diff --git a/bahnplan.web/Pages/Cards.cshtml.cs b/bahnplan.web/Pages/Cards.cshtml.cs
index c1ac354..3fe8080 100644
--- a/bahnplan.web/Pages/Cards.cshtml.cs
+++ b/bahnplan.web/Pages/Cards.cshtml.cs
@@ -23,6 +23,9 @@ namespace bahnplan.web.Pages {
 
 			if (Request.Query.ContainsKey("refresh")) {
 				var card = db.Cards.First(p => p.CardId == int.Parse(Request.Query["refresh"]));
+				if (card.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+					return;
+
 				var request = new XDocument(new XElement("rqorderdetails", new XAttribute("version", "1.0"),
 														 new XElement("rqheader", new XAttribute("ts", "2019-10-31T23:20:48"), new XAttribute("l", "de"),
 																	  new XAttribute("v", "19100000"), new XAttribute("d", "iPad7,5"),
diff --git a/bahnplan.web/Pages/Delete.cshtml b/bahnplan.web/Pages/Delete.cshtml
index fa70cf2..5d032b3 100644
--- a/bahnplan.web/Pages/Delete.cshtml
+++ b/bahnplan.web/Pages/Delete.cshtml
@@ -24,6 +24,10 @@
 
             switch (Request.Query["item"]) {
                 case "trip": {
+                    var trip = db.Trips.First(p => p.TripId == int.Parse(Request.Query["id"]));
+                    if (trip.UserId != int.Parse(HttpContext.Session.GetString("uid"))) {
+                        return;
+                    }
                     var legs = db.Legs.Where(p => p.TripId == int.Parse(Request.Query["id"])).OrderBy(p => p.DepTime).ToList();
 
                     <span>
@@ -41,6 +45,9 @@
                 }
                 case "card": {
                     var card = db.Cards.First(p => p.CardId == int.Parse(Request.Query["id"]));
+                    if (card.UserId != int.Parse(HttpContext.Session.GetString("uid"))) {
+                        return;
+                    }
                     <span>
                         the card <b>@card.CardInfo.TrimEnd('#')</b> with the number <i>@card.CardNumber</i>, owned by <b>@card.Traveller</b>
                     </span>
diff --git a/bahnplan.web/Pages/Delete.cshtml.cs b/bahnplan.web/Pages/Delete.cshtml.cs
index 6a5aff5..b1f9d9f 100644
--- a/bahnplan.web/Pages/Delete.cshtml.cs
+++ b/bahnplan.web/Pages/Delete.cshtml.cs
@@ -23,11 +23,19 @@ namespace bahnplan.web.Pages {
 
 			switch (Request.Query["item"]) {
 				case "trip": {
+					var trip = db.Trips.First(p => p.TripId == id);
+					if (trip.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+						return;
+
 					db.Trips.Delete(p => p.TripId == id);
 					db.Legs.Delete(p => p.TripId == id);
 					break;
 				}
 				case "leg": {
+					var leg = db.Legs.First(p => p.LegId == id);
+					if (leg.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+						return;
+
 					var tripid = db.Legs.First(p => p.LegId == id).TripId;
 					db.Legs.Delete(p => p.LegId == id);
 					if (!db.Legs.Any(p => p.TripId == tripid))
@@ -35,10 +43,18 @@ namespace bahnplan.web.Pages {
 					break;
 				}
 				case "ticket": {
+					var leg = db.Legs.First(p => p.LegId == id);
+					if (leg.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+						return;
+
 					db.Legs.Where(p => p.LegId == id).Set(p => p.TicketId, 0).Update();
 					break;
 				}
 				case "card": {
+					var card = db.Cards.First(p => p.CardId == id);
+					if (card.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+						return;
+
 					db.Cards.Delete(p => p.CardId == id);
 					break;
 				}
diff --git a/bahnplan.web/Pages/Inspection.cshtml b/bahnplan.web/Pages/Inspection.cshtml
index 734f803..6f85e11 100644
--- a/bahnplan.web/Pages/Inspection.cshtml
+++ b/bahnplan.web/Pages/Inspection.cshtml
@@ -9,6 +9,10 @@
         Response.Redirect("/");
         return;
     }
+
+    if (Model.Ticket.UserId != int.Parse(HttpContext.Session.GetString("uid"))) {
+        return;
+    }
 }
 
 <p>
diff --git a/bahnplan.web/Pages/OEAPI.cshtml.cs b/bahnplan.web/Pages/OEAPI.cshtml.cs
index 43097c6..b398c0f 100644
--- a/bahnplan.web/Pages/OEAPI.cshtml.cs
+++ b/bahnplan.web/Pages/OEAPI.cshtml.cs
@@ -31,6 +31,10 @@ namespace bahnplan.web.Pages {
 
 			var parsed = OeapiResponse.FromJson(response);
 
+			if (!string.IsNullOrWhiteSpace(Request.Query["tripid"].ToString()))
+				if (db.Trips.First(p => p.TripId == int.Parse(Request.Query["tripid"].ToString())).UserId != int.Parse(HttpContext.Session.GetString("uid")))
+					return;
+
 			var tripId = Request.Query["action"] == "addleg"
 				? int.Parse(Request.Query["tripid"])
 				: db.InsertWithInt32Identity(new Trip {UserId = int.Parse(HttpContext.Session.GetString("uid"))});
diff --git a/bahnplan.web/Pages/Privacy.cshtml b/bahnplan.web/Pages/Privacy.cshtml
index a92998a..8f92ce9 100644
--- a/bahnplan.web/Pages/Privacy.cshtml
+++ b/bahnplan.web/Pages/Privacy.cshtml
@@ -5,4 +5,14 @@
 }
 <h1>@ViewData["Title"]</h1>
 
-<p>Use this page to detail your site's privacy policy.</p>
\ No newline at end of file
+<p>The only cookies we store on your device is a session identifier, which is used to access information related to your session on the server, as well as CSRF Antiforgery tokens.</p>
+<p>We do not track you, nor use external services that do.</p>
+<p>This is not a public service. Therefore we do not save any data in your session unless you log in. For registered users, the following data is stored in our database:</p>
+<ul>
+    <li>Data visible in the interface (trips, tickets, cards)</li>
+    <li>Your username and hashed password</li>
+    <li>Order IDs for tickets and cards stored</li>
+    <li>Card class and value for cards stored</li>
+</ul>
+
+<p>If you have any further questions, contact us at <a href="mailto:bahn-privacy@zotan.email">bahn-privacy@zotan.email</a></p>
\ No newline at end of file
diff --git a/bahnplan.web/Pages/Ticket.cshtml.cs b/bahnplan.web/Pages/Ticket.cshtml.cs
index 02484f6..666c32f 100644
--- a/bahnplan.web/Pages/Ticket.cshtml.cs
+++ b/bahnplan.web/Pages/Ticket.cshtml.cs
@@ -20,6 +20,10 @@ namespace bahnplan.web.Pages {
 				return;
 
 			using var db = new Database.DbConn();
+			if (!string.IsNullOrWhiteSpace(Request.Query["tripid"].ToString()))
+				if (db.Trips.First(p => p.TripId == int.Parse(Request.Query["tripid"].ToString())).UserId != int.Parse(HttpContext.Session.GetString("uid")))
+					return;
+
 			if (db.Tickets.Any(p => p.OrderId == Request.Query["order"].ToString())) {
 				var tripId = Request.Query["action"] == "addleg"
 					? int.Parse(Request.Query["tripid"])
diff --git a/bahnplan.web/Pages/Trip.cshtml b/bahnplan.web/Pages/Trip.cshtml
index ca534f8..2e4e57e 100644
--- a/bahnplan.web/Pages/Trip.cshtml
+++ b/bahnplan.web/Pages/Trip.cshtml
@@ -14,6 +14,11 @@
         Response.Redirect(Request.Headers["Referer"]);
         return;
     }
+
+    if (Model.Legs.First().UserId != int.Parse(HttpContext.Session.GetString("uid"))) {
+        return;
+    }
+
     var dep = Model.Legs.First().DepStation;
     var arr = Model.Legs.Last().ArrStation;
     var deplenmax = Model.Legs.Max(p => p.DepStation.Length) + 1;
diff --git a/bahnplan.web/Pages/Trip.cshtml.cs b/bahnplan.web/Pages/Trip.cshtml.cs
index 0c8d719..d031a59 100644
--- a/bahnplan.web/Pages/Trip.cshtml.cs
+++ b/bahnplan.web/Pages/Trip.cshtml.cs
@@ -17,6 +17,9 @@ namespace bahnplan.web.Pages {
 			using var db = new Database.DbConn();
 			if (Request.Query.ContainsKey("separator")) {
 				var leg = db.Legs.First(p => p.LegId == int.Parse(Request.Query["legid"]));
+				if (leg.UserId != int.Parse(HttpContext.Session.GetString("uid")))
+					return;
+
 				db.Insert(new Leg {
 					TripId       = int.Parse(Request.Query["id"]),
 					UserId       = int.Parse(HttpContext.Session.GetString("uid")),