FlixMobility GmbH’s Internet portal and the booking portal integrated therein (hereinafter jointly referred to as “website”) are operated by FlixMobility GmbH, Birketweg 33, 80639 Munich, Germany (hereinafter “FlixMobility” or “we”). Protecting your personal data is very important to us. Data protection is therefore a high priority for FlixMobility GmbH. We strictly comply with the legal provisions of the Data Protection Act and the Telemedia Act when collecting, processing and using your data.
Collection, Processing and Use of Personal Data
Personal data are all information relating to a specific or identifiable person. This includes, for example, your name, your telephone number, or your postal and email addresses.
You can generally use our website without providing personal data.
In order to process ticket orders and deliver transportation services we collect, store and process your first and last name and your mobile number. The following additional data may be required for necessary payment processing: to pay for a booked trip by credit card, FlixMobility requires your full name, your email address and your credit card data. FlixMobility will not store your credit card number; it is transmitted directly to the payment processing service. When paying for a booked trip via direct debit, FlixMobility records your full name, address, date of birth, email address and the details of your current account. If payment is made by instant bank transfer or PayPal no payment data are stored.
The data required for contract processing and the provision of transportation services are only forwarded to the coach companies delivering these services and to other third parties (e.g. service providers for IT, transportation, customer service and payment processing) to the extent necessary for registering and processing ticket sales. In justified cases (e.g. damage to buses) we reserve the right to pass on customer data to the transporting coach partner. The forwarded data may be used by our service providers exclusively to fulfil their contractual obligations and not for other purposes.
FlixMobility will not share personal data with third parties for marketing purposes.
Payment Processing Service
You can initiate a booking process on our website. For this purpose your data may be transferred to one of the following payment processing services as selected during the specific booking process. Payment can only be made via the online payment processes listed in the shop.
- Payments are processed by our partner Adyen BV, Simon Carmiggelstraat 6 – 50, 1011 DJ Amsterdam, the Netherlands. In order to prevent and detect cases of fraud we transfer your IP address to our partner Adyen BV, Simon Carmiggelstraat 6 – 50, 1011 DJ Amsterdam, the Netherlands. Adyen BV stores your IP address. Any and all data are transmitted in encrypted form. You can revoke your consent to this at any time with effect for the future by contacting us as set out in our legal notice.
- Payments by credit card, Giropay [direct debit from current account] and iDeal are handled by Heidelberger Payment GmbH, headquartered at Gaisbergstr. 11-13, 69115 Heidelberg, Germany. In addition, PAY.ON AG, headquartered at Lucile-Grahn-Str. 37, 81675 Munich, Germany, comes into contact with your payment data. Heidelberger Payment GmbH is a payment service as defined by the Zahlungsdiensteaufsichtsgesetz (ZAG, Payment Services Supervision Act) and is registered with the Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin, Federal Financial Supervisory Authority), Graurheindorfer Str. 108, 53117 Bonn, Germany (register number: 122914).
- In order to prevent and detect cases of fraud we transfer your IP address to Paymill GmbH, St.-Cajetan-Straße 43, 81669 Munich, Germany. Your IP address will be stored by PAYMILL GmbH for 72 hours. You can revoke your consent to this at any time with effect for the future by contacting us as set out in our legal notice.
Credit Check During Direct Debit Payment via Billpay
If you choose to use one of the payment options offered by our partner Billpay GmbH, you will be asked during the order process to agree to the transmission to Billpay of the data required to process your payment and verify your identity and credit standing. If you agree, your personal data (first and last name, street address, house number, postcode, town, date of birth, telephone number and, if you are paying via direct debit, the bank account given) and the data relating to your order will be transmitted to Billpay.
In order to perform its own identity and credit check, Billpay or partner companies authorised by Billpay transmit data to credit reference agencies and receive information from them including, if required, information on creditworthiness based on mathematical statistics processes that use, among other things, address data. Detailed information on this process and the credit reference agencies used can be found in the Data Privacy Rules of Billpay GmbH.
In addition, Billpay may use tools from third parties in order to detect and prevent cases of fraud. Data collected using these tools may be saved in encrypted form at third-party sites so that they can only be read by Billpay. These data are only used if you select one of the payment types from our cooperation partner Billpay, otherwise the data automatically expire after 30 minutes.
In order to prevent and detect cases of fraud we transfer your IP address to Paymill GmbH, St.-Cajetan-Straße 43, 81669 Munich, Germany. Your IP address will be stored by PAYMILL GmbH for 72 hours. You can revoke your consent to this at any time with effect for the future by contacting us as set out in our legal notice.
User Login/Customer Account
You have the option of setting up a personal customer account with us. In the password-protected area of the customer account you can easily manage your bookings and save your data for future trips.
The fields marked as required (*), which include personal data, are only used to implement and process your user account. Initially only your email address is required. We use it to verify your identity. During registration you can optionally also enter your name, your address, and, if you wish, your bank account data.
These data are used both for creating invoices and to automatically pre-fill your information during future bookings. In addition, you can also voluntarily save your mobile number so we can contact you in the event of a delay or change to your trip’s route.
If you have agreed to this, the “Stay Signed In” function saves so-called persistent cookies on your end device; these are used to automatically sign you in during subsequent visits to our website. This function is not available if you have deactivated saving of such cookies in your browser settings.
You can update or delete your customer account – and thus also your saved personal data – at any time in your personal customer account.
Due to legally mandated data retention periods, personal data required for contract performance are not deleted when you delete your account.
If you subscribe to our newsletter, your e-mail address is used to communicate with you and to send you, for example, service messages, system messages, emails confirming your registration, to transmit user account information, information about your tickets and itineraries or your travel profiles, until such time as you unsubscribe from the newsletter. In addition, we use your email address for our own advertising purposes. You can unsubscribe at any time.
If we receive your email address in connection with a booking or trip and you have not opted out, we reserve the right to regularly send you offers for products similar to those you have previously purchased from us. You can opt out of this use of your email address at any time by emailing firstname.lastname@example.org or by using the opt-out link in the advertising email, without incurring any costs beyond the cost of transmission according to the base rates.
We employ technical and organisational measures to protect the privacy of users of our website and the connected systems. To ensure the secure transmission of personal data, we use the SSL 3.0 encryption protocol (the underlying encryption scheme used for the Public Key Infrastructure is RSA-2048). This method is successfully used throughout the World Wide Web. All personal data (name, address, payment information, etc.) are encrypted and thus transmitted safely on the Internet. A symbol (closed padlock) in the bottom bar of your browser window indicates that you are in a secure area.
FlixMobility uses so-called cookies on its website. Cookies are small files that are stored on your drive and store certain settings and data for exchange with our system through your browser. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your device and allow us or our partners to recognise your browser the next time you visit the website (persistent cookies). Storing this information helps us to customise our website for you and makes it easier to use by, for example, saving certain data entries from you so that you do not have to constantly repeat them. Your browser offers settings to restrict the use or deletion of cookies; the help function on most browsers will tell you how to make these settings. Not accepting cookies may affect the service functionalities of our website.
Right to Information and Right of Appeal
Under the Federal Privacy Act, you have the right to request information about your stored data free of charge, and the right to demand the rectification, deletion or blocking of these data. For more information or to revoke your consent to data storage as outlined above, please contact: FlixMobility GmbH, Birketweg 33, 80639 Munich, Germany or email@example.com.
In order to optimise our website and make product recommendations we use the technologies of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; “Google”) to create pseudonymous user profiles on the browsing behaviour of visitors to our website for marketing purposes. For this purpose cookies may be used that allow an Internet browser to be recognised during a subsequent visit. Your stored browsing behaviour is analysed based on an algorithm that makes it possible to subsequently display targeted interest-based product recommendations on third-party websites in the form of advertising banners or advertisements. The pseudonymous user profiles are not merged with personal data of the pseudonym bearer without separate explicit consent by the person in question. You can opt out of pseudonymous user profiles for interest-based promotion/advertising specifications at any time by accessing the website https://www.google.de/settings/ads. Additional information about interest-based advertising is available at http://www.google.com/policies/technologies/ads/.
1. Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses so-called "cookies", text files that are stored on your computer, to help analyse how you use the site. The Google tracking codes on this website use the “_anonymizeIp()” function. This means that IP addresses are processed only in a shortened form and in member states of the European Union or other signatories to the Agreement on the European Economic Area to prevent direct correlation with an individual person. Only in exceptional cases is the complete IP address transmitted to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website and Internet use to the website owner. The IP address transmitted by your browser as part of Google Analytics is not merged with other Google data. You can prevent your browser from storing these cookies by making the appropriate settings in your browser software; we would however like to point out that you may not be able to use all the features of this website if you do so. You can also prevent capture of the data on your use of this website (including your IP address) generated by the cookie and the processing of these data by Google by downloading and installing the browser plugin available at this link: http://tools.google.com/dlpage/gaoptout?hl=de
This website/app also uses the “adjust” analytical technology by adjust GmbH (“adjust”). adjust utilizes users’ IP and Mac addresses for its analysis; however, such data are used only in anonymous form. It is therefore not possible to link these data to a natural person. By using this website/app for analytical purposes you consent to processing of the anonymised data collected in the way described above and for the purpose listed above.
We employ the technologies of Webtrekk GmbH, Robert-Koch-Platz 4, 10115 Berlin, Germany for statistical analysis of our web pages. We use the Webtrekk services to collect statistical data about the use of our web site. Webtrekk GmbH was certified in the Web Controlling sector by TÜV [German Technical Inspection Association]. TÜV checks and certifies that the collection and processing of tracking data complies with privacy protections and data security. When you use these web pages, information transmitted by your browser is collected and analysed using a cookie technology and so-called pixels, which are incorporated into each web page. It is not possible to directly link these data to an individual person. The data collected in this way are used to create anonymous usage profiles that form the basis for web statistics. The data collected with Webtrekk technologies are not used to personally identify visitors to these web pages without separate consent by the persons in question, and are not merged at any time with personal data relating to the pseudonym bearers.
4. AdClear campaign tracking
If you object to the collection of your data by AdClear campaign tracking, a cookie with the name "adclearoptout" will be placed on your computer.
You have not objected to the collection of your data by AdClear.
Object to the collection of your data by AdClear
5. AB Tasty
6. Crazy Egg
In addition, this website uses Crazy Egg, a web analysis service by Crazy Egg, Inc. that specialises in web usability. This service is used to optimise our site as much as possible to serve our users’ needs. The service analyses how users interact with the website. Personal data are not stored under any circumstances by this service. You have the option to prevent Crazy Egg analysis by following the “opting out” instructions on the following page (http://www.crazyegg.com/opt-out).
To improve the user experience on our web pages we use software by Hotjar (http://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). The software allows us to measure and analyse user behaviour (mouse movements, clicks, keyboard input, scroll depth, etc.) on our web pages. To do so, cookies are set on the user’s end device and user data, such as browser information, operating system, dwell time, etc., can be stored. More information on data processing by Hotjar is available at https://www.hotjar.com/privacy. You can opt out of Hotjar’s service at https://www.hotjar.com/opt-out.
Our website uses so-called social plugins ("plugins") provided by the social network Facebook, operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). These plugins are marked with a Facebook logo or the addition “social plugin by Facebook” or “Facebook Social Plugin”. An overview of Facebook plugins and their appearance is available here: https://developers.facebook.com/docs/plugins.
When you visit a page of our web presence that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transferred by Facebook directly to your browser and embedded in the page. Embedding the plugin provides Facebook with the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.
If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook profile. If you interact with the plugins, for example by pressing the "Like" button or commenting, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be published on your Facebook profile and shown to your Facebook friends.
Facebook can use this information for purposes of advertising, market research and tailored design of Facebook pages. To this end, Facebook creates usage, interest and relationship profiles, e.g. in order to evaluate your use of our website with regard to advertisements appearing on your Facebook page, to inform other Facebook users about your activities on our website and to provide other services related to the use of Facebook. If you do not want Facebook to assign the data collected via our web presence to your Facebook account, you must log out of Facebook before you visit our site.
Purpose and scope of data collection, the further processing and use of these data by Facebook, your rights in this respect and the available settings for protecting your privacy can be found in Facebook’s privacy policies: http://www.facebook.com/policy.php.
If you do not want Facebook to assign the data collected via our website directly to your Facebook profile, you must log out of Facebook before you visit our site. You can also prevent the loading of the Facebook plugin altogether by using add-ins to your browser, such as the “Facebook Blocker” (http://webgraph.com/resources/facebookblocker/).
2. Twitter Plugins (e.g. “Tweet” button)
Our website uses so-called social plugins ("plugins") provided by the microblogging service Twitter, operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”). The plugins are marked with a Twitter logo, for example in the form of a blue “Twitter bird”. An overview of Twitter plugins and their appearance is available here: https://twitter.com/about/resources/buttons.
When you visit a page of our web presence that contains such a plugin, your browser establishes a direct connection to the Twitter servers. The content of the plugin is transferred by Twitter directly to your browser and embedded in the page. Embedding the plugin provides Twitter with the information that your browser has accessed the corresponding page of our website, even if you do not have a Twitter profile or are not currently logged in to Twitter. This information (including your IP address) is transmitted by your browser directly to a Twitter server in the USA and stored there. If you are logged in to Twitter, Twitter can assign your visit to our website directly to your Twitter account. If you interact with the plugins, for example by pressing the "Tweet" button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information will also be published on your Twitter account and shown to your contacts there.
Purpose and scope of data collection, the further processing and use of data by Twitter, your rights in this respect and the available settings for protecting your privacy can be found in Twitter’s privacy policies: https://twitter.com/privacy.
If you do not want Twitter to assign the data collected via our web presence directly to your Twitter account, you must log out of Twitter before you visit our site. You can also prevent the loading of the Twitter plugin altogether by using add-ins to your browser, such as the “No Script” script blocker (http://noscript.net/).
3. Google+ Plugins (e.g., “+1” button)
Our website uses so-called social plugins ("plugins") provided by the social network Google+, operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). The plugins can be identified for e.g. by the symbol “+1” on a white or coloured background. An overview of Google plugins and their appearance is available here: https://developers.google.com/+/plugins.
When you visit a page of our web presence that contains such a plugin, your browser establishes a direct connection to the Google servers. The content of the plugin is transferred by Google directly to your browser and embedded in the page. Embedding the plugin provides Google with the information that your browser has accessed the corresponding page of our website, even if you do not have a Google+ profile or are not currently logged in to Google+. This information (including your IP address) is transmitted by your browser directly to a Google server in the USA and stored there. If you are logged in to Google+, Google can assign your visit to our website directly to your Google+ profile. If you interact with the plugins, for example by pressing the "+1" button, the corresponding information is also transmitted directly to a Google server and stored there. The information will also be published on Google+ and shown to your contacts there. Purpose and scope of data collection, the further processing and use of data by Google, your rights in this respect and the available settings for protecting your privacy can be found in Google's privacy policies: http://www.google.com/intl/de/+/policy/+1button.html.
If you do not want Google to assign the data collected via our website directly to your Google+ profile, you must log out of Google+ before you visit our site. You can also prevent the loading of the Google plugins altogether by using add-ins to your browser, such as the “No Script” script blocker (http://noscript.net/).