(October 26, 2023)
Table of Contents
- MBTA's Values Statement on Privacy
- Personal Information
- Children's Privacy
- Data Security
- International Users
- Contact Us
I. MBTA's Values Statement on Privacy
The MBTA uses the data we collect about customers to help us fulfill our mission to serve the public by providing safe, reliable, and accessible transportation. We also remain committed to a strong culture of privacy based on protecting our customers’ personal information, as well as being as transparent as possible in how we use customer data and how customers may access, update, or delete their personal information. The MBTA is committed to upholding the following five Privacy Principles which guide our decision-making when it comes to collecting and using customer information:
- Privacy by Design. We ensure privacy is designed into the architecture of our Services and business practices.
- Data Minimization and Collection and Purpose Limitation. We strive only to collect customer data for the purposes of fulfilling our mission and improving service, and to avoid collecting personal information that we do not need.
- Data Retention and Protection. We seek to ensure the data we collect is stored and shared according to law and information security best practices, and we only keep customers’ personal data for as long as we need to.
- Restricted Data Sharing. We only share customers’ personal data with our partners who help us deliver transportation services, when required by law, or with a customer’s explicit consent. When we share customer data, we seek confirmation that our partners will follow agreed-upon security controls.
- Transparency and Accountability. As a public agency, we are committed to being clear, open, and honest about what customer data we collect, how we use it, and what your rights are in relation to it. It is our responsibility to implement these principles with consistency.
This Policy applies to “Personal Information” (also known as “Personal Data”), which generally means information identifying, relating to or about an identified or identifiable individual, as described more fully in this Policy.
This Policy applies to information we may collect from you when you use our customer-facing websites (such as https://www.mbta.com/), mobile applications, including the mTicket app, and any customer services provided by the MBTA such as the MBTA’s transportation services, paratransit services, parking services, connecting to our offered WiFi, receiving T-Alerts or other service alerts, purchasing MBTA fare products and services, enrolling in fare and pass programs, and interacting with our customer service departments (collectively, “Services”). This includes when you purchase or re-load fare media such as a CharlieCard; use our transit services or visit our stations and facilities; complete applications, registrations or other forms that we provide in connection with our Services (such as registering for an account with us, registering for a free or reduced fare program, completing surveys, providing feedback, signing up for T-Alerts, or purchasing CharlieCards and other fare media) (collectively, “Forms”); when we communicate with you electronically, such as through our Services, email, text message and other electronic messages between MBTA and you; and when you interact with advertising and applications on third party websites and services, if those services, advertising, websites, or applications include links to this Policy.
This Policy does not apply to information collected from you (a) by or through any other means than described above, including through any other services, websites, or applications operated by the Massachusetts Department of Transportation, the Commonwealth of Massachusetts, or any third party; or (b) through any third-party services, websites or applications that may link to or be accessible from or on our Services. NOTE that we may partner with certain third-party vendors or mobile apps for commuting services (e.g., PayByPhone, SeeSay App). We review these vendors’ privacy policies prior to partnering with them, but customers should be aware that these apps operate under their own posted privacy policies, outside of our control.
Our Services may contain links to other websites or online services, including social media. Please be aware that we are not responsible for the content or privacy practices of such other websites or online services, and we encourage you to be aware when you leave our Services and to read the privacy statements of any other website or online service that collects personal information.
You may see us promoted on other businesses on various websites, web pages, social media and other platforms. Please note that we do not always have complete information about where our brand may be displayed or promoted, and if you believe that we are featured in venues that are inappropriate or offensive, please contact us.
III. Personal Information
What is Personal Information?
Personal Information is information that you provide to us or that we collect from or about you when you engage with our Services, by which you may be personally identified such as:
- Contact Information, such as your name, addresses (including home, mailing, and billing), email address, or telephone numbers (including home, work, and mobile);
- Transaction Information, such as your credit card or other payment information, fare purchase history, transit system transactions, CharlieCard or other fare card number;
- Fare Benefit Application Information, such as your medical information, personal health information, disability information, or any other personal information disclosed by you in obtaining a reduced fare benefit;
- Other Identifying Information, such as your driver’s license number, Charlie Account number or similar identifiers used to access and use our Services, license plate number, date of birth, or employment or institutional information.
We also collect information that is about you, but individually does not identify you, such as:
- Depersonalized, de-identified or aggregated transit and travel data, location data, internet traffic data, browsing history when using our WiFi, logs, referring/exit pages, date and time of your visit to our Services, error information, clickstream data, and other communication data and the resources that you access and use on the Services; and
- Information about your internet connection, the equipment you use to access our Services, and usage details of your use of our Services.
- CCTV and other recording equipment that may record videos/images for security and operational purposes.
The term Personal Information as used in this Policy does not include depersonalized, de-identified or aggregated data that cannot directly be linked back to an individual.
If you provide us with Personal Information about any other individual (such as a family member), you represent that you have any necessary consents to give us their information for use in accordance with this Policy.
What types of Personal Information do we collect and how do we collect it?
We collect and use Personal Information in order to provide and operate our Services. In some instances, you may choose whether and how much information to share with us. In other instances, we may collect information from you automatically.
Information you provide to us. You may provide Personal Information to us through our Services. You can choose how much Personal Information you share with us. For example, you may choose to share more Personal Information with us by registering your CharlieCard and obtaining the benefits of an account with us, by signing up for T-Alerts, or by applying to one of our free or reduced fare programs or for our paratransit service, or you may choose to share no Personal Information with us such as by purchasing fixed-route fare products with cash.
You provide Personal Information:
- When you fill in Forms, such as when registering for an account with us, applying to a free or reduced fare or pass program, applying for our paratransit service (The RIDE), requesting correspondence from us, updating or changing your information, completing informational forms (such as contact information), signing up for our mailing lists or T-Alerts, or requesting further services. We may also ask you for information when you report a problem with our Services;
- When you purchase or re-load CharlieCards and other fare media, or when you add funds to your RIDE account. We collect details of the transactions you carry out through our Services. We also collect information from you when you transact with the MBTA through fare vending machines and other electronic stations. You may be required to provide financial information when making a purchase through our Services. The MBTA follows the Payment Card Industry Data Security Standard (“PCI-DSS”) for handling credit and debit card information. We do not keep your credit or debit card information for longer than necessary to process your transaction unless you have requested that we retain it for future transactions;
- When you enroll in an institutional or corporate pass program, such as Perq;
- When you tap onto one of our vehicles using a registered CharlieCard or other fare media that is registered to you individually;
- When you park at one of our facilities and when you pay for parking using the PayByPhone mobile application;
- When you send us correspondence or respond to surveys, questionnaires, and feedback forms that we might ask you to complete;
- When you interact with our vendors and other partners, such as when you use our paratransit services; and
- When you provide other information that we request from you when using our Services.
Customers are never asked to provide a social security number in connection with MBTA Services.
Information we collect as you use our Services. We collect Personal Information, travel data and information about your internet activity and the computers, devices and browsers you use as you use and interact with our Services.
We automatically collect and keep a record of:
- Travel location tap data, which may include boarding and exit stations and origin/destination addresses for the RIDE, date and time of your use, error information, video recordings, and details of your purchases and transactions when you visit our Services, use one of our fare vending machines, or tap a CharlieCard or other fare media to board one of our vehicles. We collect travel history data to help us monitor system usage and evaluate travel patterns over time. For fixed route service, you can control how much of your mobility history is linked to your Personal Information by choosing to register your card with an MBTA Account or not.
- License plates of vehicles parked in MBTA parking facilities. We scan license plates to verify that payment has been made through the PayByPhone system. We store this information and transaction records to reconcile past due balances and collect unpaid parking fees.
- Information about your online activity, including your use of our Services, and any internet services and Wi-Fi we offer. The information we collect when you use these services includes browsing and search history on our Services and information regarding your interaction with our Services including unique identifier, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number. We also collect information about the interaction of your apps, browsers, and devices with our Services, including IP address, device type, crash reports, system activity, wireless carrier name (when you use a wireless or mobile device), and the date, time, and referrer URL of your request.
The technologies we use for this automatic data collection may include: automatic passenger counters, on-board payment validators, cookies, and pixels or pixel tags. A cookie is a small file containing a string of characters that is sent to your computer when you visit a website. When you visit the site again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can configure your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. A pixel or pixel tag is a type of technology placed on a website or within the body of an email for the purpose of tracking certain activity, such as views of a website or when an email is opened. Pixel tags are often used in combination with cookies.
We may collect information about you from cybersecurity partners who provide us with information to protect against fraud and abuse of our Services. We use various technologies to collect and store device location information, including cookies, pixels or pixel tags, local storage, such as browser web storage or application data caches, databases, session replay and server logs.
The MBTA uses video surveillance for safety and security, investigations, and as a tool to improve service. The MBTA’s Security and Emergency Management Department maintains closed-circuit video cameras in MBTA stations. Some MBTA vehicles are also monitored by closed-circuit video cameras to protect MBTA employees, passengers and property. These cameras do not capture audio. All recorded video is stored in a separate, private digital network. The MBTA generally does not keep video for more than 30 days unless preservation is required pursuant to litigation or investigation. Video footage may be paired with mobility data, payment data or other information that may be used to identify an individual only in instances requiring such data paring for use in litigation, investigation oras may be required by court order or applicable legal process.
Video recorded by the MBTA’s closed-circuit security cameras in which no individual has been specifically identified is outside the scope of this Policy but is treated in accordance with internal policies on video access, distribution, and retention, which govern use of and access to transit system video recordings. Contact us for questions or concerns regarding video recordings.
De-identified and Aggregated Data
De-identified data is data that has been stripped of all personal identifiers but exists as a record of a unique event. De-identified data does not contain information that can reasonably be used to identify you personally. An example of de-identified data is CharlieCard usage where the CharlieCard number has been replaced with a randomly generated number that can be consistently analyzed over time, such as evaluating trip-making changes over time without tracing those trips back to an identifiable individual.
Aggregated data is general information that describes our customers' collective demographic characteristics, activities and/or behavior, but that cannot be used to identify any one individual. We use aggregated data to analyze and improve our Services. An example of aggregated data is a measure of ridership in connection with special events. If ridership at Kenmore Station increases tenfold following Red Sox games, we may use this information to increase service at those times. From time to time, we may undertake statistical analyses of the general characteristics and behavior of our ridership and may share aggregated data with third parties.
Why and how do we use or share your Personal Information?
Provide our Services. We use your Personal Information and the data collected from you and your devices to operate and maintain our Services, including to: support and enhance our delivery of transportation services; process and administer your MBTA accounts, including providing you with applicable notices about your account; provide customer service; collect fares, fines and parking fees; administer our free and reduced fare programs and paratransit program; administer our institutional pass programs; tailor customer communications and outreach; send you updates and alerts; administer surveys and questionnaires you have consented to receiving; provide you with information about fare products and services that may be of interest to you, including through newsletters you have signed up for; perform research and analysis; make improvements to our Services; and for any other purpose with your consent.
To assist us in operating and maintaining our Services, we may disclose your Personal Information to our affiliates, vendors, contractors, service providers, and business partners (collectively, “Contractors”) including those we partner with to improve and deliver transportation services, and for our business activities and operations generally, such as data hosting and data storage partners, analytics, ad network, advertising, technology services and support, and data security. We only provide such Contractors with Personal Information so they can perform their required functions on our behalf, and we may direct them to follow agreed-upon security controls in alignment with all Enterprise Information Security Policies and Standards published by the Massachusetts Executive Office for Technology Services and Security or such stricter standards as may be prescribed by the MBTA.
Information security. We use information about your use of our Services to help improve the safety and reliability of our Services. This includes detecting, preventing, and responding to fraud, abuse, information security risks, violations of MBTA policies, technical issues or other such circumstances that could pose harm to MBTA, our Customers, or the public. While safeguarding our Services, we remain committed to the privacy protections guaranteed our customers under this Policy and as afforded by law.
Contractual obligations and fare collection. We may use Personal Information to carry out our legal and contractual obligations, and to enforce our rights including those arising from any contracts entered into between you and us, for billing and collection and for fare enforcement.
The MBTA will never sell or commercialize your personal information, including mobility information, purchase and travel history.
Massachusetts state agencies. We sometimes share data with other state government entities, including within the Massachusetts Department of Transportation. We are party to the Commonwealth of Massachusetts Data Sharing Memorandum of Understanding Between and Among State Executive Offices, Departments, Agencies and Other Participating State Entities. This agreement implements safeguards to protect the privacy and security of sensitive data that is shared among state government entities. Employees of other participating entities must sign a Data Use License Agreement (“DULA”) before gaining access to MBTA customer data. The DULA provides details of the legal authority of the particular project at issue and governs its data sharing process.
Compliance with law. Certain information held by the MBTA may be subject to public records laws. Dissemination of such information is governed by Mass. Gen. Laws ch. 66, § 10, the Massachusetts Public Records Law; Gen. Laws ch. 66A, the state Fair Information Practices Act; and other applicable laws and regulations. The laws require disclosure of certain information in response to a public records request.
Although these statutes provide a structure for disclosing information held by public entities, Massachusetts General Laws Chapter 4, Section 7, Clause 26, provides that: “materials or data relating to a specifically named individual, the disclosure of which may constitute an unwarranted invasion of personal privacy” are exempt from the definition of “public records.” In addition, our enabling legislation, Mass. Gen. Laws ch. 161A, §5(s), explicitly exempts personal fare collection data from the definition of “public record” under the law. It is our position that some of your Personal Information, including financial and transaction information, and all personal fare collection data, is exempt from disclosure by virtue of these statutes. Accordingly, we will not disclose such Personal Information in response to a public records request, and will only disclose this information as set forth in this Policy.
Warrants and subpoenas. Requests for customer data in connection with a court proceeding or law enforcement investigation are handled in accordance with the MBTA’s procedures for processing subpoenas, our Fare Collection System Data Access Procedure, and the Massachusetts Fair Information Practices Act. As required by law, we will only provide personal fare collection data to a representative of a law enforcement agency in situations involving: (i) a probable cause warrant signed by a judge; or (ii) exigent circumstances that would render it impracticable to obtain a warrant pursuant to state and federal law. We will notify you if we receive a request for your Personal Information from a third party in reasonable time that you may seek to have the process quashed.
You have the right to request that the MBTA share with you or with a third party designated by you personal data that we have relating to you.
Administration of fare and pass programs.
- Application or enrollment in a free or reduced fare program. We share Personal Information concerning your application or enrollment in a free or reduced fare or institutional program with the administrators of the program, and as needed with our employees and contractors for the limited purpose of servicing or administering the program. We will not share your mobility data or travel history with our institutional pass program partners.
- Perq program customers. Companies participating in our Perq program provide us with corporate contact information as well as the names and email addresses of participating employees. The MBTA will not share individual location data or mobility history with any participating employer.
De-identified and aggregated information. We may also share information that has been de-identified or aggregated so that it cannot be reasonably used to identify you, with third parties for marketing, advertising, research, to improve service delivery, or similar purposes.
With your consent. We may share your Personal Information for any other purpose with your permission.
Your choices for how we collect, use and share your Personal Information.
You may choose to travel anonymously, and we will not require disclosure of any Personal Information as a precondition for access to our fixed-route transit services. We offer you the choice to opt in to certain uses and sharing of your Personal Information, such as the choice to create an account with us and register your fare media to take advantage of the added functionality an account offers, the choice to provide your debit or credit card information to purchase fares instead of paying with cash, the choice to enroll in one of our free or reduced fare programs or our paratransit service, the choice to share your contact information to receive T-Alerts, and the choice to share your location with us to take advantage of our trip planning services.
When using our online Services, as a general rule you cannot opt out of our collection, use and sharing of Personal Information to the extent it is necessary to provide the Services and related features and functionality to you.
Cookies: You can change the cookie settings that will be placed when you use our Services by changing the settings on your Internet browser. You can also block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. Please note that while internet browsers allow you to change your cookie settings, if you use your browser settings to block all cookies (including strictly necessary cookies), you may not be able to access or use all or areas and aspects of our Services.
Marketing Emails: If you do not wish to have your email address or phone number used by MBTA to send you advertising messages and content, you can opt out at any time by clicking the unsubscribe link at the bottom of any marketing emails you receive from us or logging onto your account profile page. Even if you opt out of receiving such communications, we will continue sending you non-marketing email communications, such as administrative or transaction alerts, or information about changes to our policies and terms. You may have other options with respect to marketing and communication preferences through our Services.
Targeted Advertising: We may potentially work with advertising partners who collect information about your online activities and provide you with choices regarding the use of your browsing behavior for purposes of targeted advertising. Popular advertising services you may opt out of targeted advertising from include Google, Facebook, the Network Advertising Initiative and Digital Advertising Alliance.
Device Settings: Your device may enable you to disable certain permissions or functionality in our Services (e.g., location); however, when necessary permissions or functionality are disabled, some feature or functionality of our Services may not function correctly. You can also disable pop-up notification in device settings.
Electronic Notifications: Details of our electronic notification programs including T-Alerts, are outlined below:
- When you affirmatively opt-in to one or more of our electronic notification programs and consent to receive text messages, emails and/or push notifications from us through a sign-up page, checkbox or shortcut, we will enroll you in the selected message program(s). Message frequency can vary. You may continue to receive transactional and marketing updates from us unless you update your notification preferences to turn off notifications. You can also stop receiving text messages from us at any time by texting “STOP” to any message we send you, and text notifications for that program will be turned off. You may opt out of receiving certain email messages from us as detailed above. If you opt out of a notification program, we may send you an acknowledgement message to confirm that you have been unsubscribed. If you want to join again, just sign up again for the program.
- By opting into a notification program, you consent to being sent periodic emails or autodialed and/or non-autodialed messages at the email address or phone number that you provided at the time of joining and confirm that the contact information provided is your contact information and you have the authority to grant us the right to send messages to that number or address. Joining a notification program is not a condition of making any purchase. If you change or deactivate your participating address or number, you must promptly notify us of this change to continue receiving notifications.
- As always, message and data rates apply for any text messages sent to you from us and to us from you. If you have any questions about your text plan or data plan, it is best to contact your wireless provider.
- Participating wireless carriers are not liable for delayed or undelivered text messages. We are not liable for perceived legal violations (such as under the Telephone Consumer Privacy Act) caused by a carrier network failure or malfunction, or your failure to opt-out of a text notification program as directed here.
How do I access and correct my Personal Information?
Access, corrections, and deletion. As a Customer, you may review, change or update certain account information you have given us by logging into your account or by contacting Customer Support to be put in touch with the correct business unit. Please inform us of any changes or errors in any Personal Information we have about you to ensure that it is complete, accurate, and as current as possible. Please contact us if you have any questions about your Personal Information.
You may request to delete certain Personal Information through your account or by contacting Customer Support. We will make reasonable efforts to honor such requests by deleting or de-identifying it, except for data that we must retain for legal or other necessary purposes. For example, we may be unable to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect. In some instances, you may be able to sever the connection between your trip history and your personal identity by de-linking a fare credential from your account. Doing this will remove all personal identifiers and anonymize your trip history. The MBTA retains de-identified travel history for our use in service planning and performance management. We retain the data we collect for different periods of time depending on what it is, how we use it and applicable legal requirements. We may retain some data for longer periods of time than other data when necessary for business or legal purposes, such as security, fraud and abuse prevention, fare enforcement or financial record-keeping. In the event that we cannot honor a request to delete certain data due to business process requirements or our records retention rules, we will endeavor to provide you with an explanation for the denial.
If you participate in a program that requires institutional eligibility, such as Perq or one of our free or reduced fare programs and you wish to make changes to the Personal Information we hold about you for that program, you must make the request through your participating institution.
If you have subscribed to our T-Alerts Program, you are able to review, change, and update the transit services about which you have selected to receive alerts. You may cancel your participation in the T-Alerts Program at any time, simply by following directions on the T-Alerts Program page on our website.
IV. Children's Privacy
We are committed to protecting the privacy of children in connection with the use of our Services. Pursuant to the U.S. Children’s Online Privacy Protection Act and its rules (collectively, “COPPA”), the MBTA will not knowingly collect information from persons under the age of 13. If you are the parent or guardian of a child under the age of 13, you may opt in to the MBTA’s collection and use of your child’s personal information. You may also revoke your consent at any time. Once consent is revoked, a child may not use our Services or any of our online services unless a new consent is obtained.
If you are under the age of 13, you may not use or provide any information on our Services, including your name, address, telephone number, email address, or any screen name or user name you may use, without verified parental consent.
If we learn that we have collected Personal Information from a child under the age of 13, without verifiable consent from a parent or guardian, we will endeavor to promptly delete that Personal Information. If you believe we have collected Personal Information from a child under the age of 13 without consent of a parent or guardian, please contact Customer Support.
V. Data Security
We have taken steps and implemented administrative, technical, and physical safeguards designed to protect against the risk of accidental, intentional, unlawful, or unauthorized access, alteration, destruction, disclosure, or use of your Personal Information. The steps we take to safeguard the integrity of our telecommunications and computing infrastructure, include but are not limited to authentication, monitoring, auditing, and encryption. All customer purchases are processed through an encrypted, secure server. This means that all Personal Information provided through our Services, including financial information, is encrypted during transmission to maximize its security. Our Services do not encrypt incoming email. Financial information or Personal Information you do not want disclosed should not be sent to the MBTA via email.
We use security measures to minimize the threat that your Personal Information will be lost, misused, altered, or unintentionally destroyed. We also monitor network traffic to identify unauthorized attempts to upload or change information or otherwise cause damage. Due to the nature of Internet communications and evolving threats, we cannot guarantee that the information you provide to us will remain free from loss, misuse, or alteration by third parties, who, despite our efforts, obtain unauthorized access. If despite the safeguards set out in this Policy we detect an intrusion or other unauthorized access to or use of personal data, we will notify the individuals whose information is implicated.
VI. International Users
The MBTA provides public transportation services throughout the Commonwealth of Massachusetts and into the state of Rhode Island. Our Platform is not intended for use by and is not directed to users outside the United States. By using and accessing our Services, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of Personal Information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location. We will handle Personal Information in accordance with this Policy regardless of where it is stored or accessed.
We may update our Policy periodically to reflect changes in our privacy practices, laws, and best practices. We will post any changes we make to our Policy on this page with a notice that the Policy has been updated on our website’s homepage. If we make material changes to our practices with regards to the Personal Information we collect from you, we will notify you by email to the email address specified in your account and/or through a notice on the website’s home page. The date this Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date, active and deliverable email address for you, and for periodically accessing our Services and reviewing this Policy to check for any changes.
VIII. Contact Us
If you have any questions, concerns, complaints or suggestions regarding our Policy or otherwise need to contact us, you may contact us at the contact information below or through our Customer Support department.
How to Contact Us:
Massachusetts Bay Transportation Authority
10 Park Plaza
Boston, MA 02116