Ticket information line

Call: 6118000 (24/7)
Write: [email protected]

Pilet.ee General info Data protection

Data protection

About pilet.ee

The usage and data protection rules of the electronical payment collection system and of the Internet environment pilet.ee

The usage and data protection rules (hereinafter "the rules") will provide an overview on how and for which purpose the parties of the electronical payment collection system and the pilet.ee Internet environment will collect, use and protect the personal data of the users.

Concepts

Electronical payment collection system – a set of technological and organisational means, which the Users can use for buying the right to use the services of the Provider of the Service (e.g. the right to use public transportation) for themselves or for other Users for a certain period or a number of times, and which the Controllers can use for controlling the rights of the Users for using the services provided by the Provider of the Service.

Ticket – personal right for using the services provided by the Provider of the Service, which is sold to the User via the electronical payment collection system and which the User proves with his or her personal identification document (ID-card) or Public Transport Card (in case of personalised Public Transport Card with a proof of identity), unless otherwise agreed between the Provider of the Service and the Operator.

pilet.ee – Internet environment, where all information on the electronical payment collection system has been published and where the Users, Providers of the Service and Controllers can carry out operations according to their authorisations.

User – physical or legal person who buys an Ticket and uses the services of the Provider of the Service on the basis of it.

Provider of the Service – physical or legal person who wishes to arrange the sales of their services and payment for these by using the electronical payment collection system and Tickets.

Seller – physical or legal person who performs a sales operation via the electronical payment collection system, in course of which Ticket is activated for the User and payment is collected from the User.

Operator – Ridango AS, administrator of the electronical payment collection system.

Controller – physical or legal person for whom the Operator, upon the authority provided by the Provider of the Service, has given the right to control the Tickets of the Users.

General principles

When collecting the data, the Operator will only ask what is strictly necessary for providing a high quality service to the Providers of the Service and Users. The electronical payment collection system stores the following data on Tickets:

  • Type of Ticket
  • Personal ID code of the User
  • Beginning and end date of the validity of Ticket
  • Ticket price and sales point
  • Information on the seller of Ticket (for calculating statistics divided in sales points)

With buying a Ticket, the User gives to the Operator the right of processing the User’s personal ID code and making inquiries to the Population Register necessary for ensuring discounts for the User on the basis of it. The Operator will use the User’s personal ID code and the data inquired from the Population Register on the basis of it only for the purpose of ensuring that the User’s Ticket will be fully operational.

Sales of services

In order to buy a Ticket, the User will approach the Operator either via the electronic channels determined by the Operator or in the mediation of the Seller at the sales points determined by the Operator.

When buying a Ticket, the User will indicate the personal ID code of the User for whom the Ticket is bought. A Ticket can be bought for oneself or for any other User. In order to enter the personal ID code, ID-card can be presented to the Seller or the personal ID code can be orally read out to the Seller.

A Ticket will only be sold if the User for whom the ticket is bought has an ID-card or a Public Transport Card, unless the agreement between the Provider of the Service and the Operator establishes otherwise.

In case the price of the service provided by the Provider of the Service depends on the place of residence of the User, the electronical payment collection system makes automatically an inquiry to the Population Register and, on the basis of the results, ascertains the price of the Ticket to be sold. The place of residence nor any other information on the User included in the inquiry will not be displayed for the Seller; the only thing displayed will be the price of the Ticket to be sold.

When buying the ticket via pilet.ee, the personal identity of the User will be authenticated on the basis of ID-card or some other secure means of ascertaining personal identity electronically.

Data protection

The Operator will not disclose the details on Tickets, Users nor any other information that the Operator has come to know in course of providing the service to any third party. Only statistical, impersonalised data will be disclosed to the Provider of the Service and other third parties.

The Operator will ensure the protection of the data in its possession with the best contemporary physical, organisational and technological information security measure.

The Operator will disclose information on Tickets and Users to the Controller in the extent that is necessary for controlling Tickets. The Controller will insert the User’s ID-card or Public Transport Card in the control device, which displays the personal ID code of the User or the number of the Public Transport Card. As an exception, e.g. when the User is a person aged under 15, the Controller may enter the personal ID code manually. On the basis of the personal ID code or the number of Public Transport Card, an inquiry will be made to the electronical payment collection system, and an answer will be displayed for the Controller whether the User has a valid ticket related to the respective provider of the service and what type the ticket is. In case of a discount ticket, the Controller may request the User to submit documents proving the basis for additional discount.

Control of data

The Controller can control Tickets of the Users with a respective control device, for which the Operator has provided free access to the database of Tickets.

The Controller authenticates the identity of the User on the basis of an ID-card.

In case the User wishes to do so, he or she may personally insert the ID-card in the control device of the Controller.

Disclosure and storage of data

The Operator will provide the Provider of the Service with impersonalised, summarised statistics on the Tickets related to the respective Provider of the Service, sold through the electronical payment collection system, in agreed volume and form.

The Operator will provide the Provider of the Service with impersonalised, summarised statistics on the Tickets related to the respective Provider of the Service, sold through the electronical payment collection system, in agreed volume and form.

The Provider of the Service will have the right to perform or order a supplementary audit of the Operator at any time in order to be sure that the service is provided in a secure way. The terms of audit will be more precisely determined in the contract between the Provider of the Service and the Operator.

The Operator will store the Tickets in the electronical payment collection system for at least a year in order to make it possible to settle possible disputes.