Privacy Policy

This Privacy Policy explains how PERIER sp. z o.o. processes personal data in connection with the BetterBahn service.

1. Data Controller

PERIER sp. z o.o., ul. 1 Maja 39, 71-627 Szczecin, Poland KRS 0001203585, NIP 8513340283, REGON 543161719 Email: [email protected]

No Data Protection Officer has been appointed. For all data-protection matters, please contact us at the email address above.

2. Overview of Processing

Split-ticketing search — for anonymous users we do not process personal data; search queries are forwarded anonymously to external APIs.
User account — when registering, we store email address, name and, optionally, travel preferences and search history.
Subscriptions and billing — for paid subscriptions we process billing data via our payment provider Mollie.
Analytics — we use Rybbit Analytics (privacy-friendly, no consent required) and PostHog Analytics (only with your explicit consent) to improve the Service.

3. Automatic Data Collection

3.1 Server log files

Each time you access the Service, the following data is automatically stored in log files: IP address, date and time of access, name and URL of the requested file, amount of data transferred, message about successful retrieval, browser type and version, operating system, and the name of your internet service provider.

Legal basis: Article 6(1)(f) GDPR (legitimate interest in operating and securing the Service). Retention: log files are deleted automatically after 7 days.

3.2 Rybbit Analytics (privacy-friendly)

We use Rybbit Analytics for privacy-friendly, cookieless website analytics. Rybbit does not store IP addresses and does not set cookies. Data processed: page views and navigation, anonymised referrer data, anonymised browser information, aggregated usage statistics. Legal basis: Article 6(1)(f) GDPR.

3.3 PostHog Analytics (only with consent)

If you accept analytics cookies, the following additional data is processed: page views and navigation, referrer data, browser information, error and performance data, anonymised user interactions. Retention: 12 months. Legal basis: Article 6(1)(a) GDPR (consent).

4. Cookies

4.1 Strictly necessary cookies

Session cookie — authentication token for logged-in users (valid for 7 days)
cc_cookie — stores your cookie preferences

4.2 Analytics cookies (PostHog)

Analytics cookies are only set with your explicit consent. They store an anonymised IP address, page views and navigation, browser information (User Agent), referrer data, error and performance data and anonymised user interactions. Retention: 12 months. Processing takes place on PostHog's EU servers (GDPR-compliant).

You can manage or revoke your consent at any time via the cookie banner or the cookie settings on our website. Revocation does not affect the strictly necessary functions of the Service.

5. Split-Ticketing Functionality

For anonymous users, our split-ticketing functionality does not process personal data. Search queries are forwarded anonymously to external APIs.

What is processed: travel connections (origin and destination stations, date, time), travel class and BahnCard status, Deutschlandticket status.

What is not processed: your IP address, personal identification data, booking data or payment information.

6. User Account and Registration

Registration is voluntary and unlocks features such as saved travel preferences and search history.

6.1 Registration data

Email address, name, password (stored as a secure hash). Legal basis: Article 6(1)(b) GDPR (contract performance). Retention: until you delete your account.

6.2 Travel preferences

BahnCard type, preferred travel class, Deutschlandticket status, passenger age. Legal basis: Article 6(1)(a) GDPR (consent).

6.3 Journey history

Origin and destination stations, travel date and time, travel class, original price and split-ticket price, savings. Legal basis: Article 6(1)(b) GDPR. You may delete individual entries or your entire account at any time.

7. Subscriptions and Billing Data

When you subscribe to BetterBahn Pro, the following data is processed: name, email address, billing country, payment status, payment method reference (e.g. tokenised card identifier provided by Mollie — never the full card number), invoice number, amount, currency, and any VAT identification number you provide for B2B invoicing.

Legal basis:

Article 6(1)(b) GDPR — performance of the subscription contract
Article 6(1)(c) GDPR — compliance with legal obligations relating to invoicing and accounting (Polish VAT Act, Tax Ordinance)
Article 6(1)(f) GDPR — fraud prevention

Retention: invoices and accompanying accounting records are retained for 5 years from the end of the calendar year in which the tax obligation arose, in accordance with Polish tax law.

8. Feedback System

The feedback system is voluntary and used to improve the Service. Data processed: satisfaction rating, selected improvement suggestions, free-text feedback (optional), page context, User Agent, user ID (only if logged in), IP address (hashed, for abuse prevention). Legal basis: Article 6(1)(f) GDPR.

9. Recipients and Third-Party Processors

User accounts, preferences, journey history and feedback are stored on our own infrastructure in the EU and are not shared with third parties. The following external services process data on behalf of BetterBahn:

9.1 Mollie (payment service provider)

Provider: Mollie B.V., Keizersgracht 126, 1015 CW Amsterdam, Netherlands Role: processor under Article 28 GDPR with respect to payment processing on behalf of PERIER sp. z o.o.; in some respects (fraud prevention, AML compliance) Mollie acts as an independent controller. Data: name, email, billing country, tokenised payment instrument, amount, currency, transaction status. Purpose: processing card and SEPA payments for BetterBahn Pro subscriptions and recurring billing via Mollie's subscription API. Legal basis: Article 6(1)(b), (c) and (f) GDPR. Privacy policy: mollie.com/privacy

9.2 Rybbit Analytics

Self-hosted Rybbit instance on EU infrastructure. Purpose: privacy-friendly website analytics without tracking. Legal basis: Article 6(1)(f) GDPR.

9.3 PostHog Analytics

Provider: PostHog Inc., 548 Market St, PMB 20746, San Francisco, CA 94104, USA. Our data is processed on PostHog's EU servers (GDPR-compliant). Purpose: website analytics, performance monitoring, error tracking. Legal basis: Article 6(1)(a) GDPR (consent). Privacy policy: posthog.com/privacy

10. Your Rights

Under the GDPR you have the following rights:

Right of access (Article 15)
Right to rectification (Article 16)
Right to erasure (Article 17)
Right to restriction of processing (Article 18)
Right to data portability (Article 20)
Right to object (Article 21)
Right to withdraw consent at any time (Article 7(3)), without affecting the lawfulness of processing carried out before withdrawal

To exercise your rights, please contact us at [email protected].

You also have the right to lodge a complaint with a data-protection supervisory authority. The competent authority for PERIER sp. z o.o. is:

Prezes Urzędu Ochrony Danych Osobowych (UODO) ul. Stawki 2, 00-193 Warszawa, Poland uodo.gov.pl

11. Data Security

We use appropriate technical and organisational measures to protect your data from unauthorised access, loss, misuse and alteration. The website uses SSL/TLS encryption for all data transmission. Passwords are stored as secure hashes and never in plain text. All data (user accounts, analytics, feedback, billing) is processed on EU infrastructure under GDPR.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the Service or legal requirements. The current version is always available on this page.

Status: 7 April 2026