Customer satisfaction is our top priority. The protection of your data is therefore particularly important to us. We would like to thank you for the trust you have placed in us by giving us your data for processing. As a sign that we respect your rights as well as your privacy, we have formulated our principles that apply to us when processing your data:
The privacy policy applies to all those who book and/or use a service with the "Postbus Shuttle", make a travel request or contact us.
We are constantly developing our performance, services and support. For this reason, we will also continually adapt the data protection declaration. However, we will ensure that the latest version is always available for you.
Österreichische Postbus Aktiengesellschaft, FN 250198p, Am Hauptbahnhof 2, 1100 Vienna, Telephone +43 5 1717 is the data protection officer in the sense of Article 4 paragraph 7 DSGVO. The DSGVO defines a data controller as a natural or legal person, authority, institution or other body which alone or jointly with others decides on the purposes and means of processing personal data.
By personal data we mean any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"). An identifiable person is a natural person who can be identified, directly or indirectly, in particular by means of association with an identifier such as a name, an identification number, location data, an online identifier or one or more other special features in a specific individual case (e.g. voice), as precisely this natural person. This therefore includes in any case those data which can be assigned to you as a customer. For example, your name, e-mail address, telephone number, booking code, ticket code or customer number are personal data.
The legal basis for data processing in accordance with Article 6 DSGVO is either the fulfilment of a contract, the fulfilment of a legal obligation, your prior consent or our overriding legitimate interests, which may also include processing for a further purpose.
Data that can be assigned to your person can be derived from the following occasions, purposes and sources:
In accordance with the provisions of articles 12ff DSGVO, we would like to inform you about the following topics: Österreichische Postbus Aktiengesellschaft FN 250198p, Am Hauptbahnhof 2, 1100 Vienna, Telephone +43 5 1717 is the data protection officer in the sense of Article 4 clause 7 DSGVO. If you have any questions regarding data protection or the use of your personal data, please contact our data protection officer.
Contact details for data protection officers:
Am Hautbahnhof 2, 1100 Vienna
E-Mail: datenschutz.postbus@pv.oebb.at
In the following cases and for the following purposes, personal data will be collected by ourselves in accordance with Article 13 DSGVO:
If you
Our service is also offered through selected cooperation partners. In this case, data collection is carried out by the cooperation partner pursuant to Article 14 GDPR. We currently use ÖBB-Personenverkehr AG as a cooperation partner. When booking a ticket for a specific train journey (i.e. booking a ticket to your destination and back), you will automatically be offered the ÖBB Transfer Service if this service is available at your destination. The transfer service is provided by Österreichische Postbus Aktiengesellschaft or by third parties commissioned by us. Another cooperation partner is iMobility GmbH, which facilitates the booking of Postbus Shuttle trips via Wegfinder. In the context of these cooperations, ÖBB-Personenverkehr AG (PV AG) and iMobility (iMob) provide the following data:
If we do not provide the service ourselves, we use third parties (for example local taxi companies at the destination) to provide the service, to whom the following data may be disclosed where necessary.
oth ÖBB-Personenverkehr AG (as far as the train service is concerned) and Österreichische Postbus Aktiengesellschaft as well as the third party commissioned by us (as far as the transfer service is concerned) carry out this service under their own data protection responsibility. As a consequence, you must exercise your data protection rights (e.g. a request for information under data protection law) against Österreichische Postbus Aktiengesellschaft, ÖBB-Personenverkehr AG and the third parties commissioned by us separately.
In case of complaints and other inquiries, we will, if you wish, also forward them to ÖBBPersonenverkehr AG or to the commissioned third party.
The data processed for these purposes will be disclosed to the following categories of recipients in case of necessity and depending on the purpose of the processing:
To
Our data processing therefore takes place in particular on the basis of the following summarised legal framework (as amended):
We do not intend to transfer personal data to a third country or to an international organization.
Duration of storage: In general, personal data is only stored by us to the extent absolutely necessary and is generally deleted after the statutory period of limitation under civil law of three years (e.g. customer correspondence) or, in the case of invoice-relevant data, after seven, maximum 10 years (e.g. booked tickets, annual tickets) in accordance with § 212 UGB or §§ 132f in conjunction with §§ 207ff BAO. A longer period of storage will only take place in justified individual cases, e.g. for the reason of a still ongoing civil court or official dispute.
In detail we would like to highlight the following different topics:
Your rights
1. You, as the person concerned in the individual case, are entitled to assert the following rights of data subjects against us if we are the data controller
If you would like to assert a right of data subject, please contact us. The following contact options are available to you:
Österreichische Postbus Aktiengesellschaft
Am Hauptbahnhof 2
1100 Vienna
e-mail: datenschutz.postbus@pv.oebb.at
Please include the following information with your application:
This is because we have to verify your identity before we can respond to your request or take the necessary steps. The purpose of this identity check is to enable us to establish your actual status as a data subject, in order to ensure that personal data is not disclosed to unauthorised third parties (risk of misuse). As soon as we receive your request and you have proven your identity to us, we will respond to your request within four weeks. In the event that we have specific questions in the course of answering, we will contact you and ask for your cooperation and assistance.
2. In addition, you have the right to lodge a complaint with the data protection authority in accordance with §§ 24ff DSG and Articles 77ff DSGVO if you believe that we are in breach of our obligations under the Basic Data Protection Regulation.
contact details:
Austrian data protection authority,
1030 Vienna, Barichgasse 40-422
Phone +43 1 521 52-25 69
e-mail: dsb@dsb.gv.at
www.dsb.gv.at
3. revocation of a granted consent
If you have given us your consent to process your data for a specific purpose, you have the right to revoke your consent at any time without giving reasons.
When designing our service, we have taken care to ensure that data is only collected and processed to the extent absolutely necessary.
Essential in this context are the following when using our app
The use of our app requires that you create a Postbus Shuttle account. It is therefore not possible to make bookings or travel enquiries without first creating a Postbus Shuttle account. To create a Postbus Shuttle account, we need at least the following information about you:
During the registration process, you will receive an activation code via SMS to the phone number you entered. After entering the unlock code and confirming it, your account is activated. After successful registration, you will receive a confirmation to the e-mail address you entered and contact details of the Postbus Shuttle. When you open the app in the future, you are automatically logged in with your account.
You have the possibility to log out of your account in the app. To do so, select the option "Log out" in your profile.
If you wish to delete your account/registration, please write to postbus.shuttle@postbus.at. Your registration will be cancelled and your access data, password, e-mail address and telephone number will be deactivated.
To book a ride on the Postbus Shuttle by telephone (where available), use the telephone number(s) provided on our website (https://www.postbus.at/de/unsere-leistungen/postbus-shuttle) to be connected to the appropriate customer centre. If you are not yet a customer of Postbus Shuttle, you will need to give your name to the customer centre and, if desired, your telephone number and e-mail address.
To make a booking, you must inform the Customer Centre of the start and destination address as well as the time and date of your desired journey. The customer centre uses this data to check whether a corresponding journey is available and, if necessary, books it for you.
To cancel a trip that has already been booked, you must contact the Customer Centre and inform them of the cancellation. The trip is then deleted.
We are planning the possibility that you can voluntarily rate the ride in the app. This feedback will be saved without personal reference. If you would like to give us detailed feedback, you are welcome to send us an e-mail to postbus.shuttle@postbus.at.
You have the possibility to book the trip through one of our partners. Partners are e.g. doctors, hotels, municipal offices and others. The booking through our partners can be made on site or by phone at the partners.
The following data is collected in this context by us or our partner:
The Partner is not entitled to use the data entered for the customer in the context of the booking for other purposes.
By payment information we mean the information we need to process the payment. As a general rule, we do not store any payment information such as credit or debit card numbers, expiration date, the Card Validation Code (CVC) or user account and password data. We ourselves store payment information only to a limited extent, namely
In all other cases, payment information (e.g. expiry date or the Card Validation Code (CVC)) is processed and used by an audited and certified payment service provider (Terminal Service Provider and Payment Service Provider).
To process the payment transaction, we use audited and PCI-certified payment service providers who process and use the payment information (e.g. CVC code or expiry date) for the booking process. The data processing is only carried out for the purpose of payment processing within the framework of the ticket booking. These payment service providers generally operate independently and therefore process your data on the basis of their own data protection responsibility.
In order to authorise a payment unambiguously, the payment service provider necessarily requests various information from us, such as identification data of the type of browser and operating system used, which we store and forward to the payment service provider for payment processing.
Further information related to this is also provided to you by the payment service provider itself.
For the purposes of payment risk management, additional personal data may be transferred to the payment service provider to the extent absolutely necessary in the course of the purchase transaction in order to carry out a risk assessment. Payment-relevant data may also be used for anonymous evaluations.
By information security we understand:
In order to guarantee information security, we have established organisational framework conditions and protective measures that correspond to the state of the art.
These include:
Our employees are only granted role-specific access authorizations to the extent absolutely necessary. The use of these access authorizations is logged.
The APP is distributed through the Apple App Store and the Google Play Store (hereinafter "Store"). Therefore, the inclusion, distribution and use of the APP is subject to the separate terms and conditions of those two stores, over which we have no control and which are created and enforced under the sole responsibility of the stores.
We use personal data to send you information, offers and recommendations, either from us or from our cooperation partners. However, this is only done if you give us your prior consent to contact you by e-mail, telephone, SMS or other channels (e.g. Postbus Shuttle account, by post) in order to inform you in good time about interesting offers, new developments and services. Depending on the content of the consent granted by you, we will send you offers and other information about the Postbus Shuttle (e.g. about general services, competitions and customer surveys and about the ÖBB Group, i.e. also about other companies affiliated with the Group (e.g. information about travel offers of Rail Tours Touristik GmbH or car sharing offers of Rail Equipment GmbH or ÖBB-Personenverkehr AG) or our other cooperation partners. You may revoke your consent at any time without stating reasons. In this case, we will not send you any offers and information by e-mail or SMS, display them in your ÖBB account or contact you by phone for this purpose.
In all other cases, please contact our ÖBB customer service using the following e-mail address: datenschutz.postbus@pv.oebb.at
In order to improve our products and services and adapt them to customer requirements, we conduct surveys with different target groups. We commission market research companies or conduct the surveys ourselves. The selection of the persons to be interviewed can either be purely random or based on social-statistical or usage-specific factors. The contact to the participating persons is either established via the respondent pools of the market research companies - this is done without our intervention and under the sole responsibility of the partner companies. Alternatively, we generally invite interested persons to participate in the survey without individual addressing.
The establishment of a personal reference is not intended in any of the surveys. All surveys are completely anonymous. This is also the case if we contact you directly as a customer or if you have given your consent to participate in a survey in advance.
We only receive or prepare an overall evaluation of the data, in which no individual interviews or persons are identified.
When we address our customers directly, we only contact those persons who have given us their consent to do so.
If, in certain cases, we conduct the survey in cooperation with a market research company, we will conclude a separate confidentiality agreement with this company in advance of a customer survey, which regulates the secure handling of your data on a case-by-case basis. In particular, this agreement ensures that they will not pass on your data to other market research institutes and other third parties for surveys for their own purposes.
In any case, you are not obliged to participate in one of our customer surveys.
Cookies are small text files or codes that contain information units. These text files are stored on your hard disk or in the memory of your browser when you visit one of our websites. Thanks to cookies, the content of our web pages can be structured more easily and those devices can be recognised via which our web pages were previously visited. We use cookies to gain a better understanding of how applications and websites work and to analyse and optimise the user experience when using our websites online and on the move.
We do not use cookies for our app, for our shuttle interface a cookie necessary for operation is used. This is necessary to ensure that the Shuttle Interface can be used as intended and all functions are available. Without this cookie the requested services cannot be provided. This cookie does not collect any information about you and does not store any Internet locations. Unconditionally required cookies cannot be deactivated via our site. However, they can be deactivated at any time via the browser you are using. Beyond this operationally necessary cookie, no further cookies are used.
Contract processors within the meaning of the DSGVO are natural and legal persons who are commissioned by us to provide a specific service.
For example, we currently use service providers for the following activities, among others:
We use contract processors only for data processing that we have lawfully carried out. We always satisfy ourselves in advance that the individual processor is suitable for the provision of services, in particular that it offers sufficient guarantee for the lawful and secure use of data.
Order processors only receive personal data from us to the extent absolutely necessary. Our processors have contractually committed themselves to keep personal data
Before using a processor, we shall conclude a written agreement with the processor, in which in particular the processor and his employees are subject to special obligations and are again separately bound to confidentiality. We impose certain data security measures on the processor to ensure that customer data and data processing are adequately protected.
We have informed you comprehensively about the purposes of our data processing, categories of data recipients, the legal basis and legal framework, the storage period as well as the rights you are entitled to and the scope of data processing. In all data processing, we have taken care to ensure that the collection and processing of data is limited to the extent absolutely necessary. Therefore, if we ask you to disclose your data, this is necessary in order to
If you do not or not fully comply with our request for data disclosure, it is not ensured that we will be able to comply with or process your aforementioned purchase request or other request(s).