If you would like to find out how other OV-chipkaart system organisations process and protect your data, please see these organisations' privacy policies.
Please click on the links below to find out more about our approach to privacy. Or download Translink's complete privacy statement (pdf).
Why does TLS process data?
TLS processes data in order to provide the following services:
- Produce OV-chipkaarts, send these to customers and receive payment from customers.
- Provide OV-chipkaart Customer Services, such as answering questions and blocking a personal OV-chipkaart after loss or theft.
- Offer the option to use My OV-chipkaart on this website, to view the online travel history, for example.
- Manage money loaded onto OV-chipkaarts. Process transactions (check-ins, check-outs and loading credit, for example) and analyse these (to detect fraud).
- Offer the option to use the OV-chipkaart as a form of identification to purchase services from other organisations.
NB: TLS does not use any more personal data than necessary. TLS does not use your data for marketing purposes and therefore does not send you offers for products or services.
What data does TLS store?
Personal data: this data is stored in the TLS systems and not all of this data is stored on your OV-chipkaart. The following data is necessary to provide services:
- Postcode and town or city
- Telephone number
- Date of birth (only for a personal OV-chipkaart)
- Bank account number (if applicable)
- OV-chipkaart card number (16 digits)
- Username (if you apply for My OV-chipkaart on this website)
- Email address
Card data: the OV-chipkaart is a contactless card. A personal OV-chipkaart displays a passport photo, name, date of birth and gender. The chip in the card also contains information necessary to ensure it works correctly with OV-chipkaart equipment (gates, card readers, etc.).
- Chip number (internal number)
- Credit (no bank account number)
- The last 10 travel transactions and last 2 loading transactions automatic reloading amount (if applicable)
- Any travel products Date of birth (only for a personal OV-chipkaart)
When does TLS link your card data to your personal data?
Processing of data for an anonymous OV-chipkaart
If you are using an anonymous OV-chipkaart, you can pay and travel on public transport without your identity being known. You can also consult this website anonymously. If you disclose yourself to TLS, you will no longer be anonymous. This includes OV-chipkaart Customer Services, for example, if you ask for information to be sent by post. Or if you complete a contact form on the website.
Processing of data for use of the OV-chipkaart as a form of identification
If a participant in the OV-chipkaart system uses the OV-chipkaart as a form of identification, we will only provide your internal chip number if you give consent for this. TLS checks in advance whether:
• data is being provided for a legitimate purpose and
• the cardholder's consent is requested.
Processing of data on this website
You can register for My OV-chip on this website using either an anonymous or personal OV-chipkaart. You do this with a username and password. You can then also apply for an online transaction overview. You choose which cards you want to do this for. You will then be able to view all journeys and transactions from the time of your application onwards. We receive this data from the public transport companies. You can use this information to create an expenses overview, for example.
Providing details to other organisations
If you have a personal OV-chipkaart with a pass or season ticket, for example, the public transport company will also process your personal details.
If necessary to ensure the OV-chipkaart system functions correctly, TLS can provide your details to other organisations in the OV-chipkaart system. This is also possible if you have given consent in order to purchase a service from an organisation within the OV-chipkaart system. If you participate in a saving programme, for example.
TLS is also legally obliged to provide personal data to the police if a request meets statutory requirements.
What are your rights?
You are entitled to ask TLS in writing whether we process your personal data. If the data is incorrect, you can ask TLS to change your data. If you believe that TLS does not have the right to process this data, you can ask us to delete the data. Send your request together with a copy of a form of identification to firstname.lastname@example.org. We will let you know whether your request can be met within four weeks. You can also send any other queries about privacy to this email address.
|Personal data||Storage periods|
|Transaction data for personal OV-chipkaart||Maximum of 18 months|
|Transaction data for anonymous OV-chipkaart||Maximum of 18 months|
|Automatic reloading data||Maximum of 13 months after the financial transaction|
|Data in the case of contact with Customer Services for personal OV-chipkaart||Maximum of 18 months|
|Data in the case of contact with Customer Services for anonymous OV-chipkaart||Maximum of 18 months|
|My OV-chipkaart data||Maximum of 18 months|
|Contract data||Storage periods|
|On purchase of first personal OV-chipkaart||Technical lifespan (5 years), provided the card is not terminated, plus 13 months|
|For replacing an expired personal OV-chipkaart||The data for the expired card is copied|
|For replaced personal OV-chipkaart||The data for the replaced card is copied|
How long is your data stored for?
For a personal card we store:
- your personal data for as long as your card is valid;
- your direct debit data for 13 months whilst your card is valid;
- the personal data for previous card(s) when your card is replaced or expires;
- your contact details with OV-chipkaart Customer Services for a maximum of 18 months;
- your transaction data for a maximum of 18 months.
For an anonymous card we do not store any of your personal data, except:
- if you request a credit refund using a form (3 months).;
- if you contact OV-chipkaart Customer Services (maximum of 18 months).
In relation to the personal data protection act we can only provide data of cardholders under the age of 16 years to the parents and/or the legal representatives.