by our customer service team. You can also erase individual items of data directly within your customer account. If you decide to erase your customer account, your account data will first be blocked from further processing, with the exception of processing that is required in compliance with legal obligations or rights (see F. below) and then permanently erased. Your request for erasure may conflict with statutory provisions or rights on the part of the BVG. As such, your data may not be erased if the BVG is required to comply with legal obligations to retain data (e.g. for commercial or tax law reasons) or if processing of your data is required for the establishment, exercise, or defence of legal claims, e.g. if we initiate legal proceedings against you for misconduct during use of our services or for payment reasons. In such cases, we will notify you of the reasons conflicting with your right to erasure.

IV. Ticket purchases

You can buy BVG tickets directly within the Ticket app and download them to the app for later use.

1. Purchase

When a ticket is purchased, BVG processes the data required to process ticket purchase:

  • Selected ticket (Ticket type, fare information, price, starting stop or station, “VBB-Kundenkarte” number when purchasing the Berlin S ticket, customer card number when purchasing the VBB Trainee ticket, order data of the shopping cart)
  • Payment information (selected payment method, owner, external reference number, external customer number of the financial service provider, database ID, validity of the credit card and masked credit card number if applicable, masked IBAN if applicable, date of birth if applicable) 
  • Customer master data (Account reference to SSO account, surname, first name, email address)
  • Adress data.

This data is required in order to process your ticket purchase, ticket creation and ticket delivery and the invoice request. The legal basis is Article 6(1)(b) of the GDPR. The data will be stored for a period of ten years.

The complete payment information is processed by Riverty GmbH ("Riverty") or via PayPal (Europe) S.à.r.l. et Cie, S.C.A. ("PayPal"), each of which acts as an independent controller within the meaning of data protection (see sections VI.1 and VI.2).

2. Payment methods

Full payment information is not transmitted to the BVG for the purpose of billing ticket purchases; only information on the selected payment service and the masked credit card number and IBAN is transmitted. BVG needs this information to execute the contract and for customer support. Your payment information will be processed by Riverty, acting as the controller (see D.VI.1), or by PayPal, if you select this payment method (see D.VI.2).

If the Amazon Pay, SEPA and credit card payment service are selected, BVG will also collect the date of birth in addition to the registration data (see III.1. above). The payment service Amazon Pay, SEPA and credit card are offered via the payment service provider Riverty. Riverty requires the date of birth to identify the person. The legal basis is Article 6(1)(b) of the GDPR.

3. Enabling authentication using biometric data

You have the option to enable verification by fingerprint/biometric data in the app. When setting up a payment method, we recommend securing it with a PIN, a fingerprint, or “Face ID”. If the user agrees, the fingerprint or Face ID will be requested and confirmed by the device. The Ticket app receives information from the device regarding whether the result of the scan was successful. You can verify your purchase in this way for all payment processes; the Ticket app itself will only receive information from the device regarding whether authentication was successful or not.
You may disable this optional authentication method at any time by going to the Ticket app settings. You can use verification with biometric data to confirm purchases in the app. This form of verification replaces the need to enter a password. The legal basis is Article 6(1)(b) of the GDPR, as without this data the function cannot be provided.

4. Location services

Instead of manually entering a starting location, you have the option to allow the app to determine your location using the location services on your mobile device. We will then suggest stops or stations located nearest to your location. In the case of GPS positioning, however, we only collect the location determined by your device if the app is open. Your device will indicate if location tracking is active. On an iPhone, for example, it is indicated by a compass symbol in the status bar. Android devices feature a similar function. If you enter your location manually, we will store only this information. The legal basis of this data processing is set out in Article 6(1)(b) of the GDPR, as your location is only determined and transmitted to us if you use this app function. You can enable or disable this function (automated positioning) at any time by going to your operating system’s settings. In this case, you can continue to use the Ticket app with manual entry of your starting location.

5. Fraud analysis/prevention

In the course of ticket sales, fraudulent activity may occur during the payment process. In order to track and in future prevent these fraudulent activities, we process your personal data, in particular master data (e.g. surname, first name, address), label data (e.g. fraud label, label time, label details), payment data (e.g. payment method, shopping cart, order time), customer account data (e.g. account creation date, sales history), and potentially also customer journey data and risk data. For processing of your personal data, we work closely with our service provider Risk.Ident GmbH (Risk Ident), An Sandtorkai 50, D-20457 Hamburg. In cooperating with Risk Ident, we have concluded a processing agreement pursuant to Article 28 of the GDPR for GDPR-compliant processing of your personal data.

We process your personal data on the basis of our legitimate interest, in particular our interest in preventing fraudulent activities, Article 6(1)(f) of the GDPR.

We process your personal data until the purpose of processing no longer applies.

V. Processing of your data when you contact customer service

If you contact us using the BVG chatbot, email, or the BVG contact form, we will process your personal data in order to determine your reason for contacting us and to allow us to assist or reply to you. This may include, for example, processing of your purchase history in order to find tickets for reimbursement.

1. Contacting the customer service

The chatbot provides the fastest way for you to send and receive a reply to enquiries and is available 24 hours a day. You can also use online forms or text input boxes in the chatbot to send requests to the BVG for processing. Based on the content of your request, the chatbot will forward it to the relevant BVG agent to ensure it is dealt with as quickly as possible.

When you use the chatbot for the first time, a randomly generated “universally unique identifier” (UUID) will be assigned to you. The UUID is stored in your browser until you erase your browser history. If you want to use the bot again after deleting your browser history, a new UUID will be randomly generated. In this case, you may have to re-enter any answers you previously clicked on or any questions and other information you previously entered. When you use the bot again, your browser will transmit the UUID to the bot. This allows you to continue a previously interrupted conversation, search, or input in the bot at any time (similar to setting cookies on websites). Any conversations, searches, or inputs you started are also created and stored in your browser events. To help us constantly improve the bot, we record events such as “bot was displayed” and click events such as “user clicked on answer X”. For this purpose, we use conversation IDs, which are generated within the bot’s database in a similar way to the UUID. They are used as an object identifier and are integral to the design of the bot, as database entries require a unique identifier. Both IDs are used exclusively to ensure smooth support and the continuous quality improvement of the chatbot. In addition, we store the device model and the operating system of the device in order to be able to detect and rectify device-specific errors. The data entered using the chatbot is collected by our service provider (Dixa GmbH, Tempelhofer Ufer 1, D-10961 Berlin) and made available to the BVG for evaluation.

The chatbot hands over the data entered in the text input boxes to the Customer Care Tool (see also VI).

2. Contact via contact form

If you contact us using the contact form of the chatbot we will save the reason for your contact, your email address, and your name for the purpose of responding to your questions.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment functions.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

3. Contact via e-mail

If you contact us by email , we will save the reason for your contact, your email address, and your name for the purpose of responding to your questions. To allow us to diagnose and correct errors, the following technical information is also collected: device model, operating system (iOS or Android), app version, device type, customer number, Error Log and Full Crash Log.

The legal bases for the data processing operations set out above are Articles 6(1)(b) and (f) of the GDPR. Article 6(1)(b) of the GDPR is the legal basis for processing requests from customers with whom we have a contract. In addition, we have a legitimate interest in ensuring a smooth customer service experience. We also use your data to ensure that our services function properly and to improve and expedite our data processing processes, e.g. by means of optimised assignment functions.

If the reason for data processing ceases to apply, all personal data you have entered will be erased. This, however, does not apply to data that is required for contract processing or is subject to statutory retention periods (e.g. for tax reasons).

VI. Disclosure of your data

Contracted service providers Personal data may be disclosed to our contracted service providers for processing in accordance with the purposes for which it was originally provided, e.g. to provide offered services, evaluate user behaviour on our website and app, or for technical support. Under statutory agreements (Article 28 of the GDPR), we contractually oblige our contracted service providers to use personal data solely for the agreed purposes and not to disclose your personal data to other parties without our consent, unless this is required by law. We make use of the following external service providers to process your data:

  • Dixa GmbH (Tempelhofer Ufer 1, 10961 Berlin, Germany) – provision of the chatbot (see D.V.).
  • IMEDIAPP SA (Batch.com) – (43 rue Beaubourg, 75003 Paris, Frankreich) – Bereitstellung eines Systems für den Versand von Push- und In-App-Benachrichtigungen
  • Zendesk, Inc. (989 Market Street, San Francisco, California 94103 U.S.A.) Customer Care Tool.
  • PROJEKTIONISTEN GmbH (Schaufelder Str. 11, 30167 Hannover) – development of the Ticket app front end.
  • eos.uptrade (Schanzenstraße 70, 20357 Hamburg) – development and operation of the Ticket app background systems, in which ticket purchase data is received and stored, to correct technical errors in the system provided
  • akquinet AG – (Paul-Stritter-Weg 5, 22297 Hamburg) – provision of single sign-on. Single sign-on makes it possible to access our various products with one-time registration, e.g. the BVG Account on our website, the Fahrinfo app, the Jelbi app, and the Ticket app. For this purpose we process the data categories in accordance with the information on the registration process (see also D.III.1.). We use the solution provided by akquinet for this purpose.

We also disclose data to the following third parties, which act as separate controllers when processing the data:

1. Riverty GmbH

When using any payment method, (except PayPal), your customer data (first name and surname, address, email address) will be transmitted to our external financial services provider (currently Riverty GmbH, Gütersloher Str. 123, 33415 Verl, nachfolgend „Riverty“). The payment method data (account details, credit card details, information on your ticket purchases) is collected directly by Riverty, as claims against you are assigned to Riverty when you purchase a ticket. The legal basis for the data transmission is Article 6(1)(b) and (f) of the GDPR. We have a legitimate interest in outsourcing the handling of payments and the management of claims for the purpose of efficient invoicing.

If you choose to pay by credit card, you may allow the app to access your photos and the camera on your mobile device. This is required if you want to capture your credit card information using the camera. The process automatically completes all required credit card information in the app.  The legal basis is Article 6(1)(b) of the GDPR. Data processing is required for the purpose of automatically reading the data.

Riverty is the sole controller responsible for processing your personal data. More information on how Riverty processes data can be found at https://documents.riverty.com/privacy_statement/ticket_payments/de_en.

Please note: as set out in these policies, if you are not yet a customer of Riverty, Riverty will transmit your data to credit agencies (e.g. Schufa) in order to check your details and creditworthiness to prevent payment defaults.

2. PayPal

You can pay for purchases in the Ticket app using the online payment service provider PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A.., 22-24 Boulevard Royal, L-2449, Luxembourg (referred to below as “PayPal”). If you select PayPal as your payment method, you will be redirected to the PayPal website and the personal data you have entered will be transmitted to PayPal in encrypted form. These data include your name, your address, your telephone number, your IP address, your email address, and other information required for order handling and your specific order.

PayPal is the controller responsible for processing your personal data. The legal basis for the data processing when using PayPal is Article 6(1)(f) of the GDPR. We have a legitimate interest in offering you a wide range of payment options and outsourcing payment processing.

If required for the purpose of completing the order, PayPal may also disclose data to third parties. PayPal will also transmit personal data to credit agencies, e.g. SCHUFA, in order to establish your identity and creditworthiness.

More information on how PayPal processes data can be found at https://www.paypal.com/de/webapps/mpp/ua/privacy-full?locale.x=de_DE.

3. Google Maps

We use the Google Maps service via an API. The provider is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Irland)  (“Google”). Google Maps can easily and accurately determine the location of a user and thus allow us to suggest a starting stop or station. Information regarding the starting stop or station is only relevant to single tickets. Your IP address must be disclosed to use Google Maps functions. This information is typically sent to and stored on Google servers in the USA. We have no influence over this data transmission.

Google Maps opens if you tap the “Starting stop” button during your ticket purchase. This is done in the interest of increasing the attractive and ease of use of our app and represents a legitimate interest as set out in Article 6(1)(f) of the GDPR. We assume that an increase in user-friendliness is also in your interest. More information on how Google handles user data can be found in the Google privacy policy: https://www.google.de/intl/de/policies/privacy/. Instead of Google Maps, you may tap on the location icon to enter your starting stop or station via GPS positioning.

4. Disclosure of personal data to the authorities

We will only transmit your personal data to public authorities if the information is requested on the basis of statutory requests for information or if the BVG is otherwise legally obliged to transmit the data (Article 6(1)(c) of the GDPR).

5. Disclosure of data within the BVG

We reserve the right to allow another company in the BVG Group to operate the Ticket app in the future; in the event of such a change of operator, user data will also be disclosed to the new operator. The new operator will then assume all relevant rights and obligations and process personal data in accordance with this privacy policy.

VII. Transfer of personal data to third countries

Please note that data processed in other countries may be subject to foreign laws and may be accessible to the governments, courts, law enforcement authorities, and regulatory authorities of those countries. If your personal data is transferred to third countries, however, we will take appropriate measures to adequately secure your data.

​​​​​​​Unless an adequacy decision has been adopted by the EU Commission for the recipient country, the transfer of your data to a third country is protected by the fact that EU standard contractual clauses (https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en) have been concluded with the recipient or that binding corporate rules exist. Otherwise, the data will only be transferred if a derogation pursuant to Article 49 of the GDPR is applicable.

E. Data erasure and duration of storage

Your personal data will be stored as long as it is necessary for the fulfilment of the specific purpose. Subsequently, your data will be erased, unless there are legal obligations to retain the data beyond this time or there is legal justification to do so. The following time limits for storage and erasure generally apply:

  • Starting stop search history: The data is stored locally on the user’s device. If the user erases/uninstalls the app, this data is also removed from the device.
  • Customer account data: Storage while account is active
  • Ticket purchase data: Storage for 10 years
  • Data on selected payment method: Storage while account is
  • Data from customer service queries: Storage for a maximum of three years following handling of the request (time starts at end of respective calendar year)

F. Your data protection rights

Depending on the circumstances in your specific case, you have the right

  • to obtain access to the personal data processed by us and/or request copies of these data. This includes information concerning the purpose of usage, the category of data used, their recipients and authorised users, and, where possible, the planned period for which the data will be stored or, if that is not possible, the criteria used to determine that period;
  • to request the rectification, erasure, or restriction of processing of your personal data, provided that its  use is impermissible under data protection law, in particular because (i) the data is incomplete or incorrect, (ii) the data is no longer required for the purposes for which they were collected, (iii) the consent on which processing is based was withdrawn, or (iv) you have made use of your right to object to processing of your personal data; in cases in which the data is processed by third parties, we will forward your request for rectification, erasure, or restriction of processing to these third parties, unless this proves to be impossible or would involve disproportionate effort;
  • to refuse consent or – without affecting the lawfulness of data processing carried out prior to withdrawal – to withdraw your consent to the processing of your personal data at any time;
  • to request the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and to transmit this data to another controller without hindrance from us; you also have the right to have the personal data transmitted directly from us to another controller, where technically feasible;
  • to take legal action or appeal to the data protection supervisory authorities, if you are of the opinion that your rights have been infringed due to processing of your personal data that is not in compliance with data protection regulations.

You also have the right to object to processing of your personal data at any time, free of charge, and with effect for the future:

  • where we process your personal data for direct marketing purposes
  • where we process your personal data in pursuance of our legitimate interests and on grounds relating to your particular situation

G. Contact

If you have any questions, suggestions, or comments on the topic of data protection, please feel free to contact our data protection officer.

Contact information:

Data protection officer

Berliner Verkehrsbetriebe (BVG)
Anstalt des öffentlichen Rechts
Holzmarktstraße 15–17
10179 Berlin, Germany

or

datenschutz@bvg.de.

H. Supervisory authority

You can also contact the supervisory authority responsible for Berlin in all questions relating to data protection:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59 - 61 (Visitor entrance Alt-Moabit 60)
10555 Berlin
Phone: +49 (30) 13889-0
Fax: +49 (30) 2155050
E-mail: mailbox@datenschutz-berlin.de

I. Amendment clause

We reserve the right to make changes to this privacy policy from time to time. Updated versions will be published at https://www.bvg.de/de/Serviceseiten/Datenschutzhinweise-Ticketapp
and http://www.bvg.de/en/Servicepages/Data-protection-policy-ticketapp.

Last updated:  17.07.2024