Thank you for your interest in our website. The protection of your private sphere is very important to us. Below, we will provide you with detailed information as to how we handle your data.
Information concerning the gathering of personal data
Below, we will provide information concerning the gathering of personal data when using our website. Personal data is all data which relates to you personally, such as name, address, email address, user behaviour.
The responsible body in accordance with Article 4 Paragraph 7 GDPR is Autobus Oberbayern GmbH, Heidemannstraße 220, 80939 Munich, email: firstname.lastname@example.org, Tel: 089323040. You can contact our data protection officer at email@example.com or via our postal address, stating "FAO data protection officer".
You can visit our site without providing information relating to your person. We only save access data which cannot be traced to a person, such as the name of your Internet service provider, the page from which you are visiting us or the name of the requesting file. This data is only used in order to improve our service and do not allow your person to be traced back.
Personal data is only gathered if you provide this voluntarily when you place an order or make a purchase of when opening a customer account.
When you get in touch with us by email or via a contact form, the data provided by you (your email address, if applicable your name and telephone number) are saved by us in order to respond to your queries. The data collected in this process is deleted by us, once the saving is no longer necessary or we restrict the processing should statutory retention obligations exist.
Should we use engaged service providers for individual functions of our service or should we wish to use your data for advertising purposes, we will inform you in detail of the respective processes below. We will also state the set criteria for the duration of the saving.
You have the following rights in relation to us concerning your personal data:
You also have the right to complain to a data protection supervisory authority in relation to the processing of your personal data by us:
The state data protection officer of Bavaria
Dr. Thomas Petri
Telephone: 089/21 26 72-0
Telefax: 089/21 26 72-50
Gathering of personal data when visiting our website
Should the website be only used for information purposes, ie should you not register or otherwise provide us with information, we only gather the personal data which your browser transfers to our server. Should you wish to view our website, we gather the following data which is technically necessary for us in order to display our website to you and to ensure stability and security. The legal basis of this is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR.
This concerns the following data:
In addition to the data referred to above, cookies are also saved on your computer when you use our website. Cookies are small text files which are saved on your hard drive assigned by the browser used by you and by means of which the location which sets the cookie (in this case us) can receive certain information. Cookies cannot run any programs or place viruses on your computer. The purpose of cookies is to make the Internet service more user friendly and more effective as a whole.
This website uses the following types of cookies, the scope and functions of which will be explained below:
a) Temporary cookies are automatically deleted once you close the browser. These include the session cookies in particular. These save a so-called session ID, by means of which various requests of your browser can be assigned to the joint session. By means of this process, your computer can be recognised once again if you return to our website. The session cookies are deleted when you log out or close the browser.
b) Permanent cookies are automatically deleted after a prescribed period of time, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
You can configure your browser setting in accordance with your wishes and you can, for example, reject the acceptance of third party cookies or all cookies. However, we wish to point out that in such a case, you may not be able to use all functions of this website.
The flash cookies which are used are not recorded by your browser, rather by your flash plugin. We also use HTML 5 storage objects, which are deposited on your end device. These objects save the necessary data regardless of the browser which you use and do not have an automatic expiry date. Should you not wish the processing of the flash cookies to take place, you need to install a corresponding add on, for example "Better Privacy" for Mozilla Firefox (https://addons.mozilla.org/de/firefox/addon/betterprivacy/) or the Adobe Flash Killer cookie for Google Chrome. The use of HTML5 storage objects can be prevented by using the private mode in your browser. We would also recommend that you regularly delete your cookies and browser history manually.
Further functions and services of our website
Alongside the use of our website solely for information purposes, we provide various services which you can use if interested. For these services, it is generally necessary for you to provide additional personal data, which we use to provide the respective service and for which the principles relating to data processing stated above apply.
In part, we also use external service providers to process your data. These were carefully selected and engaged by us, are bound by our instructions and are regularly monitored.
In addition, we can pass your personal data on to third parties, should campaign participation, competitions, the conclusion of contracts or similar services be offered by us together with partners. More detailed information can be obtained when you provide your personal data or in the description of the service below.
Should our service providers or partners have their place of business in a country outside of the European Economic Area (EEA), we will inform you of the consequences of this in the description of the service.
Objection to the processing of your data or revocation of consent
Should you have issued your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the lawfulness of the processing of your personal data once you have issued it to us. The lawfulness of the data processing which took place prior to the issuing of the revocation remains unaffected by the revocation.
Should we base the processing of your personal data on a balancing of interests, you can raise an objection to the processing. This is the case in particular if the processing is not necessary in order to fulfil a contract with you, which will be set out by us in the following description of the respective functions. When exercising such a right of revocation, we would kindly request you state the reasons why we should no longer process your personal data. In case of a justified objection by you, we will check the facts and will either suspend or adjust the data processing or inform you of our mandatory protectable reasons why we will continue the processing.
It goes without saying that you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your objection to advertising via the following contact details: Autobus Oberbayern GmbH, Heidemannstraße 220, 80939 Munich, email: firstname.lastname@example.org, Tel: 089323040 or email: email@example.com.
Information on the transfer of data to the USA
Among other things tools of companies based in the USA are integrated into our website. If these tools are active, your personal data may be transferred to the US servers of the company in question. Please note that the USA is not a secure third country in the meaning of EU data protection laws. US companies are obliged to surrender personal data to security authorities, without you as the data subject being able to take action against this procedure through the courts. It therefore cannot be ruled out that US authorities (e.g. intelligence services) may process and evaluate your data located on US servers and store it for long periods of time for the purposes of surveillance. We have no influence on these processing activities.
Our social media appearances
Data processing through social networks
We maintain publicly available profiles in social networks. The individual social networks we use can be found below. Social networks such as Facebook, Twitter etc. can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or banner ads). When you visit our social media pages, numerous data protection-relevant processing operations are triggered. In detail: If you are logged in to your social media account and visit our social media page, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data may also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies stored on your device or by recording your IP address.
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. The analysis processes initiated by the social networks may be based on divergent legal bases to be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 (1) (a) GDPR).
Responsibility and assertion of rights
If you visit one of our social media sites (e.g., Facebook), we, together with the operator of the social media platform, are responsible for the data processing operations triggered during this visit. You can in principle protect your rights (information, correction, deletion, limitation of processing, data portability and complaint) vis-à-vis us as well as vis-à-vis the operator of the respective social media portal (e.g. Facebook).
Please note that despite the shared responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are determined by the company policy of the respective provider.
The data collected directly from us via the social media presence will be deleted from our systems as soon as the purpose for their storage lapses, you ask us to delete it, you revoke your consent to the storage or the purpose for the data storage lapses. Stored cookies remain on your device until you delete them. Mandatory statutory provisions - in particular, retention periods - remain unaffected.
Individual social networks
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. According to Facebook’s statement the collected data will also be transferred to the USA and to other third-party countries.
We have signed an agreement with Facebook on shared responsibility for the processing of data (Controller Addendum). This agreement determines which data processing operations we or Facebook are responsible for when you visit our Facebook Fanpage. This agreement can be viewed at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
You can customize your advertising settings independently in your user account. Click on the following link and log in: https://www.facebook.com/settings?tab=ads.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum and https://de-de.facebook.com/help/566994660333381.
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.facebook.com/legal/EU_data_transfer_addendum, https://help.instagram.com/519522125107875 and https://de-de.facebook.com/help/566994660333381.
We have a LinkedIn profile. The provider is the LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn uses advertising cookies.
If you want to disable LinkedIn advertising cookies, please use the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.linkedin.com/legal/l/dpa und https://www.linkedin.com/legal/l/eu-sccs.
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics allows the website operator to analyze the behavior of website visitors. In this process, the website operator receives various usage data, such as page views, duration of stay, operating systems used, and origin of the user. This data is assigned to the respective user's device. There is no assignment to a user ID.
Furthermore, we can use Google Analytics to record your mouse and scroll movements and clicks, among other things. In addition, Google Analytics uses various modeling approaches to supplement the data records collected and uses machine learning technologies in data analysis.
Google Analytics uses technologies that enable the user to be recognized for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). The information collected by Google about the use of this website is usually transferred to a Google server in the USA and stored there.
The use of this service is based on your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Consent can be revoked at any time.
The data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://privacy.google.com/businesses/controllerterms/mccs/.
You can prevent the collection and processing of your data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en.
Google Analytics E-commerce Measurement
This website uses the "E-commerce Measurement" function of Google Analytics. With the help of E-commerce Measurement, the website operator can analyze the purchasing behavior of website visitors to improve its online marketing campaigns. In this process, information such as the orders placed, average order values, shipping costs, and the time from viewing to purchasing a product are collected. This data can be summarized by Google under a transaction ID that is assigned to the respective user or his/her device.
We use “Google reCAPTCHA” (hereinafter referred to as “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
The purpose of reCAPTCHA is to determine whether data entered on this website (e.g. information entered into a contact form) is being provided by a human user or by an automated program. To determine this, reCAPTCHA analyzes the behavior of the website visitors based on a variety of parameters. This analysis is triggered automatically as soon as the website visitor enters the site. For this analysis, reCAPTCHA evaluates a variety of data (e.g. IP address, time the website visitor spent on the site or cursor movements initiated by the user). The data tracked during such analyses are forwarded to Google.
reCAPTCHA analyses run entirely in the background. Website visitors are not alerted that an analysis is underway.
Data are stored and analyzed on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in the protection of the operator’s websites against abusive automated spying and against SPAM. If a respective declaration of consent has been obtained, the data will be processed exclusively on the basis of Art. 6 Sect. 1 lit. a DGDPR. Any such consent may be revoked at any time.
Use of Userlike
This website uses Userlike, a live chat software provided by Userlike UG. Userlike uses "Cookies", which are text files placed on your computer and that enable having personal chats on this website. The data collected will not be used to identify a visitor personally and it is not aggregated with any personal data of this user.
This website uses so-called social plugins (“Plugins”) of the Facebook social network, operated by the Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). These plugins are recognisable from the Facebook logo or the writing “Soziales Plug-in von Facebook” or “Facebook Social Plugin”. At the following link, you find an overview of the Facebook widgets and their symbols: http://developers.facebook.com/plugins
When accessing a page of our website, which contains such a plugin, your browser establishes a direct connection to the Facebook servers, allowing Facebook to transmit content to your browser, which is then automatically uploaded onto and incorporated into the website.
Through the incorporation of the plugin into the website, Facebook gets the information that our website has been accessed by your browser, even if you do not have a Facebook account or are not logged in to Facebook. This information (including your IP address) is sent by your browser to and stored by Facebook on a server in the USA.
If you are logged into your user account, Facebook is able to assign the visit of our website to your user account. When you interact with such plugins, for example, pressing the “Like” button or writing a comment, this information is also transmitted to the Facebook server and stored there. Facebook will publish this information and display it to your Facebook friends.
Facebook may use this information for advertising and market research purposes as well as to make the Facebook pages more user-friendly. Facebook compiles user, interest and relation profiles, for example to evaluate your use of the website with regard to the advertisements displayed on its pages, inform other Facebook users about your visit of our website and develop further services relating to the use of Facebook.
If you do not want Facebook to be able to assign the information related to our website to your user account, you must log out from your Facebook account before accessing our website.
Collection and Transmission of Information
The Google +1 button allows you to publish information worldwide. Google +1 makes personalised information about Google and our partners available to you and other users. Google will receive and store the information that you have activated the Google +1 button on a webpage as well as information about the website you have accessed when clicking on the Google +1 button. Your Google +1 content may be displayed along with your profile name and photo in Google services, for example research results and your Google profile, or in websites and advertisements that are shown in the internet.
Google records information about your Google +1 activities with the aim to improve its services for the benefit of the users. The use of the Google +1 feature requires a public, worldwide visible Google profile, which must contain at least a profile name. Google uses this name in all its services. In some cases, this name may replace another denomination assigned by the user when splitting the content of the Google +1 account. The identity of your Google profile may be displayed to other users who know your email address or hold other information that allows them to identify you personally.
Use of the collected data
We have embedded widgets and feeds of Twitter in our pages. These features are provided by the Twitter Inc. Company, 1355 Market St, Suite 900, San Francisco, CA 94103, USA. When you use such Twitter widgets, notably the “Re-Tweet“ button, the websites you visit are connected to your Twitter account and displayed to other users. During your visit, data will be transmitted to Twitter.
You can modify the privacy configuration settings of your Twitter account using the following link http://twitter.com/account/.
Data Security Officer
Das Hinweisgeberschutzgesetz (HinSchG) trägt zur Verbesserung der Compliance-Kultur in Unternehmen bei. Es sendet das klare Signal, dass Meldungen von Missständen willkommen sind und geschützt werden. Möchten Sie einen Hinweis abgeben? Dann füllen Sie bitte das unten stehende Formular aus (Vorname und Name sind optional). Wir werden Ihren Hinweis vertraulich prüfen und ggf. weitere Schritte einleiten.