RailPass.com is committed to protecting the online privacy of visitors to our website. This policy applies only to the website and online services provided by RailPass.com. The purpose of this policy is to inform you about the types of information we gather about you when you visit our website, how we may use that information, and how we disclose it to third parties.
RailPass.com complies with the U.S.-E.U. Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union member countries. RailPass.com has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view RailPass.com’s certification, please visit http://www.export.gov/safeharbor/.
I. Information We Collect
At various locations on our websites, such as in our order forms (and potentially surveys and polls), we may request that you supply us with “personal information,” such as your name, email address, mailing and shipping addresses, home, work or mobile telephone number, and/or credit card information. You will always know when we are collecting personal information, because we only collect personal information when you voluntarily submit it to us through our online forms and questionnaires. Although you do not have to provide us with any information to visit our websites, you may not be able to fully utilize all of the services on our websites if you choose not to provide certain information. If you do choose to give us personal information through our websites, we will collect and retain that information.
When you use our websites, we may also collect “non-personal information,” which is information that, by itself, cannot be used to identify or contact you, such as demographic information (your age, gender, income, education, profession, zip code, etc.). Non-personal information may also include technical information, such as your IP address, the type of browser you are using, the websites you visit immediately before and immediately after you visit our websites, and other anonymous data involving your use of our websites. Non-personal information may also include information that you provide us through your use of our website
We collect personal information from you when you purchase products from our online order process. For example, we require you to provide your name, contact information, shipping and billing addresses, and a credit card number before we process your orders. We also collect information about your transactions with us. We may use the information that you provide to communicate with you about products purchased through our online service, to provide customer support in connection with those products.
II. How We Use the Information
Our Services and Websites
We use your personal information to provide you any services that you may request or require, to communicate with you, to allow you to make purchases. We use aggregated non-personal information about our users to understand our website’s demographics, such as the geographic distribution of our users, the age ranges of our users, or a combination of these or other demographics. We use the non-personal information we collect to analyze how our websites are being used, and to improve the content of our websites, online product offerings, and promotional efforts.
If you send us an email with questions or comments, we may use your personal information to respond to your questions or comments, and we may save your questions or comments for future reference. However, aside from our reply to such an email, it is not our standard practice to send you email unless you request a particular service that involves email communications or in order to provide customer support in connection with those products. There may be times when you will have the opportunity to subscribe to an email list or electronic newsletter that will send information about our websites to your email address. However, we will provide you with the option to change your preferences and opt-out of receiving those communications.
If you make a purchase through our online ordering service, we may use the information you provide to send you important announcements and updates regarding our website or online service. In those instances, we will provide you with the option to change your preferences and opt-out of receiving those communications. When you provide us with your personal information to make a purchase through our online ordering, we only use this information to process your online order and credit card number. We also use your address and billing information to bill you and provide associated support.
III. Disclosure of Information to Third Parties
We sometimes engage unaffiliated businesses to assist us in providing you certain services. For example, we may hire a shipping company to help us deliver our products or services to you. We may also use third parties to process online transactions and credit card payments. In those instances, we may need to share your personal information with them. We require these companies to use your personal information only to provide the particular product or service and do not authorize them to use your personal information for any other reason.
We may disclose personal information when we are required or requested to do so by law, court order or other government or law enforcement authority or regulatory agency; to enforce or apply our rights and agreements; or when we believe in good faith that disclosing this information is necessary or advisable, including, for example, to protect the rights, property, or safety of RailPass.com, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
IV. Security of Information
The security of your personal information is important to us. We maintain physical, electronic, and procedural safeguards to secure your personal information. However, “perfect security” does not exist on the Internet, and there is always some risk in transmitting information electronically. This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and off-line.
When our registration/order form asks users to enter sensitive information (such as credit card number), that information is encrypted and is protected with the best encryption software in the industry, SSL (Secure Sockets Layer). The site employs SSL via a digital certificate issued by Thawte.
If you have any questions about the security at our website, you can send an email to info@RailPass.com.
V. Information Accuracy
We encourage you to contact us at info@RailPass.com to resolve any issues or complaints. We would also like to notify you that you have the option of independent recourse should you choose.
RailPass.com is committed to cooperating with European Union Data Protection Authorities (DPAs) in the investigation and resolution of complaints brought under the Safe Harbor; and will comply with any advice given by the DPAs where the DPAs take the view that the organization needs to take specific action to comply with the Safe Harbor Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles, and will provide the DPAs with written confirmation that such action has been taken.
This Policy is effective as of June 2015. We reserve the right to change this policy at any time, and will post any changes to this Policy as soon as they go into effect. Please refer back to this Policy on a regular basis.
VI. Trenitalia S.p.A. Night Train Personal Data Protection Policy
The below is the Personal Data Protection Policy of Trenitalia S.p.A.—the railway responsible for the night train service.
Personal data protection – Italian law 196/2003- art 13.
According to the Italian law 196, dated June 30th, 2003, article 13, “Code for the protection of personal data” and, as provided by Trenitalia transportation rules, we inform You that, as from October 1st, 2010, it is compulsory to travel in night accommodations (beds and couchettes) provided with ID (Passport or Identity card).
The staff on board will record the following information: name, surname, reference number of the ID. As from December 12th, 2010, when buying the ticket for the night trains, customers’ names travelling must be indicated on the ticket.
All of these data will be treated for all purposes related to the safety of all corporate assets of Trenitalia. Personal data listed above are also necessary for the validity of the ticket.
The holder of all customers’ data is Trenitalia S.p.A Company, in Rome, at p.zza della Croce Rossa 1, 00161.
The information requested will be kept as long as necessary, in order to pursuit all of the purposes listed above and they will be used exclusively by manual means and/or information systems, adopting the suitable measures to ensure the security and confidentiality of customers’ data.
All of the customers’ data will not be disclosed to third parties and they will not be disclosed outside Trenitalia, except for all the cases provided by law.
“Compagnia Internazionale delle Carrozze Letto e del Turismo S.A” and “Società Wasteels International Italia Srl” will be informed as companies in charge of the night services on the train and, consequently, of all customers’ data collection.
The list of all the persons in charge of customers’ data can be examined in Rome, at Trenitalia Divisione Passeggeri N/I building, at p.zza della Croce Rossa 1.
Any right against the responsible of data collection may be exercised under the Italian law 196/03 article 7.