In and around the station
Information about how we use your data to enhance security and improve our services at and around the station.
What personal information do we use?
We use WiFi tracking to improve our services and to increase your safety in and around the station. To do so, we use your MAC address. The MAC address is immediately 'hashed' - converted into a series of characters. This series is then sent to a server, where we add extra random characters and hash the series again (a process known as 'salt'). The extra characters differ per day, and are not stored on a computer. We then 'cut out' some of the characters, so that there is no way that the series can be traced to an individual.
We also use counter sensors to make passenger counts and to analyse local passenger flows. The footage recorded by these sensors is not saved on the sensor or in any other way. In the past, NS also used Bluetooth tracking in addition to WiFi tracking, but this practice was discontinued as of 7 June 2018.
From March 2019 to June 2019, NS will conduct a test in which we use camera images to analyse passenger numbers near the access gates at station Utrecht Centraal. The camera images will be blurred as quickly as possible to make the persons shown in the images unrecognisable.
What do we use your personal information for?
Every day, more than 1.2 million travellers use the train stations in the Netherlands. As hubs of pedestrian traffic and public transport, a station is a special location that lets you transfer between trains, urban and regional public transport, bikes, cars, and increasingly diverse services and facilities.
The principle for data processing is: justified interest.
Together with our partner ProRail, we are constantly working to enhance security and improve our services in and around the station. To that end, it is essential to gain insight into the flows , walking routes, waiting times, and waiting areas for travellers and other station users. In this context, we are currently mapping traveller flows at a number of large stations by means of sensors that detect WiFi signals emitted by mobile phones, which is also known as WiFi tracking. We use this method in combination with counter sensors to gain a complete picture of passenger flows. We also ensure that all information generated by the sensors is processed securely and carefully, and in such a way that no information, can be traced back to individual passers-by. Your privacy is therefore guaranteed. Naturally, you can also choose to switch off the WiFi on your mobile device, and it will no longer be tracked.
We use the resulting non-attributable data for social purposes, such as security and crowd control at and around the station, as well as commercial purposes, such as choosing the locations for specific services and shops at the stations.
Stations that feature WiFi sensors can be recognised by a pictogram indicating their presence. At Amsterdam Centraal, Leiden Centraal, Amsterdam Zuid, Utrecht Centraal, Schiphol Airport, and 's Hertogenbosch both WiFi sensors and counter sensors will be used. At station Amsterdam Bijlmer Arena, only counter sensors will be used.
The purpose of this test is to enable NS to determine whether it is possible to recognise emergency situations digitally through the continuous analysis of walking directions, changes in walking speed, and the number of people per square meter. This may make it possible to open the access gates quicker in the event of an emergency, so that passengers are not pushed against the gates and can escape if necessary.
With whom do we share this information?
We contract third parties to provide IT and marketing services. These third parties process our information solely for our own internal use, and for no other purpose. We have made agreements with these parties pertaining to the processing of personal information.
We are authorised to provide your personal information to parties outside the European Economic Community under certain circumstances. In that event, we will take suitable measures with these parties, for example by agreeing to the standard provisions required by the European Commission.
How long do we store your information?
We do not store the MAC address used. We will only store the hashed MAC address (the random series of characters) for a maximum of 24 hours. We will save the double-hashed MAC address stored on the server for a maximum of 5 years, so that we can study long-term trends, for example during station renovations.
The images collected by the counting sensors will not be stored on the sensor or in any other way.
We have contracted two suppliers for this test to test which technology works best, if at all. For one test, we immediately blurred the images, and the individuals shown are no longer recognisable, so the images no longer contain personal data. For the other test, the low-resolution images will remain available for analysis for a period of 28 days, after which all of the data will be deleted.