Privacy Policy for the MVV App

MVV GmbH takes the protection of your personal data very seriously. On this page, we describe how we handle your data and the data processed within the MVV app. If you have any queries or would like to request information, please use the contact details provided below.

Principles governing the processing of personal data

In the MVV app – apart from brief, technically necessary temporary storage in the context of IP-based communication – personal data is only processed when using the services explicitly described below (e.g. purchasing MVV mobile tickets, booking on-demand services).

MVV GmbH takes data protection law very seriously and attaches great importance to the principle of data minimisation. Most of the services and functions of the MVV app operate entirely without the collection and processing of personal data. Data processing in the MVV app is explained below, broken down by sub-areas and functionalities of the app.

Installation and permissions

Depending on your operating system and its permissions system, the MVV app requires specific permissions to perform all its functions. You will be explicitly informed of the relevant permissions during installation or when using the functions for the first time. You can then decide whether to grant individual permissions for the use of specific functions.   

Location

With the MVV app, you can obtain timetable information for any location and your current position. To do this, the app uses location information provided by your smartphone, depending on your user settings. This information is used exclusively to determine addresses, waypoints in routing, and to display nearby stops and departures. The addresses, points of interest and stops used in the timetable information are logged (see Data storage) without allowing any conclusions to be drawn about your identity or location. Your location data is expressly not stored or passed on to third parties.

Data storage

The app stores the following data on the device: history of recently used locations, connections and routes, saved favourites, settings, downloads (network maps), app status (to restore the last state on launch) and received server content (map sections, journey information). The app accesses local storage to save this data. Please note that, depending on the operating system, further permissions may be required to use external memory cards (on Android, for example, access to photos, media and files). Naturally, no access to your personal data takes place.

To ensure secure operation, calculations for the electronic timetable information (departures, journey information, etc.) are logged on the timetable information servers. The logs relate exclusively to the calculations performed and comply with the data protection principles of MVV GmbH and Bayerische Eisenbahngesellschaft mbH. No personal data is transmitted or stored; it is not possible to draw conclusions about the user or query patterns.

The MVV app is available via relevant app stores. For data protection within these stores or in areas directly related to them, please refer to their privacy policies:

• Apple App Store: https://www.apple.com/legal/privacy/de-ww/
• Google Play Store: https://policies.google.com/privacy?hl=de&gl=de
• Huawei AppGallery: https://legal.cloud.huawei.eu/legal/hiapp/privacy-statement.htm

The customer’s personal data explicitly provided for the purpose of purchasing tickets, and any associated changes, are stored and processed by the shop operator and/or its service providers in accordance with the terms and conditions applicable to the ticket shop used.

Sharing function

Calculated journeys and further information can be saved in calendars via the app or sent to third parties, for example via SMS, email or social media clients such as WhatsApp, Twitter, Telegram, etc. The functions available depend on your operating system and the services or apps installed on your smartphone, and are subject to the respective data protection policies of the providers. We have no influence over the applications you have installed and use, or the data protection policies applicable to them. Access to calendars set up via the MVV app is strictly write-only; existing entries are therefore not read. Contact details are used solely for the purpose of transmitting messages; there is no further processing or storage of the data on the application or server side.

On-demand services (ODS)

To book On-Demand Services (MVV-RufTaxi, FLEX) electronically or by telephone, you must register by providing your name, telephone number and email address (this may not be required if you register by telephone). This data is used exclusively for the organisation, scheduling and execution of the booked journeys, as well as for contacting you in connection with the journeys you have booked (e.g. changes to journey times, enquiries regarding space requirements), and is passed on electronically via encrypted transport systems to the call-a-taxi centre and the relevant transport company for the same purpose. The legal basis for the processing is Article 6(1)(b) – the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures – and (f) of the GDPR. The legitimate interests of MVV GmbH, the transport operators and the public transport authorities lie in providing you, as a user of the MVV app, with better access to public transport and facilitating timetable enquiries and the purchase of MVV Mobile Tickets. Without the provision of this data, no booking can be made via the booking tool.
The data will be deleted no later than two years after the last use or booking. Furthermore, the data will be deleted within 30 days upon the customer’s express request by email to kundenbetreuung@mvv-muenchen.de, provided that no statutory retention obligations prevent this.

Usage statistics

In order to improve the quality of the app, MVV GmbH and/or its IT service providers compile anonymised statistics on the use of the app following the user’s express consent (‘opt-in procedure’). These serve solely to improve the product and do not contain any personal information. We have no means of identifying you. The function for collecting anonymous usage statistics can be activated by the user when the app is first opened and deactivated at any time via the settings in the app. To collect anonymous usage statistics, we use Google Analytics with IP anonymisation enabled in our MVV app up to version 6.128.0.x. The information collected is transmitted to Google’s servers and stored there. The data controller for users in the EU is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google will analyse the transmitted data to generate reports on the app’s usage activity. Further information can be found at support.google.com/analytics/answer/6004245?hl=de and www.google.de/intl/de/policies/. From version 6.129.0.x onwards, we use Matomo to collect anonymous usage statistics in our MVV app. Matomo is an open-source application with IP anonymisation enabled, which has been installed by our hosting provider SpaceNet AG in a data centre in Germany. The data collected is stored anonymously on this server and analysed by MVV GmbH to improve the MVV app.

Crash reports with Google Firebase Crashlytics

To improve the stability and reliability of the app, we use the Firebase Crashlytics service provided by Google LLC to collect anonymised crash reports. The data controller for users in the EU is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). In the event of an app crash, information is transmitted to Google’s servers, which contains details about the app’s status at the time of the crash as well as system information about the device. The data includes Crashlytics installation UUIDs, crash traces and Breakpad minidump-formatted data. Further information can be found at firebase.google.com/support/privacy and www.google.de/intl/de/policies/. The collection of crash reports using Google Firebase Crashlytics can be disabled directly when the app is first opened, as well as at any time via the settings within the app (‘opt-out procedure’).

MVV-ID

The MVV-ID is a service provided by MVV GmbH that enables users to access various registration-required services and features offered within the MVV app using a single account. When users of the MVV app register for the MVV-ID, the data required for authentication—such as first name, surname, email address and telephone number, as well as optional data that can be stored in the profile for the use of further services (e.g. booking on-demand transport, participating in MVVswipe, purchasing HandyTickets) are stored in a German data centre and used exclusively for the use of the services and functionalities linked to the MVV app. The legal basis for the processing is Article 6(1)(b) – the processing is necessary for the performance of a contract or for the implementation of pre-contractual measures – and (f) of the GDPR. The legitimate interests of MVV GmbH lie in enabling users of the MVV app to have better access to public transport. Without authentication and personal data, services requiring registration cannot be offered.
The data will be deleted no later than two years after the last use (login). Furthermore, deletion will take place within 30 days upon the customer’s express request by email to kundenbetreuung@mvv-muenchen.de, provided that no statutory retention obligations prevent this.

Optional login with Apple/Google

Our app allows you to log in using your Apple or Google account for faster access without registration. In doing so, your personal data stored with Apple/Google (e.g. name, email address) is transmitted to us and processed for the purpose of authentication, as outlined in the section “MVV-ID”. Use of the Apple/Google login is voluntary. Further information on data processing by Apple/Google can be found in the privacy policies of Apple and Google.

MVVswipe

Participation in MVVswipe is subject to the privacy policy applicable to this service, which is set out following this privacy policy. It supplements the privacy principles of the MVV app as well as the Terms and Conditions “Sale of tickets via MVVswipe”.

MyRadl

The MyRadl bike-sharing system is operated by nextbike GmbH, Leipzig. Use of the system within the MVV app is only possible after the service has been actively linked to your MVV ID and you have given your express consent to the MyRadl Terms and Conditions. In doing so, the data stored in your MVV ID profile will be transferred to nextbike.

Ticket purchase

The data protection provisions in accordance with the terms and conditions of the respective ticket shop apply to the purchase of MVV mobile tickets within the MVV app. The provisions governing the sale of mobile and online tickets via the MVV GmbH ticket shop, as set out in Section 12 of the Mobile and Online Ticket Terms and Conditions, are listed following this privacy policy.

Address data

To facilitate the purchase of mobile tickets, the app user may grant access to the contacts (address book) stored on the device. This allows contact details from the address book to be used, meaning they do not need to be re-entered during the purchase process. This access permission is optional and serves solely to speed up the ticket purchase process for passengers.

Contact form

Enquiries submitted via the MVV app’s contact form or by email are stored and analysed anonymously for the purpose of processing the enquiry and improving service quality. Processing is generally carried out by employees of MVV GmbH; where the message is forwarded to the relevant transport company or software service provider for a response or to clarify the facts, the personal data provided is also forwarded. The legal basis is Article 6(1)(a) of the GDPR (consent). Without the provision of contact details, in particular the email address, the enquiry cannot be processed in writing.
The data is generally deleted twelve months after processing.

Legal basis for processing

Unless otherwise stated above for individual sections and functions of the MVV app, processing is carried out in accordance with Article 6(1)(f) of the GDPR 1(f) of the GDPR to safeguard the legitimate interests of MVV GmbH, the transport operators and the public transport authorities, in order to provide you, as a user of our MVV app, with better access to public transport and to facilitate timetable enquiries and the purchase of MVV mobile tickets.

You have the right to access the personal data in question (Art. 15 GDPR) as well as the right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or to restriction of processing (Art. 18 GDPR) or the right to object to processing (Art. 21 GDPR) as well as the right to data portability (Art. 20 GDPR) in accordance with the statutory provisions on data protection.

Right to lodge a complaint

Pursuant to Art. 77 GDPR, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the General Data Protection Regulation.

The competent supervisory authority for MVV GmbH is the Bavarian State Commissioner for Data Protection, PO Box 22 12 19, 80502 Munich, www.datenschutz-bayern.de.

Data Controller and Data Protection Officer

The data controller within the meaning of data protection law is MVV GmbH, represented by the management. It can be contacted by email at info@mvv-muenchen.de or by post at MVV GmbH, Management, Thierschstraße 2, 80538 Munich.

MVV GmbH has an external Data Protection Officer. You can contact them by email at Datenschutz@mvv-muenchen.de or by post at DSBOK, Data Protection Officer for MVV GmbH, Untergasse 2, 65474 Bischofsheim.

Extract from the General Terms and Conditions and Privacy Policy (GTC) governing the sale of HandyTickets via the MVV GmbH ticket shop (as at January 2025):

12.1 Processing of the e-payment service and debt management

(1) For the processing of the e-payment service (e.g. online shop, mobile app), MVV GmbH uses the IT service provider eos.uptrade GmbH, Schanzenstraße 70, 20357 Hamburg, and the financial services company LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn. The technical operation of the software components is handled by eos.uptrade GmbH. The infrastructure is located in certified data centres in Germany. As part of commissioned data processing, the service providers use software instances hosted by the data centre operator Amazon Web Services (AWS). These components are operated exclusively at the server location in Frankfurt am Main (Germany).

(2) The personal data provided by the customer (first name and surname, title, date of birth, address, email address, bank account details where applicable, credit card details where applicable, mobile phone number where applicable) as well as data relating to the customer’s respective ticket purchases (order details, IP address where applicable, client where applicable, log data) and all changes are passed on to LogPay Financial Services GmbH, Schwalbacher Straße 72, 65760 Eschborn. This is carried out on the basis of Article 6(1)(f) of the GDPR. The legitimate interest of MVV GmbH lies in the outsourcing of payment processing and receivables management. The legitimate interest of LogPay Financial Services GmbH lies in the processing of data for the purposes of payment processing, receivables management, assessing the validity of payment methods and preventing payment defaults. The offer to conclude a contract of sale for a ticket is only accepted if LogPay Financial Services GmbH acquires the resulting claim arising from the ticket sale. If LogPay Financial Services GmbH refuses to acquire the claim, the offer to conclude a contract of sale is rejected. LogPay Financial Services GmbH’s data protection information can be accessed at https://www.logpay.de/DE/datenschutzinformationen/. In addition, MVV GmbH processes your personal data which it receives from LogPay Financial Services GmbH (information regarding the decision as to whether or not the claim is acquired). No mobile/online ticket can be used without the provision of this data.

(3) As part of the registration process for the SEPA Direct Debit payment method and/or in the event of changes to customer data in connection with the switch to the SEPA Direct Debit payment method, the financial services company LogPay Financial Services GmbH may carry out a check of the customer’s details and creditworthiness. This is done by comparing the customer’s personal data against the database of SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden.

(4) To prevent fraud involving account details, the identity of the bank account holder is verified as part of the registration process for the SEPA Direct Debit payment method and/or in the event of changes to customer data in connection with the switch to the SEPA Direct Debit payment method. As part of this verification (bank ID procedure or photo ID procedure), the first name, surname, IBAN and email address are transmitted to Verimi GmbH, Oranienstrasse 91, 10969 Berlin.

(5) In order to verify the credit card details provided by the customer and to process payments via the credit card payment method, the financial services company LogPay Financial Services GmbH will pass on the credit card and payment details to a credit card acquirer. 

(6) In the event that the customer fails to meet their payment obligations, their personal data will be passed on to a debt collection agency for the purpose of collecting the claims (e.g. through payment reminders/demands) and enforcing the claims (for example, as part of court-ordered debt collection proceedings or in cooperation with a law firm in the event of legal enforcement through litigation).

12.2 Customer service

MVV GmbH may use and store the personal data of customers registered with it for the purpose of customer service and may also pass this data on to its service providers to clarify queries; it will not be used for advertising or other purposes without the customer’s prior express consent. This is done on the basis of Article 6(1)(b) of the GDPR, for the fulfilment of the mobile/online ticket contract. Mobile/online tickets cannot be used without the provision of the data.

12.3 Inspection of mobile and online tickets

(1) To ensure revenue collection, the transport companies participating in the network may, where necessary during inspections, view the ticket data, the information stored in the barcode (first name and surname (masked) as well as the ticket holder’s date of birth and title) and the inspection medium presented by the customer. This is carried out on the basis of Article 6(1)(f) of the GDPR. The legitimate interest of MVV GmbH and the transport companies carrying out the checks lies in securing fare revenue. Personal data is not stored in the inspection device, but is only displayed. In the event of a dispute, personal data may be forwarded to the transport company that carried out the check for further processing. Mobile/online tickets cannot be used without providing this data.

12.4 General provisions on data protection

(1) The personal data stored by MVV GmbH or by the service providers shall be deleted when it is no longer required for the fulfilment of the purpose for which it was collected (sale of mobile and online tickets) and there are no longer any statutory retention obligations to the contrary. Data from a registered customer account through which no ticket purchase has ever been made will be deleted from the relevant directory after two years at the latest. Data from a registered customer account through which ticket purchases have already been made will be deleted from the relevant directory no later than ten years after the last booking. Order data is to be treated as a booking receipt and is retained in accordance with statutory retention periods; it is subsequently deleted. Furthermore, deletion shall take place at the customer’s express request by email to kundendialog@mvv-muenchen.de, provided that no statutory retention obligations preclude this. In this case, deletion shall take place within 60 days at the latest. 

(2) Where the processing of personal data is based on the customer’s consent, the customer has the right to withdraw consent at any time without affecting the lawfulness of processing carried out on the basis of consent prior to withdrawal, in accordance with the statutory provisions on data protection (Art. 7 GDPR, Section 51 BDSG). 

In the event that personal data is processed for the performance of tasks carried out in the public interest (Art. 6(1)(e) GDPR) or for the purposes of legitimate interests (Art. 6(1)(f) GDPR), you may object to the processing of your personal data at any time with effect for the future. In the event of an objection, we must cease any further processing of your data for the aforementioned purposes, unless

• there are compelling legitimate grounds for processing which override your interests, rights and freedoms, or
• the processing is necessary for the establishment, exercise or defence of legal claims.

You have a right to access the personal data concerned (Art. 15 GDPR) as well as a right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or to restriction of processing (Art. 18 GDPR) or a right to object to the processing (Art. 21 GDPR) as well as a right to data portability (Art. 20 GDPR) in accordance with the statutory provisions on data protection. The customer may exercise these rights by sending an email to kundendialog@mvv-muenchen.de.

(3) The data controller within the meaning of data protection law is MVV GmbH, represented by the management. It can be contacted by email at info@mvv-muenchen.de or by post at MVV GmbH, Management, Thierschstraße 2, 80538 Munich. MVV GmbH has a Data Protection Officer. The Data Protection Officer can be contacted by email at datenschutz@mvv-muenchen.de or by post at MVV GmbH, Data Protection Officer, Thierschstraße 2, 80538 Munich. If you wish to have your personal data deleted, please send an email to datenloeschung@mvv-muenchen.de.

(4) Pursuant to Article 77 of the GDPR, without prejudice to any other administrative or judicial remedy, the customer has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or the place of the alleged infringement, if he or she considers that the processing of personal data relating to him or her infringes the General Data Protection Regulation.

The competent supervisory authority for MVV GmbH is the Bavarian State Commissioner for Data Protection, PO Box 22 12 19, 80502 Munich, www.datenschutz-bayern.de.

Privacy Policy (PP)
for the sale of tickets via MVVswipe (check-in/check-out system) by MVV GmbH

Date: 16 February 2026

1. General

(1) MVV GmbH offers a CheckIn-CheckOut system (hereinafter referred to as the InOut system or MVVswipe) within the MVV app. This is a smartphone-based ticketing system with automatic ex-post fare calculation. Using location tracking (GPS, motion sensors and Bluetooth), the smartphone detects a CheckIn actively triggered by the customer, the route travelled within the MVV network via local public transport (LPT), and the CheckOut triggered by the customer. The system then calculates the correct fare for the route travelled in the background based on this location data. If several journeys are made per day, the maximum charge will be the applicable daily rate (depending on the zone and number of passengers). Depending on the number of journeys per day, the customer’s previously registered payment method will be debited.

(2) For the processing of the e-payment service (e.g. InOut system), MVV GmbH uses the IT service provider Mentz GmbH (hereinafter referred to as MENTZ), Grillparzerstraße 18, 81675 Munich, and the financial services company LOGPAY Financial Services GmbH (hereinafter referred to as LOGPAY), Schwalbacher Straße 72, 65760 Eschborn. MENTZ is responsible for the technical operation of the software components. The infrastructure is located in certified data centres in Germany. As part of commissioned data processing, the service providers use software instances hosted by the data centre operator Amazon Web Services (AWS). These components are operated exclusively in the eu-central-1 region (Frankfurt am Main).

(3) The controller within the meaning of data protection law is MVV GmbH, represented by the management. It can be contacted by email at info@mvv-muenchen.de or by post at MVV GmbH, Management, Thierschstraße 2, 80538 Munich. MVV GmbH has an external data protection officer. The Data Protection Officer can be contacted by email at datenschutz@mvv-muenchen.de or by post at DSBOK, Data Protection Officer for MVV GmbH, Untergasse 2, 65474 Bischofsheim. If the customer wishes to have their personal data deleted, they must submit a request by email to datenloeschung@mvv-muenchen.de.

(4) The German version of the Terms and Conditions and the Privacy Policy shall apply. In the event of any conflict between the German and English language versions, the German version shall prevail.

2. Data required for the use of the InOut system

(1) In order to perform the function of the InOut system as set out in Section 1(2), the InOut system or the MVV app requires access to the following data and services:

• Location data (GPS): Following the customer’s explicit permission to access this data, the InOut system accesses the location data (GPS) of the mobile device in order to determine the customer’s current location, boarding, transfer and destination stops, as well as the customer’s journey route and duration. Due to the dense network of transport points within the MVV system, high location accuracy (“precise location”) is important for MVVswipe in order to determine and bill the journey as accurately as possible. The “Always” GPS setting is necessary to ensure that a journey can be recorded even if the MVV app is running in the background during an active journey or if the app is accidentally closed. Location data is only recorded after manually performing the CheckIn and continues until the CheckOut is completed. After CheckOut, the location access settings can be reduced; if you CheckIn again, the “Always” setting must be selected once more. Consent to the use of location data (GPS) and the activation of the location function on the smartphone during the journey are prerequisites for using MVVswipe.
• Mobile internet: The InOut system requires internet access to exchange necessary information between the app and the backend system (e.g. for the purposes of journey recognition and fare calculation).
• Motion sensors (motion data): Following explicit permission, the InOut system accesses the motion sensors on the device to improve journey recognition. This allows the system to distinguish, for example, whether the customer is on public transport or walking. Consent to the use of motion sensors (motion data) on the smartphone during the journey is a prerequisite for using MVVswipe.
• Bluetooth: To significantly improve location accuracy for determining the stops relevant for billing during the customer’s journey, the InOut system processes Bluetooth signals following explicit permission to access them. Bluetooth signals relevant to MVVswipe are generated by so-called Bluetooth beacons (owned by MVV GmbH or Münchner Verkehrsgesellschaft mbH (MVG)). These are used, for example, in underground stops or in vehicles and transmit a simple signal which the InOut system uses to identify the respective stop or vehicle stored in its database. No connection or data exchange takes place between the smartphone and the beacon beyond this. Consent to the use of Bluetooth signals and the activation of the Bluetooth function on the smartphone during the journey are prerequisites for using MVVswipe.

(2) The data mentioned above is required by the InOut system to ensure correct recognition of the public transport journey. No personal movement profiles are created in the process. The recording of the journey only begins once the CheckIn has been successfully completed. The MVV app does not need to be open continuously for the recording to take place. The recording ends once the customer has successfully completed the CheckOut. The system services mentioned in paragraph (1) above can be deactivated at any time outside of an active InOut journey via the settings of the mobile device, but must be reactivated before starting a new journey with MVVswipe. The customer receives a corresponding system message. The customer explicitly consents to the InOut system or the MVV app accessing their personal data (see sections 3, 4 and 5), including the data mentioned above (see paragraph 1) – including for the purpose of resolving customer enquiries. Otherwise, use of the InOut function is not possible.

The MVV app is available via relevant app stores. For data protection within these stores or in areas directly related to them, please refer to their privacy policies:

• Apple App Store: https://www.apple.com/legal/privacy/de-ww/
• Google Play Store: https://policies.google.com/privacy?hl=de&gl=de
• Huawei AppGallery: https://privacy.consumer.huawei.com/legal/hiapp/privacy-statement.htm

3. Registration for MVVswipe

(1) Registration by the customer is required to use the InOut system. Upon registration, the customer must agree to the General Terms and Conditions (GTC) and data protection provisions relating to the InOut function, as well as the MVV’s Conditions of Carriage and Fare Regulations.

(2) The following data is collected for registration:

• First name and surname
• Date of birth
• Address or billing address
• Email address
• Password
• Valid payment method (SEPA Direct Debit, credit card, PayPal, Bonvoyo, Apple Pay or Google Pay)

(3) Data processing is carried out on the basis of Article 6(1)(b) of the GDPR. 

(4) During the registration process, the customer may voluntarily consent to the use of personal data for market research purposes (optional tick box; see section 7).

4. Use of the InOut system and price calculation

(1) The basic structure of the InOut system was explained in Section 1(1). In order to track the customer’s journey continuously and subsequently calculate the correct fare, the InOut system must access and process the following data (see also Section 2):

• Location data (GPS)
• Mobile internet
• Motion sensors
• Bluetooth
• Individual ticket settings prior to the start of the journey (passengers)

(2) Each time the service is used, a journey authorisation is purchased by the customer, assigned to the relevant customer account and displayed there. In this context, the following data is processed:

• First name and surname
• Date of birth
• Validity of the travel authorisation, including time validity and ID
• Date and time
• Location data for the entire journey
• Passengers, daily limit
• Device information (operating software (version), model of the end device and app version)

(3) The journey route generated on the basis of the journey data comprises the first boarding stop after check-in, the stops passed through and transfer stops, the last alighting stop before check-out, as well as the modes of transport and routes used. The fare is calculated by assigning the calculated journey route to the applicable fare regulations in the MVV. When billing the calculated fare, the data provided by the customer during registration and the stored payment methods are used (see sections 3 and 5).

(4) The journeys made by the customer are checked for possible fraudulent behaviour using fraud detection. If MVV GmbH or the technical service provider detects misuse, the customer account will be blocked. Check-in will no longer be possible.

(5) Data processing is carried out on the basis of Article 6(1)(b) of the GDPR. 

5. Billing via LOGPAY

(1) The personal data provided by the customer (first name and surname, date of birth, address, email address, telephone number where applicable, and details of their respective purchases) and any changes thereto are passed on to LOGPAY Financial Services GmbH for the purpose of selling and assigning MVV GmbH’s claims against the customer arising in connection with their purchase, hire or booking. This is carried out on the basis of Article 6(1)(f) of the GDPR. The legitimate interest on the part of MVV GmbH lies in the outsourcing of payment processing and receivables management. The legitimate interest on the part of LOGPAY Financial Services GmbH lies in the processing of data for the purposes of payment processing, receivables management, assessing the validity of payment methods and preventing payment defaults.

(2) The offer to conclude a contract of sale for a ticket is only accepted if LOGPAY Financial Services GmbH acquires the resulting claim arising from the ticket sale. If LOGPAY Financial Services GmbH refuses to acquire the claim, the customer’s offer to conclude a contract of sale is rejected.

(3) The customer may object to the transfer of this data to LOGPAY Financial Services GmbH at any time; however, in that case, it will no longer be possible to place an order via the electronic sales channel.

(4) The customer may access LOGPAY Financial Services’ data protection information at https://documents.logpay.de/de/datenschutzinformationen.pdf.

(5) Furthermore, MVV GmbH processes the customer’s personal data which MVV GmbH receives from LOGPAY Financial Services GmbH (information regarding the decision as to whether or not the claim is acquired).

(6) In the event of the processing of personal data for the performance of tasks carried out in the public interest (Art. 6(1)(e) GDPR) or for the purposes of legitimate interests (Art. 6(1)(f) GDPR), the customer may object to the processing of their personal data at any time with effect for the future. In the event of an objection, MVV GmbH must refrain from any further processing of the customer’s data for the aforementioned purposes, unless

• there are compelling legitimate grounds for processing which override the interests, rights and freedoms of the customer, or
• the processing is necessary for the establishment, exercise or defence of legal claims.

(7) As part of the registration process for the SEPA Direct Debit payment method and/or in the event of changes to the customer’s data in connection with the switch to the SEPA Direct Debit payment method, the financial services company LOGPAY Financial Services GmbH may carry out a check of the customer’s details and creditworthiness. This is done by comparing the customer’s personal data against the database of SCHUFA Holding AG, Kormoranweg 5, 65201 Wiesbaden.

(8) In order to verify the credit card details provided by the customer and to process payments via the credit card payment method, the financial services company LOGPAY Financial Services GmbH will pass on the credit card and payment details to a credit card acquirer.

(9) In the event that the customer fails to meet their payment obligations, their personal data will be passed on to a debt collection agency for the purpose of collecting the claims (e.g. through payment reminders/demands) and enforcing the claims (for example, as part of court-ordered debt collection proceedings or in cooperation with a law firm in the context of legal enforcement through litigation).

6. Customer Support

(1) Any queries or complaints raised by the customer regarding the accuracy of a journey’s recording will be handled and processed on behalf of MVV GmbH by the customer support team of the technical service provider MENTZ. All other enquiries (e.g. regarding fares or registration) will be handled and processed by the customer support team of MVV GmbH. Customer enquiries sent directly via the MVV app are forwarded, depending on the subject line provided, either directly to MENTZ (journey and stop recording) or to MVV GmbH. General enquiries sent by email are first reviewed by MVV GmbH and, where necessary, forwarded to MENTZ.

(2) MVV GmbH may use and store the personal data of customers registered with it for the purposes of customer support and may also pass this data on to its service providers to clarify queries; it will not be used for advertising or other purposes without the customer’s prior express consent.

(3) The processing of this personal data is based on the legal basis of Article 6(1)(b) of the GDPR, provided that the communication takes place in connection with the execution of the ticket purchase. Processing for other communications is based on the legitimate interest (on the part of MVV GmbH) pursuant to Article 6(1)(f) of the GDPR, namely to process the customer’s contact enquiry in a manner appropriate to their needs. No InOut ticket can be used without the provision of the data.

7. Market research

(1) The InOut system implements a new technology for recording travel data for ex-post fare calculation. For the continuous improvement and further development of the system and its user-friendliness, MVV GmbH may carry out (or commission) market analyses (market research). To this end, the customer may be sent a request to participate in market research via the app or via the email address voluntarily provided during registration for market research purposes. Participation is voluntary. By participating in the market research, the following information is transmitted to the market research institute:

• First name and surname
• Email address
• Age
• Postcode

Consent may be withdrawn at any time in writing and shall apply prospectively. The processing of this personal data is based on the legal basis of Article 6(1)(a) of the GDPR, namely the customer’s consent.

8. Journey history

(1) The journey history is created in the backend system. In order to display the history of journeys made by the customer in the MVV app, some personal data is stored locally within the app. This includes: history of journeys made and the resulting tickets, user settings, and certain states of the MVV app.

(2) The processing of locally stored data is based on our legitimate interest pursuant to Article 6(1)(f) of the GDPR, namely to provide the customer with a functional and user-friendly app.

9. Checking of InOut journeys

(1) To ensure revenue collection, the transport companies participating in the network may, where necessary during checks, view the ticket data, the information stored in the barcode (first name and surname (masked where applicable depending on the inspection device), as well as date of birth and, where applicable, title, first name and surname of the ticket holder) and the inspection medium presented by the customer. This is carried out on the basis of Article 6(1)(f) of the GDPR. The legitimate interest of MVV GmbH and the transport companies carrying out the checks lies in securing fare revenue. Personal data is not stored in the inspection device, but is only displayed. In the event of a dispute, personal data may be forwarded to the transport operator that carried out the inspection for further processing. An InOut ticket cannot be used without providing this data.

10. Storage duration and retention periods

(1) The personal data stored by MVV GmbH or by the service providers shall be deleted when it is no longer required for the fulfilment of the purpose for which it was collected (sale of InOut tickets) and the statutory retention obligations (maximum of ten years pursuant to Section 147(3) of the German Fiscal Code (AO)) no longer preclude this. The data of a registered customer account that has been inactive for two years will be deleted from the relevant directory after two years at the latest. Data from active customer accounts will be deleted from the relevant directory ten years after the booking date. Order data is to be treated as a booking receipt and will be retained in accordance with the statutory retention periods; it will then be deleted. Furthermore, data will be deleted at the customer’s express request by email to kundendialog-swipe@mvv-muenchen.de, provided that no statutory retention obligations prevent this. In this case, deletion will take place within 30 days at the latest.

(2) Information relevant to technical testing and analysis, i.e. operating system (version), device model and app version, is stored temporarily and automatically deleted after six months.

11. Disclosure of data

(1) In the course of using the service and processing the contract, it is usually necessary to engage data processors. These include:

• Technical service providers for the operation and maintenance of IT systems and server infrastructure, e.g. for the InOut system
• Customer support
• Payment service providers
• Other parties involved in the performance of the contract
• External service providers for market research purposes (see Section 7)
• Public authorities or other government bodies, where MVV GmbH is legally obliged to do so

All data processors and external service providers have been or will be carefully selected and are subject to strict data protection agreements. Compliance with these is ensured through contractual provisions, technical and organisational measures, and supplementary controls.

To the extent necessary for the aforementioned purposes, MVV GmbH also transfers customer data to recipients outside the European Economic Area (EEA), provided

• it is necessary for the performance of a contract,
• statutory provisions must be complied with, or
• the customer has given their consent to MVV GmbH.

In addition, MVV GmbH transfers the customer’s personal data to the technical service providers engaged by MVV GmbH, who support MVV GmbH in operation and maintenance and are based in the USA. Although the customer’s personal data is stored exclusively on servers within the EU/EEA, However, it cannot be entirely ruled out that the customer’s personal data may be transferred to the USA (for example, in the case of support enquiries). To this end, MVV GmbH and the technical service providers it engages have taken appropriate measures to ensure an adequate level of protection for the customer’s personal data. In addition to the conclusion of the EU Commission’s standard contractual clauses, this includes the implementation of additional technical, organisational and contractual safeguards. The customer’s other personal data is not transferred to countries outside the EEA.

12. Other information on data protection

(1) Where the processing of personal data is based on the customer’s consent, the customer has the right to withdraw their consent at any time without this affecting the lawfulness of the processing carried out on the basis of the consent prior to its withdrawal, in accordance with the statutory provisions on data protection (Art. 7 GDPR, Section 51 BDSG).

In the event that personal data is processed for the performance of tasks carried out in the public interest (Art. 6(1)(e) GDPR) or for the purposes of legitimate interests (Art. 6(1)(f) GDPR), the customer may object to the processing of their personal data at any time with effect for the future. In the event of an objection, MVV GmbH must refrain from any further processing of the data concerned for the aforementioned purposes, unless

• there are compelling legitimate grounds for processing which override the interests, rights and freedoms of the customer, or
• the processing is necessary for the establishment, exercise or defence of legal claims.

There is a right to access the personal data in question (Art. 15 GDPR) as well as a right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR) or to restriction of processing (Art. 18 GDPR) or a right to object to the processing (Art. 21 GDPR) as well as a right to data portability (Art. 20 GDPR) in accordance with the statutory provisions on data protection. The customer may exercise these rights by sending an email to kundendialog-swipe@mvv-muenchen.de.

(2) In addition to the aforementioned processing purposes, the customer’s personal data will also be processed for the following purposes:

• To comply with MVV GmbH’s statutory retention obligations or data protection obligations. This processing is based on the legal basis of Article 6(1)(c) of the GDPR.
• To exercise any legal claims or to defend MVV GmbH against claims. This processing is based on the legal basis of Article 6(1)(f) of the GDPR.
• To respond to and comply with requests from public authorities. This processing is based on the legal basis of Article 6(1)(c) of the GDPR.

(3) Pursuant to Article 77 of the GDPR, without prejudice to any other administrative or judicial remedy, the customer has the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or the place of the alleged infringement, if he or she considers that the processing of personal data relating to him or her infringes the General Data Protection Regulation.

(4) The competent supervisory authority for MVV GmbH is the Bavarian State Commissioner for Data Protection, PO Box 22 12 19, 80502 Munich, www.datenschutz-bayern.de.