Data protection and disclaimer

Anchor Navigation

Privacy Policy

The data collected from visitors to this website, from the use of PostBus apps and from the use of services offered by PostBus (hereinafter referred to as online services [e.g. microsites, etc.]) is processed by PostBus Ltd in its capacity as both provider of this website and a service provider. The above-mentioned services will be referred to hereinafter as the “digital presence”. This Privacy Policy also contains information on data processing if other PostBus services are used. Further details about PostBus Ltd are available in the News section of the website.

Protection of your personal data is of great importance to us. We therefore handle your personal data with great care and in accordance with the relevant statutory provisions set out in data protection law and the Passenger Transport Act (especially Art. 54 PTA) and the relevant ordinances.

In this Privacy Policy, we provide you with information about our data processing. We explain which data is processed by us whenever you access this website and other digital presences, and if you use other PostBus services.

As a public transport company, we are legally obliged to provide transport services in conjunction with other transport companies and public transport associations (NDS – National Direct Service). In order to facilitate this on your behalf, data that is acquired from contact with you or from services you have purchased will be shared within the NDS (see section 4), and we are jointly responsible for its processing in cooperation with the other transport companies and public transport associations.

1. Who owns the data that is collected?

PostBus Ltd, Engehaldestrasse 39, 3030 Bern, Switzerland is the provider of the digital presences and responsible for the data processing under data protection law.

We are jointly responsible for processing data acquired from the Direct Service in cooperation with other transport companies and public transport associations (see section 4.2).

2. What data do we collect?

In principle, our publicly accessible digital presence can be used without requiring you to disclose any personal data. An exception to this, as is common practice with many websites, is certain data (such as IP addresses and other usage information) that is collected automatically by our web analytics software and then analysed and processed. It is also possible to modify the data processing settings that relate to cookies via our cookie wall (section 8).

2.1 Automatic logging

Our web servers automatically log every visit in a temporary log file. User-specific data (such as the identification data of the browser used, the operating system of the computer used) and technical data (such as the name and URL of the referring website if the website was accessed via a link and, in addition, the search term if the website was accessed via a search engine) are logged and analysed anonymously. First and foremost, this data is needed to enable the use of our content (connection set-up), for internal, system-related purposes – such as technical administration and system security – and to optimize your browsing experience. As part of this process, cookies may be used (see section 5 below). IP addresses are automatically verified for automated security checks, e.g. for fraud prevention, and immediately deleted. Furthermore, IP addresses are used for analytics and marketing purposes. In particular, Google Analytics anonymizes the IPs received immediately and processes the anonymized IP addresses only for the analysis (see section 7).

2.2 Additional data processing

When using the services, data is processed in accordance with a contractual agreement, the associated Subscriber Conditions (SC) or General Terms and Conditions (GTC).

Newsletters

By signing up for a newsletter, you consent to us processing the data required to send you the newsletter for the purposes set out in this Privacy Policy, and provide us with various details such as your e-mail address, contact information, language preference or business-related information (an e-mail address is required at a minimum). You can unsubscribe from newsletters at any time by clicking the unsubscribe link at the end of the newsletter.

Participation in competitions and prize draws

If you participate in competitions or prize draws, you consent to us processing data required to run the competition or prize draw, and you provide us with the necessary details, for instance e-mail and contact details, and any other information required for the purposes of implementation. If specific additional information is required for certain competitions and prize draws, this will be indicated separately in the relevant conditions of participation.

Online forms

In addition, we process personal data if you decide to send it to us; for example, by filling out an online form (e.g. forms for conveying positive and critical feedback, making reservations or sending off documents) or sending us a message via our contact forms. In these cases, we will only ask you to provide the personal data we require to perform the services we provide (first name, last name, address, telephone number, e-mail and language). The information you provide us with will be recorded in our IT systems.

Lost property service

If you report a loss using the online form, PostBus forwards your details (contact and loss report details) onto the SBB Lost and Found Service. You can find information on data processing here: www.sbb.ch/en/meta/legallines/data-protection.htmlTarget not accessible.

WiFi in Postbuses

If you register for PostBus WiFi using your mobile phone number, the MAC address of your device will be recorded. Due to the WiFi service, PostBus is deemed to be a telecommunications service provider and is therefore also registered with the Federal Office of Communications. PostBus is therefore obliged to comply with the legal provisions of the Federal Act of 18 March 2016 on the Surveillance of Post and Telecommunications and the associated ordinance.

Use of the PubliCar App

If you register with the PubliCar App, please provide us with your name, e-mail address and telephone number. You can also register a payment method. If you do use the app, other personal data required to provide the service (such as pick-up point and destinations for bookings) will also be processed. Additionally, certain device information (such as device manufacturer and operating system used) and technical data (e.g. customer login time) will also be processed. If you wish to enter the current location automatically as part of a booking, this will only happen with your prior consent.

Ticket inspection

Ticket inspections are carried out on board PostBus vehicles. If a trip is made without a valid ticket, incident data (e.g. incident ID, inspection company, inspection date, inspection time, route or service number, inspection stop, destination stop, reason for complaint) and contact details (plus the legal representative’s contact details for minors) are collected, and saved and processed in order to handle the incident. The data is passed onto the national fare dodger register and deleted after the period prescribed by law. The national fare dodger register is managed under the joint responsibility of public transport organizations (see section 4 for more details)

Video surveillance

Video recordings may be made by PostBus inside buildings (bus stations, garages) and on board vehicles for safety and evidence purposes. We make the public aware of our use of video surveillance systems and only use them where necessary.

3. How do we use your data?

Collecting data helps us to continue developing and improving our digital presence and to optimize our range of services. We use the data collected by automatic logging for the following purposes:

  • To enable your use of the digital presence (establishing a connection).
  • For internal management of the website, for example technical administration and maintenance of system security.
  • To optimize user friendliness, we collect statistics on user behaviour on our digital presences. This data is analysed (see also section 7).
  • To tailor our websites to specific target groups (with targeted content or information on the website that may be of interest to you).
  • For promotional mailings and marketing (including events) if you have given us your consent. 
  • For market and opinion research and media monitoring.
  • To provide and continue developing our offerings, services, websites, apps and other platforms where we are present.
  • Online marketing (advertising)
  • To prevent fraud and improve the security of the website.
  • For other purposes in accordance with the contractual agreement and the associated Subscriber Conditions or General Terms and Conditions.
  • To guarantee our operations, in particular our IT, websites, apps and other platforms.
  • To prevent and investigate criminal acts and other misconduct (e.g. conducting internal investigations and data analyses to combat fraud).
  • To assert legal claims and defend ourselves in connection with legal disputes and official proceedings.

We also use re-targeting or re-marketing methods on our websites. These are online marketing tools. If you visit other third-party websites, you will then be shown product recommendations with targeted pop-up adverts. In order to achieve an optimized result for you in this regard, data is also transmitted to third-party providers who may be domiciled abroad.

If PostBus services are used, your data is additionally processed in accordance with the contractual agreement and the Subscriber Conditions or General Terms and Conditions.

Video surveillance is deployed to guarantee safety, to provide services, to combat fraud and misuse, and to defend against and enforce legally justified claims. Video surveillance is limited to the essentials, and data is deleted as soon as it is no longer required for the purposes stated. As a rule, recordings made on board Postbuses are stored for no more than 72 hours, and video recordings at stops and bus stations are stored for no longer than 14 days.

4. How do we handle data from the “National Direct Service” (NDS)?

4.1 Public transport companies handle your data confidentially

Protecting your personal details and your privacy is also important to us when managing data from Direct Service. We guarantee to process this personal data in compliance with the law and in accordance with the applicable data protection provisions.

Public transport companies are setting an example for the confidential handling of your data with the following principles:

You make the decisions about the processing of your personal data.

In accordance with the legal data processing framework, you may refuse or revoke your consent or have your data deleted at any time.

We offer you added value when processing your data.

We use your data solely to provide services and to offer you added value (e.g. tailored offers, information and support). We therefore only use your data for the development, delivery, optimization and evaluation of our services or for maintaining customer relationships.

Your data will not be sold.

Your data will be disclosed to selected third parties solely for the purposes explicitly mentioned. If we commission third parties to process data, they are obliged to comply with our data protection standards (for further details, see section 9).

We ensure the security and protection of your data.

We guarantee the careful management of your data as well as its security and protection. We ensure the necessary organizational and technical precautions for this.

You will find detailed information below on how we manage your data.

4.2. What does joint responsibility in the public transport sector mean?

In order for us to be able to provide our public transport mandate, specific information is disclosed at national level within the National Direct Service (NDS), a federation of more than 240 transport companies (TCs) and associations operating in the public transport sector. The individual TCs and associations are listed here (in German): www.allianceswisspass.ch/de/informationen-ov-nutzende/DatenschutzTarget not accessible

Data drawn from the purchasing of services and from contact details is saved in a central database maintained by Swiss Federal Railways as mandated by the NDS and for which we, together with the other companies and associations of the NDS, are responsible (“NOVA database”).

For services that you purchase using the SwissPass login, the data is then saved in a further central database (“SwissPass database”) for which we are jointly responsible alongside the TCs and the NDS associations, whereby the database is also maintained by Swiss Federal Railways as mandated by the NDS. To facilitate efficient service provision and collaboration between the participants, the data from the different databases will be combined if necessary. To enable single sign-on (SSO) (one login for all applications which offer the use of your services with the SwissPass login), the aforementioned login, card, customer and service data are also exchanged between the central SwissPass login infrastructure and ourselves as part of the authentication process.

The scope of access to the common database by the individual TCs and associations is regulated and limited by a joint agreement. Disclosure through the central storage and processing by the remaining TCs and associations of the NDS is, in principle, limited to processing contracts, ticket inspection, after-sales services and revenue distribution. Furthermore, the data collected during the purchase of services provided by the NDS (see Product range overview – Alliance SwissPass) is also processed for marketing purposes in certain cases.

Customer and subscriber data is required and processed to protect revenue (inspecting the validity of tickets/concession cards, payment collection, combating misuse).

Instances where passengers fail to present a valid (or only have a partially valid) ticket may be recorded using the national fare dodger registerTarget not accessible.

4.3 Which data is processed in relation to marketing?

Data from the use of services is analysed in order to develop and promote public transport services in a needs-oriented manner. If you have consented to us doing so and you are contacted for this purpose, this is generally carried out by us. You will be contacted by other TCs and associations involved in the NDS only in exceptional cases and in accordance with strict conditions and also only if the evaluation of the data suggests that a specific public transport offer could provide added value for you as a customer. Contact by Swiss Federal Railways constitutes an exception to this rule. Swiss Federal Railways is responsible for the marketing mandate for the DS services on behalf of the NDS (e.g. GA Travelcard and Half Fare Travelcard) and may regularly contact you in this capacity.

You can decline to be contacted by us, by Swiss Federal Railways (e.g. in relation to your GA Travelcard or Half Fare Travelcard) and by other public transport companies at any time. To do this, the following options are available:

  • Every e-mail that you will receive from us or other public transport companies will contain an unsubscribe link which you can click to unsubscribe from further messages.
  • If you have a SwissPass login, you can unsubscribe at www.swisspass.ch and manage your settings for receiving messages in your account at any time.

5. How do we use cookies?

5.1 What is a cookie?

A cookie is a text file with short data sequences (a sequence of letters and numbers) that by itself cannot perform any operations. This text file is transferred to your browser by the web server when you visit a website. The cookie is stored on your local computer. There are two different types of cookies: temporary cookies and permanent cookies. We use both temporary cookies, which are automatically deleted from your mobile device or computer at the end of the browser session, and also permanent cookies, which remain on your computer or mobile device for up to ten years after the browser session. They are automatically disabled after the programmed time.

You can check your browser’s log at any time to see which cookies are being run.

5.2 How safe is it to enable cookies?

It is safe to enable cookies when visiting our digital presence. When using a third-party computer, however, we recommend not accepting cookies and deleting your browser history to prevent subsequent users from being able to see your browsing behaviour.

5.3 How do we use cookies?

We use cookies to carry out an analysis of general user behaviour. Our goal is to optimize our digital presence, to make it easier to use, to make finding content more intuitive, and to ensure that it can be more clearly laid out and structured. It is important to us to make our digital presence user friendly and tailor it to your needs. This allows us to optimize our websites with targeted content or information that may be of interest to you (e.g. geolocated).

5.4 How do we use third-party cookies?

We use selected cookies from third-party providers (known as third-party cookies). These cookies are intended to optimize the user experience, to display personalized advertisingTarget not accessible (Google Ad Manager) or to prevent fraud. We draw attention to our use of cookies via a cookie banner. You have the ability to prevent the use of cookies at any time via the cookie settings in your browser (see section 8 below).

6. Social media

On certain PostBus websites, we use the Facebook, Twitter, Instagram, LinkedIn and YouTube sharing functions. This allows you to share individual content.

PostBus uses the following social media channels and services for its presence and for integration into its website, and data processing on the individual social networks is subject to the data protection provisions of the channels in question:

Facebook

PostBus presence:

Instagram

PostBus presence:

X (Twitter)

PostBus presence:

YouTube

PostBus presence:

LinkedIn

PostBus presence:

7. What web analytics services do we use?

We use various web analytics services. The web analytics services use cookies (see section 5.1), which evaluate the use of the digital presence in order to obtain information and improve our services and in order to provide a statistical evaluation of our visitor traffic. The services used for this purpose can be seen in the cookie banner. The information generated in this way may be transmitted to a server abroad and stored there. You can prevent cookies from being stored by modifying the settings in your browser software and the cookie banner accordingly (see section 8). Data collection and storage can be withdrawn at any time with future effect.

8. How do I prevent the use of cookies and web analytics tools?

The use of cookies can be managed via the consent banner. Functionally necessary cookies are required from a technical perspective for the display of our digital presence and cannot be deselected via the consent banner.

Please note that the consent banner with direct control of cookies is being introduced gradually on the various microsites. If the old cookie banner is still displayed on the page you visit, the use of cookies can only be managed via the browser functions (settings or add-ons). Most browsers accept cookies automatically. However, you can instruct your browser not to accept any cookies or to prompt you before accepting a cookie from a website you visit. You can also delete cookies on your computer or mobile device using the feature for doing so in your browser.

To enable or disable cookies in your web browser:

Check which web browser you are using and then select the relevant link below. On the page you are taken to, you will find instructions on how to enable or disable cookies in your web browser.

If you choose not to accept our cookies or cookies and tools from our partner companies, you will not be able to see certain information on our websites and will be unable to use some features that improve your visit.

More information on the use of cookies can be found on the following website: All About Cookies | Online Privacy and Digital SecurityTarget not accessible

Target not accessible9. Will we share your data with anyone else?

Your personal data will be passed on solely to selected service providers − and only to the extent required to provide the service.

This includes:

  • IT support service providers
  • Subscription card issuers
  • Shipping service providers
  • Service providers tasked with distributing transport revenue among the participating transport companies (in particular during the creation of distribution keys as set out in the Federal Act of 20 March 2009 on Passenger Transport (PTA))
  • Our hosting provider
  • Other companies within Swiss Post Group.

External service providers who process data on our behalf are contractually obliged to comply with the relevant data protection provisions and may process data only in the same manner in which PostBus is permitted to do.

We will retain your information for no longer than necessary and will treat it as confidential. This excludes the transmission of personal data to payment collection service providers, to governmental institutions and authorities and to private persons with a right thereto based on statutory regulations, court orders or regulatory decisions, as well as its transmission to governmental institutions for the purposes of taking legal action or prosecution should our legally protected rights be challenged.

10. Your rights

10.1 Amendment, blocking and deletion / withdrawal of consent

You have the right to request information concerning the processing of your personal data. You also have the right to have your data deleted or destroyed. You may forbid or block the processing of your data, provided it is not necessary to render the services you have requested. You also have the right to have incorrect personal data corrected. If neither the correctness nor the incorrectness of the data can be determined, you may request that a note of objection be added. If you have expressly consented to further data processing, you may revoke this at any time. The legality of the data processing for the entire duration of the valid consent is not affected by this. All legal provisions which oblige or entitle PostBus to process or disclose data remain reserved. If the deletion of the data is not permitted for legal reasons or there is a legitimate reason for the processing of data, the data will be blocked instead of deleted.

You can assert your rights via post or e-mail to the following address:

PostBus Ltd
Compliance & Governance
Engehaldestrasse 39
3030 Bern
Switzerland

E-mail: compliancepa@postauto.ch

If you submit a request for information to us, you must enclose a copy of an official form of identification such as a passport, identity card or driving licence. We require this in order to identify you. Your name, date of birth and place of residence must be visible on your ID. We do not require any of the other information on your ID for the identification process, so you may block it out.

Should you wish to contact us by e-mail, please note that e-mails will be in an unencrypted form and will therefore be susceptible to the security risks typically associated with such methods of communication.

Any information or deletion requests regarding your data in the central customer database operated by Swiss Federal Railways (NOVA database) should be directed to datenschutz@sbb.ch. 

11. How secure is your data?

The data we collect and save is treated confidentially and, using appropriate technical and organizational precautions, protected against loss or manipulation and unauthorized access by third parties.

Our digital presence may contain links to other digital solutions that are outside our control and are not covered by this Privacy Policy. If you access other digital solutions using the links provided, the operators of these digital solutions may collect information from you which will be used by these operators in accordance with their Privacy Policies, which may differ from ours.

We do not accept liability for any unauthorized access or loss of personal data that is beyond our control.

12. Amendments to the Privacy Policy

Amendments to this Privacy Policy may be required from time to time; for example, due to the ongoing development of our digital presence or as a result of changes in legislation. PostBus therefore reserves the right to amend the Privacy Policy at any time, with effect from a future date. Accordingly, we recommend that you reread this Privacy Policy on a regular basis.

This Privacy Policy was last updated in October 2023.

Phishing and other attempts at fraud on the Internet

A person uses their smartphone to find out about phishing

Online fraud attempts are increasingly targeting any potential carelessness on the part of users in order to access coveted data. Find out here what you and PostBus can do to combat fraud and where you can report suspicious cases.

Rich Content Section