Protecting your personal data is a particular concern of ours. We therefore exclusively process your data on the basis of statutory regulations (in particular based on the provisions of the General Data Protection Regulation, the national Data Protection Act and the Telecommunications Act). We wish to inform you of the most important aspects of data processing on our website in this Data Privacy Statement.
Our Data Privacy Statement applies to anyone who makes use of one of our products or services, vists our websites or makes contact with us. We have drafted separate data privacy statements for special services, which specifically govern data processing and the associated data protection issues. This Data Privacy Statement is therefore only applicable where specific data privacy statements do not contain more specific provisions in the individual case. There are special data protection statements for the online distribution of tickets or for the Postbus shuttle.
We are also continually developing our performance, provision and services. As a result we also continuously adapt the data privacy statement. However, we shall ensure that the latest effective version is always available to you.
We provide online forms in various sections on www.postbus.at if you wish to contact us via our website or by email. Contact shall be made:
Our customer service
You are welcome to contact us with your concerns, applications, complaints, wishes (eg applications, complaints, wishes (e.g. the transmission of travel information) and other suggestions or for advice on services). and other suggestions or for advice on services. Our customer advisors are available to you either by telephone or by e-mail:
Phone: +43 (0) 5 17 17 or
The ÖBB customer service of ÖBB-Personenverkehr AG, which we use as a trustworthy contract processor and through which the data processing takes place on our behalf, acts as a customer consultant.
The data provided by you in connection with your request (in particular first and last name, address data, e-mail address, documents and other information) will be used exclusively for case processing and therefore not for any other purpose. By using the ÖBB customer service, not only a quick and professional processing of your request is ensured, but also a procedure in accordance with the data protection regulations, because employees strive for your request, who pay the utmost attention to compliance with data protection aspects. Under the heading "Use of contract processors" in our data protection declaration, we have generally explained the framework conditions under which contract processors are used by us. We refer to these remarks, which also apply without restriction to ÖBB customer service.
ÖBB-Postbus GmbH operates a web shop at www.viennaairportlines.at and www.tickets.postbus.at so that you have the opportunity to purchase Vienna Airport Lines tickets online. A special data protection declaration has been drawn up for data processing due to ticket purchases, which you are welcome to view at www.postbus.at/rechtliches .
In order to improve our products and services and adapt them to customer requirements, we conduct surveys with different target groups. We thereby commission market research companies or conduct the surveys ourselves. Persons to be surveyed can be selected either completely randomly or based on social statistics or usage-specific factors. Contact with participants can be implemented via the pools of respondents for market research companies ‒ carried out without our input at the sole responsibility of partner operators. Or we invite interested persons in general, without individually addressing participation in the survey. In case of specific survey topics we also address customers of ÖBB PV AG.
Establishing personal reference is not intended for any surveys. All surveys are conducted completely anonymously. This is true even if we write to you directly as customer or you have declared your consent in advance to participate in a survey.
We only receive or compile an overall evaluation of data, which do not show individual interviews or persons.
If we address our customers directly, we will then exclusively contact people who have given consent thereto.
Should we conduct the survey in cooperation with a market research company in specific cases, we shall conclude a separate confidentiality agreement with said company in advance of a customer survey, laying down the secure handling of your data specifically for the individual case. In particular this Agreement shall ensure that the company will not transfer your data to other market research institutions and other third parties for surveys for their own purposes.
In any case you are not obliged to take part in any of our customer surveys.
Data are generally collected and processed for the purpose of contract implementation (e.g. in the event of concluding a transport arrangement, when renting or selling a bus), handling and responding to your queries, checking any applications for reimbursement and compensation, your voluntary participation in a customer survey, sending a newsletter, sending queries within the scope of quality measurement.
Data processed for these purposes shall be disclosed as required and according to the intended use to the following categories of recipients:
We therefore carry out data processing in particular based on the legal framework conditions summarized again below (as amended):
We shall not transmit personal data to a third country or an international organization.
In the event of any questions on data protection or the use of your personal data, feel free to contact our data protection officers.
Contact data for data protection officers:
Am Hautbahnhof 2
In general personal data are only stored by us to the extent that is absolutely necessary and are essentially deleted following expiry of the statutory period of limitations under civil law of three years (e.g. customer correspondence) or in the event of invoice-relevant data after ten years (e.g. booked tickets, customer cards), according to § 212 UGB or §§ 132 et seq. BAO. A longer storage period is only implemented in justified individual cases, for example as a result of an ongoing civil law or regulatory dispute.
(1) Rights of data subjects
As the data subject in the individual case, you are entitled to assert the following rights of data subjects against us, if we are the controller for data processing:
You have the right of a data subject to raise an objection to data processing, provided the requirements of Article 21 GDPR are in place.
If you wish to assert a right of a data subject, please contact us. The following contact options are available:
(Subject: assertion of rights of data subjects)
Am Hauptbahnhof 2
Please attach a copy/scan of an official photo ID to your application, indicating your date of birth (e.g. identity card, driving licence or passport). This is because we have to check your identity before we can reply to your request or make the necessary arrangements. The purpose of this identity check is to enable us to establish your actual capacity as a data subject, in order to ensure that personal data are not disclosed to unauthorized third parties (risk of misuse).
Once we have received your request and you have proven your identity, we will respond to your request within four weeks. In the event that we have specific questions as part of the reply, we will contact you and ask you to cooperate and assist.
Furthermore, you have the right to submit a complaint to the data protection authority, according to §§ 24 et seq. DSG [Data Protection Act] and Article 77 et seq. GDPR if you believe that we have breached obligations under the General Data Protection Regulation.
Austrian Data Protection Authority,
1030 Vienna, Barichgasse 40-42,
Tel.: +43 1 52 152-0
(3) Withdrawal of consent
If you have consented to your data being processed for a specific purpose, you have the right to withdraw your consent at any time, without indicating reasons.
Operationally necessary cookies
These cookies are necessary to allow you to use our websites as intended and make all functions available to you. Without such cookies the requested services cannot be provided. These cookies do not record information about you and do not store Internet locations. Absolutely necessary cookies cannot be deactivated on our site. However, they can be deactivated at any time on the browser that you use.
These cookies are necessary for certain applications or functions of the website, allowing them to be duly executed. This may for example include cookies, which store implemented settings such as a visitor’s language setting or even – assuming your prior consent – pre-completed forms.
Storage period: in the event of a session cookie for the period of the session, or in the event of your prior consent for the period of your consent.
These cookies collect information on user behaviour for visitors to our websites. For example, a record is kept of which websites are most frequently visited and which links are clicked on. All recorded data are stored anonymously with information for other visitors. Using data obtained by these cookies, we can compile analytical evaluations on our website using Piwik and thereby continually improve the user experience.
Storage period: in the event of a session cookie for the period of the session, in all other cases (for example for our web analysis service PIWIK) for a maximum three years.
How long are cookies stored on my device?
The time that a cookie stays on your device depends on whether it is a persistent cookie or a session cookie. Session cookies only remain on your device until your browser session is finished. Persistent cookies remain stored on your device, even after you have completed a browser session, until such time as the preset time for the cookie has expired or it has been deleted.
For this purpose, usage information generated by the cookie (including your abbreviated IP address) will be transferred to our server and stored for usage analysis purposes, which on our part serves for website optimization. Your IP address is immediately anonymized in this operation, meaning that you remain anonymous to us.
Information generated by cookies on the use of our websites shall not be transferred to third parties.
For technical reasons, specific data and information must be collected and stored for visits to our websites, e.g. websites used, time and duration of visit and data made available by the used browser (e.g. on the operating system and used system settings). We use such data and information anonymously in order to design our offer in a user-friendly way and technically optimize our offer.
Should you provide personal data or information on our websites, we can continue to use them within the framework of the legal requirements of TKG [Telecommunications Act] without your further consent. Use for advertising or marketing purposes, or transfer to third parties, which requires your separate prior consent, shall be exempt from this. We will separately inform you about any communications to other ÖBB affiliated companies (e.g. in the event of a concern, complaint, etc.).
Should you access the abovementioned offers on our websites or switch to these websites, we will share data provided by the browser with such operators. We are generally not responsible for contents offered on these external sites, both with regard to data protection and to the technical security of the data and information provided. Please note in this context that external providers use technologies for personalization of advertising.
If we provide a contact option through an input screen on our website, this communication shall be encrypted on the https protocol. Please note that the confidentiality of other communications on the Internet, in particular via email, is not guaranteed, and we therefore recommend not transmitting confidential data and information by email.
By information security we mean: confidentiality of data, data integrity and data availability.
In order to guarantee information security, we have established organizational framework conditions and protective measures, which conform to the latest technology. This includes:
Access rights are only granted to our employees to the absolutely necessary extent, specifically for the role. The use of such access rights is recorded in writing.
Your data shall be protected by a secure online connection (TLS) between your PC and our servers, depending on the browser configuration, with at least 128 Bits.
By processors we mean our contractual partners, who process personal data on our behalf (example: maintenance of our databases).
We only employ processors for our lawfully conducted data processing. We always assure ourselves in advance that the individual processor is suited to service performance, in particular that the processor provides a sufficient guarantee of secure and lawful use of data.
Processors that we have selected only receive personal data from us to the extent that is absolutely necessary.
Our processors have contractually undertaken:
Before employing a processor, we conclude a written agreement with it, in which special obligations are imposed on the processor and its employees, and they again are subject to a separate confidentiality obligation. We impose certain data security measures on the processor to ensure that customer data and data processing are sufficiently protected.
In the course of the previous sections, we have provided you with comprehensive information on the purposes of our data processing, categories of recipients, the legal basis and legal framework, the storage period and the rights to which you are entitled. In all data processing, we have taken care to ensure that data collection and the scope of data are limited to the absolutely necessary extent. If we therefore request you to disclose data, this is necessary so that we can
If you do not comply or do not completely comply with our request for data disclosure, it cannot be guaranteed that we can comply with or process your aforementioned request.