DATA PROTECTION DECLARATION
- Responsible persons and applicable law
FAIRTIQ is the operator and responsible entity of data processing in connection with the application and processes personal data in accordance with
- the Swiss Federal Law on Data Protection (“DPA”), including the ordinance as addition to DPA, if the customer obtains services from FAIRTIQ in Switzerland, and
- the EU General Data Protection Regulation 2016/679 ("GDPR"), including the applicable data protection legislation of the EU member states, if the customer obtains services in the European Union.
Within the framework of "Service Après Vente" and the clarification and control of abuse, FAIRTIQ and the partner companies are both responsible (see Section F).
- Processed personal data
The following data is saved:
General information about the customer:
- Mobile phone number;
- Payment details: means of payment and charged amounts;
- Ticket settings: first or second class; full or discounted price;
- Email address(mandatory if a journey is made in Austria and if purchase receipt is needed, voluntary in all other cases;
- Specifications, if the customer has a zone subscription (optional)
- First and last name, birth date according to the applicable tariff regulations
- Tracing and activity data (basing on motion sensor, if active) as well as the registered electronic tickets (ticket data):
The recording of travel data starts with opening the application and ends 5 minutes after the checkout process has been completed. The completion of the checkout process is signaled in the application.
Information about the smartphone:
- Smartphone: brand and model
- Operating system
- Wi-Fi signals
- Battery status
- Processing purposes and modalities
FAIRTIQ collects and processes exclusively data in connection with the application and the purchase of electronic tickets.
Personal data transferred by the customer to FAIRTIQ via the application are processed by FAIRTIQ for the following purposes:
- To provide electronic ticketing applications, in particular the purchase and processing of electronic tickets, the identification and payment of decisive rides, including customer coupons (FAIRTIQ bonus), for the purposes of customer service (help desk). Furthermore, the data also processed for the purpose of combating abuses (investigation of unlawfully obtained journeys).
To capture the next public transport stop before check-in, location data is collected when the application is active in the foreground. This data is stored in temporary log files. Delayed shutdown of the collection of activity and location data (see above, Section B) serves to continuously improve the check-out warning and thus optimise the services provided by FAIRTIQ to the customer.
- For the provision of free rides, i.e. the generation of an individual code for a free travel of a new customer.
- For the further development of the application. In particular FAIRTIQ may use the location and activity data in non-anonymised form for 12 months (see Section H) in order to further develop the application.
- Legal basis
The processing of personal data for electronic tickets is required to fulfil the services of FAIRTIQ. The further development of the service and the provision of free travels are in the legitimate interest of FAIRTIQ and serve to optimise and spread the application. Sending of newsletters and the related processing of data take place on the basis of the customer’s consent.
FAIRTIQ protects personal data against foreseeable risks and unauthorised access with suitable technical and organisational measures. FAIRTIQ minimises the use of personal data.
For security reasons, the data for the means of payment are stored only at the service provider of the payment service [Datatrans] and not on the mobile phone of the customer. Also the registration of the payment mean takes directly place without intervention of FAIRTIQ with the contractual partner of FAIRTIQ [Datatrans].
- Forwarding of data
To service providers of FAIRTIQ: Third party companies in Switzerland and in the European Union, commissioned by FAIRTIQ to control the electronic ticketing, hosting, operation and maintenance of the application as well as the payment transactions, process the personal data of the customers (including storage). FAIRTIQ has entered into privacy agreements with these service providers to ensure the protection of personal data. These are in particular the following service providers:
- Amazon Web Services (Hosting)
- Zendesk (Customer Service Software)
- Twilio (SMS dispatch)
Information on the mode of payment: Information about the mode of payment is not recorded on the mobile phone, in the application, with FAIRTIQ or any partner association. The registration of the credit or debit card in connection with the application is directly arranged by Datatrans AG, Stadelhoferstrasse 33, CH-8001 Zurich, Phone +41 44 256 81 91, email@example.com.
To partners: FAIRTIQ forwards the required personal data to the allied transportation company to fulfil the “Service Après Vente" and to combat abuse even more (see the “Partner-Companies” on (www.fairtiq.com). In this context the relevant partner companies are each responsible for the personal data.
FAIRTIQ forwards ticket data to partner transportation companies of FAIRTIQ for the purpose of payment and accounting. FAIRTIQ further forwards location data in anonymised form to partner transportation companies for improving their products and their public transport offer as well as for other purposes.
Google Analytics/Google Firebase: for the application and the backend Goggle Analytics and Google Firebase are used. The cookie information about the application usage (excluding the IP address) are transferred and saved in anonymised form at the servers of Google. These services are operated by the companies Space Pencil and Google. Their privacy policies can be found at Google Analytics and Google Firebase. These analysing services evaluate by order of FAIRTIQ the usage information of FAIRTIQ. These cookies cannot be used to identify the receiving device outside of FAIRTIQ.
The data obtained during the analysis and measurement cannot be used to personally identify the users of FAIRTIQ.
- Customer contact
FAIRTIQ is entitled to contact the customer concerning topics affecting FAIRTIQ. This includes:
- Information about the change of the offer
- Information to help customers use the app
- Surveys on the use of FAIRTIQ. Participation in surveys is voluntary.
If the customer has given consent, FAIRTIQ is allowed to contact the customer concerning marketing purposes. The customer has the possibility to revoke his consent at any time.
Depending on the type of contact, the messages may contain tracking pixels that enable a log file recording for the statistical evaluation of the contact. FAIRTIQ can see if and when a message has been opened and which links in the message have been activated.
The customer can unsubscribe from being contacted by writing FAIRTIQ at firstname.lastname@example.org or following the unsubscription link or the instructions in each message that FAIRTIQ sends to the customer.
- Data storage and deletion
The travel data in accordance with Section B shall be retained for after-sales services of partner transportation companies and for the purpose of combating abuse for 12 months after the end of the journey. Subsequently, anonymisation of this data takes place, so that no conclusions about the customers are possible anymore.
Subject to the foregoing storage provision and if FAIRTIQ or a partner company does not require the data to safeguard and exercise its rights, the customer has at any time the right to request the deletion of travel and other personal data. The request has to be sent directly in the application via the menu item "Contact" or via the contact form https://fairtiq.ch/en/contact. The customer acknowledges that the respective mobile phone numbers will not be deleted for abuse prevention purposes.
General information about the customer can also be saved in backup files and temporary databases (caches) after deletion. The final deletion takes place when the backup files are overwritten.
With the relevant request for deletion, the customer expressly waives the right to use customer service and complain about any trips.
The customer acknowledges that the mobile phone number according to Section B and the communication between the customer and the customer service are not deleted for the collection and processing of data and prevention of abuse.
- Correction and limitation
The customer has the right to correct and limit the data stored for the respective customer account, if they are faulty or a limitation does not affect the processing purposes. The customer can adjust the general account information according to Section B directly in the app.
A correction or limitation of travel data is not possible. If the price charged is incorrect, the customer has the right to a reimbursement. It is not possible to correct the price in the data. Inquiries can be made directly via the app or via the contact form at www.fairtiq.com.
- Information and transmission rights
The customer has the right to request information about the data stored on the customer’s account and its transmission. A corresponding request must be made directly in the application via the menu item "Contact".
- Data storage in Switzerland or the European Union
The customer accepts that personal data with the exception of the data mentioned under point L is stored and processed in Switzerland or the European Union.
- Data storage outside Switzerland or the European Union
The customer acknowledges that the following personal data can be stored and processed on servers outside Switzerland or the European Union:
- Registered phone number, for sending automatic SMS messages by Twilio (sending the registration code)
- Information sent via the contact form in the application or on www.fairtiq.com when the customer contacts FAIRTIQ. FAIRTIQ uses Zendesk to process contact requests. The following data is collected:
- telephone number
- email address
- client number
- journey Id
- text of the message
- date and time of the message.
If FAIRTIQ transfers data to a country without adequate legal data protection, FAIRTIQ will, as provided for by law, use appropriate contracts (namely on the basis of the so-called standard contract clauses of the European Commission) or rely on the statutory exceptions of consent, contract execution, the establishment, exercise or enforcement of legal claims, overriding public interests, published personal data or because it is necessary to protect the integrity of the persons concerned.
- Data Protection Officer
For questions about data protection our Data Protection Officer is available via the following contact details:
- Data protection representation in the European Union
In case of questions or uncertainties about data protection FAIRTIQ is always available via email@example.com.
As an alternative FAIRTIQ’s data protection representation in the EU is available for interested parties at the following address. The representation office will forward the inquiry to FAIRTIQ: VGS data protection partner UG, Am Kaiserkai 69, 20457 Hamburg, Germany, firstname.lastname@example.org, https://datenschutzpartner.eu/
- Changes of this data protection declaration
FAIRTIQ regularly checks this data protection declaration. You will be informed about a change of this data protection declaration in advance in a timely manner.