Shopping Cart

Your shopping cart is empty.

Bitte aktivieren Sie "Cookies", um fortzufahren!

Die Einstellungen Ihres Browsers verhindern, dass Sie Tickets online bestellen können.
Weitere Informationen über Cookies und deren Aktivierung erhalten Sie hier.


It is possible to use our web pages without providing personal data. It may be necessary to process personal data, however, if you want to make use of special services offered by our company through our web page or book a trip through our web page. If the processing of personal data is necessary and there is no legal basis for such processing (e.g., performance of a contractual agreement), we will ask for your consent.

We are providing this information to let you know what data we collect from you, how we use this data and how you can object to the use of data.


Who collects and processes your personal data?

DB Vertrieb GmbH collects and processes your data in its capacity as controller.

The appointed privacy officer is Ms. Dr. Marein Müller.


If you have questions or suggestions regarding data protection at the Online Ticketshop (OTS NRW), please contact:


DB Vertrieb GmbH

Europa-Allee 70-76

Attention: “Datenschutz”

60486 Frankfurt am Main Germany



What data do we collect and why are we processing your data?

We collect and process your data for specific purposes only, which may relate to technical necessities, contractual requirements or explicit user wishes.

For technical reasons, certain data must be collected and saved when you visit This includes the date and duration of your visit, the web pages used, identifying data about the browser and type of operating system you use and the web page you are visiting us from.

We require personal data from you in order to fulfill a contract. This data is needed to make ticket reservations, payments and credit checks; to deliver to the specified address in the case of postal shipments and to process any cancellations and refunds.

In detail, this includes:


‒ Complete name and address

‒ Date of birth

‒ Personal matriculation number for semester tickets

‒ E-mail address

‒ Consent to General Terms and Conditions and data protection information


Payment data

Payment data, such as bank account and credit card details and contact and identifying data, are collected for the processing of payments.

To authorize a credit card payment, a check digit is used for every payment transaction. This check digit is not stored.

Booking an online ticket

Contact and identification data are collected at the time of booking to enable inspection of online tickets on the train. On the train, the information on the ticket is displayed on the inspection device (mobile terminal) during the inspection.

Customer account

If you register for a customer account, the following mandatory information is collected:


‒ Title

‒ First and last name

‒ Address

‒ E-mail address

A personal account cannot be created if this data is not provided. All other information is optional.

Without providing this information, no personal account can be created. All further information about yourself and your travel profile is voluntary. We save your booking data and your login data in your customer account and also use them for internal analysis and market research purposes. We use this information for internal analysis and market research purposes, as well as for the performance of a contractual relationship with you. We use the findings from this data to continually improve our product range. We also want to adapt our range of products and services to suit your needs and requirements. For this same purpose, we store and analyze user data from the online area on a pseudonym basis. No association with your personal data is made. You may object to this pseudonymous use of data at any time. Please e-mail your objection to and indicate “Online Ticket Shop” in the subject line. You can also delete your customer account at any time.


Legal basis for data processing:

If we ask for and receive your consent to perform processing operations on your personal data, your consent is considered, in accordance with point (a) of Article 6(1) of the EU General Data Protection Regulation (GDPR), to give us the legal basis to perform such processing operations.

For the processing of personal data that is necessary for the performance of a contract with you, the contract is the legal basis in accordance with point (b) of Article 6(1) of the GDPR. Point (b) of Article 6(1) of the GDPR also applies for processing operations that are necessary to take steps prior to entering into a contract, such as in cases of requests regarding our products and services.

If our company has a legal obligation that requires the processing of personal data, for example, the fulfillment of tax obligations, the processing is based on point (c) of Article 6(1) of the GDPR.


In order to continually improve our range of products and services, we store and analyze usage data from online activities on a pseudonym basis. The legal basis for this is point (f) of Article 6(1) of the GDPR.


Do we share your data with other parties?

Contract processing generally requires the use of direct-reporting contract processors, such as data center operators, printing and shipping service providers, and other parties involved in contract performance.


External service providers who work on our behalf are carefully selected by us and are subject to strict contractual obligation. The service providers operate in accordance with our instructions, and this is secured through stringent contractual provisions, technical and organizational measures and additional monitoring.


Furthermore, your data will only be transferred if you have provided your explicit consent on the basis of a legal provision.


Personal data will not be transferred to third countries outside the EU or EEA or to an international organization unless appropriate safeguards are in place. These include the EU standard contractual clauses as well as an adequacy decision by the EU Commission.

Data sharing may be required in the following situations for the purpose of contract processing for bookings in the OTS NRW:


‒ For payment processing through DVB LogPay GmbH, Schwalbacher Str. 72, 65760 Eschborn, Germany

- to process customer support by DB Regio AG, Region NRW, Bahnhofstr. 1-5, 48143 Münster

How long is your data stored?

We store your data only for as long as is necessary to fulfill the purpose for which the data was collected (e.g., in the context of a contractual relationship) or as stipulated by law. For example, when there is a contractual relationship, we save your data at least until such time as the contract has terminated completely. Afterward, the data is stored for the duration of the retention periods stipulated by law.


When are cookies used?

Cookies are small text files in which personal data can be stored. When a page is accessed, cookies can be transferred to the page, making it possible to identify the user. Cookies help to make web pages easier for users to use.


We distinguish between cookies that are mandatory for the technical function of the web page and cookies that are not mandatory for the technical function of the web page.


We want to give you the opportunity to make an informed decision for or against the use of cookies that are not mandatory for the technical function of the web page. Please note that if you refuse cookies used for advertising purposes, you will receive advertisements that are less personalized and less ideally suited to your interests. You will still be able to use the full functionality of the web page, however.


Here is some information about the types of cookies and how they are used on our pages:

The use of the OTS NRW is generally possible without cookies that do not serve any technical purpose. Therefore, in your browser, you can prevent traceability via cookies or prohibit the storage of third-party cookies (do not track, tracking protection list). We also recommend regular monitoring of stored cookies if this is not expressly wished.

Please note: if you delete all cookies, any opt-out cookies already on your hard drive are also deleted. You will therefore have to redo any opt-outs you have made.


Cookies that are mandatory for the use of this page:





Necessary cookie for using the online shop, including for registrations and purchase processes

1 hour

Cookies that are not mandatory for the use of this page:

- none


What rights do users of have?

‒ You can request information about what data about you is saved.


‒ You can request the correction, deletion and restriction of processing (blocking) to the extent permitted by law and to the extent that this is possible under existing agreements.


‒ You have the right to lodge a complaint with a supervisory authority. The supervisory authority responsible for DB Vertrieb GmbH is: Data Protection Officer of Hesse, Gustav-Stresemann-Ring 1, 65189 Wiesbaden, Germany, e-mail:


‒ You have a right to the portability of data that you have provided to us on the basis of consent or a contract (data portability).


‒ If you have granted us your consent for data processing, you can withdraw it at any time in the same manner in which you granted it. Any processing of your personal data that took place from the time at which you granted your consent to the time at which you withdrew it will still be considered to have been lawful.


‒ You can object to data processing on grounds relating to your particular situation if the data is being processed as a result of our legitimate interests.


‒ You can object to receiving advertisement promotions with future effect (right to object to advertisement).


‒ If you have set up a customer account, you can delete it at any time.


To exercise your rights, simply write to us by post:

DB Vertrieb GmbH

Europa-Allee 70-76

Attention: “Online Ticketshop”

60486 Frankfurt am Main Germany



What happens with links to external pages?

When you click on a link to an external site, you leave the pages of the OTS NRW. DB Vertrieb GmbH is therefore not responsible for the content, services or products that are offered on the linked web page, nor is it responsible for data protection and technical security on the linked web page.


Updates to the privacy statement

We update this privacy statement to reflect modified functionality or changes to legal situations. We therefore recommend that you review the privacy statement periodically. If your consent is required or elements of the privacy statement contain provisions regarding the contractual relationship with you, changes are made only with your consent.


Last modified in January 2022


Changes from the previous version (February 2021):

- Update privacy officer