DE EN

Privacy policy of Schienen-Control

Schienen-Control was established in accordance with Section 76 of the Railway Act 1957 (EisbG), Federal Law Gazette 1957/60, as amended, and, in addition to the other responsibilities listed in Section 77 EisbG, acts as the administrative office of Schienen-Control Furthermore, the statutory arbitration and enforcement body for rail, bus, ship, and air transport, the Agency for Passenger Rights (apf), is based at Schienen-Control .

For Schienen-Control , the responsible handling of personal data is a top priority.

Where Schienen-Control processes personal data, this is always done within the scope of its legally assigned tasks. Insofar as Schienen-Control acts on the basis of legal obligations and within the scope of its legal responsibilities, no additional declaration of consent or consent from the data subjects is required for the processing of data in accordance with the provisions of the EU General Data Protection Regulation (GDPR).

Schienen-Control has implemented appropriate technical and organizational measures to ensure the security of personal data processing, in particular precautions have been taken to protect against unauthorized access and unlawful processing. The technical and organizational measures include, in particular, regular audits, data backup and access authorization concepts, and physical and digital protection measures relating to our IT infrastructure. The security measures are state-of-the-art and are evaluated on an ongoing basis.

One of the main tasks of Schienen-Control is to provide information on our website.

cookies

Cookies are short pieces of text information that web servers send to the browser of the website visitor. The content of a cookie basically consists of a simple text file with which the web server provides the browser with additional information that enables certain functionalities of a website (user comfort or statistical purposes).

Every cookie has a lifespan. Based on the duration of their data processing, cookies can be divided into two types: session cookies, which are deleted when the browser is closed, and persistent cookies, which remain in the browser beyond the current session and are displayed individually in the browser.

We use the following technically necessary cookies on our website:

- PHP SESSION ID (PHPSESSID): Stores the current PHP session (storage duration: session)

- Contao HTTPS CSRF Token (csrf_https-contao_csrf_token): Protects against cross-site request forgery attacks (storage duration: session)

These cookies are necessary for the basic functions of the website and cannot be disabled. You can view the cookies that have been set by clicking on the following link:

Cookie settings

With your consent, our apf website (www.apf.gv.at) also uses the open-source tool Matomo for statistical purposes (web analysis).

We store the following data: IP address (anonymized), date, time, destination URL, referrer, client data. The data is deleted after 150 days. In addition, a Matomo session cookie is used, which expires automatically after 14 days. These cookies are disabled by default. These cookies can be enabled at any time via the cookie settings link above.

Based on Regulation (EU) 2018/1724 of the European Parliament and of the Council (GDPR), if consent is given for web analysis, anonymized data on the number of users, origin of visitors, and type of devices used for the visit (desktop, mobile) is transmitted to the European Commission via an interface. The aim of the SDG-VO is to expand existing European portals, websites, networks, services, and systems and link them to national solutions. This is intended to create a single digital point of contact for European administration.

In accordance with the provisions of the EU GDPR, data subjects have the following rights when their data is processed:

  • the right to request information about which data is processed by Schienen-Control (Article 15 GDPR);
  • the right to have the data corrected (Article 16 GDPR);

The right to data portability (Article 20 GDPR) does not apply under the provisions of the GDPR when controllers perform tasks carried out in the public interest on a legal basis.

If the data is no longer necessary for the purpose and/or fulfillment of the legal obligations for which it was collected, there is

  • the right to have the data deleted (Article 17 GDPR);
  • the right to restrict the processing of data (Article 18 GDPR).

At this point, Schienen-Control would like to emphasize once again that, as a rule, no personal data is collected due to the anonymization of visitors' IP addresses by Matomo. In addition, cookies used to support the functionality of the website are deleted immediately after leaving the website. The above-mentioned rights may therefore only apply to a limited extent or not at all if no personal data is available.

In addition, pursuant to Article 21 GDPR, data subjects have the right to object to the processing of their personal data at any time, which can be exercised independently of the above statements. However, the prerequisite for successfully asserting the right to object is a special situation that justifies the objection to processing that is generally permissible.

Data subjects who believe that the processing of their personal data violates the GDPR may also lodge a complaint with the supervisory authority at any time.

Requests and questions regarding the privacy policy and personal data can be sent by email or post to the data protection officer:

Official data protection officers

Ass. iur. Dipl.-Jur. Caroline Trefil
Schienen-Control
Linke Wienzeile 4/1/6
1060 Vienna
c.trefil@schienencontrol.gv.at

Responsible for the processing of personal data

Schienen-Control
Linke Wienzeile 4/1/6
1060 Vienna
office@schienencontrol.gv.at

T: +43 1 5050707 120 

Competent supervisory authority

For Austria, the competent supervisory authority is the Data Protection Authority,
Barichgasse 40–42, 1030 Vienna,
T: +43 1 52152 0, dsb@dsb.gv.at, www.dsb.gv.at.

Click here to opt out of Google Analytics tracking.

You can change your cookie settings here:

It is also possible to disable cookies via your web browser settings.

In accordance with the provisions of the GDPR, data subjects have the following rights when their data is processed:

  • the right to request information about which data is processed by Schienen-Control (Article 15 GDPR);
  • the right to have the data corrected (Article 16 GDPR);

The right to data portability (Article 20 GDPR) does not apply under the provisions of the GDPR when controllers perform tasks carried out in the public interest on a legal basis.

If the data is no longer necessary for the purpose and/or fulfillment of the legal obligations for which it was collected, there is

  • the right to have the data deleted (Article 17 GDPR);
  • the right to restrict the processing of data (Article 18 GDPR).

At this point, Schienen-Control would like to emphasize once again that, as a rule, no personal data is collected due to the anonymization of visitors' IP addresses by Google Analytics. In addition, cookies used to support the functionality of the website are deleted immediately after leaving the website. The above-mentioned rights may therefore only apply to a limited extent or not at all if no personal data is available.

If the exercise of data subject rights nevertheless concerns the use of cookies used in the context of Google Analytics, the corresponding Google applications are available for exercising these rights here .

In addition, pursuant to Article 21 GDPR, data subjects have the right to object to the processing of their personal data at any time, which can be exercised independently of the above statements. However, the prerequisite for successfully asserting the right to object is a special situation that justifies the objection to processing that is generally permissible.

Data subjects who believe that the processing of their personal data violates the GDPR may also lodge a complaint with the supervisory authority at any time.

Requests and questions regarding the privacy policy and personal data can be sent by email or post to the data protection officer:

Official Data Protection Officers
Ass. iur. Dipl.-Jur. Caroline Trefil
Schienen-Control
Linke Wienzeile 4/1/6
1060 Vienna
c.trefil@schienencontrol.gv.at

Responsible for the processing of personal data
Schienen-Control
Linke Wienzeile 4/1/6
1060 Vienna
office@schienencontrol.gv.at
T: +43 1 5050707 120

Competent supervisory authority
For Austria, the competent supervisory authority is the Austrian Data Protection Authority (
)
Barichgasse 40–42
1030 Vienna
T: +43 1 52152 0
dsb@dsb.gv.at
www.dsb.gv.at

Die Datenschutzerklärung der Schienen-Control GmbH ist >>HIER<< auch als PDF abrufbar.

Press Enter to search or Esc to close.

You are using an outdated browser. The website may not be displayed correctly.