We find it of the utmost importance to handle the personal data of our travellers with care. In our privacy statement, you can read how we process and use personal data. Below we summarize the privacy statement of Transdev Holding N.V. and all its sub-brands including Connexxion, Hermes, Breng, Overal, among others.

Who we are

Transdev Nederland Holding N.V. (Transdev) is one of the Netherlands’ largest mobility companies. Ranging from buses, trains and taxis to ambulances and even self-driving shuttles, our vehicles criss-cross the Netherlands. We operate various companies and well-known brands such as Connexxion, Hermes, and Witte Kruis. All references to Transdev in this privacy statement are references to all those companies and brands jointly.
For a list of the most active Transdev companies and brands, click ‘Read more’ below.

This privacy statement will explain the following:
  • What personal data on you we process when you use Transdev’s services and/or visit one of the websites.
  • For what purposes Transdev processes these personal data.
  • Your rights with respect to the processing of your personal data.
In order to present the information as clearly as possible, each topic has been subdivided into two layers of information. You will first get the most important information. If you want more information, then you can simply download this privacy statement or click on 'read more'.

When we process your personal data

This privacy statement applies to all personal data on you that are processed by Transdev. Please find below a list of the most common situations where we process your personal data:
  • For the performance of the contract of carriage and the financial settlement thereof. This includes when you buy our products and subscriptions (i.e. the different pricing plans for travel on public transport based on when and how often you travel);
  • For contact with Transdev, by phone, email, chat, app, social media, contact form, questionnaires, competitions, or (panel) surveys or when you use one of the ‘Mijn Transdev’ platforms;
  • If you have consented to us sending you information about (new) Transdev products and/or services. You can always withdraw your consent using the unsubscribe link that you will find in each newsletter or email;
  • For (internal) analysis for:
    • process improvement
    • vehicle and rolling stock capacity utilisation, scheduling, and deployment
    • product and service development
    • market research
    • historical, statistical purposes
    • quality assurance purposes
  • To process and return lost and found property;
  • To handle questions and complaints about Transdev and solve any disputes between you and Transdev;
  • In the performance of enforcement and investigative tasks by special investigating officers.

What personal data we process

When you use any of our services, we ask you to submit your personal data. Transdev processes mainly general personal data. This includes such data as your name, contact details, and date of birth. If necessary for Transdev to be able to provide its services, we also process special category data, such as data concerning health. This latter data is processed when, for example, providing transport services for pupils and students in special education.

How we obtain your data

After explaining in the previous what personal data Transdev processes, we will in this section go into how we obtain these data. In most cases, you submit these data yourself directly on our website, by email, or over the phone. In case of business services, we generally obtain the data through your employer or client.

Why we process your personal data

Transdev processes personal data for the following purposes:
  • Provision of our services
  • Risk reduction
  • Performance of marketing activities
  • Product and service improvement
  • Compliance with legal obligations

How long we store personal data for

The basic principle is that we never store your personal data for longer than necessary. In some cases, the law stipulates exactly how long we can or have to store data. If you have taken out an annual subscription, your personal data will be processed in our subscription administration. As required under the State Taxes Act [Algemene Wet inzake Rijksbelastingen], these data are retained for seven years.
In other cases, we decide for ourselves based on necessity and reasonableness how long we need your data. We have drawn up a retention period policy for this purpose. How long personal data are retained for differs per situation and also depends on why the data are retained. The retention period can range from a few weeks to many years. Travel transaction data, i.e. data generated by your use of the public transport smart card, will be stored for 18 months.

For more information about specific retention periods, please contact us.

To whom we transfer your personal data

Transdev only transfers personal data to third parties if permitted or required by law, and when necessary for Transdev’s operations.

Transdev will, for example, transfer your personal data to the Central Fine Collection Agency [Centraal Justitieel Incassobureau (CJIB)] if you fail to pay a fine. Transdev can also transfer data to investigative authorities, such as the police and the public prosecution service, for the investigation and prevention of criminal offences.

Transdev and the other public transport operators aim to make public transport as efficient and effective as possible. For that, we need insight into passengers’ travel patterns. We gain the required insight through statistical analyses of travel behaviour, i.e. our so-called ‘information processes.’ We use only so-called ‘transaction data’ for these analyses, not customer data such as name or date of birth. Arrangements to this effect have been laid down in a collaboration agreement.

We process your personal data in the Netherlands or the European Economic Area (EEA) as much as possible. We may in some cases transfer your personal data to countries outside the EEA. If countries do not offer an adequate level of protection, we provide appropriate safeguards together with the parties with which we share the data. These safeguards include using standard contracts developed especially for this purpose by the European Commission.

Your data protection and privacy rights

The General Data Protection Regulation gives you the right to:
  • access your personal data;
  • rectify your personal data;
  • erase your personal data;
  • restrict the processing of your personal data;
  • transfer your personal data to another service provider.
You also have a right to object to the processing of your personal data and to lodge a complaint.

While the Police Data Act also gives you these same data protection and privacy rights, it does contain more restrictions and exceptions than the General Data Protection Regulation. When exercising your data protection and privacy rights under the Police Data Act, we will take these restrictions and exceptions into account.

Social media

You can choose to contact us on our social media channels, such as:
  • Facebook
  • LinkedIn
  • Twitter
  • WhatsApp
  • Instagram
If you get in touch with us on one of these channels, we will store the data you send to us via these channels. In order to be able to respond to personal questions in a social media message, we will ask you in a personal message (direct message or email) to share your contact details with us. This will allow us to confirm that we are talking to the right person.

Automated decision-making

Transdev does not use automated decision-making without human intervention.

Changes to this privacy statement

Data protection and privacy legislation and regulations are dynamic. As a result, we regularly amend this privacy statement to keep it up to date with the latest legislation and regulations. We will amend this privacy statement as and when necessary to adapt it to new developments, such as when there are changes to our business operations, amendments to the law, or changes in case law. The privacy statement published on is always the latest version.

This privacy statement was last amended on 28 March 2023.

Questions, complaints, and contact

If you have any questions about this privacy statement, please contact our Data Protection Officer by email on
If you have a privacy-related complaint, please contact us by filling in and submitting the complaint form on our website. Alternatively, you can send a letter to:

Attn The Data Protection Officer
Privacy Department
Postbus 224
1200 AE Hilversum, Netherlands

If you are not satisfied with our response to your complaint, you can also lodge a complaint with the Dutch Data Protection Authority. You can do that on their website: