The internet portal of FlixMobility GmbH and the booking portal integrated therein (hereinafter collectively referred to as “website”) are operated by FlixMobility GmbH, Birketweg 33, 80639 Munich (hereinafter referred to as “FlixMobility” or “we”). We attach great importance to the protection of your personal data. For this reason, data protection at FlixMobility GmbH has a high priority, and we strictly adhere to the legal provisions of the European Data Protection Policy and the United States Federal Data Protection Act in collecting, processing and using data.
The processing of your personal data is based on the following legal basis:
We process the personal data voluntarily communicated to us (first name and last name, e-mail address, mobile phone number) pursuant to Article 6 (1) letter b GDPR for the contractual processing of ticket orders, for carrying out transportation, for opening a customer account or within the context of pre-contractual measures.
We save the mobile phone number voluntarily communicated to us in order to establish contact in the event of delays or to provide notification of changes of itinerary. For the required payment processing, the following data is additionally required: For the credit card payment of a booked trip, FlixMobility requires your full name, e-mail address and credit card data.
The necessary data is forwarded to FlixMobility GmbH in order to carry out administrative activities (IT services, customer service, accounting, etc.) and to efficiently design the internal administration of our company. In this respect, we process the necessary data in accordance with Art. 6 (1) letter f and, as applicable, letter b GDPR, for the following purposes:
In the context of your ticket order, if you choose the direct debit payment method, you consent to the transfer your personal data (name, address, date of birth, email address and current bank account data) and that of the ticket order, for the purpose of identity and credit check as well as contract processing, to RatePAY GmbH, RatePAY GmbH, Schlüterstraße 39, 10629 Berlin. To do this, we assign our payment request to RatePAY. You can find all details in the Additional General Terms and Conditions and the Data Protection Note for RatePAY payment methods.
You have the possibility to create a personal customer account with us. In the password protected area of the customer account, you can conveniently manage your bookings and store your data for future trips.
The fields (*) marked as mandatory, which contain personal data, are used only for managing and processing the user account. Only the email address is initially required. We use it to verify your identity. As part of the registration, you can voluntarily enter your name, address, or your bank account details.
This data is used both for billing and for the automatic pre-filling function in future bookings. In addition, you can also voluntarily store your mobile telephone number for contact in case of delay or change of the trip itinerary.
Provided you have consented to these provisions, the “remain logged in” feature will store persistent cookies on your terminal, which are used to ensure that you do not have to log in again at the following visits to our website. This feature is not available to you if you have deactivated cookies of this type from being saved in your browser’s settings.
You can update or delete your customer account—and consequently your stored personal data—at any time through your personal customer account.
A deletion does not affect the personal data required by legal storage periods for the implementation of the contract.
The e-mail address/personal data collected during ticket ordering is used in accordance with Art. 6 (1) letter a GDPR for communication with you (e.g. service messages, system notifications, e-mail for confirming your registration, for sending user account information, information about your tickets and itineraries, or your travel profiles).
We also use the e-mail address obtained in connection with the booking or trip in accordance with Article 7 (3) UWG (Unfair Competition Act) to send you offers regularly via e-mail for products from our product range that are similar to those already purchased. You may countermand the use of your e-mail address at any time by sending a message to email@example.com or via the newsletter’s cancellation link.
If you register for the newsletter via our registration link, the registration occurs with your permission in accordance with Art. 6 (1) letter a GDPR. You may revoke the permission to use your e-mail address at any time by writing to firstname.lastname@example.org or via the newsletter’s cancellation link.
We protect the privacy of users on our website and the connected systems using technical and organisational measures. To ensure secure transfer of personal data, we use the encryption protocol TLS (RSA-2048 is used as the underlying encryption method for the public key infrastructure.) This procedure is used successfully throughout the World Wide Web. All personal data (name, address, payment data, etc.) are thereby encrypted and consequently securely transmitted on the internet. You can see via a symbol (closed padlock) in the lower window bar of your browser that you are in a secure area.
Data is processed on principle in Germany or countries of the European Union. Where processing in third countries is planned in certain cases, processing shall only be carried out if the appropriateness of the level of data protection in the third country has been established by the EU Commission under Art. 45 of GDPR or on the basis of standard EU contractual clauses.
We store the data as long as it is required for the respective processing purposes (e.g., contract processing, advertising purposes) and for fulfilling the trade and tax legal retention provisions pursuant to Art. 6 (1) letter c of GDPR and Section 257 (1) of the German Commercial Code (Handelsgesetzbuch [HGB]) and Section 147 (2) of the Tax Code (AO).
The entity responsible for processing personal data is FlixMobility GmbH, Birketweg 33 80639 Munich, email address email@example.com, represented by the Managing Directors André Schwämmlein, Arnd Schwierholz, Daniel Krauss, and Jochen Engert.
Pursuant to the General Data Protection Regulation, you have a right to free information about your stored data and, where applicable, a right to rectification, erasure, restriction of processing, and a right to data portability (Art. 20 GDPR) and to objection with regard to your stored data. For such matters, please contact FlixMobility GmbH, Birketweg 33, 80639 Munich or e-mail us at firstname.lastname@example.org.
You can contact our data protection officer at email@example.com.
In addition, you have a right to complain about data protection to the supervisory agency responsible for us.
In addition, we use third-party cookies for retargeting and remarketing technologies to optimise our web offerings as well as interest-based marketing purposes. The stored surfing behaviour is analysed using an algorithm, so that targeted interest-related product recommendations in the form of advertising banners or advertisements can then be displayed on third party websites. Without the express consent of the person concerned, the pseudonymised user profiles will not be combined with the personal data of the user of the pseudonym.
Comprehensive information about how to accomplish this on a wide variety of browsers can be found on the following websites: youronlinechoices, Network Advertising Initiative and/or Digital Advertising Alliance. You can also find information there about how to delete cookies from your computer as well as general information about cookies.
To optimise our web offerings as well as for product recommendations, we use the technology provided by Google Limited („Google“) (Gordon House, Barrow Street, Dublin 4, Ireland, „Google“) to create pseudonymised user profiles about the surfing behaviour of the website visitors for marketing purposes. For this purpose, cookies may be used, which make it possible to recognise an internet browser on a return visit. The stored surfing behaviour is analysed using an algorithm, so that targeted interest-related product recommendations in the form of advertising banners or advertisements can then be displayed on third party websites. Without the express consent of the person concerned, the pseudonymised user profile will not be combined with the personal data of the user of the pseudonym. The creation of pseudonymised user profiles for interest-based advertising/ad preferences can be refused at any time by visiting the https://www.google.com/settings/ads page. You can find more information about interest-related advertising at http://www.google.com/policies/technologies/ads/.
This website uses the Retargeting-Pixel Custom Audience of the social network Facebook, 1601 South California Avenue, Palo Alto, CA 94304, USA. With the help of the Remarketing Pixel, it is possible to use the visitors of our website as a target group for the advertisements of Facebook ads. For this purpose, a Facebook cookie is stored on your PC. Please refer to the data protection (privacy settings) provisions of Facebook for information about the purpose and scope of data collection as well as the further processing and use of data by Facebook and your options for privacy settings at https://facebook.com/policy.php and https://www.facebook.com/ads/settings. You can object to the use of Custom Audiences www.youronlinechoices.com/de/praferenzmanagement or for users with a Facebook account here.
This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, text files, which are stored on your computer and enable analysis of your use of the website. In addition, this website uses the Google AMP Client ID API to link user activities to AMP pages with those on non-AMP pages via Google Analytics. The Google tracking codes of this website use the “_anonymizeIp()” function. As a result, the IP address within Member States of the European Union or in other States of the Agreement on the European Economic Area is only processed further abbreviated to exclude a direct personal reference. The complete IP address is only transmitted to a server from Google in the USA in exceptional cases and abbreviated there. On behalf of the operator of this website, Google uses this information to evaluate your use of this website, create reports about the website activities and provide other services connected with use of the website and Internet for the website operator. The IP address transmitted from your browser within the context of Google Analytics will not be associated with other Google data. You can prevent storage of cookies on your computer via the corresponding setting of your browser software. However, we advise that this may mean that you are you unable to use all functions of this website to their full extent. You can also prevent Google recording data generated by a cookie with respect to your use of the website (incl. IP address) as well as Google processing of this data by downloading and installing the browser plugin available via the following link: http://tools.google.com/dlpage/gaoptout?hl=de
This website/app also uses, among other things, the analysis technology “adjust” of adjust GmbH (“adjust”). adjust runs the analysis using the IP and Mac addresses of users, however, only used in an anonymised form. This makes it impossible to draw conclusions about a natural person. By using this website/app for analysis purposes, you declare your consent to the anonymised data collected being processed in the manner described above and for the purpose cited above. You may object, at any time, to the collection and storage of data by adjust, with effect for the future. Do so by clicking on the following link: https://www.adjust.com/opt-out/
For the statistical evaluation of the websites, we use the technologies of Webtrekk GmbH, Robert-Koch-Platz 4, 10115 Berlin. With the help of Webtrekk’s services, we collect statistical information about the use of our website. Webtrekk GmbH was certified by TÜV in the Web Controlling area. In particular, the collection and processing of tracking data was checked and certified with respect to data protection compliance and data security. Information transmitted by your browser is collected and evaluated in the context of the use of this website. This is done by cookie technology and pixels, which are incorporated on each web page. Direct reference to people is excluded at all times. The data collected in this way is used to create anonymous user profiles that form the basis for web statistics. Without the express consent of the person concerned, data collected with Webtrekk technology is not used to identify the user of this website personally and is not linked with personal data via the holder of the pseudonym at any time.
Permission for Webtrekk to collect and store data may be revoked at any time with future effect. For more information on data protection at Webtrekk, please visit the following link: http://www.webtrekk.com/index/datenschutzerklaerung/opt-out.html.
We use the services of AdClear GmbH, Robert-Koch-Platz 4, 10115 Berlin (“AdClear”) to collect statistical information for campaign tracking and consequently optimise the service offering for our customers accordingly. Cookies are also used for this purpose. Data is collected in a purely anonymous form. Personal data will not be sent to AdClear. AdClear GmbH is certified for data protection in the field of campaign tracking systems by TÜV Saarland.
If you disagree with the data collection by the AdClear Campaign Tracking, a cookie with the name “adclearoptout” is set for this.
You have not refused permission for data collection by AdClear.
Refuse permission for data collection by AdClear.
Data is collected and stored on this website using technologies from AdTriba GmbH – Beim Schlump 13a, 20144 Hamburg (https://www.adtriba.com/) and this data is used to create pseudonymised usage profiles. These usage profiles are used to analyse visitor behaviour and are evaluated to improve and adapt the design of our website as required. Cookies may be used for this purpose. Cookies are small text files stored on the device used by visitors to the site and so allow them to be recognised the next time they visit our website. The pseudonymised usage profiles are not combined with personal data about persons to whom these pseudonyms have been assigned without express consent that must be given separately.
Cross-App and Cross-Device Reporting
Company collects and uses cross-app and cross-device information for reporting purposes. Company does not collect PII via its technology, including across apps and devices. Company uses certain techniques to enable its tracking technology to track users across apps and devices, including cookie and ID Syncing and similar practices.
To improve your user experience on our internet pages we use software by Hotjar (http://www.hotjar.com, 3 Lyons Range, 20 Bisazza Street, Sliema SLM 1640, Malta, Europe). Using the software, we can measure and evaluate user behaviour (mouse movements, clicks, keystrokes, scroll height, etc.) on our websites. For this purpose, cookies are placed on users’ terminals and data from users such as browser information, operating system, time spent on the page, etc. can be stored. You can find more information about the processing of data by hotjar at http://www.hotjar.com/privacy. You can object to the use of Hotjar’s services at https://www.hotjar.com/opt-out.
This website also uses the tool InviteBox to reward customers for referring their friends and tracks whether those friends make a purchase after the referral. Rewards will be sent to you via an email from Invitebox. No contact details are used if they are not explicitly provided by each individual themselves.
If you as a visitor enter your e-mail address through the widget, we will pass this on to the widget operator who can use the address for the contest(s) and program(s) promoted with the widget. The widget records data about its distribution and use, and transmits this to InviteBox for statistical purposes, but does not harvest personally identifiable information about users. InviteBox only receives contact details for the purpose of sending a message to selected persons, and sends only that message to those persons. You can find more information about the processing of data by Invitebox at https://invitebox.com/privacy/ , there you can also object to the use of your contact data at any time and ask to be blacklisted at Invitebox in the future.
Our website uses social plugins of the social networks Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, Twitter, Inc., 795 Folsom St., Suite 600 San Francisco, CA 94107, USA, Google Inc., 1600 Amphitheatre Parkway Mountain View, California, 94043, USA, Pinterest, Inc., 635 High Street, Palo Alto, CA, USA, and Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
The plugins are located on our product page and are disabled in their initial state. If you click the appropriate button, then you are prompted in a new window to sign in to the social media provider. In this case, a cookie is placed on your computer. If you click on the button or are not logged on to the respective social media provider no cookie will be placed on your computer.
If you are a user of the respective social media provider and are logged in and click the button, this information is sent to your profile at the respective social media provider. If you interact with the plug-ins, for example by pressing the “Like” button on Facebook or by posting a comment, the corresponding information is also transmitted directly from your browser to the social network and stored there. Please refer to the data protection (privacy settings) provisions of the following providers for information about the purpose and scope of data collection as well as the further processing and use of data by the provider as well as your rights and setting options for protecting your privacy: