Data protection notice

Responsible for the data processing described below within the meaning of Art. 4 no. 7 GDPR is:

Schwarz Mobility Solutions GmbH
Stiftsbergstraße 1
74172 Neckarsulm

Email: info@twogo.com

Purposes of data processing / legal basis:

We will of course treat any personal information you give us by email / telephone / post as confidential. We only use your data for the purpose of processing your request. The legal basis for data processing is article 6 para. 1 letter f) GDPR. The legitimate interest arises from the interest in answering your inquiries and thus maintaining and promoting customer satisfaction.

Recipients / categories of recipients:

Depending on the occasion and to the extent necessary, we transmit your personal data to Netlution GmbH, Landteilstr. 33, 68163 Mannheim, as it processes possible customer inquiries you make by telephone, post and / or email on our behalf.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. However, if you do not provide us with the data required to process your request, we will not be able to process or answer your request.

Storage period / criteria for determining the storage period:

All personal data that you send us in response to inquiries will be deleted or securely anonymized by us no later than 90 days after the final response to you. The storage period of 90 days is explained by the fact that it can happen from time to time that you contact us again after a reply on the same matter and we must then be able to refer to the previous correspondence. Experience has shown that, as a rule, queries about our answers do not occur after 90 days. If you assert your rights as a data subject, your personal data will be stored for 3 years after the final reply to prove that we have provided you with comprehensive information and that the legal requirements have been met.

Purposes of data processing / legal basis:

When you visit this website, log files are created with the following content:

• The website from which you access our website;
• The IP address;
• The access date and time;
• The client's request;
• The http response code;
• The amount of data transferred;
• The information about the browser you are using and the operating system you are using.

The legal basis for data processing is Art. 6 Para. 1 letter. f) GDPR. The legitimate interest arises from the protection of our systems and the prevention of abusive or fraudulent behavior each time a user accesses this website.

Recipients / categories of recipients

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, because the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. However, the data mentioned will be processed for technical reasons as soon as you access our website. If you no longer wish to provide us with the data, this is only possible by no longer using our website.

Storage period

We save the data mentioned for a period of 32 days.

So-called cookies are used on this website. Cookies are small text files that are sent from our web server to your end device (PC, notebook, smartphone or tablet) when you visit this website and are stored there in the internet browser you are using. The cookies used can perform various functions.

You can set your browser so that it informs you about the placement of cookies. So the use of cookies becomes transparent for you. You can also set the browser so that it generally does not accept cookies or only rejects cookies from individual providers. However, we would like to point out that this may affect the functionality of this website.

The following subsections inform you about the individual purposes of the various cookies that can be used.

Purposes and legal basis of data processing

This cookie is used to manage the user's TwoGo session. It is deleted as soon as the browser is closed.

• Necessary: Necessary cookies help to make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
• Comfort: Using these techniques, we can take into account your actual or assumed preferences for the comfortable use of our website. For example, based on your settings, we can display our websites in a language that suits you. We also avoid displaying products that may not be available in your area.
• Statistics: These techniques enable us to create anonymous statistics on the use of our services for the purpose of designing them as required. This enables us, for example, to determine how we can adapt our websites even better to the habits of the users.
• Marketing: This enables us to show you suitable advertising content based on the analysis of your usage behavior. Your usage behavior can also be tracked via various websites, browsers or end devices using a user ID (unique identifier).

This cookie is created when the user logs on to the TwoGo website. It is used to identify the user's security session and is deleted when the user logs out of the TwoGo website or closes the browser

Necessary:

• Authentication data to identify a user after login in order to gain access to authorized content on further visits (eg access to the customer account);
• security-relevant events (eg detection of often failed login attempts);
• Data for the playback of multimedia content (e.g. playback of (product) videos selected by the user).

Preferences:

• Settings for the user interface adjustment that is not linked to a permanent identifier (e.g. active language selection).

Statistics:

• Pseudonymized usage profiles with information about the use of our website. These include in particular:
  • Browser type / version,
  • operating system used,
  • Referrer URL (the page previously visited),
  • Host name of the accessing computer (IP address),
  • Time of the server request,
  • individual user ID and
  • triggered events on the website (surfing behavior).
• The IP address is anonymized regularly, so that a conclusion about your person is generally excluded.
• We only merge the user ID with other data from you (e.g. name, email address, etc.) with your separate express consent (see, for example, section 6 of this data protection regulation). Based on the user ID itself, we cannot draw any conclusions about you personally.

Marketing:

• Pseudonymized usage profiles with information about the use of our website. These include in particular:
  • IP address,
  • individual user ID;
  • potential product interests,
  • triggered events on the website (surfing behavior).
• The IP addresses are anonymized regularly, so that a conclusion about your person is generally excluded.
• We only merge the user ID with other data from you (e.g. name, email address, etc.) with your separate express consent (see, for example, section 6 of this data protection regulation). Based on the user ID itself, we cannot draw any conclusions about you personally. We share the user ID and the associated usage profiles with third parties, if necessary, via the providers of advertising networks.

This cookie is created when the user logs on to the TwoGo website with the "Stay 2 weeks" function activated. It is used to identify the user's persistent session and is deleted when the user explicitly logs out of the TwoGo website or the two-week period has expired.

This cookie protects your connection to our server from attacks with cross-website forgery requests. It is deleted as soon as the browser is closed.

The legal basis for data processing is Art. 6 Para. 1 letter. f) GDPR. The legitimate interest arises from the protection of our systems and the prevention of abusive or fraudulent behavior each time a user accesses this website or our interest in making the use of our website more convenient for you, for example, by requesting two Stay logged in for weeks.

Recipients / categories of recipients

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, because the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. If you do not want cookies to be set, you can prevent this using the settings mentioned, make a corresponding selection of the categories of cookies or revoke or adjust your consent, if any.

Storage period

The storage period for cookies can be found in our cookie policy. If "Persistent" is entered in the "Process" column, the cookie is permanently saved until the relevant consent is withdrawn. Cookie policy

Purposes and legal basis of data processing

We offer you the opportunity to subscribe to our newsletter. If you have consented to receive our newsletter, we will use your email address and, if applicable, your name to send you (if possible, individual) information about the TwoGo service and related promotions, competitions and news.

With your consent, we record your usage behavior on our site. The evaluation of usage behavior includes, in particular, which areas of the respective website or newsletter you are on and which links you use there. Personalized usage profiles are created with your person and / or e-mail address assigned in order to better align a possible advertising address in the form of newsletters to your personal interests and to improve the website.

The legal basis for the data processing mentioned is your consent in accordance with Article 6 paragraph 1 letter a) GDPR.

In order to be sure that no errors were made when entering the e-mail address, we use the so-called double opt-in procedure: after you have entered your e-mail address in the registration field, we will send it You a confirmation link. Only when you click on this confirmation link will your email address be added to our mailing list.

You can revoke your consent to the receipt of the newsletter and the creation of personalized usage profiles at any time with future effect, e.g. B. by unsubscribing from the newsletter on our website. You can find the link to the unsubscribe page here or at the end of each newsletter. When you unsubscribe, we consider your consent to the creation of your personalized user profile and the receipt of the newsletter based on it to be revoked. We will delete your usage data. This does not affect the lawfulness of data processing carried out until you receive your revocation.

Recipients / categories of recipients

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, because the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. Participation in the newsletter dispatch is voluntary for you and takes place only with your consent.

Storage period

Your email address and name (if specified) will be deleted as soon as you have unsubscribed from our newsletter.

Purposes and legal basis of data processing

We use our website based on your consent in accordance with Art. 6 paragraph 1 letter a) GDPR social plug-ins of the social networks Facebook and Twitter, in order to offer you the opportunity to share trips that you plan or carry out using TwoGo on the social networks mentioned. Responsibility for data protection-compliant operation must be guaranteed by their respective providers.

We integrate these plug-ins using the so-called two-click method to best protect visitors to our website. This means that when you visit our website, no personal data is initially passed on to the providers of the plug-ins. The two-click method gives you the option of activating the deactivated social media plug-ins. The social media plug-ins integrated on our website are initially deactivated. The plug-ins are only activated by clicking on the plug-in symbol. Personal data is only transferred to the respective provider of the social media service after activation.

The plug-in you have activated establishes a connection to the server of the social media provider you have selected via your browser. This activation can be deactivated at any time. The deactivation process does not result in data that have already been transmitted being deleted by the corresponding social media provider. You have the right to withdraw your consent at any time with future effect. The revocation can be done by deactivating the social media plug-in. The legality of the data processing carried out up to the point of revocation remains unaffected.

We have no influence on the data collected and data processing operations, nor are we aware of the full scope of the data collection and the purposes of the processing.

The plug-in provider stores the data collected about you as usage profiles and uses them for the purposes of advertising, market research and / or to design its website in line with requirements. Such an evaluation is carried out in particular (also for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have a right of withdrawal at any time with future effect against the formation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. Via the plug-ins, we offer you the opportunity to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user.

The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and e.g. For example, if the page is linked, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile by the plug-in provider.

Recipients / categories of recipients

We use social media plug-ins from the following providers on our website:

Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 Ireland http://www.facebook.com/policy.php more information on data collection = http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .

Twitter International Company, One Cumberland Place, Fenian Street Dublin 2, D02 AX07 Ireland; https://twitter.com/privacy . Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework .

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with personal data. If you do not want to click and use the social media plug-in, there will be no disadvantages.

Storage period

We have no information on the deletion of the data collected by the plug-in providers.

You have the right, pursuant to Art. 15 Para. 1 GDPR, to request information free of charge about the personal data stored about you.

In addition, if the legal requirements are met, you have the right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data.

If data processing is based on Art. 6 Para. 1 letter e) or letter f) GDPR is based, you have a right of objection according to Art. 21 GDPR. Insofar as you object to data processing, this will not take place in the future, unless the controller can demonstrate compelling legitimate grounds for further processing that outweigh the interest of the data subject in the objection.

If you have provided the processed data yourself, you have the right to data transmission in accordance with Art. 20 GDPR.

If data processing is based on consent in accordance with Article 6 (1) letter a) or Art. 9 Para. 2 letter a) GDPR, you can revoke your consent at any time with future effect without affecting the legality of the previous processing.

In the aforementioned cases, if you have any questions or complaints, please contact the data protection officer in writing or by email. You also have the right to lodge a complaint with a data protection supervisory authority. The data protection supervisory authority of the federal state in which you live or in which the person responsible is based is responsible.

If you have any further questions about the processing of your data or the exercise of your rights, you can contact the responsible data protection officer at the person responsible:

datenschutz süd GmbH
- Keyword Schwarz Mobility Solutions -
Wörthstraße 15
97082 Würzburg

Email = office@datenschutz-sued.de

The following company is the data controller for the data processing described below within the meaning of article 4, para. 7, GDPR:

Schwarz Mobility Solutions GmbH
Stiftsbergstrasse 1
74172 Neckarsulm

Email: info@twogo.com

Purposes and legal basis of data processing

Information required to use the TwoGo service

If you create a user account with TwoGo and want to use the TwoGo services, it is necessary that you provide us with the following information in particular:

• First and last name (master data):
  • Are displayed to all participants of a mediated carpool and also to your followers and those users to whom you submit a trip request.
• Email address (contact details):
  • Used for user registration.
  • It is made available to all participants in a mediated car pool and also to your followers and those users to whom you submit a trip request.
  • We also use your email address to communicate with you, to confirm the opening of your account and to send you information about the use of TwoGo.
  • If you are a licensed user, we will send you an email at regular intervals to the email address provided, asking you to click a confirmation link. In this way we check that you are still part of the licensed company.
• Password:
  • Used for user registration.
• Mobile phone number (contact details):
  • Is transmitted to all participants in a mediated car pool.
  • If you wish, we will also use your mobile phone number for TwoGo notifications. (This function of the TwoGo service is only available in selected countries. Accordingly, your data will only be processed in these countries for the purposes mentioned.)
• Home and business address (contact details):
  • Standard setting of the start and destination locations for regular journeys.
  • Used to quickly enter travel requests and receive relevant travel suggestions from TwoGo.
• Travel request data:
  • Include role as driver, passenger or both, start and destination address, earliest departure date & time, latest arrival date & time, maximum number of passengers and whether a return trip is required (including start and destination address and times at Return trip).
  • Are used by TwoGo to mediate the appropriate car pool and also by your followers and the users to whom you send a trip request.
  • When booking a pool vehicle of the licensed company, which is your employer or client, the licensed company will be shown for statistical evaluations.
• Vehicle data:
  • If you use the TwoGo service as a driver, this information is required to use TwoGo.
  • Include brand, model, color, hallmark.
  • If you as a driver offer carpooling, your vehicle data will be transmitted to all passengers in a mediated carpool.
  • The number of free places and your desired role will be transmitted to the followers and users to whom you send a trip request.
• Information about your employer (for freelancers, information about the client):
  • Based on the email address you used to log in to TwoGo or a possible token, we check whether you are a (freelance) employee of a licensed company so that we can assign you to this company and offer you extended functions in TwoGo.

We process your data on the basis of Art. 6 Para. 1 lit. b) GDPR, so that we can create your user account, provide it and provide you with the TwoGo services and connect you with the travel requests and ridesharing opportunities that you create while using our service or in which you participate. Furthermore, this information is used to exchange information with you and your followers and journey participants for a journey inquiry or travel arrangement.

Optional information

Within your TwoGo account you can choose to add further data. Depending on the data entered by you, we process the following data, in addition to the required data mentioned:

• Location data:
  • Will be transmitted to the other participants in your car pool, provided the mobile app has been installed and the location function has been activated in the app. This makes it easier for participants to find themselves in the public space.
• Vehicle data:
  • If you only use the TwoGo service as a passenger, this information is voluntary.
  • Include brand, model, color, hallmark.
  • If you as a driver offer carpooling, your vehicle data will be transmitted to all passengers in a mediated carpool.
  • The number of free places and your desired role will be transmitted to the followers and users to whom you send a trip request.
• Places (e.g. buildings on the company premises as start and destination addresses)
  • Are used to offer the user (company-specific) predefined locations for quick entry.
• Nickname / pseudonym
  • Can be used by the user if he participates in competitions within the TwoGo service and does not want to be named in the leaderboard with his real name.
• Photo
  • Is used to personalize your profile and to transmit carpools to passengers for the purpose of mutual identification.
  • For display in the follower function. Your photo will be displayed in the list of followers of the corresponding user (driver / passenger) you want to follow. Furthermore, your photo will be displayed in the respective lists of the users following you, as well as on the trip proposal that you share with the users following you. Users can follow you after you have arranged for a TwoGo trip or through your explicit invitation.
• gender
  • Is used to assign you, if necessary, driving requests from users who only want female drivers or passengers.
• Vehicle picture:
  • To personalize your profile and to transmit carpools to passengers for the purpose of mutual identification.
• If you use the points account within the TwoGo service, the data of the trip request or arranged trip (role as driver, passenger or sudden trip request) will be used to manage your points account.
• If you use TwoGo as a licensed user and want to participate in a competition initiated by your licensed company within the TwoGo service, we will transmit your name, the points you have collected for the competition and your email address to the licensed company.

We process your data on the basis of Art. 6 Para. 1 letter b) GDPR, so that we can create your user account, provide it and provide you with the TwoGo services and connect you with the travel requests and ridesharing opportunities that you create while using our service or in which you participate. Furthermore, this information is used to exchange information with you and your followers and journey participants for a journey inquiry or travel arrangement.

Recipients / categories of recipients

If you as a licensed user use a booking of a pool vehicle of your licensed company, statistical evaluations (see also point 5) can be transmitted to the licensed company for your journey.

If you are a participant in a mediated trip as a passenger in a pool vehicle of a licensed company, your trip data can be displayed to the licensed company for statistical evaluations (see also point 5). This also applies if you are not a licensed user and therefore not a (freelance) employee of the licensed company.

If you are a licensed user and your licensed company provides reserved parking spaces, we will, if requested by the licensed company, pass on your license plate to authorized persons of this company to check the parking authorization if you are a driver of a mediated or not yet mediated car pool.

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, since the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

Depending on the occasion and to the extent necessary, we transmit your personal data to Netlution GmbH, Landteilstr. 33, 68163 Mannheim, as it processes possible customer inquiries you make by telephone, post and / or email on our behalf.

In addition, your personal data may be accessible to other recipients as and when required, insofar as this is necessary for the provision of the TwoGo service.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with your personal data if you are not interested in using TwoGo. However, if you use TwoGo and want to create a corresponding user account, you are obliged under our terms of use to provide the required mandatory information completely and truthfully.

Storage period

We delete your personal data as follows:

• Name, email address, password:
  • Deletion 7 days after registration if the registration has not been confirmed.
  • Deletion after 365 days of inactivity of the registered user.
  • Deletion at the end of a license contract = If you are a licensed user and the license of your licensed company ends, your user account in TwoGo will be completely deleted at this time.
  • Deletion of your usage authorization if you are an unauthorized license user.
  • Immediate deletion if you delete your user account.
• Other profile data:
  • Deletion after 365 days of inactivity of the registered user.
  • Deletion at the end of a license contract = If you are a licensed user and the license of your licensed company ends, your user account in TwoGo will be completely deleted at this time.
  • Deletion of your usage authorization if you are an unauthorized license user.
  • Immediate deletion if you delete your user account.
• Data of the trip request (start and destination address, earliest departure date & time, latest arrival date & time)
  • Immediate deletion if the trip request is canceled by the user
  • Deletion 41 days after the trip date.

Purposes and legal basis of data processing

If you use TwoGo through a web browser, regardless of any processing of the foregoing, we process the following personally identifiable information about you:

• The date you accessed the service and what action you took. We use this information for support purposes and to measure the frequency of use.
• We log your IP address. This helps us to prevent attacks on the system and to correct errors in the service.
• Further information can be found in the data protection information for the use of our website.

We process the data on the basis of Art. 6 Para. 1 letter b) GDPR, so that we can create and provide your user account via a web browser and make the TwoGo services available to you.

For some purposes, we process the data mentioned on the basis of Art. 6 Para. 1 letter f) GDPR. Our legitimate interest is to measure how often our TwoGo service is used.

Recipients / categories of recipients

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, since the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

So that we can provide you with our service, we use geographic services from HERE Europe BV, Kennedyplein 222-226, 5611 ZT Eindhoven, The Netherlands. The following data is transmitted: start and destination, start of journey and your IP address.

Depending on the occasion and to the extent necessary, we transmit your personal data to Netlution GmbH, Landteilstr. 33, 68163 Mannheim, as it processes possible customer inquiries you make by telephone, post and / or email on our behalf.

In addition, your personal data may be accessible to other recipients as and when required, insofar as this is necessary for the provision of the TwoGo service.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with the personal data mentioned. However, if you do not provide us with the data, we cannot give you access to TwoGo via a web browser.

Storage period

We save the data mentioned for a period of 32 days.

Purposes and legal basis of data processing

When you use TwoGo through the TwoGo app, regardless of any processing of the foregoing, we process the following personally identifiable information about you:

• The date you accessed the service and what action you took. We use this information for support purposes and to measure the frequency of use.
• We log your IP address. This helps us to prevent attacks on the system and to correct errors in the service.
• Your device identification, unique number of the end device (IMEI = International Mobile Equipment Identity), unique number of the network subscriber (IMSI = International Mobile Subscriber Identity), mobile phone number (MSISDN), MAC address for WLAN use, name of your mobile device, email -Address
• Use of push notifications
  • If you use the TwoGo apps for Android or iOS, you will be informed about travel requests and status changes for trips via push notification. For this purpose, your mobile device is assigned a device ID by Google Cloud Messaging (GCM) or Apple Push Notification Service (APNS) for the TwoGo app when you first open the app (after installation, before logging in).
  • When you log in to TwoGo via the app, the device ID created is assigned to your user account. TwoGo then sends encrypted messages to the GCM server or the APNS to notify trip inquiries or changes to the status of trips (e.g. a trip has been arranged, or a trip has been changed or canceled). The GCM server or APNS delivers these messages to your mobile phone. The Android or iOS operating system forwards the messages to the TwoGo app on the device. The TwoGo app evaluates the messages and carries out the corresponding action (e.g. loading trip data from an updated trip from the TwoGo server, logging off the user, etc.).
  • We would like to point out that the servers for the Google Cloud Messaging (GCM) service and the Apple Push Notification Service (APNS) are outside the scope of Directive 95/46 / EC of the European Parliament and of the Council of October 26, 1995 for protection natural persons in the processing of personal data and free data traffic
  • However, no data is transmitted via these servers, on the basis of which a connection to your person can be established, so that neither Google nor Apple receive personal or related data from you.

We process the data on the basis of Art. 6 Para. 1 letter b) GDPR, so that we can create and provide your user account via the TwoGo app and provide you with the TwoGo services.

For some purposes, we process the data mentioned on the basis of Art. 6 Para. 1 letter f) GDPR. Our legitimate interest is to measure how often our TwoGo service is used and to ensure the technical stability and security of the application.

Recipients / categories of recipients

In exceptional cases, your personal data may be accessible for support and maintenance purposes by Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, since the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

So that we can provide you with our service, we use geographic services from HERE Europe BV, Kennedyplein 222-226, 5611 ZT Eindhoven, The Netherlands. The following data is transmitted: start and destination, start of journey and your IP address.

Depending on the occasion and to the extent necessary, we transmit your personal data to Netlution GmbH, Landteilstr. 33, 68163 Mannheim, as it processes possible customer inquiries you make by telephone, post and / or email on our behalf.

In addition, your personal data may be made available to other recipients as needed and only to the extent necessary to provide the TwoGo service.

Obligation to provide your data

You are neither contractually nor legally obliged to provide us with the personal data mentioned. However, if you do not provide us with the data, we cannot give you access to TwoGo via the TwoGo app.

Storage period

We save the data mentioned for a period of 32 days.

Purposes and legal basis of data processing

When using the TwoGo service, the following data in particular is recorded and used for statistical evaluations, provided that you use TwoGo as a licensed user.

This information is no longer linked to a person. It is aggregated and thus anonymized data, which is composed of the following information:

Statistics of users

• Home address [city only. If fewer than 5 users are registered in this city, then only country]
• Gender [only if at least 5 users of the same gender are registered in a city]
• Date of last activity [only if at least 5 users were active on the same day, otherwise aggregation to the month (displayed as 01.month.year) or the year (displayed as 01.01.year)]
• Uploaded a profile picture [y / n]
• Has provided vehicle data [y / n]
• Uploaded a vehicle picture [y / n]
• registration date
• Minimum length (in percent) of the trip together
• Mediation limited to women [y/n, only if gender is specified as female]
• Maximum detour time (in minutes)
• preferred role (driver / passenger / both)
• Date of registration [only if at least 5 users registered on the same day, otherwise aggregation to the month (displayed as 01.month.year) or the year (displayed as 01.01.year)]

Statistics of travel requests per organizational location

• Desired role for this trip
• Trip is arranged [y / n]
• User is driver [y / n]
• Start / End Date [rounded to the hour]
• Start / destination [city only]
• Last activity date
• Distance per route
• Number of free seats for passengers
• Maximum detour time
• Potential savings [CO2 and €]
• User interface via which the request was created [calendar, web, mobile app]
• User has released their own location for passengers [y / n]

Daily statistics for each organizational location

• Number of blocked users who could not use the service on the key date
• Number of users who have not confirmed their email address

We process the data mentioned on the basis of Art. 6 Para. 1 letter f) GDPR. Our legitimate interest is to provide our licensed business customers with the data mentioned in the form mentioned, as this is part of our range of services for our business customers.

Recipients / categories of recipients

In exceptional cases, statistical data may be accessible for support and maintenance purposes from Schwarz IT KG, Stiftsbergstrasse 1, 74172 Neckarsulm, because the TwoGo application and your data are hosted and stored on our behalf on servers provided and operated by Schwarz IT KG.

Statistical data will be transmitted to your employer / client insofar as this is a licensed business customer of TwoGo and you use TwoGo in your function as a licensed user.

In addition, your personal data may be accessible to other recipients as and when required, insofar as this is necessary for the provision of the TwoGo service.

Obligation to provide your data

You are neither legally nor contractually obliged to provide us with the data mentioned. However, the data is created as soon as you use the TwoGo service and is processed by us for the stated purposes and in the manner mentioned.

Storage period

We store the statistical data mentioned for one year. Irrespective of this, the data can be stored longer by your employer / client, but we have no influence on this.

According to Art. 15 para. 1 GDPR, you have the right to request information free of charge about the personal data stored about you.

In addition, if the legal requirements are met, you have the right to correction (Art. 16 GDPR), deletion (Art. 17 GDPR) and restriction of processing (Art. 18 GDPR) of your personal data.

If data processing is based on Art. 6 Para. 1 lit. e) or lit. f) GDPR is based, you have a right of objection according to Art. 21 GDPR. Insofar as you object to data processing, this will not take place in the future, unless the controller can demonstrate compelling legitimate grounds for further processing that outweigh the interest of the data subject in the objection.

If you have provided the processed data yourself, you have the right to data transmission in accordance with Art. 20 GDPR.

If data processing is based on consent in accordance with Article 6 (1) letter a) or Art. 9 Para. 2 letter a) GDPR, you can revoke your consent at any time with future effect without affecting the legality of the previous processing.

Please contact the data protection officer in writing or by e-mail in the above-mentioned cases, in the event of questions or complaints. You also have the right to lodge a complaint with a data protection supervisory authority. The responsible data protection supervisory authority is that of the state in which you live or in which the data controller is based.

If you have any further questions about the processing of your data or the exercise of your rights, you can contact the responsible data protection officer at the person responsible:

datenschutz süd GmbH
- Keyword Schwarz Mobility Solutions -
Wörthstraße 15
97082 Würzburg

Email: office@datenschutz-sued.de