Cookies op delijn.be
Deze website gebruikt cookies en vergelijkbare technologieën om je surfervaring te vergemakkelijken en de website te verbeteren.
Lees meer.
Show the menu

Protection of personal data

Layout aanpassen:
<Pas uitlijnen afbeelding aan>
<Pas positie afbeelding aan>

<Voeg een paragraaftitel toe>

1.    Data controllers: 
The Vlaamse Vervoermaatschappij De Lijn, an external autonomous agency governed by public law with its registered office at 2800 Mechelen, Motstraat 20 and registered in the Crossroads Bank for Enterprises under number 0242.069.537 (Antwerp Register of Legal Entities, Mechelen Division).    
2. Contacting De Lijn or the DPO (data protection officer): 
Contact us with any questions about the protection of personal data: 
via the online contact form: https://www.delijn.be/nl/contact/klantendienst/  
or by phone on 070 220 200 (0.30 euro/minute) 
3.    De Lijn processes its customers’ personal data for the following reasons: 
a.    Delivery of tickets in all formats (subscriptions, SMS or M-tickets, etc.)  
Basis of processing: contract (Art. 6.1 b of Regulation (EU) 2016/679 of 27 April 2016 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation) (‘GDPR’). 
Data category: Ordinary personal data (name, address, date of birth, family composition, mobile phone number, photo) and sensitive personal data (national registration number, employment status) 
Origin data: provided by the customer (for example, supplied on an application form or online); purchased from a third party (e.g. municipality, employer); obtained from an authentic source (the national register or the Crossroads Bank for Social Security, on the basis of a national registration number provided by the customer) 
Recipient: The listed personal data may be transferred externally to contractors who issue tickets to De Lijn customers on behalf of De Lijn. 
Retention period: a maximum of 3 years after the last contact 
b.    Handling of questions, complaints, suggestions, etc. 
Basis of processing: legal obligation (Art. 6.1 c GDPR)
Data category: Ordinary personal data (name, telephone number, address, email, sex, date of birth) 
Origin data: provided by the customer when submitting a customer response 
Recipient: Data may be transferred to the external contact centre. 
Retention period: Data will be stored for a maximum of 5 years after handling the question, complaint, suggestion, etc. 
c.    Communication with customers, in the context of transport needs, promotional campaigns, customer retention, direct marketing, etc. 
Basis of processing: agreement; legitimate interest; consent (Art. 6.1 b, c and a GDPR). 
Explanation of basis of processing: It is in the legitimate interest of organisations to contact customers in order to renew their contract with De Lijn or to make other contract proposals.  
Data category: Ordinary personal data (name, address, telephone number, email address)  
Origin data: provided by the customer (for example when creating an online account) or purchased from an external party 
Recipient: Data may be passed on to other mobility partners e.g. other transport providers (in this case customers are always informed of this before they provide their data) or to a mailing company that carries out communications on behalf of De Lijn 
Retention period: Data are kept until consent is withdrawn, or for a maximum of 3 years after the last contact 
d.    Conducting market research and market analysis; reporting and statistical analysis 
Basis of processing: consent; legitimate interest; legal obligation; general interest (Art. 6.1 a, f, c and e GDPR).  
Explanation of basis of processing: De Lijn uses market analysis for a number of reasons which fall within the category of De Lijn's legitimate interest.  Such market analyses may be carried out, for example, in order to pursue a target group policy, for the purpose of price differentiation, in order to match our services as closely as possible to demand, etc. In addition, analyses are used to optimise our transport network. Finally, we are obliged to report to our stakeholders about certain target groups and about the objectives included in the management agreement. In order to achieve these objectives, personal data are used as input for analyses. Naturally the results of these analyses and reports do not contain any personal data. 
Data category: Ordinary personal data (name, address, sex, date of birth, telephone number, email address) and sensitive personal data (national registration number, validations). Validations are not used at an individual level, but are always aggregated and pseudonymised before they are used in market research. 
Origin data: provided by the customer 
Recipient: In some cases an external agency is used to conduct market research. 
Retention period: the retention period for these data may vary, depending on the research. Participants in surveys are informed of the exact retention period when the data are collected. If analyses are carried out on the basis of data in the customer database, the retention period for the customer database is adhered to (see point a). Non-pseudonymised and aggregated results are retained for a maximum of 3 months. 
e.    When a customer visits De Lijn’s website or uses its app, cookies may be installed. For more information about the use of cookies, see our cookie policy. 
f.    Dial-a-bus switchboard customers are included in a separate customer database 
Basis of processing: contract (Art. 6.1 b GDPR)
Data category: Ordinary personal data (name, address, telephone number, email address) and sensitive personal data (health information e.g. wheelchair use)
Origin data: provided by the customer 
Recipient: Data may be passed on to contractors who provide rides on behalf of De Lijn in connection with demand-driven transport (operators, taxis). 
Retention period: a maximum of 5 years after the last contact 
Failure to provide the necessary personal data may, among other things, lead to De Lijn being unable to fulfil its legal and/or contractual obligations towards the customer, including delivery of the ticket requested by the customer. 
  
4.    Rights 
You have the right to view, correct or, in some cases, arrange for the deletion of your personal data. Deletion is not possible in certain circumstances, for example if you have an ongoing contract with De Lijn. 
You have the right to obtain a copy (in a structured, commonly used and machine-readable form) of your personal data and to have them transferred to another company (right to data portability). 
You have the right to object to the processing of your data on the basis of the following legal grounds: 
•    Processing that is necessary in order to fulfil a task of general interest or a task relating to the exercise of public authority entrusted to the controller;  •    Processing that is necessary for the legitimate interests of the controller or of a third party, except when the interests or fundamental rights and freedoms of the data subject requiring protection of personal data override those interests, in particular, when the data subject is a child.  
You also have the right to oppose automated individual decision-making. 
In cases where the processing of your personal data is based on your consent, you may withdraw your consent at any time, without this affecting the lawfulness of the processing which took place on the basis of your consent before you withdrew it.  Withdrawal of your consent may, among other things, lead to De Lijn being unable to fulfil its legal and/or contractual obligations towards the customer. 
  
You may exercise your rights in various ways: 
•    You can contact De Lijn via the online contact form; 
•    You can contact De Lijn by telephone on 070 220 200. Our employees will register your question and ensure that it is dealt with by the right people; 
•    You can contact De Lijn's Data Protection Officer by registered letter at the following postal address: 
VVM De Lijn 
Attn: DPO 
Motstraat 20 
2800 Mechelen 
  
Personal data will also be passed on to the Public Prosecution Service, investigating magistrates and/or police services if this is necessary for the detection, investigation or prosecution of crimes. 
  
De Lijn has, pursuant to the Deliberation RR 04/2006 of 1 March 2006 of the Sectoral Committee for the National Register, permission to process the subscriber’s national registration number, as well as, pursuant to Deliberation 07/018 of 24 April 2007 of the Sectoral Social Security Committee, permission to access the Crossroads Bank for Social Security, with a view to checking the identity of the subscriber and/or the customer, his/her family composition and the fulfilment of the conditions for entitlement to certain tickets. 
  
5.    You also have the right to submit a complaint regarding the processing of your personal data to the Commission for the Protection of Privacy, Drukpersstraat 35, 1000 Brussels.
<Voeg downloadbare bestanden toe>
<Voeg knoppen toe>