Skip to content

Privacy statement Tranzer

Privacy statement Tranzer

Latest update on 29 February 2024

In order to be of service to you, we process (personal) data from you. Tranzer B.V. (Tranzer) believes that privacy is a fundamental human right and therefore Tranzer treats your personal information carefully. In this privacy statement, you will read how we process your data and what we use it for.

The Tranzer app, Tranzer Portal and Tranzer API are services of Tranzer. Tranzer delivers access to mobility as an added service in the Tranzer app, portal and in any third-party consumer app or portal, being an End User Platform (EUP). With our API we can provide planners, payment services, ticketing and data analytics for EUP apps or (third-party) Portals. 

Tranzer enables you to plan your trip with an app or (third-party) Portal on your phone from any location and to buy tickets that you receive directly in an app on your phone and which allow you to travel immediately.

Tranzer is responsible for processing your personal data as covered in the General Data Protection Regulation (GDPR or AVG).

Please read this privacy statement before you use our services. By using our services you agree to the contents of this privacy statement. In order for you to understand how a third party EUP treats or processes your data, please check their privacy policy or privacy statement.

We have structured our privacy statement as follows: 

A. Tranzer’s Privacy Principles
B. General Privacy Rules
C. With whom we share your data
D. Cookies
E. Analytics
F. Retention period
G. Security
H. Your rights
I. Questions
J: Amendments

A. Tranzer’s Privacy Principles

We design our products and services guided by our four key privacy principles:

  • Data Minimization Collecting: only the minimum amount of data required to deliver what you need for a given service.
  • User Transparency and Control: making sure that users know what data is shared and how it is used, and that they can exercise control over it.
  • Privacy by design and default: protecting user privacy and minimizing data collection.
  • Security Hardware and software: working together to keep data secure.

Through these four principles, Tranzer’s goal has always been to let users share data as they wish, in a way that is safe, and they understand and control.

B. General Privacy Rules

Above all, Tranzer complies with the requirements of the relevant and applicable privacy legislation. We carefully manage your data. And we will continue to do that, whilst looking for the best way to provide our services as quickly and easily as possible.

B.1. What personal data do we process and what are we using that data for?
We collect (personal) data and information from you, which data we process for different purposes.

Per different purpose and different service, we only collect and process data and information which is required for the specific purpose or service. In case collection and processing of any of the below mentioned information and data is not required, we will not collect, process and/or use such information and data.

B.1.1 Personal information
We always collect your first name, last name, e-mail address and IP address.

Depending on the service, product or modality we may also collect your date of birth, phone number, address, residence, gender, ID type and number and mobility/fuelcard number to:

  • issue valid transport tickets for train, bus, tram and metro
  • pay your mode of transport.
  • send payment and purchase documents.
  • enable you to submit refund requests to operators.
  • recognize you.
  • provide you with user support.

B.1.2 Location data
We collect the GPS location and IP address of your mobile operating system when the app runs in the foreground or background to:

  • determine your location.
  • provide you with personal and tailored travel advice.

B.1.3 Transaction data
We collect your transaction details, such as date and time when you purchase a ticket, the amount charged, the distance you traveled, and where to where you purchased a ticket, to:

  • provide you with a payment and purchase receipt.
  • allow you to make payments in the app and portal.
  • provide insight into your travel history.
  • inform carriers about the trips made and related expenses incurred.

B.1.4 Communication data
We use your email address:

  • for sending payment and purchase documents.
  • to inform you about app updates and changes in our services.
  • to carry out research to better understand how users are using our services and improve them.
  • to reply to a helpdesk question from you.
  • only with your permission: for sending newsletters and other marketing communication. You can always unsubscribe from a newsletter. The newsletter provides a cancellation opportunity that you can click. You can also withdraw your consent via your account in the app.

B.1.5 Activities data
We will keep your activity in the app and portal to:

  • provide you with user support.
  • observe how our service functions, how we can improve and maintain it.
  • solve software and operational issues.
  • perform tests and research.
  • monitor and analyse usage and activity trends.

B.2. Legal basis for processing your personal data
Personal data may only be processed if there is a legal basis for this (rule of law).

B.2.1 Unambiguous consent
The basis we use for processing your personal information, location data and transaction data is your unambiguous consent (Article 6, paragraph 1 sub a AVG).

By actively giving permission to Tranzer to process your personal data and agreeing to the terms and conditions when registering with the Tranzer application, or during the buyer flow in the Tranzer Portal you consent to the processing of your data by Tranzer as described in this privacy statement.

In order for you to understand how a third party EUP treats or processes your data, please check their privacy policy or privacy statement.

If you are younger than 16 years old, then you may only provide personal data to Tranzer if your parent(s) or legal guardian(s) have read this privacy statement and have given permission for you to accept them. Taking into account the available technology, we make a reasonable effort to check whether your parent(s) or legal guardian(s) have actually given permission.

Of course, you can always withdraw your consent by sending us an e-mail. We disconnect your data and remove your personal data from our databases and administration. This right (to withdraw your permission) relates to future processing of your personal data and not to the personal data we have already processed. We cannot provide our services without processing your data.

B.2.2 Execution of the agreement
The basis we use for providing your personal data to the relevant carrier is based on the execution of the agreement. Personal data is provided to the relevant carrier before making a ticket in order to execute the agreement with you.

B.2.3 Legitimate interest
The basis we use for processing your activity data is necessary for the legitimate interest of Tranzer (Article 6, paragraph 1 sub f AVG). Processing this data is necessary for us to operate and improve our service. We process this data at such an aggregated level that it has minor consequences for the user.

C. With whom we share your data

C.1.1 For the operation of the service
For the operation of Tranzer, Tranzer stores your data with a number of parties inside and outside Europe.

Amazon Web Services is hosting our data. This party, which operates within the EU, has an appropriate level of protection for the processing of personal data within the meaning of the GDPR.

When using the Tranzer app or Portal.
We use Groove Networks LLC helpdesk software, based outside the EU, to handle your support questions. They only receive your personal data as soon as you  request for support.  This party states to comply with GDPR. This means that there is an appropriate level of protection for the processing of any personal data.

We make use of Bugsnag as an error monitoring solution. All personal data collected via or by Bugsnag is stored on servers located in the United States. Please note that although the Court of Justice of the European Union has invalidated the EU-US Privacy Shield Framework as a mechanism for transfers of Personal Information between the EU and US in Case C-311/18, Bugsnag remains committed to complying with the Privacy Shield Principles.

We log performance and debugging data to ElasticSearch. This party, which operates within and outside the EU, has an appropriate level of protection for the processing of personal data within the meaning of the GDPR.

Furthermore, Google services are used by us. See E. Analytics for more information on Google services.

The website of Tranzer also contains links to other websites of third parties. Tranzer is not liable for hyperlinks or other references from the websites of third parties, nor for the way in which those third parties deal with personal data. We advise you to consult the privacy policy or privacy statement of the relevant website for more information.

C.1.2 Issuing Tickets and/or access to modes of transport
Tranzer will pass on your personal data to the relevant carriers and financial service partners for the issuing of valid tickets and the payment and settlement of tickets. For this, your consent is requested when you first use Tranzer or when you start using the relevant service.

C.1.3 Using a fuel or mobility card to purchase your tickets in Tranzer?
If you have linked a fuel or mobility card to your account, the transactions that are entered via that Tranzer account are dealt with administratively via the card provider. For administrative processing we periodically share your transaction data with the card provider. The fuel or mobility card provider is responsible for the further processing of this transaction data and the privacy policy or privacy statement of this provider applies to this.

C.1.4 Have you bought a “powered by Tranzer” ticket in an app other than the Tranzer app?
If you have purchased a ticket in an EUP app and you have a question about the processing of your personal data, or if you wish to exercise your rights, you can ask your questions directly to the relevant party. The third party EUP is independently responsible for the processing of your personal data and the privacy policy or privacy statement of the relevant party applies. In order for you to understand how a third party EUP treats or processes your data, please check their privacy policy or privacy statement.

D. Cookies

We use various types of cookies on our Tranzer website. A cookie is a simple small file sent to pages from this website and stored by your browser on your device. The information stored therein can be used in a subsequent visit to make access to the website easier for you. For example, by loading your personal preferences. We require your permission for the use of a number of cookies. You can give this on your first visit to our website. For more information see our cookie policy via Privacy settings on our website.

If you do not want us to use cookies, you can choose from your browser for the “cookies off” option or ask your browser provider for the correct settings.

E. Analytics

Via our website, a cookie is placed from the United States based company Google, as part of the “Analytics” service. We use this service to keep track of and report on how visitors use the website.

In our app we use Google Firebase, as part of the “Analytics” service to keep track of and report on how visitors use the app.

Google may provide this information to third parties if Google is required to do so by law, or in so far as third parties process information on behalf of Google. We have no influence on this process. We have not allowed Google to use the analytics information obtained for other Google services.

The information collected by Google is as anonymized as possible. Your IP address is expressly not provided. The information is transferred to and stored by Google on servers in the United States. As of July 16, 2020, Google no longer relies on the EU-U.S. Privacy Shield to transfer EEA and UK personal information to the U.S. but they continue to apply the Privacy Shield Principles to personal data  received by them from the EEA and UK in reliance on the Shield. This implies that there is an appropriate level of protection for the processing of any personal data.

F. Retention period

Tranzer keeps your data as long as your account remains active, so that you always have insight into the journeys made via Tranzer. For us, an account is active as long as we see activities in it, including requested schedules and purchased tickets.

You can ask us at any time to delete or anonymize your data or your account. We may still keep your financial data in accordance with the fiscal seven-year retention term.

If your account has been inactive for two years, we will delete your account after we have informed you and anonymize previously obtained data.

You can unsubscribe from Tranzer at any time by sending a mail to support@tranzer.com. Once you have unsubscribed, we will no longer receive personal data from you and we will delete your personal data from our databases and administration or make them anonymous.

G. Security

Tranzer will take appropriate, state-of-the-art technical and organizational security measures to provide adequate safeguards for the security, integrity and availability of your data. This also applies to the information to be added, extracted and / or derived from it. Tranzer will protect both input and output against loss, theft or any unlawful and / or unauthorized form of processing. Tranzer has an ISO 27001 certification.

H. Your rights

If you use the Tranzer app and you want to use the rights below, please send an email to privacy@tranzer.com. We will process your request as soon as possible, but no later than one month after receipt. If you have purchased a ticket in an EUP app, and you want to use your rights as a data subject, you can ask your questions directly to the relevant party. The third party EUP is independently responsible for the processing of your personal data and the privacy policy or privacy statement of the relevant party applies. In order for you to understand how a third party EUP treats or processes your data, please check their privacy policy or privacy statement.


Access to your data
As a customer you have the right to access your personal information. This means that you can ask us which personal information is registered for you and for what purposes this information is used.

Correction of your data
As a customer you have the right to have your personal information corrected, if our registration does not appear to be correct. This also applies if the data is to be supplemented or modified.

Right to be forgotten
As a customer you have the right to have your personal information removed. This means that we remove your personal information from our systems. Your data may still be anonymized and / or aggregated in various management reports.

Right to object
As a customer you have the right to object to the processing of your personal information. We will address your objection, if provided with reasonable substantiation, and respond to you as soon as possible.

Right to data transfer
As a customer you have the right to portability of your personal information. This means that we can make your personal data available in standard file format so that you can reuse it.

I.  Questions

Should you have any specific questions or comments about our privacy statement, please contact privacy@tranzer.com. You can also submit your questions about access, correction, forgotten, objection and removal of your data to privacy@tranzer.com. Alternatively, you may also send any communication to:

Tranzer B.V.
Attn: Privacy officer
Stationsplein 61
3818 LE Amersfoort
The Netherlands

Should you have questions about the services provided by Tranzer, you can contact support@tranzer.com.

If you are of the opinion that Tranzer is not acting in accordance with the applicable privacy legislation and this privacy statement, you can submit a complaint about this to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens). We kindly ask you to report this to us as well so that we can take immediate action.

J. Amendments

Our services are constantly evolving, which means that the way we process personal data, as well as which and how much data we process, can change. We therefore reserve the right to adjust this privacy statement. To see if a change has taken place, our privacy statement at the top always includes the last date on which it was changed. If necessary, we will actively inform you about a change.