HTM handles personal data with utmost care and security at all times. We process information provided by individuals on online forms, such as data for applying for an annual subscription, details related to inquiries, complaints, claims, and found or lost items. To ensure the safety of both passengers and our employees, we utilize surveillance camera footage and, if necessary, body cameras on our vehicles and at stops. This privacy statement outlines how we process personal data and the purposes for which we use it. It is essential to note that HTM complies with the General Data Protection Regulation (GDPR), the Implementation Act GDPR, the Police Data Act (WPG), and the Transport Act (and its Decree) of 2000 in all instances.
HTM provides a portion of its services through apps. For the proper functioning of the app, HTM may request permission during installation to access and process specific personal data. Information regarding how HTM processes passenger data in the app and the purposes for which we use such data is detailed in our "Privacy Statement." The collection and processing of this data through apps are also covered by this privacy statement.
-
What are personal data at HTM?
At HTM, we believe that privacy is a fundamental right and should be protected at all times. For this reason, HTM treats all data related to an identified or identifiable person, or data that can be linked to an individual by HTM, as "personal data." This means that data directly identifying you (such as your name) and data that do not directly identify you but can reasonably be used to identify you (such as the ID number of an OV-chipkaart) are considered personal data. We process data provided by individuals on online forms, including information for applying for an annual subscription and details related to inquiries, complaints, claims, found and lost items. The privacy statement describes how we process personal data and the purposes for which we use it. It is emphasized that HTM adheres to the General Data Protection Regulation (GDPR), the Implementation Act GDPR, the Police Data Act (WPG), and the Transport Act (and its Decree) of 2000 in all cases.
-
What Personal Data does the HTM App collect from you?
Data on the use of the website (htm.nl) and the apps (HTMapp and HTM Fietsapp), along with feedback received from our visitors, help us further develop and improve our website and apps. Click behavior is tracked in the HTM app to enhance the customer experience.
Location Tracking
There is an option to enable location tracking in the HTM app, allowing planning a journey from the current location. Users can adjust these rights as needed.
Notifications (found in the Favorites section)
In the HTM App, you'll find a Favorites section where you can indicate your preferred lines and topics for more information. You can enable or disable this feature yourself.
-
Processing of data for purchasing barcode tickets in the app.
Basis and purposes of processing data for barcode tickets.
Processing data by HTM is necessary to execute the agreement for the purchase and use of the HTM Barcode function during travel.
The purposes for which HTM processes your data to fulfill the agreement include:
• Providing the agreed-upon services;
• Offering customer service for your questions or requests, such as those related to your purchases and trips;
• Sending information regarding the use of the HTM Barcode function and products and services offered through this website;
• Improving service, including inclusion in anonymized and aggregated form in management information and reports;
• Conducting financial administration, audits, and accountant checks.
-
How does HTM protect my personal data?
To optimally protect personal data against unauthorized access or use, HTM employs security technology that meets the requirements set by the GDPR.
-
With whom does HTM share my personal data?
In compliance with laws and regulations, HTM is obligated to cooperate with law enforcement agencies, such as the police, tax authorities, or FIOD, when they request personal data. In such cases, HTM carefully examines the authority of the respective law enforcement agency and, of course, adheres to the requirements set by the GDPR/WPG. HTM may independently provide personal data to the police or judiciary to protect HTM's rights and properties. Additionally, in legal or proceedings before the Disputes Committee Public Transport, data may be used for support. HTM discloses only the necessary data to third parties.
For the proper nationwide handling of (travel) transactions and financial settlement for revenue distribution among public transport companies, HTM shares your (transaction) data and product data with Translink Systems B.V. (Translink). More information can be found in this privacy statement and at https://www.ov-chipkaart.nl/en and https://www.ovpay.nl/nl/.
Furthermore, HTM engages other parties for service execution. These are processors who, on behalf of HTM, may process personal data for HTM. HTM makes specific agreements with these processors regarding the processing of personal data, including security, data retention, confidentiality, and the use of data solely for the specific task assigned by HTM. Examples include payment service providers, collection agencies, cloud and hosting providers, IT service providers, etc. When using the weather service on the HTM app, a pop-up window opens, redirecting you to the Buienalarm environment. You do not return automatically to the HTM App; you must close the Buienalarm window.
By clicking and viewing this weather service, your data is processed by Buienalarm.nl. Refer to their privacy statement: https://www.infoplaza.com/nl/disclaimer-en-privacy
-
Where can I address Privacy-related questions?
Everyone has the right to access their personal data processed by HTM. Upon request, HTM can provide a written overview of personal data known to HTM. For individuals under 16 years, parents or guardians must submit a request. A request can be made via email (gegevensbescherming(at)htm.nl), accompanied by a copy of the identification document (with the BSN number and photo crossed out) and a copy of the OV-chipkaart (with the photo crossed out). You can also submit your request via the Personal Data Form at HTM. If you prefer not to send a copy of your ID, you can identify yourself at the HTM counter with a completed form. They can forward this to gegevensbescherming(at)htm.nl, indicating that your ID has been checked by them. HTM responds within the legal timeframe, even if it cannot fulfill the request. The above email address can also be used for other privacy-related questions. If personal data is incorrect or incomplete, use the above form.
HTM and your personal data
HTM and your personal data
HTM always treats personal data with care. We carefully process the data that people enter in online forms, such as personal data for requesting a yearly travel card and data relating to questions, complaints, claims and lost and found objects. To monitor the safety of you as a traveller and of our employees, we use camera images and in some cases bodycams in our vehicles and at bus and tram stops.
This privacy statement describes how we process your personal data and what we use it for. First and foremost, HTM complies in all cases with the General Data Protection Regulation (GDPR) and the GDPR Implementation Act, the Police Data Act (WPG) and the Passenger Transport Act (and the Decree) 2000.
The processing of personal data for the implementation of police tasks is governed by the Police Data Act. Special Investigation Officers (BOA) employed by HTM must, whenever appropriate, comply with the legal obligations of the Police Data Act and support the police, including in their investigative tasks. This includes data that we collect to investigate criminal offences, maintain public order and/or provide assistance.
In such instances, we may be required to process personal data such as your contact details or camera images.
If you travel without a valid ticket or if you do not comply with the applicable transport conditions in any other way, our BOAs can process your personal data in order to compile a report and impose a fine on you. The personal data that the BOAs process to do this is subject to the Police Data Act.
How do we process personal data?
Personal data is processed for a number of purposes, which we explain below. Personal data is not automatically used for all of these purposes at the same time.
Purposes:
- Implementation of an agreement entered into, such as purchasing and using a yearly travel card and other tickets.
- Information and service: travel information (such as e-mails about maintenance, schedule changes, route changes and disruptions); dealing with questions, requests, complaints, lost and found objects or requests for refunds when using an OV-chipcard/OV-pass and/or debit card; and applications for photo/film and sponsorship requests.
- Public safety: monitoring the safety of travellers/employees in our trams and buses and at stops, including investigating the perpetrators of violence.
- Improving our products: processing data that cannot be traced back to individuals for purposes, such as market research; location tracking for the use of HTM services; management information; analysis; general company strategy; the development of products and services to improve the provision of services; and the implementation of marketing campaigns.
- Combatting fraud: including investigations into the incorrect use of OV-chipcards/debit cards with a HTM travel card/HTM product on them, and the correct use of the 'Money back in case of delay' scheme.
- Financial administration: debtor management (such as calculating, collecting or crediting invoices for travel cards or other travel products and maintaining contact with debtors) and revenue administration.
- Historical and statistical purposes, such as recording the numbers of people entering and leaving our vehicles.
- Compliance with applicable laws and regulations, including the Passenger Transport Act 2000 and tax laws and regulations.
HTM processes personal data on the basis of the following legal principles as stipulated in the GDPR:
- Consent of the person concerned
- Implementation of the agreement • Legitimate (business) interest
- Legal obligation.
How long do we store personal data?
HTM uses different retention periods, always in accordance with the GDPR. The relevant retention periods are specified in the overviews below.
Applications for photo/film and sponsorship requests with personal data are deleted after the request has been processed.
Personal data is protected
HTM has taken measures to protect personal data against loss or unlawful processing. These measures vary from physical measures, such as a burglar alarm and access control, to a wide range of organisational and technical security measures. Random HTM employees or third parties cannot access personal data. Access to your data is only available to authorised employees, and only when necessary for the performance of their work and on the basis of an established authorisation policy.
Providing data to third parties
In accordance with legislation and regulations, HTM is obliged to cooperate with investigative authorities, such as the police, the tax authorities or the Fiscal Information and Investigation Service (FIOD), if they request personal data. In such cases, HTM carefully scrutinises the authority of the relevant investigative agency, and naturally also complies with the requirements as stipulated in the GDPR/Police Data Act under this legal requirement.
HTM may also independently provide personal data to the police or judicial authorities in order to protect its rights and property.
Furthermore, the data may be used as substantive evidence in legal proceedings or proceedings before the Public Transport Disputes Committee. HTM never provides third parties with more information than necessary.
In order to facilitate the efficient nationwide processing of the settlement of (travel) transactions and the financial settlement for revenue distribution between the public transport companies, HTM shares your (transaction) data and product data with Translink Systems B.V. (Translink). For more information, see below in this privacy statement and visit https://www.ov chipkaart.nl/and https://www.ovpay.nl/nl/.
HTM also engages other parties for the provision of services. These are processors who may process personal data at the request of HTM and on behalf of HTM. HTM makes specific agreements with these processors about
the processing of personal data, such as about the protection, retention and confidentiality of data and assurances that data may only be used to implement the specific task assigned by HTM. These processors include payment service providers, collection agencies, cloud and hosting parties, IT service providers, etc.
When you use the weather service on the HTM app, a pop-up window opens. You are then in the environment of the Buienalarm app. You will not automatically return to the HTM app. To do this, you must close the Buienalarm window.
When you click on and view this weather service, your data will be processed by Buienalarm.nl. For more information, see the Buienalarm privacy statement: Disclaimer & Privacy (infoplaza.com)
Your privacy rights
Everybody has the right to inspect the personal data processed by HTM. On request, HTM can provide a written overview of the personal data known to us. For persons under the age of 16, such a request must be submitted by a parent or guardian.
A request can be submitted by e-mail (gegevensbescherming@htm.nl) accompanied by a copy of the person’s identity document (with the BSN number and photograph blocked out) and a copy of the OV-chipcard (with the photograph blocked out). You can also submit your request by filling in the Personal data form at HTM. If you don’t want to send a copy of your ID as specified above, you can also identify yourself at the HTM desk with a completed form. The employees there can then forward the form to gegevensbescherming@htm.nland indicate that your ID has been checked by them.
HTM will respond to the request within the statutory period even if it cannot comply with the request. The above email address can also be used for other questions about privacy.
Is your personal data incorrect or incomplete? Then please use the form above.
In personal accounts in the HTM webshop, you can indicate which information you do or do not wish to receive. Do you think that HTM has not acted correctly with regard to your rights? Then you can report this to the Dutch Data Protection Authority: klacht-melden-bij-de-ap.
The overview below lists the various components for which we also process your data when you use them.
- Privacy OV-chipcard
- Privacy OVpay
- Privacy Information Management
- Privacy HTM website and HTM apps
- Privacy HTM camera surveillance
- Privacy when reporting damage
- Privacy Police Data Act
1. Privacy OV-chipcard
There are two types of OV-chipcard: the personal OV-chipcard and the anonymous OV-chipcard. There is also a once-only OV-chipcard that is valid for a limited period or for a specific journey. This once-only OV-chipcard is also anonymous.
The personal OV-chipcard is a card with a name and passport photograph (the newer cards no longer include a photograph, but inspectors can see the photograph in their hand-held devices while they are checking tickets).
The personal OV-chipcard is used for ‘personal products’ such as a HTM annual travel pass or age discount. Users of a personal OV-chipcard are known to the card issuer, which is Trans Link Systems B.V. (Translink).
Translink processes the personal data of OV-chipcards and related transactions. For more information about Translink's privacy policy, visit the website Privacy - OV-Chipkaart.nl
HTM is not liable for Translink's privacy policy.
HTM, the other carriers and Translink are jointly responsible for processing personal data related to the core processes in the OV-chipcard system. To make this possible, we have entered into a joint cooperation agreement that stipulates the division of roles, responsibilities and arrangements regarding these core processes. Provisions have been made for each core process regarding which data must be processed for an effective and efficient OVchipcard system and who needs that data.
HTM can use your chipcard identification in case of suspected non-payment, fraud prevention, suspected and/or proven fraud. The provision of your OV-chipcard identification means that Trans Link Systems (TLS) provides us with the internal card number (chip ID) that corresponds to the number (engraved ID) that is printed on your card. TLS does not share your name, address, place of residence or other personal data that it processes about you. We have a legitimate interest in doing so as a public transport company.
There is no link between travel card administration at HTM and the travel data at Translink.
Data such as the name, address and place of residence on a personal OV-chipcard with a HTM travel card is processed in the HTM travel card administration. The transaction data (such as check-in/check-out data, location and chip ID) is processed in the OV-chipcard system. The HTM travel card administration is not linked to the OVchipcard system, and HTM can only view data in the OV-chipcard system at your express request or in case of (suspected) fraud with an OV-chipcard, and then only by authorised persons.
This data is accessed through an online portal. Access to this portal is made possible by Translink, who, together with the carriers, takes the role of joint data controller for the purpose of processing this data. Without your permission, the travel details of your trips with other carriers cannot be accessed by HTM.
How long do we store personal data?
We make a distinction between transaction data and data that we use for our travel card administration.
Transaction data (data generated when using the OV-chipcard)
Personal data related to transaction data is never retained for longer than 18 months.
Travel card administration
Personal data (including contact details) that is required to provide a travel card is processed in the travel card administration. The retention period for this data is 7 years, as stipulated the General Tax Act.
See also https://www.ov-chipkaart.nl/en for more background information.
2. Privacy OVpay
The nine Dutch public transport operators1 (‘carriers’) and Translink have jointly introduced a new option for travelling by public transport, namely the purchase of a ticket by checking in and out with your debit card or credit card. We have done this in collaboration with a number of paymentservices. A public transport travel function for the Netherlands has been linked to your debit or credit card by these payment services. You pay for your trips using the bank account linked to your debit card or within the credit limit on your credit card.
When you travel by checking in and out with your debit card or credit card, you and HTM enter into a transport agreement to which the General Terms and Conditions for Urban and Regional Transport and the ‘OVpay conditions for checking in/out with your debit card and credit card’ apply. Your personal data must be processed in order to implement this agreement. This allows you to travel and pay with your debit card or credit card on HTM public transport. HTM and Translink can also provide you with useful services.
Would you rather not that HTM and Translink are able to access the necessary personal data? Then you will not be able to travel and pay with your debit card or credit card, and you will have to purchase a regular ticket. The design of the processes is based on ‘privacy by design’. This means that Translink and the carriers have designed and configured the system in such a way that your privacy as a traveller is protected as much as possible.
Pseudonymisation, re-identification and use of tokens
Immediately after you have checked in, the unique identification number (‘PAN’) of your debit or credit card is pseudonymised. Every debit card or credit card is assigned its own unique number, called a ‘token’. These unique tokens are used for various purposes such as travel, payment, service, inspection and summary reports.
The Generic Back Office (‘GBO’) assigns every carrier its own unique identification number for the tokens. This means that carriers are unable to access information about the travel patterns of trips with other carriers made by a traveller with a debit card or credit card. The GBO is Translink's central administration system, which Translink uses to register tickets for carriers, calculate the price of a trip and keep track of the total amount for which you have travelled that day.
Pseudonymised data cannot be traced back to your debit card or credit card details without using additional information. This pseudonymisation is a measure aimed at reducing the risks for travellers when their personal data is being processed. By combining pseudonymised data with other data, an organisation may be able to find out which debit card or credit card belongs to the pseudonym. This may then make it possible to view the travel history of a debit or credit card.
The carriers and Translink have based their processes on privacy by design and have made agreements together to prevent this risk of re-identification.
- Arriva, Connexxion, EBS, GVB, HTM, Keolis, NS, Qbuzz and RET. See ovpay.nl/en for the most up-to-date overview.
- Maestro, Mastercard, VPAY and VISA. See ovpay.nl for the most up-to-date overview.
Terms
Because travelling with your debit card or credit card is new, we may use terms that you are not (yet) familiar with. For the sake of convenience, we list these terms and their meanings here.
General terms and conditions for urban and regional transport: the general terms and conditions for the use of public urban and regional transport by bus, tram, light rail, metro and regional public transport by train.
App: a mobile application developed and supplied by a carrier individually or carriers and Translink jointly (bearing the name OVpay) which travellers with a debit card or credit card can use to create and view their online account, link the debit card or credit card to it, and in this way conveniently view travel transactions and payments, and submit service requests. The use of an app is subject to the terms of use of the relevant app.
AVR-NS: the conditions of carriage of NS (the General Conditions for the Transport of Passengers and Hand Luggage by the Dutch Railways).
Bank: a financial institution which offers payment services and at which the bank account is held, which is linked to the debit card of the traveller that is used on public transport.
Debit card: a contactless card issued by the bank for payment (physical or virtual on a smart device) that the user can use to pay for public transport by checking in and out using the appropriate card reader at the station, at the stop or in the vehicle.
Credit card: a contactless credit card issued by the credit card company which you as a traveller can use to pay for public transport.
Credit card company: a financial institution that offers payment services and that has issued the credit card to you.
Generic Back Office (GBO): Translink's digital back office where, among other things, tickets are registered, fares are calculated and the daily total of journeys and trips is kept.
Joint data controller: When two or more data controllers jointly determine the purposes and means of the processing, they are joint data controllers as referred to the GDPR.
Payment Card Industry Data Security Standard (PCI DSS): an information security standard for organisations that work with the debit cards or credit cards in the card schemes.
Personal data: all information about an identified or identifiable natural person as referred to in the GDPR. Pseudonymisation: the processing of personal data in such a way that the personal data can no longer be linked to a traveller without additional data being used, provided that this additional data is kept separately and that technical and organisational measures have been taken to ensure that the personal data will not be linked to an identified or identifiable traveller as referred to in the GDPR.
Travel day: the period starting at 00:00 and ending the next day at 03:05 am.
Reference number: a code consisting of a combination of a total of fourteen letters and numbers, which is unique for each payment. This code is linked to the amount that is debited from your bank account or credit limit.
Technical debit card or credit card data: this technical data consists of the numbers of the debit card or credit card, namely the PAN, the PAN sequence number and the validity date of the debit card or credit card. The PAN is a unique debit or credit card identification number. The PAN serial number is located in the chip of the debit card or credit card and is not visible.
Translink: Trans Link Systems B.V. with its registered office and principal place of business in Amersfoort.
Ticket: the ticket that gives valid access to the train, bus, tram and metro and that is purchased by the traveller by checking in with HTM before every trip with the debit card or credit card that is used for travel. A ticket is only valid if all requirements stipulated in the General terms and conditions of urban and regional transport (for travel with city or regional transport companies) or the AVR-NS (if travelling with NS) are complied with.
Carrier(s): the Dutch public transport companies listed on the ovpay.nl website.
Processing: an operation or set of operations relating to personal data or a set of personal data, whether or not implemented by means of automated processes as referred to in the GDPR.
Processor: a natural or legal person, a public authority, an agency or another body that processes personal data on behalf of the data controller as referred to in the GDPR.
Data controller: a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data as referred to in the GDPR.
2.1. How does travelling and paying with a debit card or credit card work?
A. Travelling
When you check in with your debit card or credit card, the card reader reads the technical data on the card. We check whether it is possible to travel with the debit card or credit card and link it
back to you through the card reader. This presentation of a debit card or credit card to a card reader is called a ‘tap’.
If you can travel with the debit card or credit card, personal data will be sent to the GBO at Translink from the card readers of the carrier you are travelling with when you check in and out. In addition to the technical debit card or credit card details, this also includes the date, time and stop or station at which you checked in or out. This information is used to compile your journey and calculate the fare.
Travelling for the first time with your debit card or credit card
The first time you check in with your debit card or credit card, an automatic check will be carried out to determine whether a public transport travel function in the Netherlands is linked to your debit card or credit card. This also takes place if you have not travelled with that particular debit card or credit card for a period of 14 days and you then check in again.
The GBO also checks with the bank or credit card company to find out whether your debit card or credit card has been blocked. If this is the case, the public transport travel function of your debit card or credit card will be (temporarily) blocked and you will be unable to travel with it. This decision is made by the bank or credit card company. The carriers and Translink cannot change this.
Travelling with your debit card or credit card
Every time you check in with your debit card or credit card, Translink’s list of alerts is automatically checked to ensure that the debit card or credit card has not been (temporarily) blocked. This list is managed in the GBO and distributed to carriers. A debit card or credit card is added to this list by Translink when:
- it is found that your debit card or credit card being used on public transport is on a list of alerts of the bank or credit card company – for example, because it is registered as stolen or missing;
- the debit card or credit card amount for the use of public transport has not been paid – for example, because you did not have sufficient balance or credit limit on your bank account or credit card at the time of settlement.
B. Payment
The fare for the trips you make is calculated in the GBO based on when and where you checked in and out with your debit card or credit card. On the night after the travel day on which you travelled, the amount due for all trips you made on that one travel day will be presented to the bank or credit card company in a single batch. Translink provides the bank or credit card company with the technical debit card or credit card details and the reference number to process the payment.
After a successful payment, you will see the amount that has been debited on your (digital) account statement and you will receive your unique reference number for every day that you travel. A reference number is preceded by the letters ‘NLOV’. You can view the digital account statement by logging in to your secure banking environment.
Notwithstanding the above, payment will be made during the travel day instead of after it, if the amount of fares
due exceeds a threshold amount to be determined by the carriers. The fares due are then immediately debited from your bank account or credit limit. After a successful payment, the trips you made as a traveller will be charged at the end of the travel day, unless the threshold amount had been reached again before then.
Summary reports
Translink records all check-ins and check-outs in the GBO, is responsible for the trip reconstruction and determines the fare price. Translink, together with the financial institution EMS and your bank or credit card company, settles the payment for the trips you make with your debit card or credit card. Translink also ensures that HTM and the other carriers receive all payments for the trips made every day.
All of the carriers receive daily summary reports from Translink in order to check the accuracy of their own payments. This concerns reports on transactions (such as check-in or check-out), travel (combining check-in with check-out) and payments in the domain of the relevant carrier.
An unsuccessful payment
When a payment is unsuccessful – for example, because the balance or available funds are too low – we will temporarily block the travel function linked to the debit card or credit card. You will then no longer be able to travel with your debit card or credit card until the outstanding amount has been paid.
Within a period of 62 calendar days, the GBO will issue repeat payment requests to debit the amount due from your account or credit limit. When the payment is successful, the (temporary) blockage is lifted.
As a traveller, you can also pay the outstanding amount yourself, both during this period and afterwards. You do this by presenting your debit card or credit card to a card reader. A payment request is then made to your bank or credit card company through the GBO. When the payment is successful, approximately 15 minutes later you can travel again with your debit card or credit card.
(Temporary) blocking of travel function
You can check the (temporary) blocking of the travel function of a debit card or credit card by presenting your card to a carrier’s card reader and reading the message on the display or by contacting OVpay customer service.
Ofcourse you can always use another ticket to travel by public transport when the travel function of the debit card or credit card is blocked.
C. Service
We understand that you may have questions about a trip, the costs charged or a missed check-in or check-out, for example. Or perhaps you want information about all your trips in the past period(s). This can be done by viewing and requesting (parts of) your trips in the app or through HTM customer service by entering a reference number and the corresponding amount. You can also view and request (parts of) your trips through the OVpay website, OVpay app and OVpay customer service.
In order to obtain assistance, you will need to enter the reference number in combination with the corresponding amount on your bank statement. This is because we do not have your debit card or credit card number and we cannot search for your IBAN.
The reference number is created uniquely for every payment made with your debit card or credit card. On your (digital) account statement, you receive your unique reference number for the trips associated with that one payment (usually linked to one travel day). This means that if you share this reference number and the corresponding amount with another person or organisation, that person or organisation can access information about the trips you have made.
App and website
In both the HTM app and the OVpay app, it is possible to link your debit card or credit card to the app. To do this, you first need to create an account with a password you choose yourself. By then entering a reference number and the corresponding amount in the OVpay app, you can view all the travel history of the journeys you made with HTM over the past 18 months. In your online account, you can see whether you have checked in and out, view the fare for trips made and your payments, the payment status and whether your debit card or credit card has been blocked.
In the OVpay app, you can view all the travel history of the journeys you made with your debit card or credit card on all public transport over the past 18 months. In the account environment of a carrier (web or app), you can only view the journeys made with that carrier with your debit card or credit card, including those from the past 18 months. You can also define a setting in the OVpay app so that you receive notifications when checking in and out. On the ovpay.nl website, when you enter a reference number and corresponding amount you can only view the trips you have made that match that specific payment.
Customer service
If you have any questions about travelling with a debit card or credit card, the customer service representatives of HTM and OVpay would be happy to answer them for you. The customer service representatives do not have access to your debit card or credit card details or your payment account details.
Service representatives will always explicitly ask for your data if they need it to answer your questions. Depending on the questions you ask the customer service representatives, they may ask you for your reference number and the corresponding debit amount.
Cross service
The carriers and Translink have made mutual agreements so that HTM can also help you with questions about trips with other carriers. They have agreed that you can contact the customer service of every carrier with questions about all the trips and transactions you made in the past 62 days. For questions about a missed check-in or check-out, you can contact the OVpay customer service. Depending on the questions you ask the OVpay customer service representatives, they may ask for your reference number and the related debit amount.
D. Inspection
Everybody who uses public transport must have a valid ticket. When you check in with your debit card or credit card, your ticket is immediately linked to that debit card or credit card by means of a digital registration in the GBO. Special investigating officers (BOAs) regularly check that travellers on trams and buses and at stops and stations have a valid ticket. When a BOA is checking your ticket, you must hold your debit card or credit card against the BOA's card reader. The technical data of your debit card or credit card is then read and used in accordance with PCI DSS.
If the BOA wants to grant you leniency and/or provide you with service, he/she will ask you separately for your permission. The BOA can then view on his/her device the last 10 times you used your debit card or credit card on public transport (up to a maximum of 62 days ago). This data is displayed on the device for a maximum of five minutes or disappears when another debit card or credit card is held against the card reader.
E. Information Management
Translink and the public transport companies want to ensure that public transport is as efficient and effective as possible. That’s why the public transport companies and Translink have an interest in understanding more about the travel patterns of travellers. This insight is also important for third parties – for example, government
organisations that are tasked with (public) transport and are committed to improving services for travellers. We gain this insight by conducting statistical research. Translink and the public transport companies have jointly decided which personal data may be used to gain this insight and how that personal data may be used. We also call this Information Management. These arrangements have been set down in a cooperation agreement between the public transport companies and Translink. The public transport companies and Translink are jointly responsible for processing personal data for the purpose of Information Management. For more information about Information Management, see below in this Privacy Statement.
2.2. Legal basis of data processing
When you check in and out with your debit card or credit card at HTM, your personal data is processed on the legal basis of an agreement. This is the transport agreement to which the General Terms and Conditions for Urban and Regional Transport and the ‘OVpay Conditions for checking in/out with your debit card and credit card’ apply.
The provision of cross service (see cross service above) is based on the legitimate interests of the carriers and Translink. The carriers and Translink want your questions to be answered as correctly and as efficiently as possible by one helpdesk rather than multiple helpdesks. It is in the interest of both you as a traveller and the carriers and Translink that we can handle your questions about travelling with multiple carriers correctly and efficiently. Our service representatives can only access the data that they require to answer your questions. Your permission is legally required to set notifications in the OVpay app when checking in and out.
2.3. Who are the data controllers? Which personal data do we use?
Your personal data is processed by: HTM and Translink. HTM, the other carriers and Translink are jointly responsible for processing personal data related to travelling with your debit card or credit card. The arrangements for this are recorded in a cooperation agreement between the carriers and Translink. The joint data controller relates to the following processes and the corresponding personal data.
Process | Purpose | Personal data | Retention period |
Taps
Legal basis: implementation of the agreement | Status check of debit card and validation of the tap | Technical debit card details (PAN, PAN serial number and validity date) Tap data | Maximum 24 hours |
Processing taps (transaction processing)
Legal basis: implementation of the agreement |
and the fare price can be determined | Technical debit card details (PAN, PAN serial number and validity date) Pseudonymisation tokens derived from technical debit card details; travel transaction data | 18 months |
Central traveller support (self-service) – without service account
Legal basis: implementation of the agreement |
OVpay customer service | Reference number, Payment transaction data, Outstanding debt Travel transaction data (such as check-in/check-out, date/time, location, type of transport, trip and prices per trip) | Until service is provided, no data remains on the website |
|
|
|
|
Central traveller support (self-service) – with service account
Legal basis: implementation of the agreement | Provide the parties concerned with an insight into travel transactions, payment transactions and outstanding debt using the OVpay app Facilitate the missed check-out process using the OVpay app | Username and password 2FA) Reference number, Payment transaction data, Outstanding debt, Travel transaction data | Until a service is provided, no data remains in the app |
Local traveller support (self-service) – with a service account with a public transport company
Legal basis: implementation of the agreement | Provide parties concerned with insight into the following using the public transport company's website/app:
i) travel and payment transactions for the relevant public transport company (transactions over the past 18 months) ii) outstanding debt and the underlying transactions (where relevant) with other public transport companies | Reference number, Payment transaction data, Outstanding debt, Travel transaction data | Until a service has been provided, no data remains on the website/in the app |
Local traveller support service through customer service – cross service
Legal basis: legitimate interests of carriers and Translink | Inform parties concerned through the public transport company’s customer service (desk or telephone) about: Outstanding debt
Travel and payment transactions with the relevant public transport company (over the past 18 months) Travel and payment transactions with other public transport companies (cross service) in the past 62 days | Reference number, Payment transaction data, Outstanding debt, Travel transaction data | Until a service has been provided, the public transport company customer service can only view transaction data |
Inspection/check ticket validity
Legal basis: implementation of the agreement | Check whether a traveller has a valid electronic ticket while using public transport (based on check-in/checkout with debit card, by querying the Generic Back Office); check whether the traveller has checked out; check the last ten transactions on public transport with the same payment card to determine follow-up action by the public transport company | Technical debit card details (PAN, PAN serial number and validity date) Pseudonymisation tokens, Travel transaction data | Data is automatically deleted as soon as the inspection device receives the response that the debit card was/was not used to enter/exit and 5 minutes passed or a subsequent debit card was presented for inspection or when the inspection (app) was closed
|
Mobile service provided to traveller
Legal basis: consent | In response to a request by a traveller, the inspector can scan the debit card to obtain information about the last ten travel transactions on public transport with the same debit card | Technical debit card details (PAN, PAN serial number and validity date), Pseudonymisation tokens, Travel transaction data | Data is automatically deleted as soon as the inspection device receives the response that the debit card was/was not used to enter/exit and 5 minutes passed or a subsequent debit card was presented for inspection or when the inspection (app) was closed
|
2.4. With whom do we share your data?
HTM, the other carriers and Translink use the services of processors, for which we always make written agreements with external parties (such as IT suppliers) who process personal data on our behalf. We do this by entering into a
‘processingagreement’ in which, among other things, we make arrangements about the security of your personal data and about the use of that personal data.
Translink uses the services of EMS (www.emspay.nl) to process the payment with your bank or credit card company. To do this, Translink provides the technical debit card or credit card details and the reference number. EMS processes this data in its capacity as a data controller.
In some cases, the carriers and Translink are also obliged by the legislation and regulations to provide your data to third parties – for example, in the event of a criminal prosecution.
2.5. Security of personal data
HTM, the other carriers and Translink protect your personal data against unauthorised access, loss and theft, amongst other things. HTM, the other carriers and Translink all have a policy to arrange payment with the debit card or credit card on public transport in such a way that an appropriate security level automatically applies.
The carriers and Translink use PCI DSS to protect debit card or credit card data. This is an international security standard that has been drawn up by banks and credit card companies. The standard is aimed at protecting payment card data and preventing misuse of card data, and therefore damages.
Your technical debit card or credit card details are always pseudonymised when processed in HTM's card readers and in Translink's GBO.
2.6. Automated decision making
In two cases decisions are made automatically: when a fare is still owed and when a debit card or credit card is blocked by a bank or credit card company.
Fare still owed
As a traveller, you must always pay the fare that is due. When your bank or credit card company is unable to process your payment, the travel function of the debit card or credit card will be automatically blocked (temporarily). You can still check out for a trip, but you cannot check in (again) for a trip.
When the travel function of the debit card or credit card is blocked due to insufficient funds or credit limit, you will only be able to check in with this debit card or credit card again after your debt has been paid. Within a period of 62 calendar days, several attempts will be made to debit the amount due from your account or credit limit. You can also do this yourself by presenting your debit card or credit card to the card reader of a carrier. While check-in will be refused (and you will see an error message on the display), a new attempt will then be made again to debit the amount from your account. If that works, you can check in again after around 15 minutes and continue on your journey.
You can object to this automated decision that automatically blocks your debit card or credit card is (temporarily). This can be done through OVpay customer service. The customer service will then assess why your debit card or credit card has been blocked and will unblock it if there is reason to do so.
Debit card or credit card blocked by a bank or credit card company
If a debit card or credit card used on public transport has been recorded as stolen or missing by a bank or credit card company, or if there is another reason why this card has been (temporarily) blocked by the bank or credit card company, the travel function of the debit card or credit card will also be automatically blocked (temporarily).
This is also laid down in the general terms and conditions for the use of your debit card or credit card that you have agreed with your bank or credit card company.
The carriers and Translink cannot do anything about this (temporary) blocking. If you have any questions about this, please contact your bank or credit card company.
2.7. Point of contact for questions or exercising your rights regarding travelling with a debit card or credit card Questions
If you have any questions about the processing of your personal data in relation to travelling with a debit card or credit card, you can get in touch with the points of contact at HTM and Translink.
In principle, HTM and Translink can only answer specific questions by using the features of your debit card or credit card. If you have created an account in an app, have had your debit card or credit card linked to this account and have entered your details, HTM or Translink can also help you with these details. Before you can access information about your trips, you have to provide the reference number and related amount.
For general questions about trips with a debit card or credit card, contact OVpay customer service on telephone number 0900-1433 or use the contact form at Frequently asked questions | OVpay
For more information about how HTM or Translink handle your personal data, contact the data protection officer of either organisation:
For HTM: gegevensbescherming@htm.nl, for Translink: fg@translink.nl
2.8. Exercising your rights
If you wish to exercise your rights, you can make this known using the form Personal data at HTM – rights of data subjects , through the OVpay customer service or data protection officer of HTM or Translink (see the contact details above).
3. Privacy Information Management
What do we use your data for?
HTM, the other public transport companies and Translink want to ensure that the public transport system runs as efficiently and effectively as possible. That’s why the public transport companies and Translink have an interest in understanding more about the travel patterns of travellers.
This insight is also important for third parties – for example, government organisations that are tasked with (public) transport and are committed to improving services for travellers. We gain this insight by conducting statistical research. HTM, the other public transport companies and Translink (together ‘we’, ‘us’ or ‘our’) have jointly decided which personal data may be used to gain this insight and how that data may be used. We also call this Information Management. These arrangements have been set down in a cooperation agreement between the public transport companies and Translink.
The public transport companies and Translink are jointly responsible for processing personal data for the purpose of Information Management.
Which personal data do we use?
We only use what is called ‘transaction data’ to conduct statistical research into the travel patterns of travellers. When we process your customer data, such as your name or date of birth, we do not use that data for statistical research. Below you can read which personal data we process for statistical research when you travel with an OVchipcard, debit card or other ticket.
We only use what is called ‘transaction data’ to conduct statistical research into the travel patterns of travellers. When we process your customer data, such as your name or date of birth, we do not use that data for statistical research. Below you can read which personal data we process for statistical research when you travel with an OVchipcard, debit card or other ticket. According to the privacy legislation, we are permitted use transaction data for statistical research because this is necessary for our legitimate interest and the legitimate interest of third parties such as government organisations. The legitimate interest is to optimise public transport and to improve the services provided to travellers.
OV-chipcard
Transaction data is created when you check in and out with a transport company with your OV-chipcard. This information is used to process your travel transactions. The transaction data is read using your card’s the chip ID.
You can find the transaction details in the transaction overview of your OV-chipcard (at Mijn OV-chipkaart.nl). We store the transaction data for statistical research in a separate database at Translink. Before we store the data there, we ensure that the data is pseudonymised. During this pseudonymisation process, the identifying characteristics in the data are encrypted. This means that the data cannot be traced back to a person without the use of additional information. After the data has been pseudonymised, Translink creates research files on behalf of public transport companies. This involves a set of statistical data. Translink or other specialised companies can use these aggregated, statistical research files to create information products. These research files and information products do not contain any personal data.
Debit card
Transaction data is generated when you check in and out with a transport company using a payment card. This
information is used to process your travel transactions. You can find the transaction data with your debit card in the OVpay app. If you do not use the OVpay app, you can view the transaction data with your payment card on the OVpay website. Here you can enter the ‘service reference ID’ that is specified on your bank statement for public transport trips.
We store the transaction data for statistical research in a separate database at Translink. The transaction data with a debit card cannot be traced back to a particular person without the use of additional information. We commission the creation of research files under the management of Translink. This involves a set of statistical data. Translink or other specialised companies can use these aggregated, statistical research files to create information products. These research files and information products do not contain any personal data.
Central point of contact
We have set up a central point of contact where you can ask questions about the way your data is processed in order to create research files and information products. You can contact us at privacy@ov-chipkaart.nl; here you can also submit a request to exercise your GDPR rights.
If you do not want us to use your transaction data for statistical research into travel patterns, you can indicate this by sending an e-mail to privacy@ov-chipkaart.nl. You can apply for the form by sending an e-mail to privacy@ovchipkaart.nl.
With whom do we share data?
HTM, the other public transport companies and Translink employ the services of processors. We always make written agreements with processors by entering into a ‘processing agreement’ in which we make arrangements about the security and use of your personal data. Pseudonymisation makes it more difficult to link the data to individuals.
Translink or other specialised companies can use the research files to create information products. In this way they can identify trends in passenger flows, for example, which can then be used to determine where new public transport routes should be located. We may pass on these types of information products to government agencies or third parties in the field of (public) transport that are tasked with improving services to travellers. The information products do not contain any personal data.
We do not pass on your personal data for this purpose to legal entities or persons outside the European Economic Area.
For how long do we store your data?
We store the transaction data and the pseudonymised transaction data for a maximum of 18 months after your trip.
See also: Data analysis (translink.nl) for more background information.
4. Privacy of HTM website and apps
Data about the use of the HTM website (htm.nl), the apps (HTMapp and HTM Fietsapp) and the feedback we receive from our visitors helps us to further develop and improve our website and apps.
4.1. HTM Website Click behaviour
General statistical information about the use of our website is stored on our website. This information is used to find out how many people visit the HTM website, how much time they spend on the website, which pages are visited the most, which information is downloaded the most, etc. In this way, we can optimise the design of the website so that we can further improve our services on the website – for example, to provide our customers with more targeted information.
Personal data is never recorded through the internet without the explicit instructions or consent of users – for example, when they are requesting information.
Use of cookies
Visitor data is recorded on the website to measure visitors’ interest in the various site components. This enables HTM to adapt the website to the interests and experiences of visitors, while making access to and use of the website easier. HTM uses temporary cookies to do this. A cookie is a small file that is stored on your computer’s hard drive. Cookies do not contain any personal data. Cookies can be disabled in every web browser (Chrome, Internet Explorer, Safari and Firefox). All the pages on our website are still readable but there may be a drop in functionality.
Google Analytics
We use the Google Analytics pixel but make sure that the information that it measures is rendered completely anonymous. The IP address is automatically anonymised and this information is never shared with third parties, including Google itself. We do not create profiles based on user behaviour for marketing purposes nor do we track data across multiple devices. The cookie that is placed on your device expires when the session ends.
HTM webshop
The HTM webshop registers personal data for which the user has granted permission. This includes data such as contact details, date of birth (for certain travel products), payment details, debtor details, travel product details and the card details of your OV-chipcard/debit card. If desired – and provided the user enters the required information – an overview of your travel products and OV-chipcards is available on this part of our website. You can delete your account details yourself in the HTM webshop.
4.2. HTM app(s)
HTM offers some of its services by means of apps. To ensure that the app functions properly, HTM may request permission to access and process certain personal data while the app is being installed. The collection and processing of this data via the apps is also covered by this privacy statement.
HTM does not track click behaviour and/or store cookies in the HTM app.
GPS positioning
There is an option to activate GPS positioning in the HTM app. You are then granting permission to plan a trip from the location in question. The rights can be changed again by you the user.
Notifications (in the Favourites section)
The HTM app includes a Favourites section. Here you can specify your favourite transport lines and any subjects about which you wish to receive more information. You can switch this function on and off yourself.
Purchasing barcode tickets in the app
The app includes the option to purchase and pay for barcode tickets.
HTM uses third-party processors to process barcode tickets. To ensure that your personal data is treated confidentially, HTM has entered into a processing agreement with these third parties.
Tapconnect is HTM's mobile ticketing supplier, while Buckaroo is HTM's payment platform and in that capacity is a processor for HTM.
After payment to Buckaroo, you receive an overview of the tickets you have purchased in the HTM app under the heading Tickets. Please note that if you delete and reinstall the app, the ticket will no longer be valid or visible. You need to activate the 2-hour card before use. The day ticket is valid straight away.
Legal basis and purposes of data processing for barcode tickets
HTM must process your data in order to implement the agreement with you for the purchase and use of the HTM barcode feature while travelling. As part of the agreement, HTM processes your data in order to:
- provide the agreed services
- provide customer service in response to your questions or requests – for example, for
- your purchases and trips
- send information about the use of the HTM barcode function and
- the products and services offered through this website
- improve services, which also includes recording information in
- anonymised and aggregated format in management information and reports
- maintain financial record-keeping and conduct
- audits.
4.3. Social media (Facebook and X (formerly Twitter) also accessible using the HTM app and HTM website) The website contains buttons to promote (‘Like’) or share (Direct Message, DM, ‘Tweet’) web pages on social networks such as Facebook and X (formerly Twitter). These buttons work by means of pieces of code that come from Facebook or X. This code is used to place cookies. HTM has no influence over this process. Read the privacy statement of Facebook or X (which may change regularly) to find out how they process (personal) data using these cookies.
4.4. Technical security
HTM uses security technology in order to optimally protect personal data against unauthorised access or use. This security complies with the requirements of the GDPR.
4.5. Privacy policy of third parties
The website contains links to websites of other organisations, such as ov-chipkaart.nl and denhaag.com. HTM is not responsible for the way these parties use personal data.
4.6. Contact and questions
Questions about our cookie consent or changes to details are handled by our customer service. We make sure that the information is changed within one month.
5. Privacy and HTM camera surveillance
One of the measures that HTM takes to improve the safety of our travellers is to carry out surveillance, which includes the use of cameras. This is an important tool for investigating and prosecuting criminal offences and unlawful acts. This camera surveillance increases not only your safety but also the safety of our property and employees. The camera images are also used to investigate and reconstruct accidents. Wherever camera surveillance is being used, this is indicated by means of images on stickers.
Camera surveillance in trams, buses and at stops
There are cameras in and on all HTM trams and buses. This camera surveillance in the trams and buses is intended to increase the safety of employees and travellers and to protect HTM's property. The camera surveillance at the stops is intended to increase public safety at the stops and to prevent unwanted or unsafe behaviour by travellers.
We use the recordings (image and sound) to investigate and prosecute people who have committed a criminal offence or an unlawful act. The recordings can also be used in the event of injury, material or immaterial damage as a result of a criminal offence or unlawful act, and to provide training to employees working in camera surveillance.
The camera images are viewed live by employees who are specifically authorised to do so and have a confidentiality obligation. This takes place in an area that is not accessible to other employees.
Bodycam Some BOA inspectors wear a bodycam. These bodycams are aimed at increasing the public safety of employees and travellers and protecting HTM property. We use the bodycam recordings to trace and prosecute people who have committed a criminal offence or an unlawful act. The recordings can also be used in the event of injury, material or immaterial damage as a result of a criminal offence or unlawful act, and to provide training to employees working in camera surveillance.
The camera images are viewed by employees who are specifically authorised to do so and have a duty of confidentiality. This takes place in an area that is not accessible to other employees.
The camera images are used to:
- Protect people against crime, nuisance and accidents;
- Protect stops, buildings, garages, grounds, yards, vehicles, platforms and all the items they contain against theft, burglaries, vandalism and the like;
- Support the emergency services in case of emergencies;
- Conduct crowd control at events and at peak times;
- Serve as evidence when a crime is reported to the police;
- Support a criminal investigation by the police based on advanced images;
- Support investigations by the Safety Department after incidents; • Register damage.
We also use camera images to train employees who are tasked with processing camera images. Camera images are also used to investigate and reconstruct an accident.
Which personal data is processed?
Cameras capture images on which persons (and sometimes sound) are recorded. When
incidents occur, we can then act quickly to detect and prosecute criminal offences and unlawful acts. The camera recordings are only procured, viewed (and, where necessary, listened to and saved) if an incident has occurred.
Only employees authorised by HTM management are permitted to view the images (and listen to the sound). This takes place in an area that is not accessible to other employees. If the camera images are useful for a criminal investigation and/or prosecution, only authorised employees are allowed to secure those camera images. The employees concerned have a confidentiality obligation.
Working method in the event of a (possible) incident
If there is an incident that may require follow-up (such as reporting it to the police), we immediately make a note of the time. The recordings around the noted time are then viewed and listened to as soon as possible. If HTM decides to report the incident to the police, HTM will provide the recordings to the police as (supporting) evidence. In addition, on request the recordings can also be made available to the law enforcement agency within the legal frameworks.
Legal basis and objectives of processing camera images
The legal basis on which HTM processes camera images is a legitimate interest or compliance with a legal obligation. Without camera images, it is not possible to investigate incidents later or to guarantee the safety of our travellers and employees. We believe that this interest outweighs any infringement of the privacy of a traveller or employee. In addition, we take safeguards to protect your privacy: we store all images securely and ensure that only authorised employees have access to the images.
How long do we keep the data?
We keep the recordings from the vehicles and bodycams for a maximum of 24 hours if no incident has taken place. Camera images of stops are kept for a maximum of 72 hours if no incidents have been reported. Camera images of the stops at the Central Station and Hollands Spoor locations are kept for 28 days.
With whom do we share the personal data?
If there has been an incident that we want to report to the police and we expect the images to provide (supporting) evidence, then we view the camera images as soon as possible. In addition, we must also make the camera images available to the (investigating) agencies within the legal frameworks if they request them on the basis of legal authority. This includes the police, the General Intelligence and Security Service (AIVD), Inspectorate SZW, the Human Environment and Transport Inspectorate (ILT), insurance companies and lawyers and the judicial authorities in the case of legal proceedings. For cases involving claims, camera images are made available to the insurers who handle claims for RET.
6. Damage, investigation and recovery
HTM does everything in its power to convey travellers to their destinations as safely as possible and to ensure a safe working environment. Unfortunately, incidents occur that result in personal injury or damage to equipment or the property of HTM or others.
What do we use the personal data for?
HTM uses personal data to investigate the circumstances and consequences of an incident – for example, to determine the cause of the incident and identify the liable party, draw up witness statements, test the legality of a claim and determine the extent of the damage. The investigation results can also be used to take measures that can help prevent future incidents.
Which personal data is processed?
The contact details of claimants, witnesses, experts, representatives, claims handlers, lawyers and other parties concerned. In addition, travel data, camera images and licence plate numbers can be processed or, in the event of personal injury, medical, personal and financial data. Only employees involved in handling claims have access to this data. The data is stored in separate systems to which an authorisation policy applies.
Legal basis of processing
The basis on which personal data is processed in the context of handling and preventing claims is HTM's legitimate interest and/or your permission for the use of your personal data. Without data it is not possible to investigate incidents, handle claims or prevent further claims. This is also in the interest of the person who has been adversely affected by the incident. HTM has a business interest in dealing with claims properly: to represent its financial interests in the best possible way, to provide the insurance company with information and to prevent future incidents as much as possible. We believe that this interest outweighs any infringement of the privacy of persons involved in the incident. In addition, we take safeguards to protect your privacy. We store all data securely and only employees involved in handling claims have access to the data.
How long do we keep the data?
The retention period is 10 years for damage to material items and 30 years for personal injury.
With whom do we share the personal data?
The personal data in a claim file is only shared with the parties involved in handling the claim, such as accident experts, medical experts, damage assessment agencies, lawyers, insurance companies and the authorities to which a dispute has been submitted in the context of the dealing with the claim.
7. Implementation of the Police Data Act
HTM employs special investigating officers (‘BOAs’) to maintain public safety in and around the public transport system.
What do BOAs do?
Among other things, BOAs check at stations and in vehicles whether travellers have a valid ticket. BOAs also monitor public order and compliance with legal provisions, travel regulations and the conditions of transport. BOAs take enforcement action in the event of violations.
When a BOA processes personal data for the performance of his/her police duties (such as investigating criminal offences and maintaining public order), the Police Data Act and not the GDPR applies. This also means that BOAs are no longer processing personal data but rather police data. Like the GDPR, the Police Data Act stipulates requirements for the processing of police data.
For what purpose do we process personal data in the context of the Police Data Act?
We process police data under the Police Data Act for various purposes. These purposes are stipulated in Article 8 of the Police Data Act.
This includes:
- Filing an official report if a passenger has committed a criminal offence or is travelling without a valid ticket (fare evasion).
- Handling, administering and financially settling payments related to official reports, such as agreeing to objections, applying the leniency scheme, applying reductions and repayment schedules.
Which personal data is processed in the context of the Police Data Act?
When apprehending travellers and/or filing an official report, we collect contact details, the place and date of birth, a description of the criminal offence with the time and place, the Citizen Service Number (BSN) and the ID type and number. We also collect financial data when a fine must be paid for fare evasion and/or when drawing up a repayment schedule.
You can submit an objection or leniency request to us in relation to an official report. In addition to the
information included in your request, we then collect contact details, the place and date of birth, a copy of the OVchipcard and/or OVpay payment receipt details and the official report number.
Legal basis of processing
The basis on which the BOAs process your police data under the Police Data Act is the performance of their daily policing tasks (Article 8 of the Police Data Act).
The BOAs process personal data on the basis of the following:
- Code of Criminal Procedure;
- Special Investigating Officer (BOA) Decree;
- General Municipal Bye-law (APV).
Finally, the BOAs process personal data for the implementation of the agreement. This is subject to the following regulations:
- Passenger Transport Act and Decree 2000;
- Transport conditions for urban and regional transport; • HTM travel regulations.
For how long do we store your personal data?
Please check the model in the privacy statement pdf.
The maximum time within which the police are permitted to process personal data according to Article 8 of the Police Data Act is 10 years.
In addition, HTM also stores camera images (see the above section dealing with cameras).
With whom do we share the personal data?
Only authorised employees are allowed to access this data. They may only view the data they need for their work. Occasionally, we may grant access to the police or municipal employees. They too are only allowed to access the data that they need for their work. The actions of employees in systems
are logged. In this way, we keep track of the people who perform a particular action at a particular time in a particular file.
When an official report is being filed, we check your details with the Personal Records Database (BRP). We do this again after sending the first payment reminder for a fine for fare evasion.
Sometimes it is necessary for HTM to provide your personal data to third parties. For example, to the Central Fine Collection Agency (CJIB) if you have not paid your fine on time, or to the Public Prosecution Service (OM) or the police in connection with an incident for which HTM is pressing charges.
What are your rights under the Police Data Act?
Your rights under the Police Data Act differ from those under the GDPR. You have the right to view
the personal data that HTM processes about you under the Police Data Act. You can request a written overview of your personal data from HTM by sending an email to gegevensbescherming@htm.nl.
If your personal data under the Police Data Act is incorrect or incomplete, you can ask HTM to change that data. You can also have personal data deleted or ask for the processing of your personal data to be restricted. In addition, you can object to or appeal against the filing of an official report and the fine that was imposed (see the regulations for this on the HTM website).
You will receive a message from us when your request for correction, deletion or limitation of the processing your data has been granted.
We have the right to reject your request if:
- It could impede judicial investigations or proceedings;
- It could have a negative impact on the prevention of criminal offences or on an investigation, inquiry, prosecution or the imposition of penalties;
- Public safety is at risk;
- The rights and freedoms of third parties are being violated;
- National security is at stake;
- HTM has a legal obligation to retain this personal data;
- The request appears to be unfounded or excessive.
---------------------------------------------------------------------------------
Changes HTM reserves the right to change this text, where necessary. The changes will always be in accordance with the GDPR.
HTM Personenvervoer NV
Koningin Julianaplein 10
2595 AA The Hague
Registered in the Trade Register of the Chamber of Commerce under number 27014495
Privacy statement HTM updated: October 2023