Datenschutz (englisch) | APP.MOOVME - Bus, Bahn, Zug und mehr

Thank you for your interest in our App “MOOVME”. We are delighted that you are interested in using the app or have already decided to do so. The app “MOOVME – Bus, Rail, Train and More” app is the result of a cooperation between Mitteldeutscher Verkehrsbund GmbH (MDV), Hallesche Verkehrs-AG (HAVAG), DB Regio AG Region Südost (DB), Regionalbus Leipzig GmbH (RL) and Verkehrsverbund Mittelsachsen GmbH (VMS).

Our app requires personal data from you for full functionality. Personal data is any information that, on its own or combined with other data, can be used to identify you.

Below you will find all the information and explanations that you are entitled to, as we transparently process your personal data in accordance with the legal requirements of the Datenschutzgrundverordnung (DSGVO) (General Data Protection Regulation) and the Bundesdatenschutzgesetz (BDSG) (Federal Data Protection Act) and other relevant laws.

Your data safety is important to us and we guarantee that we have taken appropriate protective measures to ensure that your data is not disclosed to unauthorised third parties.

During the use of the app, only personal data that is necessary for making it available and to enable the use of its functions will be collected. Various legal bases are applied for this purpose:

Insofar as we obtain your consent for the processing of personal data, the legal basis for this is found in Art. 6(1)(a) (DSGVO). Since data processing is based on your consent, you have the right at any time to revoke your consent. Art. 7 (3) of the DSGVO law.
The processing of required personal data for the fulfilment of a contract that you are a party of is based on Art. 6(1)(b) of the DSGVO law. This also applies to processing that is required for the implementation of pre-contractual measures.
Personal data processing required to fulfil a legal obligation that the responsible bodies are subject to is based on art. 6(1)(c) of the DSGVO law.
If there is a need for data processing for the purposes of a legitimate interest pursued by an institution or by a third party and if the interests, fundamental rights and freedoms of the subject do not override the interest of said institution or third party, that processing shall be based on art. 6(1)(f) of the DSGVO law. If we apply these legal statutes, you have the right to object at any time on grounds relating to your particular situation.

1 Jointly Responsible Parties Pursuant to Art. 4 (7) DSVGO

1.1 Parties

As part of the cooperation, the following parties have jointly decided on the means and purposes of processing personal data within the “MOOVME” app. In accordance with Art. 26 DSGVO, the parties have entered into a joint responsibility agreement that governs the existing privacy protection obligations between them.

The individuals responsible are:

Mitteldeutscher Verkehrsbund GmbH (MDV)
Prager Straße 8
04103 Leipzig
E-Mail: moovme@mdv.de

Busunternehmen im MDV
Regionalbus Leipzig GmbH
Leipziger Straße 79
04828 Deuben
E-Mail: info@regionalbusleipzig.de

Verkehrsverbund Mittelsachsen GmbH (VMS)
Am Rathaus 2
09111 Chemnitz
E-Mail: info@vms.de

Hallesche Verkehrs-AG (HAVAG)
Freiimfelder Straße 74
06112 Halle (Saale)
E-Mail: post@havag.com

DB Regio Region Südost (DB)
Richard-Wagner-Straße 1
04109 Leipzig
E-Mail: Kundendialog.Suedost@bahn.de

1.2 Central Office

The MDV is designated as the central privacy protection office for above-mentioned parties and will primarily receive all enquiries, information, complaints and requests regarding the fulfilment of your relevant rights on behalf of the other parties. You are free to contact any other responsible body listed directly as well.

Please contact MDV if you have any general questions about privacy protection.

2 Contact Details of the Privacy Protection Officer

You can reach the MDV privacy protection officer at:
cubeoffice GmbH & Co.KG
Fichtestraße 29a
39112 Magdeburg
E-Mail: datenschutz@cubeoffice.de

You can reach the Regionalbus Leipzig GmbH privacy protection officer at:
Regionalbus Leipzig GmbH (RL)
Leipziger Straße 79
04828 Deuben
E-Mail: dsb@mobilplus.de

You can reach the Verkehrsverbund Mittelsachsen GmbH (VMS) privacy protection officer at:
Frau Kathleen Görres
Am Rathaus 2
09111 Chemnitz
E-Mail: datenschutz@vms.de

You can reach the HAVAG privacy protection officer at:
Hallesche Verkehrs-AG
Freiimfelder Straße 74
06112 Halle (Saale)
E-Mail: datenschutz@swh.de

You can reach the DB Regio privacy protection officer at:
DB Regio AG
Datenschutz
Europa-Allee 70-76
60486 Frankfurt a. Main
E-Mail: datenschutz.regio@deutschebahn.com

3 Provision and Use of the App and System Authorisations

Every time you use the “MOOVME” app, data is transferred between the app on your end device and the servers required for data processing. The servers are operated by data processors who answer directly to management in accordance with art. 4 (8) of the DSGVO on behalf of MDV.

3.1 Legal Basis and Purpose for the Processing of Personal Data

It is in our and the customer’s legitimate interest (Art. 6(1)(f) of DSCVO) to enable you full functionality of the app and to register and eliminate any errors in data processing. The purpose of processing is to enable the individual app functions (in particular ticket sales, information and up-to-date information for the user), optimized display and operation and an error-free user experience.

3.2 Duration of Data Storage

Your data will be deleted immediately when you close the app and will no longer be stored. In the event of a system error, an error log is created, which can contain certain data. The error log is deleted immediately after the error has been rectified.

3.3 System Authorisations

Depending on the device, you may be asked to authorise MOOVME to access the resources and functions of your device when you start the app. These device functions are required so that individual functions in the app can work. You can adjust the granted authorisations in the app settings and in the authorisation management of your device at any time. The following system authorisations are required to enable use of full range of functions:

3.3.1 Location

Your current position is used to select it as a starting or destination point, for use of your journey planner and to display your location as a starting point on the map or to use it for the area search. When using the “CheckIn” function, the location function must be activated or authorised on your mobile phone at the highest possible accuracy level (location services: GPS and activity data). Location must remain activated until the check-out process is fully completed. Deactivating location services and activating flight mode are not allowed when using “CheckIn”. Outside of that, location services remain inactive.

3.3.2 Contacts

Your contacts are used to conveniently select addresses as your start point or destination for the journey planner.

3.3.3 Calendar

Access to the calendar allows you to conveniently add planned rides to your calendar.

3.3.4 Notifications

You will receive notifications for your rides that are part of your subscription and in the event of disruptions or delays to your journey. When using the “CheckIn” function, the app will issue a warning message on the mobile phone in case the check-out process has been forgotten. In this case, the app uses the sensors built into the mobile phone to compute that you are presumably no longer travelling and that the check-out process has probably not been completed. You can makes settings to the notifications more precisely in the Push Centre of your mobile operating system.

3.3.5 Camera

Access to the camera of your device allows you to link your favourite transit connections with an image directly from the camera or from the photo gallery. Your images will only be stored locally in the app and never be transmitted to us.

4 Selection of the Customer Contract Partner

4.1 Initial Selection of the Customer Contract Partner

When opening the app for the first time, selecting a primary customer contract partner is required. You can choose between Regionalbus Leipzig GmbH (bus company in MDV), Verkehrsverbund Mittelsachsen GmbH (VMS), Hallesche Verkehrs-AG (HAVAG) and DB Regio AG (DB Regio). This is required to be able to display the respective ticket portfolio of the selected customer contract partner in the ticket shop of the “MOOVME” app. Selection of the customer contract partner will have a personal reference after you have registered or purchased a ticket and is up to that point only stored locally. Selection of the customer contract partner is required for technical reasons (see also chapter 6).

4.2 Changing Your Contract Partner After Registration in the Ticket Shop

You can change your customer contract partner in the “MOOVME” app. After switching, you do not have to register again with the new customer contract partner. As part of your right to data portability in accordance with Art. 20 of the DSVGO, we will transfer your account data over to the other customer contract partner. This is a technical requirement.

If you use our app as a non-registered user, there will generally be no need for a data transfer when changing the customer contract partner.

5 Schedule Information

Generally, it is possible to use the timetable information function of the app without registering. Every connection information request in the app is completely anonymous. The connection queried will only be personalised once you purchase a ticket for the route via the app.

5.1 Legal Basis and Purpose for the Processing of Personal Data

For the purpose of updating the timetable, information that is provided or determined via location services on start and destination points, arrival and departure times and the desired means of transport are transmitted to a processor who answers to management. The legal basis for this is your consent through confirming behaviour at your end. The intention to purchase tickets for the requested connection in the form of your enquiry constitutes a pre-contractual relationship between you and the selected customer contracting partner (Art. 6(1)(b) DSVGO). You are neither legally nor contractually obliged to request timetable information and provide the associated personal data (address data) in order to purchase a ticket. You can buy a ticket in the app independently of the timetable information.

5.2 Duration of Data Storage

The timetable information will only be saved when a ticket is purchased for the connection that you searched for (see section 6.3.3).

6 Ticket-Shop

Innerhalb der App besteht die Möglichkeit im Sinne eines Online-Shops Tickets der jeweils ausgewählten Kundenvertragspartei zu erwerben. Es ist möglich registriert oder unregistriert Tickets zu erwerben.

6.1 Registrierung für Ticket-Shop

Within the app, it is possible to purchase tickets from the selected customer contracting partner in the online shop. It is possible to purchase tickets whether you are registered or not.

6.1.1 Legal Basis and Purpose for the Processing of Personal Data

Your data will be processed for the purpose of generating an account and for the possibility of purchasing one or more tickets. In addition, registration also allows you to retrieve purchase receipts online afterwards. The legal basis for this is our contractual relationship (Art. 6(1)(b) DSVGO) or your consent (Art. 6(1)(a) DSVGO) when providing optional data. You are neither legally nor contractually obliged to provide your data and create an account.

6.1.2 Receiver of Data

Your account will be stored by the service provider we contracted (Hacon Ingenieursgesellschaft mbH and its order-processing company eos.uptrade GmbH), who provides the ticket shop functionality. This service provider is contractually bound by our instructions in the sense of an order processing relationship pursuant to Art. 28 of the DSVGO.

The details of your means of payment (IBAN, credit card number) are transmitted directly to the payment service provider Logpay Financial Services GmbH (see section 6.4).

6.1.3 Duration of Data Storage

Your data will be stored for as long as your account exists. If you ask us to delete your account (by sending an email to moovme@mdv.de or by using the “Delete account” function in the app), your data shall be deleted immediately, unless there are legal retention periods that prevent deletion (Art. 6(1)(c) DSVGO).

6.2 Non-necessity of Registration

You do not need to register in advance to purchase a ticket in the Ticket Shop. It is possible to enter all relevant data before finalising your ticket purchase. In the app settings, you can specify that the data entered should remain stored on your device to avoid having to re-enter it the next time you buy a ticket.

6.3 Ticket Purchase

6.3.1 Legal Basis and Purposes of Personal Data Processing

Your personal data will be processed for the purpose of ticket purchase. This also includes booking, payment processing, possible refunds, the sending or retrieval of a payment receipt and the personalisation of your ticket as proof of authenticity. The legal basis for this is the purchase contract concluded between you and the contract partner you selected (Art. 6(1)(b) DSVGO) and our legitimate interest in fraud prevention (Art. 6(1)(f) DSVGO). You are contractually obliged to provide truthful information, otherwise you may not purchase the desired ticket.

6.3.2 Receiver of Data

Access to personal data from the ticket purchase will be granted to the selected contract partner as well as the order processing company Hacon Ingenieursgesellschaft mbH and its order processing company eos.uptrade GmbH, where the ticket shop is operated in the background (backend), the order processing company O.phon GmbH, which provides your support, and the independent service company Logpay Financial Services GmbH for payment processing (see section 6.4).

6.3.3 Duration of Data Storage

Your data will be stored until their purpose is fulfilled or beyond due to possible statutory retention obligations. These are the retention obligations that are issued in the German Commercial Code (§ 257 HGB) and the German Fiscal Code (§ 147 AO). This means that we will delete your personal data at the latest after expiry of the statutory retention obligations (usually after 10 years plus the duration of the deletion process itself) (Art. 6(1)(c) DSGVO). Should the legal obligation to retain them no longer apply, your data will be deleted immediately.

6.4 Payment processing

Your personal data (first and last name, date of birth, address, e-mail address, bank account details, credit card details, telephone number – if applicable – and details of your respective ticket purchases) and any changes to those data will be transferred to LogPay Financial Services GmbH for the purpose of sales and for assigning our claims against you that may arise in connection with your ticket purchase. This occurs on the basis of Art. 6(1)(1)(f) of the DS-GVO. Our legitimate interest consists of the outsourcing of payment processing and receivables management. The legitimate interest of LogPay Financial Services GmbH consists of collecting data for the purpose of processing payments, managing receivables, assessing the legitimacy of payment methods and avoiding payment defaults.

You can object to the transmission of these data to LogPay Financial Services GmbH at any time, but you will then no longer be able to place an order via the electronic sales channel.

You can access the privacy protection information of LogPay Financial Services GmbH at https://www.logpay.de/DE/datenschutzinformationen/.

From the moment the receivable is assigned to Logpay Financial Services GmbH, it becomes responsible for processing personal data for payment processing.

6.4.1 Use of Apple Pay and Google Pay

Our MOOVME app supports the Apple Pay and Google Pay payment methods. If you decide to use one of these payment options, please note the following:

Data processing by Third Parties: When using Apple Pay or Google Pay, your payment data will be transmitted to the respective payment service provider (Apple Inc. or Google LLC). These service providers process your data in accordance with their own privacy guidelines. Please look up the corresponding privacy regulations yourself directly at Apple or Google:

- - Apple Pay Privacy Policy
  - Google Pay Privacy Policy

Collected data: When using Apple Pay or Google Pay, your payment data will be transmitted to the respective payment service provider (Apple Inc. or Google LLC).

- - Payment information (such as credit card number, expiry date, security code)
  - Device information (such as device model, version of operating system )
  - Transaction details (such as amount, date and time of the transaction)

Purpose of Processing: The data collected is used to process your transactions and ensure that the payment is carried out correctly. This includes authentication and fraud prevention.

Data Transfer: Your payment details will not be passed on to us or to third parties, except to the extent necessary to complete the transaction.

Security: Apple Pay and Google Pay use advanced security mechanisms to protect your payment information. We recommend that you use the security functions of your device, such as activating a secure device lock code and using biometric authentication (e.g. Touch ID, Face ID).

Through your use of Apple Pay or Google Pay, you consent to the processing of your data in accordance with this privacy policy and the privacy policies of Apple or Google.

6.4.2 Use of PayPal

Our MOOVME app supports the Paypal payment method. If you decide to use PayPal, please note the following:

Data processing by Paypal: When using PayPal, your payment data will be transmitted to PayPal (Europe) S.à r.l. et Cie, S.C.A.. PayPal processes your data in accordance with its own privacy policy. Please go directly to PayPal for the corresponding data protection regulations:

- - Paypal Privacy Policy

Collected data: When using PayPal in our app, the following data may be processed:

- - - Payment information (such as PayPal account number, transaction details)
    - Device information (such as device model, version of operating system )
    - Transaction details (such as amount, date and time of the transaction)

Purpose of Processing: The data collected is used to process your transactions and ensure that the payment is carried out correctly. This includes authentication and fraud prevention.

Data Transfer: Your payment data will be transmitted to PayPal and processed there. We only receive the confirmation of your payment but no detailed payment information. Your payment data will not be passed on to other third parties, except if necessary to complete the transaction.

Security: PayPal uses advanced security mechanisms to protect your payment information. We recommend using the security functions of your PayPal account, such as activating two-factor authentication.

Through your use of Paypal, you consent to the processing of your data in accordance with this privacy policy and the privacy policies of Paypal.

6.4.3 Use of the SEPA Direct Debit Scheme

Data processing by LogPay: When using the SEPA Direct Debit Scheme, your payment details will be transmitted to LogPay Financial Services GmbH. LogPay processes these data in accordance with the applicable data protection regulations and our order processing agreement. More information about LogPay’s privacy policy here:

- - Logpay Privacy Policy

Collected data: When using the SEPA Direct Debit Scheme in our app, the following data may be processed:

- - First and last name
  - IBAN and BIC numbers
  - Invoicing address
  - Amount and purpose of the transaction
  - Time of the transaction

Purpose of Processing: This data is processed for the purpose of implementing the SEPA Direct Debit Scheme in order to process the payment order authorised by you.

Legal Basis: The legal basis for the processing of your data as part of the SEPA direct debit procedure is the fulfilment of the contract in accordance with Art. 6(1)(b) DSVGO.

Storage duration: Your data will only be stored for as long as is needed to process the payment or as required by statutory retention obligations.

Security: We and LogPay use technical and organisational security measures to protect your data from manipulation, loss, destruction or access by unauthorised persons.

6.4.4 Use of Credit Cards

Data processing by LogPay: When using a credit card, your payment details will also be transmitted to LogPay Financial Services GmbH. LogPay processes these data in accordance with the applicable data protection regulations and our order processing agreement. More information about LogPay’s privacy policy here:

- - Logpay Privacy Policy

Collected data: When using a credit card in our app, the following data may be processed:

- - First and last name
  - Credit card number
  - Credit card expiration date,
  - Security code (CVC)
  - Invoicing address
  - Amount and purpose of the transaction
  - Time of the transaction

Purpose of Processing: This data is processed for the purpose of implementing the credit card payment in order to process the payment order authorised by you.

Legal Basis: The legal basis for the processing of your data as part of the credit card payment is the fulfilment of the contract in accordance with Art. 6(1)(b) DSVGO.

Storage duration: Your data will only be stored for as long as is needed to process the payment or as required by statutory retention obligations.

Security: We and LogPay use technical and organisational security measures to protect your data from manipulation, loss, destruction or access by unauthorised persons.

6.5 Error Logging

If errors occur in the ticket shop, log files (error logs) are written that enable us to understand and rectify the error that has occurred.

6.5.1 Legal Basis and Purposes of Personal Data Processing

The IP address and other technical data of your app and end device are processed in the error logs. This data are processed for the purpose of error analysis and troubleshooting. It is our legitimate interest that the app works without errors and that you can use all the functions provided without any issues (Art. 6(1)(f) DSGVO).

6.5.2 Receiver of Data

The error logs are transferred to our app development and order processing company: Hacon Ingenieursgesellschaft mbH.

6.5.3 Duration of Data Storage

If the storage of the error logs is no longer required for analysing and solving the causes and effects of errors and stability problems in the MOOVME ticket shop, they will be deleted.

6.6 Measures to Prevent App Misuse

Measures have been built into the app and especially into the ticket shop to prevent misuse of the app for unauthorised purposes.

6.6.1 Legal Basis and Purposes of Personal Data Processing

To prevent so-called brute force attacks, in which attempts are made to gain access to a user’s Ticket Shop account by randomly entering e-mail addresses and passwords, the IP address of the suspected attacker is processed in the event of multiple failed log-ins and temporarily blocked to prevent further attempts. It is in our interest as well as that of the app user to prevent misuse and the penetration of security measures (Art. 6(1)(f) DSGVO).

6.6.2 Receiver of Data

The relevant data are transferred to our app development and order processing company: Hacon Ingenieursgesellschaft mbH.

6.6.3 Duration of Data Storage

The storage of IP addresses collected in the event of incorrect login entries serves the prevention of app misuse through the continuous recognition of attack patterns. It is necessary to process the IP addresses permanently in order to recognise current attack mechanisms and to be able to take adequate protective measures for the future.

7 Contact form

You can send us a message from the app if you have a question, need help, want to report an error or give feedback in general. Your message will be forwarded to our support service provider o.phon GmbH who will reply to it. o.phon GmbH acts as our order processing company acc. Art. 28 DSGVO.

7.1 Legal Basis and Purposes of Personal Data Processing

Your personal data will be processed for the purpose of contacting you and replying to your message. It is in our legitimate interest to be able to respond to your queries (Art. 6(1)(f) DSGVO). If you have questions about your ticket purchase, Art. 6(1)(b) is relevant. You are not legally or contractually obliged to provide your data, but we may not be able to fully resolve your request or contact you if you don’t.

7.2 Receiver of Data

Access to the data is granted to the data processing company o.phon GmbH and to Mitteldeutscher Verkehrsverbund GmbH (MDV) as the central office of joint responsibility. Your data will only be passed on to other third parties if you consent.

7.3 Storage of Data

Your data will be stored until your query has been answered or resolved.

8 RufBus (On Call Bus)

MDV cooperates with other transport companies to provide the RufBus service. The following parties (responsible parties) have entered into a joint responsibility contract in accordance with Art. 26 of the DSGVO, as they have jointly determined the means and purposes of the processing of personal data with regard to the RufBus (on-call bus) service.

8.1 Cooperation Partners and Responsible Officers

The MDV (for contact info, see section 1.1) and

Regionalbus Leipzig GmbH (see section 1.1 for contact info) and

Geißler Reisen GbR
Nico Geißler
Kranoldstr. 1
04838 Eilenburg
E-Mail: busverkehr@geissler-reisen.de
Telefon: 03423 / 700420

Nordsachsen Mobil GmbH (NOMO)
Dresdner Straße 54
04758 Oschatz
E-Mail: kontakt@nordsachsen-mobil.de

THÜSAC Personennahverkehrsgesellschaft mbH
Industriestraße 4
04603 Windischleuba
E-Mail: info@thuesac.de

entered into a contract to share joint responsibility. What contract is relevant for the customer depends on what transport company provides the service on the customer’s chosen route.

8.2 Privacy Protection Officer

The privacy protection officers of MDV and Regionalbus Leipzig GmbH can be found in chapter 2. You can reach the GeiBler Reisen GbR privacy protection officer at:

Nico Geißler
Kranoldstr. 1
04838 Eilenburg
E-Mail: busverkehr@geissler-reisen.de

You can reach the THÜSAC Personennahverkehrsgesellschaft mbH privacy protection officer at:

HCONSULT GmbH
Sandro Swoboda
Bahnhofsplatz 15
D – 07545 Gera
E-mail: datenschutz@hconsult.info

You can reach the Nordsachen Mobil GmbH privacy protection officer at:

ProSoft Krippner GmbH
Herr Marcus Schmiedel
Hallesche Straße 35
04509 Delitzsch
Mail: dsb@prosoft-krippner.com

8.3 Legal Basis and Purposes of Personal Data Processing

Your personal data will be processed for the reservation, booking, payment, cancellation and operation of the RufBus (On Call Bus). The basis for this is the contractual relationship (Art. 6(1)(b) DSVGO) connected to the use of the “MOOVME” app and in particular the RufBus functionalities.

In order to be able to use the RufBus function via MOOVME without limitations, it is absolutely necessary to create a user account (Ticket Shop account), as this is the only way by which we can transfer data from MOOVME to the above-mentioned transport companies. You will find more detailed information on this in section 6. Provision of data is contractually required.

If you do not wish to create an account, you will be informed at the appropriate point that you will have to contact the transport companies by another method.

8.4 Receiver of Data

If you use the RufBus function, your personal data (account data) will be transmitted from MOOVME to the relevant transport company so that the RufBus can be used in accordance with your entered data. No data are transfered to third countries outside the EU/EEA.

8.5 Duration of Data Storage

9 Usage statistics

To continuously improve the app and identify errors, we analyse usage statistics in the app. We use a cookie-based solution called Matomo for this purpose.

9.1 Cookies

Cookies are small text files that are stored locally on your device and that enable information to be transmitted from the app. A unique cookie ID is generated in the app during the first time the app is used. This cookie ID is retained until you reinstall the app or deactivate the collection of usage statistics in the settings. Cookies are generally able to collect personal data. We only process a cookie ID that is randomly generated and does not allow any conclusions to be drawn about the identity of the user. The cookie never saves content data from the app (ticket purchases, timetable information or account data), but only saves the manner in which you navigate in the app.

9.2 Legal Basis and Purposes of Personal Data Processing

The cookie ID is required to continuously analyse whether navigation in the app gets better or worse over time. It is important to know that the same cookie ID always refers to the same app instance until the app is uninstalled. The findings serve to improve user-friendliness and operation and will influence future extensions and customisations of the app, e.g. to include additional services. The insights gathered by Matomo therefore are in our legitimate interest (Art. 6(1)(f) DSGVO).

9.3 Receiver of Data

Matomo is operated on a server of the Hacon Ingenieursgesellschaft mbH. There exists an order processing relationship pursuant to Art. 28 GDPR for this purpose. The cookie ID will be stored there. Hacon Ingenieursgesellschaft mbH and Mitteldeutscher Verkehrsverbund GmbH (MDV) have access to the data.

9.4 Duration of Data Storage

The storage period is three months from the first cookie ID generation. Deactivation of usage statistics / opt-out.

You have the option to object to the collection of usage statistics at any time. You can deactivate the usage statistics by opting out in the app settings.

10 Google Maps in the Android Version of the App „MOOVME“

This app uses Google Maps to display interactive maps and to show connections. Google Maps is a map service provided by Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. Use of Google Maps may mean that your IP address is transmitted to Google in the USA. The map content is integrated directly into the app by Google. We therefore have no influence on the scope of the data collected by Google in this way. To the best of our knowledge, this includes at least the following data: the IP address, any crash reports and the date and time of Google Maps use.

We have no influence on the further processing and use of the data by Google and can therefore accept no responsibility for this. Google Inc. is itself responsible for the processing of personal data according to art. 4(7) DSGVO.

Alternatively, you can switch to the Open Street Map (OSM) map in the app’s settings area. Our data processor, Hacon Ingenieursgesellschaft mbH, provides the OSM map material on its own servers. Navigation and control of the OSM maps in the app is also a solution from Google Inc., which is integrated via a Google interface. Unfortunately, we are unable to provide more detailed information about the data transmitted (see above).

The purpose and scope of the data collection and the further processing and use of the data by Google as well as your rights in this regard and setting options to protect your privacy can be found in Google’s privacy protection information (https://policies.google.com/privacy?hl=de).

It is in our interest, and that of the app user, that we offer functions or interfaces to functions that are standard on an Android smartphone and enjoy broad acceptance among end users. The legal basis for this is found in art. 6(1)(f) DSGVO).

11 ChatBot

11.1 General

With this data protection notice we will inform you below about the processing of your personal data when you use our chatbot from melibo. The protection of your personal data is important to us. We protect your data in particular within the framework of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). In principle, no personal data is collected, processed or used when using the chatbot. The use of the chatbot is on a voluntary basis. You are free to contact us by other means.

11.2 Scope and type of data processing

The data will not be passed on to third parties or any other evaluation will take place unless there is a legal obligation to do so (Art. 6 Para. 1 Letter e) GDPR). When using melibo, we do not collect any other personal data.

11.3 Log and statistical data

Every time our chatbot is accessed, the dialogues are saved in a log file; no IP addresses or browser data are saved. This data is not personal and does not allow chat users to be identified. They are used exclusively for the purpose of improving the dialogs and for error analysis and will not be passed on to third parties.

11.4 Security

Your questions and analysis data are transmitted securely to melibo using SSL encryption (transport encryption). Access is protected by firewalls that prevent unauthorized access from outside.

12 Rights of the Individual

You have the following rights vis-à-vis any data controller with regard to your personal data:

Right to information Art. 15 DSGVO),
Right to correction or deletion (Art. 16 & 17 DSGVO),
Right to restriction of processing (Art. 18 DSGVO),
Right of objection to processing (Art. 21 DSGVO),
Right to data portability (Art. 20 DSVGO).

You also have the right of complaint to a privacy protection supervisory authority about the processing of your personal data.

13 Third Country Transfers Outside the EU

All processing of personal data in the “MOOVME” app takes place within the European Union (EU). A transfer to a third country is not intended.

14 Automated Individual Decision-Making Including Profiling

There is never any automated individual decision-making, including profiling in the MOOVME app on the part of the joint data controllers.

15 Updating of Privacy Policy

The privacy protection statement is checked at regular intervals for completeness and accuracy. Privacy protection law is constantly being developed and adapted after changes in the law, decisions by the supervisory authorities and court judgements.

You will be notified when the privacy policy is amended.

29.07.2024