Legal and privacy note

<< back to full site

Privacy policy

This section gives the privacy policy for the website and its subdomains (,, etc.), owned by Trasporto Passeggeri Emilia-Romagna S.p.A. (hereinafter also "TPER S.p.A." or "TPER"), a transport company with its registered office at Via di Saliceto 3, Bologna.

This privacy policy is in accordance with Italian Legislative Decree 196/2003 as amended and Regulation (EU) 679/2016 (GDPR) and Italian Decree-Law 101/2018 integrating GDPR and is intended for all users of the published services. The privacy policy does not apply to pages and/or services of other sites reached from links on and its subdomains.

Summary of legal bases for collecting data

1) Consent Consent is given by the data subject to authorise data processing. Consent must be specific: it must be linked to a precise purpose. If processing is based on consent, the controller must provide the privacy policy and obtain the consent.

2) Performance of contractual obligations

Processing is lawful if it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the data subject’s request prior to entering into a contract. Consent is not required but the privacy policy must be provided, giving the legal basis for processing. In this case, by law the purpose must be specified.

3) Legal obligations to which the controller is subject

When data processing is required to fulfil obligations arising from EU law, regulations or standards.

Consent is not required but the privacy policy must be provided, giving the legal basis for processing. In this case, by law the purpose must be specified.

4) Vital interests of the data subject or of other persons

Processing is permitted if it is required to protect the vital interests of the data subject or another person, for example in the event of a road accident or if the data subject is physically incapable of giving consent.

Consent is not required but the privacy policy must be provided, giving the legal basis for processing. In this case, by law the purpose must be specified.

This legal basis does not apply to TPER.

5) Compelling legitimate interest of the controller or of third parties whose data is communicated

When processing is required for the purpose of the legitimate interests pursued by the controller or by third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, in particular where the data subject is a child.

Consent is not required but the privacy policy must be provided, giving the legal basis for processing. In this case, by law the purpose must be specified.

6) Public interest or exercise of official authority

The processing required to perform a task carried out in the public interest or in the exercise of official authority vested in the controller (through member state or EU law).

Consent is not required but the privacy policy must be provided, giving the legal basis for processing. In this case, by law the purpose must be specified.

TPER collects data for the following purposes:

Management of complaints, reports, suggestions, appeals, disputes, refunds and requests for information and technical support; point (2)

Purchase or request to purchase travel tickets and/or renew season tickets; point (2)

To send emails, text messages or the like regarding initiatives and notifications about its services; point (1)

Personalisation of browsing when requested; point (5)

Performance of contractual and/or accounting and tax obligations; point (3)

Statistical analysis using aggregated data previously anonymised; point (5)

To exercise or defend a right; point (5)

Any purposes other than those listed above will be specified when the data is collected.

The data will be processed with electronic tools by adequately trained TPER staff.

Data categories

Identification data

Personal identification information is data that can identify the data subject directly.

The most widespread convention identifies this data as:

- First name and surname
- Address
- Email address
- Numbers of identification documents or credit cards
- IP address (when connected to other data)
- Vehicle registration number
- Photographs, the TPER website and TPER in general does not use digital fingerprints or calligraphy
- Place of birth
- Genetic information, the TPER website and TPER in general does not use this data
- Telephone number
- Account name or nickname.

Data subject to special processing (e.g. sensitive data)

GDPR sets out a general ban on processing some types of data, including data that reveals:
- Racial or ethnic origin;
- Political opinions;
- Religious or philosophical beliefs;
- Trade union memnbership.
As well as:
- Genetic data;
- Biometric data for the purpose of uniquely identifying a natural person - Data concerning health;
- Data concerning the person’s sex life or sexual orientation;
- Judicial data (revealing the existence of criminal convictions and offences)

The TPER site, and TPER in general, does not use this category of data for customers except where strictly necessary for point (5) to provide concessionary season tickets, for example to persons receiving municipal income support or with disabilities or for accidents involving TPER vehicles or as passengers

Prize competitions

TPER S.p.A. can process the data required for entering prize competitions (already in TPER S.p.A.’s possession as provided by users when registering for online services and confirmed with express authorisation when joining the Webclub) manually, on paper or electronically (TPER therefore stores and processes the data on paper and electronically).

TPER takes specific security measures to prevent the loss of data, unlawful or incorrect use of data and unauthorised access to it. TPER will store and process all data completely confidentially in accordance with all current regulations (and therefore also in accordance with the principles of fairness, legality, transparency and protection of confidentiality and rights) using logic closely related to the purposes indicated in this policy. TPER will carry out on the data only such operations as are necessary to pursue the purposes indicated in this policy. The data will be stored at TPER’s offices and at the premises of the appointed processors (as well as at the premises of third parties to whom the data will be communicated as autonomous controllers and/or external processors as indicated in this policy) and will also be organised in data banks, including electronic data banks.

TPER can process data:

- For competition entries, management of such competitions, to fulfil all their regulations and to send prizes, in accordance with the law on competitions;

- To fulfil a legal obligation (apart from obligations of the law on competitions), a regulation or EU regulations and to exercise or defend TPER’s rights in appropriate courts.

Processors and those authorised to process the data will do so only when required to carry out the tasks assigned to them.

Employee selection

Personal data that you voluntarily provide when sending your CV and/or personal data, including sensitive data, as part of an application to work for TPER S.p.A., will be processed, possibly using electronic procedures on a database.

TPER S.p.A. undertakes to use the information received in accordance with the current regulatory framework and, in particular, in accordance with the provisions on protecting the confidentiality of personal data.

In this regard, in accordance with the specific provisions of Italian Legislative Decree 196/2003, we ask you to read the following.

Purpose of recruiting employees through selection processes, performance of employment contracts, training courses and work placements at our company.

When selecting employees, TPER S.p.A. can ask for CVs and for any identifying and personal data that is useful for checking whether the professional profiles of candidates are in line with TPER S.p.A.’s requirements.

TPER S.p.A. reserves the right to remove data from its files when, after checks, this data is found to be inaccurate, incomplete or out of date; it can also ask for additional data needed to provide information for its initiatives and activities.

Sensitive and/or judicial data can also be processed and transmitted.

Video surveillance

Video surveillance, whether for private or public use, is subject to strict rules aimed at protecting people’s privacy and fundamental freedoms. All interested parties must determine the exact purposes pursued through video surveillance and check their legality in accordance with current regulations.

TPER uses video surveillance, which is indicated on special signs:

On vehicles (buses, trains)

On fixtures and fittings

During accident investigations

Data is processed fairly and for specified purposes, specifically point (5) to protect company assets.

Images may be kept for 7 days before being deleted and will be kept only in relation to offences that have occurred or to investigations by the judicial authorities or the police.

The persons who can use the systems and view the recordings are appointed in writing, and care is taken that they have access only to personal data that is strictly necessary and that access by other persons is strictly forbidden, except in the case of judicial or police investigations.

Data collected for specified purposes (for example, for safety reasons or to protect assets) cannot be used for other or additional purposes (for example advertising, analysis of consumer behaviour), except as required by the police or the justice system, and cannot be disseminated or communicated to third parties.

Data subjects are always informed that they are about to enter an area under video surveillance through signs giving information about the privacy policy located outside the area covered by the video cameras, in a format and position making them clearly visible in all lighting conditions.

The Italian Data Protection Authority has set out the following security measures:

When individual operators are specifically assigned different responsibilities, different authorisation levels for viewing and processing images must be set. Where technically possible, based on the features of the systems, the aforementioned parties, authorised to process data or processors, must have authentication credentials so that they can only carry out only the operations that they are responsible for, depending on the tasks assigned to them;

Where the systems are configured for recording and then storing the images, careful attention must be paid to limiting the possibility of the authorised parties to view the recorded images when they are filmed and at a later time and to delete or copy these images;

When digital cameras connected to computer networks are used, the cameras must be protected against the risk of unauthorised access. To ensure confidentiality, images filmed by video surveillance equipment must be encrypted before being transmitted through a public communications network.

Ticket validation on buses and trains

Ticket validation data is anonymised after 3 days.

Processing and storage methods

The controller processes users’ personal data taking appropriate security measures to prevent unauthorised access to and disclosure, amendment or destruction of the personal data.

Processing will be automated or manual, using organisational methods and tools to ensure maximum security and confidentiality and using logic closely related to the purposes indicated, and carried out by persons specifically authorised for the purpose in accordance with Articles 31 and following of Italian Legislative Decree 196/2003. Data will be stored for a period no longer than that required for the purposes for which it was collected and then processed. TPER S.p.A. will be responsible for:

1) Accurately recording the data received, so that the record matches what the data subject declared;

2) Updating the data whenever the data subject communicates a change.

Communication and dissemination

Your data that is processed will not be disseminated but may be communicated to companies affiliated to TPER S.p.A.

Data can be communicated to third parties belonging to the following categories, when required by law.

Therefore, personal and identifying data will be communicated, to, among others:

Employees of our company involved in selecting employees and managing the IT system;

Affiliated companies;

Public bodies or private companies, to fulfil legal obligations;

Firms or companies that provide us with support and advice;

Company trade union organisations (communication of list of qualified persons with first name and surname).

Any other communication and dissemination will happen only with your explicit consent.


Data is processed at the controller’s offices and in any other location where the parties involved in the processing are located. For more information, contact the controller.


Data is processed for the time needed to carry out requested services or required for the purposes described in this document. Users can always ask for the processing to be stopped or the data deleted.

Nature of provision of data

Providing the data is optional; however, if you refuse to respond or express consent, the controller may be unable to respond to your requests. Note that if you fail to provide any mandatory information, or provide inaccurate information:

The controller will be unable to ensure that the processing is consistent with the contractual agreements for which it is carried out;

The results of the processing might not meet the obligations under tax, administrative or labour regulations for which it is intended. You may exercise your rights as expressed in Articles 7, 8, 9 and 10 of Italian Legislative Decree 196 of 30 June 2003 by contacting the data controller, our company, by email at the certified email address

Cookies and other electronic data collected automatically

Data generated from browsing, such as IP addresses, locations, operating systems, browsers, etc. is collected in aggregated form for statistical purposes and to research the best way of operating the site.

Cookie policy:details on how cookies are used is available here


Optional provision of data

For some services and/or to submit requests, reports or complaints to TPER, personal data must be provided so that we can provide the service requested and answer queries.


Personal data acquired through the site is used exclusively to provide what you request; TPER does not send data to third parties unless such communication is required by law or is strictly necessary for fulfilling requests. When disciplinary proceedings are brought as a result of a complaint, the data in the complaint, including the name of the complainant, may be communicated to the worker so that he/she can exercise his/her right of defence in the proceedings brought against them.

Specific privacy policies

TPER has produced ad-hoc policies for specific services.

Roger, to plan journeys, buy tickets and pay for parking with your mobile - go to the page with the full policy

Muver, the Android app to buy tickets using your smartphone - go to the page with the full policy

Corrente, the free-floating car-sharing app - go to the page with the full policy


Deletion of data

TPER retains data for varying lengths of time based on the type of data and the service offered. You can ask in writing to have data deleted before the planned expiry date, excluding outstanding accounts (for example, we cannot delete data regarding a current season ticket or a penalty, etc.), regarding services or apps that require specific accounts to be registered. For example, for the MUVER, ROGER and CORRENTE apps, you can ask for the account and the connected personal data to be deleted, by writing to the relevant department.

Regulatory references

Privacy Code (from the Italian Data Protection Authority website): available here.


Data Protection Officer (DPO)


TPER has appointed a Data Protection Officer (DPO) who can be contacted for matters for which it is responsible at

Where possible please give details and the reason for your request so that we can respond appropriately.

Communications sent to this address that are not strictly relevant to privacy issues (requests for assistance, CVs, etc.) will not be considered and will be deleted immediately.