Data privacy statement
We, the ÜSTRA Hannoversche Verkehrsbetriebe Aktiengesellschaft (hereinafter "we" or „ÜSTRA“), appreciate your interest in our company. We take the protection of your personal data and its confidential treatment very seriously. The processing of your personal data occurs exclusively within the scope of the data protection provisions, especially the General Data Protection Regulation (hereinafter „GDPR“) and other applicable regulations.
This privacy statement also applies to the blog logbook.
With regard to the processing of your personal data within the framework of the Mobility Shop accessible via the website, please obtain information from the corresponding privacy statement at shop.uestra.de/index.php/cms/privacy_policy.
1. Name and contact details of the person in charge and the data protection officer
This data privacy statement applies for the data processing done by the following party responsible: ÜSTRA Hannoversche Verkehrsbetriebe Aktiengesellschaft, Am Hohen Ufer 6, 30159 Hanover, e-mail: firstname.lastname@example.org, phone: +49 511 1668 0.
The data protection specialist can be reached as follows: ÜSTRA Hannoversche Verkehrsbetriebe Aktiengesellschaft, Data Protection Office, Am Hohen Ufer 6, 30159 Hanover, e-mail: email@example.com, phone: +49 511 1668 0.
2. The subject matter of data protection
The subject matter of data protection is “personal data”. This includes all information, relating to an identified or identifiable individual (co-called data subject). This includes details such as name, postal address, e-mail address or customer number. Specific information on personal data processed by us can be found consecutively in the listed data processing operations.
3. Collection and storage of personal data
a. When visiting the website
When visiting our website, the browser used on your device sends automatically information to our website server. This information is temporarily stored in a so-called log file. In the course of this procedure, the following data is collected and stored, without any action on your part, until the time of automatic deletion:
• website you were at before you visited us („referrer“),
• any contents accessed,
• date and time of the server query (and access),
• quantity of data transmitted,
• status of access (such as the file was transmitted or the file was not found, etc.)
• description of the type of web browser used/ identification data of the browser, operating system type used,
• IP address of the requesting computer.
The listed data is processed by us exclusively for the following purposes:
• ensuring a smooth connection,
• providing a comfortable use of our website,
• evaluation of the system security and -stability as well as
• for further administrative purposes.
The legal basis for processing data is art. 6 para. 1 S. 1 let. f GDPR. Our legitimate interest follows from the purposes listed above. In no case we use the collected data in order to draw conclusions concerning your personality.
b. When ordering a newsletter
Via our website, you have the possibility to subscribe for newsletters published by ÜSTRA (e.g. „ÜSTRA carpool“, „ÜSTRA traffic control centre“, „ÜSTRA job letter“, „ÜSTRA press subscription“).After you have sent the registration, you will receive an email with a confirmation link. Please confirm your registration by clicking additionally on the indicated link provided in the verification e-mail (so-called double-opt-in process).
Provided you have expressly agreed according to art. 6 para. 1 S. 1 let. a GDPR, we use your e-mail address for sending you our newsletter. In order to receive the newsletter, a valid e-mail address and a confirmation that you are at least 16 years of age is sufficient. Optionally, you can also enter your first and last name as well as the correct mode of address. In order to ensure that you can assign the consent for the reception of our newsletter effectively, we decided to set the mentioned minimum age for the reception of our newsletter.
You can unsubscribe at any time, without incurring costs other than the transmission costs for the base rates of your access provider, e.g. via a link at the end of every newsletter.
The data required for the distribution of this newsletter shall be deleted as soon as it is no longer required for the fulfilment of the purpose for which it was submitted and provided no other legal authorisation for further processing applies. Your e-mail address is consequently stored only for the sending of newsletter as long as you revoke your permission.
For sending the newsletters, the ÜSTRA has commissioned the CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede as processor, see also paragraph 4.
For the purpose of completeness, we would like to point out that the ÜSTRA observes and evaluates the success of the newsletters sent on the basis of anonymous data, by collecting and storing the following data without any personal reference in order to gear the ÜSTRA services better towards the interests and needs of (potential) customers:
• Information which e-mails have been opened
• Location while opening the e-mail • E-mail client used
• Information which links in a opened newsletter were clicked
c. When using our contact form and e-mail contact
In case of questions, we offer you the possibility to contact us via a contact form on our website. A valid email address is required in order to know who has sent the e-mail and in order to answer it. Further information is voluntary. Alternatively, you can contact us via the e-mail address provided. In this case, the personal data transmitted with the e-mail is stored by you.
The data processing for the purpose of contacting is based on art. 6 para. 1 let. f GDPR. Our legitimate interest is based on the will to answer your request. If your contact request is aimed at the conclusion of a contract, the legal basis includes additionally art. 6 para. 1 let. b GDPR.
The personal data collected by us will be deleted after the purpose of the contacting.
4. Disclosure of data
We shall forward your personal data to third parties (receiver) only if we are entitled to do so according to the data protection law provisions. In the following we would like to inform you about situations which can be the case. We may pass your personal data to third parties if
• you grant us permission to do so for one or more purposes (art. 6 para. 1 S. 1 let. a GDPR);
• if data processing is necessary for the performance of a contract with you or for the implementation of pre-contractual measures upon your request (art. 6 para. 1 S. 1 let. b GDPR);
• if the processing is necessary for compliance with legal obligation (art. 6 para. 1 S. 1 let. c GDPR);
• it is necessary for the protection of our legitimate interests or of a third party as long as your interests do not outweigh (art. 6 para. 1 S. 1 let. f GDPR).
Furthermore, we are cooperating with service providers, so-called processors, to whom personal data may be communicated in order to process your data on our behalf and in accordance with our instructions within the framework of art. 28 GDPR. These service providers have been carefully selected and commissioned by us, are bound by our instructions and are supervised and checked regularly.
Information that we collect and analyse using cookies, are for the purposes described required for the protection of our legitimate interests. The processing is based on the legal basis described in art. 6 para. 1 S. 1 let. f GDPR.
Session cookies are deleted when the browser is closed or the website is left. Other cookies are deleted automatically after 365 days. Most browsers accept cookies automatically. However, you can configure your browser in such a way that no cookies can be saved on your computer or so that you are always asked for permission before cookies are saved. However, the deactivation or rejection of cookies may restrict the functionality of our web offer.
b. Web analysis
The tracking techniques provided below and used by us are carried out based on Art. 6 abs. 1 S. 1 let. f GDPR. With the tracking techniques used we want to ensure an appropriate design of our website. In this sense we use the tracking techniques in order to collect statistical data on the use of our website and for purposes of optimising our offer for you. These interests are to be regarded as legitimate within the meaning of the afore-mentioned regulation.
We use the Open Source software Matomo (formerly known as Piwik) for the statistical analysis of the visitor accesses which allows us to analyse the visitor behaviour and based on this allows an optimisation of our website. Cookies are used for this purpose. The information generated by the cookie concerning the usage of the website will be transmitted to our server. Usage profiles are created using pseudonyms. For this purpose, the information generated by the cookie, such as the pages you visited, the type of browser you are using, the operating system of your computer, the referrer URL (the site visited previously) and an anonymised (shortened) part of your IP address, is transmitted by your computer to our server and stored for usage analysis purposes. Your IP address shall be immediately, that means after processing and prior to storage, anonymised, so that you remain anonymous to us as an individual user. An assignment of the page requests to an identifiable person is thereby excluded. Information generated by the cookie concerning your use of our website is not transferred to other servers and not handed over to a third party.
In no case, the IP address will not be associated with any other data concerning the user. The IP addresses are anonymised, so that an assignment is no longer possible (IP-masking). The cookie will be automatically deleted again after one day.
Deactivation completed! Your visits to this website are no longer tracked by the web analysis.
Please note that also the Matomo deactivation cookie of this website will be deleted, if you remove the cookies placed in your browser. Furthermore, if you use another device or web browser, you have to implement the deactivation procedure again.