Data Protection Declaration of Public in Motion GmbH
A. General Information on Data Privacy
-
Information on the Collection of Personal Data
- In the following we inform you about the collection and processing of personal data when using our website www.talixo.com (same as the URLs with other country codes, hereinafter referred to as "website") or the mobile app "Talixo Taxi & Limo Booking" (hereinafter referred to as "mobile app"), which you can download to your mobile device. Where difference arise between the processing of personal data when using website and mobile App we will inform you in detail in Section B (website) or Section C (mobile app). Personal data means individual information on personal or factual circumstances being attributable to an identified or identifiable natural person.
- The company responsible according to Art. 4 para. 7 GDPR (General Data Protection Regulation) is Public In Motion GmbH (hereinafter also referred to as "PIM" or "we"), Landsberger Allee 117A, 10407 Berlin, Germany, e-mail: info@public-in-motion.com (see our imprint). You can contact our data protection officer by sending an e-mail to dataprotection@talixo.com.
- When contacting us by e-mail, the data you provide (your e-mail address, if applicable your first and last name and your telephone number) will be stored by us in order to answer your questions. We delete the data acquired in this context once no further storage is necessary or reduce the processing if further retention is required by law.
-
Subject of this Data Protection Declaration
This privacy policy applies to all services offered on our website or mobile app. This Data Protection Declaration exclusively deals with the handling of personal data by PIM. In case our services are performed by subcontractors, you will find the information on the respective procedures below. In case you make use of services provided by third parties via the website, the data protection regulations of the respective third parties apply exclusively. PIM does not check the data protection regulations of third parties.
-
Collection and Processing of Personal Data when using our Services
We collect, store and process personal data in accordance with Art. 6 Para. 1 lit. b) GDPR for the entire handling of the transportation services (in particular service arrangement and accounting), including the handling of any warranty claims as well as the technical administration. Any and all personal data is processed exclusively in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
-
Customer Account/Registration
To be able to make bookings by using our Talixo portal or the mobile app, you first have to register as a user by entering the following personal data in connection with a password of your choice: First and last name, mobile phone number and e-mail address. We need this information in order to be able to identify you and to communicate with you. The legal basis is Art. 6 para. 1 sentence 1 lit. b) GDPR. It is obligatory to provide the aforementioned data; all further information can be provided voluntarily by using our portal. We will then set up a password-protected direct access to your data stored with us in your customer account. Here you can view all information about closed and open ride bookings and manage and change all details in the protected customer area.
-
Use of our Services
- To book a ride we need your correct first and last name, your e-mail address, mobile phone number and specific payment information. You can decide between the following methods of payment: Cash, credit card, invoice, electronic direct debit (ELV) or AirPlus credit card (corporate customers). Depending on the chosen payment method we need your credit card information, AirPlus credit card information or billing information. We need the first and last name, e-mail address and mobile phone number to confirm the receipt of your booking, identify you as a user and communicate with you. We need the credit card information or billing information to process the payment.
- If you use our portal or our mobile app, we will store your data required for the performance of the contract as listed in Section 3.2 (1) in accordance with Art. 6 Para. 1 Sentence 1 lit. b) GDPR. Furthermore, we store the data provided by you voluntarily for the duration of your use of the portal, provided that you do not delete it before. The legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR.
- In order to prevent unauthorized access to your personal data, especially payment information, the connection is encrypted using TLS technology.
- It is your obligation to treat the personal access data confidentially and not to make them accessible to any unauthorized third parties. We do not assume any liability for the abuse of passwords, unless we are responsible for the abuse.
-
Your personal data will only be passed on or otherwise communicated to third parties if this is necessary (i) for the purpose of performing our contractual obligations or (ii) the handling of payment transactions or (iii) if there is a legitimate interest of PIM or the third party or (iv) if you have previously given your consent. The legal basis is Art. 6 para. 1 sentence 1 lit. b), f) GDPR or Art. 6 para. 1 sentence 1 lit. a) GDPR. This means that the taxi / limousine fleet company or other external providers of fleet services (external fleet partner) as well as their respective drivers executing the ride receive the necessary information (first and last name, mobile phone number, flight number, pickup address, destination address and time of arrival as well as information on extra requests) via the website and mobile app. Moreover, for credit card payment purposes the payment processors Adyen and Stripe (for further information see point 3.3) receive the necessary information (first and last name, mobile phone number, credit card information).
In addition to the before-mentioned third parties, your data will be processed by internal software within our business enabling us to provide customer support and to perform bookings. All software tools are GDPR compliant and the data is exclusively processed on an as-needed basis. Your data might be processed by employees of subsidiaries of PIM, which are obliged to comply with same strict GDPR rules as PIM itself. The data passed on in this way may only be used by these third parties for the fulfilment of their tasks. Any other use of the above information is inadmissible.
-
You will receive the ride confirmation and contact data and further information from the driver or the taxi and limousine company (first and last name, telephone number, license plate, vehicle type) or the invoice (in case you choose this option in your user profile) and updates regarding the journey via your e-mail address. For the purpose of sending you this kind of system e-mails we use the mailing services of SendGrid, a service of SendGrid, Inc. (hereinafter referred to as “SendGrid”).
For that purpose, we transfer your e-mail address, name, last name and trip details to SendGrid where it is stored only for the period necessary to fulfil the purpose as described before. The legal basis is Art. 6 Para. 1 lit. b) GDPR.
The Commission Decision (EU) 2016/1250 of 12.07.2016 allows the transfer of data from an EU controller or processor of orders to organizations in the US that have committed themselves to adhere to the framework principles of the EU-US Data Protection Shield, including the additional principles, by way of self-certification with the US Department of Commerce. SendGrid is subject to these principles through self-certification with the U.S. Department of Commerce.
Information of the third-party provider SendGrid on data protection is available at:
https://sendgrid.com/policies/privacy/ -
We use your mobile phone number to send you information from the driver (first and last name, telephone number, license plate, vehicle type) and an information when the driver arrived via SMS. For the purpose of sending you SMS we use Twilio, a service of Twilio Inc. (hereinafter referred to as “Twilio”), “), 645 Harrison St # 3rd Floor, San Francisco, CA 94107 USA.
For that purpose, we transfer your mobile phone number to Twilio where it is stored until you delete your Talixo user account. Then we will order the deletion of your data. The legal basis is Art. 6 Para. 1 lit. b) GDPR.
The Commission Decision (EU) 2016/1250 of 12.07.2016 allows the transfer of data from an EU controller or processor of orders to organizations in the US that have committed themselves to adhere to the framework principles of the EU-US Data Protection Shield, including the additional principles, by way of self-certification with the US Department of Commerce. Twilio is subject to these principles through self-certification with the U.S. Department of Commerce.
Information of the third-party provider Twilio on data protection is available at:
https://www.twilio.com/legal/privacy -
To be able to use our services in a country outside the European Union (hereinafter referred to as “third country”) the transfer of your personal data to the respective fleet company or the external fleet partner as well as to the respective driver executing the ride in such a third country is necessary for the performance of our contractual obligations. The legal basis for the data transfer is an Adequacy Decision according to Art. 45 Para. 1 GDPR when the European Commission has decided ensures an adequate level of protection. If an adequate level of data protection cannot be guaranteed the legal basis is Art. 49 Para. 1 sentence 1 lit. b) GDPR.
You can find a list of all Adequacy Decisions by the European Commission here:
https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en
-
Credit Card Data for the Payment of the Rides
In the following we inform you about the data processing in case you choose to pay by credit card. We want to underline that PIM’s systems meet the highest security standard and is certified by PCI-DSS (Payment Card Industry Data Security). The credit card information only needs to be entered once when the first booking and registration is made. The entered information is protected against unauthorized access. PIM does not store the information. PIM uses two certified payment providers named Adyen (Adyen B.V. Si-mon Carmiggelstraat 6-50, 1011 DJ Amsterdam, Netherlands) and Stripe (Stripe Payments Eu-rope Ltd., The One Building 1 Grand Canal Street Lower, Dublin 2, Ireland), whose systems are also PCI-DSS-certified. In order to increase the convenience of recurring transactions, the credit card data is stored for an extended period of over one year at the commissioned PCI-DSS-certified payment provider and will be deleted when you delete your Talixo user account. Further information on the use of your payment data can be found in Section 3.2 (5).
-
Use of Adyen for Payment by Invoice or ELV
In the following we inform you about the use of Adyen in case you choose to pay the ride by bank transfer or ELV through the payment provider Adyen. In this case you have to give store your bank details. Then the payment is made when you press the button in your account as ELV. Alternatively, Adyen will send you a fifteen-digit token and it’s banking information. Into this account you will have to pay the specific riding fee
-
Customer Rating Following the Ride
- After every trip, you will be requested by e-mail to rate the driver and the vehicle. This rating is anonymous to the driver and only serves for quality assurance and improvement of customer satisfaction. The rides quality is reflected by a star system. In addition to customer ratings, the star system is also based on other indicators of quality such as the vehicle equipment and accessories. The quality standards are important to us and we want to know if you are unhappy with your ride. Under this circumstance we will get back to you by e-mail to ask questions about your ride. The legal basis is Art. 6 para. 1 sentence 1 lit. f) GDPR.
- At the bottom of each rating e-mail you will find a link to unsubscribe at any time. You can also prevent this kind of e-mail at any time by sending a message to the e-mail address or address given in the imprint of our website (https://talixo.de/impressum/) or under Section 1.2.
-
-
Newsletter
- Our newsletter provides information about us and our services. If you would like to receive the newsletter, we need a valid e-mail address from you. For the registration for our newsletter we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the specified e-mail address asking you to confirm that you would like to receive the newsletter. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we store your IP addresses and the time of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, to clarify a possible abuse of your personal data.
- The only information for sending the newsletter is your e-mail address. After your confirmation we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a) GDPR.
-
We use the MailChimp component for sending our newsletters on the basis of Art. 6 Par. 1 S. 1 lit. f) GDPR. MailChimp is a service provided by The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA.
If you subscribe to our newsletter, your e-mail address will be transmitted to a server of The Rocket Science Group in the USA and stored there as long until you decide to unsubscribe as explained in Section 4.4.
According to the Commission implementing Decision (EU) 2016/1250 of 12.07.2016, the transfer of data from an EU controller or order processor to organizations in the US who have committed themselves to adhere to the framework principles of the EU-US Privacy Shield, including the additional principles, by way of self-certification with the US Department of Commerce, is permitted. MailChimp is subject to these principles through self-certification by the US Department of Commerce. Further information about data protection at MailChimp can be found here:
https://mailchimp.com/legal/privacy/ - At the bottom of each newsletter you will find a link to unsubscribe at any time. You can also unsubscribe from the newsletter at any time by sending a message to the e-mail address or address given in the imprint of our website (https://talixo.de/impressum/) or under Section 1.2. If the newsletter is cancelled, the personal data stored for the purpose of providing the newsletter will be deleted, unless there is a legal obligation to keep it in safekeeping.
-
Safe Data Transmission
Your personal data is transmitted securely by encryption. This applies to the order and also to the customer login. We use the TLS coding system. No one can guarantee absolute protection. However, we secure our website and other systems through technical and organizational measures.
-
Right of Affected Persons
- In accordance with Art 15 GDPR, you have the right, upon request and free of charge, to receive information about the personal data that has been stored about you. In accordance with Articles 16, 17 and 18 of the GDPR, you also have the right to have incorrect data corrected and your personal data blocked, deleted or processed to a limited extent. Under the conditions laid down in Art. 20 of the GDPR, you are also entitled to receive the personal data concerning you that have been stored in a structured, common and machine-readable format and to transmit this data to another person responsible without any impediment by PIM. In addition, according to Art. 21 para. 1 GDPR you are entitled to object to the processing of personal data relating to you, which is carried out on the basis of Art. 6 para. 1 lit. e) or f) GDPR, for reasons arising from your particular situation. PIM will fulfil your aforementioned claims, provided that the legal requirements for the assertion of the respective claims are satisfied.
- Any requests for your personal data should be made to the address given in the imprint of our website (https://talixo.de/impressum/) or the e-mail address or address specified under item 1 of this data protection declaration.
- You are also entitled to file a complaint with a data protection supervisory authority regarding our processing of your personal data.
-
Duration of Storage and Routine Deletion
- We process and store personal data only during the period necessary to realize the purpose of processing or during the period of time and to the extent provided for in laws or regulations applicable to the controller.
- If the storage purpose ceases to apply or a legally prescribed storage period expires, the personal data will be blocked or deleted as a matter of routine and in accordance with the statutory provisions.
B. Further Information On the Use of Our Website
-
Collection of Personal Data when using our Website
-
Access Data/ Server-Logfiles
In case our website is exclusively used for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server (server log files/access data). If you wish to view our website, we collect the following data on the basis of Art. 6 Par. 1 S. 1 lit. f) GDPR, which is technically necessary for us to display our website to you and to guarantee stability and security:
Name and content of the accessed website, IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), the amount of data transferred, access status/HTTP status code (referrer URL), browser type, your operating system and its interface, language and version of the browser software.
-
Cookies
- We use cookies on our website. A cookie is a small file your browser creates automatically and that are stored on your access device (PC, Laptop, smartphone, etc.) when you are visiting our website. Cookies cannot run programs or transmit viruses to your computer. The cookie stores certain information related to the access device. This does not mean that we become aware of your identity directly. Cookies are used on the basis of Art. 6 Par. 1 lit. f) GDPR.
- We are using so-called session cookies to recognize, that you visited certain pages of our websites. Those cookies will be deleted automatically at the time you leave our website. We also use temporary cookies to optimize the usability our website and which are stored on your device during a certain period. In case you visit our website again to use our services, you and the inputs or settings you made will be recognized automatically, so you do not have to repeat it.
- On the other hand, we use cookies to collect statistical data via third party services on your website use and to analyze the data for optimization of the usability of our website (more details in Sect. B. 2). Those cookies will be delated will deleted after a certain period.
- You can enable or disable cookies via the settings in your browser. However, not all interactive features of our website may be available if you disable cookies. You can find more information on how to prevent the use of cookies in each relevant section for the different services.
-
-
Integration of Services of Third Parties
-
Use of Google Analytics
- This website uses Google Analytics, a web analysis service of Google Inc, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics uses cookies (more details in B.2.1.) r, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is generally transmitted to and stored by Google on servers in the United States.
- The Commission Decision (EU) 2016/1250 of 12.07.2016 allows the transfer of data from an EU controller or processor of orders to organizations in the US that have committed themselves to adhere to the framework principles of the EU-US Data Protection Shield, including the additional principles, by way of self-certification with the US Department of Commerce. Google is subject to these principles through self-certification with the U.S. Department of Commerce.
- However, if IP anonymization is activated on our website, Google will reduce your IP address beforehand within Member States of the European Union or in other states party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this website. On behalf of PIM, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services relating to website and Internet use in comparison with PIM. Legal basis for the use of Google Analytics is Art. 6 Par. 1 S. 1 lit. f) GDPR.
-
The IP address transmitted by your browser in the context of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plug-in available under the following link:
https://tools.google.com/dlpage/gaoptoutYou can find further information on the data use by Google here:
https://www.google.com/analytics/terms/us.html (User Terms and Conditions)
https://support.google.com/analytics/answer/6004245?hl=en (Overview regarding Data Protection)
https://policies.google.com/privacy (Data Protection Declaration)
-
Use of Google Adwords Conversion
- We use the offer of Google Adwords to draw attention to our attractive offers with the help of advertising materials (so-called Google Adwords) on external websites. We can determine in relation to the data of the advertising campaigns how successful the individual advertising measures are. We are interested in showing you advertisements that are of interest to you, to make our website more interesting for you and to achieve a fair calculation of advertising costs. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f DS-GVO.
- These advertising media are delivered by Google via so-called "Ad Servers". For this purpose, we use ad server cookies, through which certain parameters for measuring success, such as the insertion of ads or clicks by users, can be measured. If you access our website via a Google ad, Google Adwords stores a cookie on your PC. These cookies usually expire after 30 days and are not intended to identify you personally. For this cookie, the unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions) and opt-out information (mark that the user no longer wishes to be addressed) are usually stored as analysis values.
- These cookies enable Google to recognize your Internet browser. If a user visits certain pages of an Adwords customer's website and the cookie stored on their computer has not expired, Google and the customer can recognize that the user has clicked on the ad and has been redirected to this page. Each Adwords customer is assigned a different cookie. Cookies cannot therefore be traced via the websites of Adwords customers. We do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. On the basis of these evaluations we can recognize which of the used advertising measures are particularly effective. We do not receive any further data from the use of advertising material; in particular, we cannot identify users on the basis of this information.
- Due to the marketing tools used, your browser automatically establishes a direct connection to the Google server. We have no influence on the extent and the further use of the data which are raised by the use of this tool by Google and inform you therefore according to our knowledge: By the integration of AdWords conversion Google receives the information that you called the appropriate part of our Internet appearance or clicked an announcement of us. If you are registered with a Google service, Google may associate your visit with your account. Even if you are not registered with Google or have not logged in, it is possible that the provider may obtain and store your IP address.
-
You can prevent participation in this tracking procedure in various ways: a) by setting your browser software accordingly, in particular by suppressing third-party cookies, you will not receive any ads from third-party providers; b) by deactivating cookies for conversion tracking, by setting your browser so that cookies are blocked by the domain "www.googleadservices.com", https://www.google.de/settings/ads, this setting being deleted when you delete your cookies; c) by deactivating the interest-based ads of the providers that are part of the "About Ads" self-regulation campaign via the link https://www.aboutads.info/choices, this setting being deleted when you delete your cookies; d) by permanently deactivating Firefox, Internet Explorer or Google Chrome in your browsers under the link https://www.google.com/settings/ads/plugin. Please note that in this case you may not be able to use all functions of this offer in full.
Further information on data protection at Google and Google Adwords Conversion can be found here:
https://www.google.com/intl/de/policies/privacy and https://services.google.com/sitestats/de.html.Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at https://www.networkadvertising.org
-
Use of Matomo (Piwik)
- This website uses the web analysis service Matomo (formerly Piwik), an analysis software of InnoCraft Ltd. (https://www.innocraft.com, 150 Willis St, 6011 Wellington, New Zealand) to analyze and regularly improve the use of our website. We can improve our offer and make it more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 para. 1 sentence 1 lit. a) or f) GDPR.
- Cookies (more details in B 1.2.) are stored on your computer for analysis. The person responsible stores the information collected in this way exclusively on his server in Germany where it is stored 24 months. You can set the analyzation by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we point out that you may not be able to use this website in its entirety.
- The Matomo program is an open source project. You can obtain information on data protection from the third-party provider at https://matomo.org/docs/privacy/.
-
Use of Hotjar
- This website uses the web analysis service Hotjar, a software of the European company Hotjar Ltd, Level 2, St Julian's Business Centre, 3, Elia Zammit Street, St Julian's STJ 1000, Malta, to analyze and regularly improve the use of our website. The legal basis for the use of Hotjar is Art. 6 Par. 1 S. 1 lit. a) or f) GDPR.
- Cookies (more details in B.2.1.) are stored on your computer for this evaluation. Hotjar provides us with videos from the website, so the data you enter in your user profile is visible, e.g. name, last name, mobile, email. The information collected in this way is transmitted anonymously to the Hotjar servers in Ireland and stored there for one year and not passed on to other third parties. The amount of time the cookie is stored varies depending on the type of cookie. For more information, please visit https://www.hotjar.com/cookies. To prevent Hotjar from collecting the data, please follow the instructions at https://www.hotjar.com/opt-out, which are also available in the German language.
- Information of the third-party provider Hotjar on data protection is available at https://www.hotjar.com/privacy.
-
Use of the Facebook Social Plugins (Like Button)
- We use GDPR components of the provider facebook.com on our website on the basis of Art. 6 para. 1 lit. f). Facebook is a service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. Through the Facebook plugin we offer you the possibility to interact with Facebook and other users, so that we can improve our services and increase their attractivity for you as a user. The legal basis for using the Facebook plugins is Art. 6 Par. 1 S. 1 lit. a) or f) GDPR.
- Each time you visit our website, which is equipped with such a component, this component causes the browser used by you to download a corresponding representation of the component from Facebook. This process informs Facebook which specific page of our website you are currently visiting.
- If you visit our website while logged in to Facebook, Facebook recognizes which specific page you are visiting through the information collected by the component and assigns this information to your personal account on Facebook. For example, if you click the "I like" button or make comments, this information is transferred to your personal user account on Facebook and stored there. In addition, the information that you have visited our site will be shared with Facebook and stored until you delete your Facebook account. This is independent of whether you click on the component or not. If you are not a member of Facebook, it is still possible for Facebook to obtain and store your IP address. According to Facebook, only an anonymized IP address is stored in Germany.
-
If you wish to prevent Facebook from transmitting and storing data about you and your behavior on our website, you have to sign out of your Facebook account before you visit our site. Facebook's privacy policy provides more detailed information, in particular about Facebook's collection and use of the data, your rights in this regard and the setting options for protecting your privacy: https://de-de.facebook.com/about/privacy/
External tools are also available on the market to block Facebook social plug-ins with add-ons for all major browsers https://webgraph.com/resources/facebookblocker/
Facebook has adhered to the EU-US-Privacy-Shield:
https://www.privacyshield.gov/EU-US-Framework - You also have the right to object to the creation of these user profiles by Facebook, whereby you must contact Facebook to exercise this right.
-
Use of Google+
- On our website we use the social plugin "google+1" of the social network Google+. This is operated by Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA94043, USA. The Google+ plugin allows you to interact with Google+ and other users so that we can improve our services and increase their attractivity for you as a user. The legal basis for using the Google+ plugins is Art. 6 Par. 1 S. 1 lit. a) or f) GDPR.
- When you access our website with this button, a direct connection is established between the servers of Google Inc. and your browser. The content of the "+1" button is transmitted by Google directly to its browser and integrated into the website. Unfortunately, we have no influence on the amount of data Google Inc. collects with the "+1" - button. Google Inc. does not collect any personal data as long as the "+1" button is not clicked. Such personal data as well as the IP address are only collected and processed by visitors to the website who are logged in in parallel with your Google+ account and stored until you delete your account.
-
Further information on the purpose and scope of data collection and the further processing and use of the data by Google as well as your rights in this regard and options for setting up your privacy can be found here:
https://www.google.com/intl/de/+/policy/+1button.html
https://www.google.com/intl/de/+1/button/ - You also have a right to object to the creation of these user profiles by Google+, however, you must contact Google to exercise this right.
-
Integration of Google Maps
- On this website we use Google Maps, a service of Google (Further information on Google can be found in section B.2.1.). This allows us to display interactive maps directly on the website and enables you to conveniently use the map function. The legal basis for s is Art. 6 Par. 1 S. 1 lit. a), b) or f) GDPR.
- By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under section B.1.1. of this declaration will be transmitted. This is regardless of whether Google provides an user account that you are logged in to, or whether no user account exists. If you are logged in to Google, your information will be directly associated with your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation takes place in particular (even for unlogged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities on our website. Google Maps retains ID-associated data for 60 days. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
-
Further information on the purpose and scope of data collection and the further processing and use of the data by Google as well as your rights in this regard and options for setting up your privacy can be found here:
https://www.google.de/intl/de/policies/privacy
-
C. Further Information on the Use of the Mobile App
-
Collection of Personal Data when using our Mobile App
-
Access Data
- When downloading the mobile app, the necessary information is transferred to the App Store (Apple App Store and Google Play), i.e. in particular the name, e-mail address and customer number of your customer account, time of download, payment information and the individual device identification number. We have no influence on this data collection and shall not be responsible for it. We only process the data if it is necessary for downloading the mobile app to your mobile device.
-
When using the mobile app, we collect the personal data described below to enable convenient use of the functions. If you want to use our mobile app, we collect the following data on the basis of Art. 6 Par. 1 S. 1 lit. f) GDPR, which is technically necessary for us to offer you the functions of our mobile app and to guarantee stability and security:
Name and content of the accessed website, IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), the amount of data transmitted, access status/HTTP status code (Referrer URL), browser type, your operating system and its interface, language and version of the browser software.
- We also require your device identification, unique number of the end device (IMEI = International Mobile Equipment Identity), unique number of the network subscriber (IMSI = International Mobile Subscriber Identity), mobile phone number (MSISDN), MAC address for WIFI use, name of your mobile device and your e-mail address.
-
Cookies
The mobile app does not use any cookies.
-
Collection of your Location Data
The Talixo system makes use of GPS positioning to ensure comfortable and smooth ride arrangements. You may only use this function after you have previously given your consent by using the respective pop-up window that we may collect your location data via GPS and your IP address in anonymized form for the purpose of arranging trips. Furthermore, we collect anonymized location data permanently to determine the flow of traffic and based on that we are able to increase the efficiency of the route planning for our users. You may at any time allow or revoke this setting in the settings of your operating system and activate or deactivate the access to your location there. Your location will only be communicated to us if you have activated access to your location. The legal basis for processing is Art. 6 para. 1 sentence 1 lit. a) or f) GDPR.
-
-
Integration of Services of Third Parties
-
Integration of Google Maps
- This mobile app uses Google Maps, a service of Google (further information on Google can be found in section B.2.1.). This enables us to display interactive maps directly in the mobile app and enables you to use the map function conveniently. The legal basis for s is Art. 6 Par. 1 S. 1 lit. a), b) or f) GDPR.
- By using our mobile app, Google receives the information that you have accessed the corresponding subpage in our app. In addition, the data mentioned under section C.1. of this declaration will be transmitted. This is regardless of whether Google provides an user account that you are logged in to, or whether no user account exists. If you are logged in to Google, your information will be directly allocated to your account. If you do not wish to be associated with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation takes place in particular (even for unlogged-in users) to provide demand-oriented advertising and to inform other users of the social network about your activities in our app. Google Maps retains ID-associated data for 60 days. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
-
Further information on the purpose and scope of data collection and the further processing and use of the data by Google as well as your rights in this regard and options for setting up your privacy can be found here:
https://www.google.de/intl/de/policies/privacy
-
Use of Google Analytics
- This app uses Google Analytics, a mobile analysis service of Google (you can find further information on Google in section B.2.1.). Google Analytics uses the Instance ID of your mobile device to identify individual installations of this mobile app. Since each Instance id is unique to a particular app and device, they give Google Analytics a way to refer to specific app instances.
- However, if IP anonymization is activated on the mobile app, Google will reduce your IP address beforehand within the Member States of the European Union or in other states party to the Agreement of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this mobile app. On behalf of PIM, Google will use this information to evaluate your use of the mobile app, to compile reports on mobile app activity and to provide other services relating to the mobile app and internet use in comparison with PIM. The IP address transmitted by the mobile app in the context of Google Analytics will not be merged with other Google data. Legal basis for the use of Google Analytics is Art. 6 Par. 1 S. 1 lit. a) or f) GDPR.
- You can prevent Google from collecting the data generated by the Instance ID and relating to your use of the mobile app (including your IP address) and from processing this data by opting-out in this mobile app’s settings.
-
Use of Firebase
- This app uses Firebase, a mobile service of Google (you can find further information on Google in section B.2.1.). Firebase uses the Instance ID of your mobile device to identify individual installations of this mobile app. Since each Instance id is unique to a particular app and device, they give Firebase a way to refer to specific app instances. The information generated by the instance ID about your use of this mobile app is generally transmitted to and stored by Google on servers in the United States. Your IP address and GPS Position Data transmitted by this mobile app in the context of Firebase will not be merged with other google data. Legal basis for the use of Firebase is Art. 6 Par. 1 S. 1 lit. a) or f) GDPR
- However, if IP anonymization is activated on the mobile app, will reduce your IP address beforehand within the Member States of the European Union or in other states party to the Agreement of the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. IP anonymization is active on this mobile app. On behalf of PIM, Google will use this information to evaluate your use of the mobile app, to compile reports on mobile app activity and to provide other services relating to the mobile app and internet use in comparison with PIM. The IP address transmitted by the mobile app in the context of Google Analytics will not be merged with other Google data.
- We use the Firebase service Analytics to provide analytics and attribution information in case you use a mobile device with Android operating systems. Firebase Analytics collects Mobile ad IDs, Android mobile device IDs, Instance IDs, Analytics App Instance IDs. Firebase Analytics retains ID-associated data for 60 days and retains aggregate reporting and campaign data without automatic expiration, unless the PIM changes its retention preference in its Analytics settings or deletes its project.
- We use the Firebase service Cloud Messaging in case you use a mobile device with Android operating system to determine which devices to deliver messages to by using Instance IDs. Firebase retains Instance IDs until we request deletion. After that, the personal data are deleted by firebase within 180 days.
- We use the Firebase service Crashlytics in case you use a mobile device with Android operating system that tells us when your mobile app crashes. Therefore, Instance IDs and crash reports are transferred to Firebase. Firebase retains those personal data until we request deletion. After that, the personal data are deleted by firebase within 180 days.
- We use the firebase service Dynamic links that uses device specs IDs in case you have a mobile device with iOs operating system to facilitate use of newly-installed mobile apps. Dynamic Links only stores devices specs temporarily, to provide the service.
- We use the Firebase service Performance Monitoring that uses Instance IDs to monitor the mobile app’s function and to react on specific instances. Performance monitoring retains instance-associated events for 30 days. Firebase retains Instance IDs until we request deletion. After that, the personal data are deleted by firebase within 180 days.
- You can prevent Google from collecting the data generated by the Instance ID and relating to your use of the mobile app (including your IP address) and from processing this data by opting-out in this mobile app’s settings.
-
You can find further information on the data use by Google through Firebase here:
https://firebase.google.com/terms/data-processing-terms
https://firebase.google.com/terms/
https://firebase.google.com/support/privacy/manage-iids
https://firebase.google.com/support/privacy/
-