Privacy and confidentiality are not just words to us. We often participate in the public debate about everyone’s right to privacy online. You can rest assured that we deliver secure services and that we safeguard your privacy.
We don’t keep more information about you than is absolutely necessary, and we keep your data safe. We do not sell your information to third parties, and we handle all customer information in accordance with the GDPR (General Data Protection Regulation 2016/679).
Information that can be directly or indirectly linked to a person, such as name, social security number, location data and other data that can identify a person.
Information related to a contract between Bahnhof and the customer, such as name, address details, telephone number and social security number. Customer information is created, for example, when you:
Customer information may also consist of publicly available personal data, for example from a credit reference agency.
Traffic data is created when you use a service. It is technical information needed for our communication systems to work, such as IP address and phone call history.
So traffic data is not the same as the content of the traffic, it is purely technical information.
We only store the data that is necessary for us to deliver our services, provide support and bill correctly.
All personal data is handled carefully and is only stored in our own data centres.
Communications between us and subcontractors are either encrypted or takes place through SSL-secured portals.
Our systems send as little information as possible to external systems and when they do, we anonymise data where possible. Whenever possible, we replace personal data with customer numbers, and use customer service information instead of names or social security numbers.
We always keep the amount of stored information to a minimum. The data is only used for exactly what it is needed for, for example to deliver your service, or to comply with legal requirements.
If you cease to be a customer with us, your information is kept for 24 months.
Otherwise, we delete or anonymise the information as soon as there is no longer a purpose or legal obligation to store it. In some cases, we retain personal information to comply with legal retention periods.
We are obliged to disclose customer information to the police and other authorities in certain cases.
We only disclose customer information to third parties if it is necessary for us to deliver your service. Here are some examples of subcontractors:
If we use a subcontractor whose operations are wholly or partly outside the EU/EEA, we take measures to ensure that your customer information is handled securely and in accordance with applicable laws.
Here are some examples of your rights regarding your customer information:
If you have questions or want to know more about our work with personal data, you can always reach us at firstname.lastname@example.org, for example:
Yes. In accordance with the General Data Protection Regulation (GDPR), we always rely on the so-called legal bases: