Go to content

Main navigation

In and around the station

Information about how we use your data to enhance security and improve our services at and around the station.


What personal data do we use?

We use WiFi tracking to improve our services and to increase your safety in and around the station. To do so, we use your MAC address. In order to ensure that we cannot track your movements at the station, the MAC address is immediately 'hashed', which means it is converted into a series of characters. This series is then sent to a server, where we add extra random characters and hash the series again (a process known as 'salt'). The extra characters differ per day, and we don't store them. We then 'cut out' some of the characters, so that the series is anonymous and there is no way that it can be traced to an individual.

We also use counter sensors to make passenger counts and to analyse local passenger flows. The footage recorded by these sensors is not saved on the sensor or in any other way. In the past, NS also used Bluetooth tracking in addition to WiFi tracking, but this practice was discontinued as of 7 June 2018.

If you rent a luggage locker at the station, we will process the last four figures of your bank account number. The account number cannot be traced back to you. We use this information to enable us to process the financial transaction and we store it for 3 months. 

What do we use your personal data for?

Every day, more than 1.2 million travellers use the train stations in the Netherlands. As hubs of pedestrian traffic and public transport, a station is a special location that lets you transfer between trains, urban and regional public transport, bikes, cars, and increasingly diverse services and facilities.

The basis for data processing is: legitimate interest.

Together with our partner ProRail, we are constantly working to enhance security and improve our services in and around the station. To that end, it is essential to gain insight into the flows, walking routes, waiting times, and waiting areas for travellers and other station users. In this context, we are currently mapping traveller flows at a number of large stations by means of sensors that detect WiFi signals emitted by mobile devices, which is also known as WiFi tracking. We use this method in combination with counter sensors to gain a complete picture of passenger flows. We also ensure that all information generated by the sensors is processed securely and carefully, and in such a way that no information, can be traced back to individual passers-by, either directly or indirectly. Your privacy is therefore guaranteed. Naturally, you can also choose to switch off the WiFi on your mobile device, and it will no longer be tracked.

We use the resulting non-attributable data for social purposes, such as security and crowd control at and around the station, as well as commercial purposes, such as choosing the locations for specific services and shops at the stations.

Stations where WiFi sensors are used can be recognised by a pictogram indicating their presence. As of 27 July 2020, WiFi sensors in combination with counter sensors are only in use at the station Amsterdam Centraal. At the stations Amsterdam Zuid, Amsterdam Bijlmer Arena, Utrecht Centraal, Schiphol Airport, and 's Hertogenbosch, only counter sensors are in use.

With whom do we share this data?

We contract third parties to provide IT and marketing services. These third parties process our information solely for our own internal use, and for no other purpose. We have made agreements with these parties pertaining to the processing of personal information.

We may transfer your personal information to parties outside the European Economic Area under certain circumstances. In that event, we will take suitable measures with these parties, for example by agreeing to the standard contractual clauses adopted by the European Commission.

How long do we store your data?

We do not retain the MAC address used to improve our services. We store the hashed MAC address, or the random string of characters, for up to 24 hours. The double-hashed MAC address stored on the server is retained for up to 5 years, as this lets us investigate long-term trends (in case of station reconstruction projects, for instance).

The footage recorded by counter sensors is not stored on the sensor or in any other way.