This website is managed by the International Rail Transport Committee (CIT), Weltpoststrasse 20, CH-3015 Bern. You are invited to familiarise yourself with the information below, which details the management of your personal data and the conditions of use of the website.
The protection of the personal data of its members and of the persons it is in contact with is very important to the CIT. Hereinafter, we set out the principles we follow and for what purpose we collect and process personal data (that means information that determines your identity or allows us to identify you) via this website, and other means operated by the CIT.
We collect and process your personal data carefully, only for the purposes described in this Privacy Statement and only to the extent necessary as defined therein and within the scope of the applicable legal regulations. We only store your personal data to the extent and as long as it is required for the performance of our services or as we are legally obligated.
1 COLLECTION AND USE MADE OF THE PERSONAL DATA
By using our services, you acknowledge that we collect, use, and share some of your data, by virtue of the provisions set out below. We collect data only when this is necessary for the use of our services and optimisation of the website for professional purposes.
a) Data collected
We collect and process different types of data so that you can enjoy an optimum browsing and navigation experience on our website. We do not collect data relating to your private information (health data, or connected with your religion, etc.).
For some of our services or in connection with them, we record data concerning you. These data are:
- Account creation: when your account is created, are in particular recorded your surname, forename, postal address, email address, telephone number, position and your connection data.
- Connection to the site: for this occasion, are in particular recorded your connection, navigation or location data.
- Information derived from third parties: some of your data (in particular your surname, forename, and telephone and/or postal details) may have been sent to us, with your prior agreement, by our members. In this case, processing of your data shall be governed by the present provisions.
- Contact: when completing the form for requesting access rights, your surname, forename, email address, postal address, position, telephone number and your message will be collected.
- Events : If you attend one of our meetings, our conferences or our workshops, your image may be captured and be used in our publications.
b) Processing of data
We only use your data insofar as it is necessary in order to:
- Contact you;
- Provide you with access to, and use of the site;
- Check and authenticate your data;
- Optimise the configuration and functioning of the site;
- Take measures against fraud, abusive use, viruses and other malware;
- Manage our relationship with you;
- Provide user support;
- Provide execution of our services (in particular, advice/consulting, sending CIT-Info, working documents, minutes, circular letters, annual reports, invitations to our conferences and meetings);
- Process your requests;
- Ensure payment of membership fees;
- Set up and manage your access to our website;
- Comply with our legal obligations.
c) Recipients of the data collected
Access to your personal data is strictly limited to our administrative personnel, our employees, the accounts department, and, as appropriate, to our subcontractors. The subcontractors in question are bound by an obligation of confidentiality and can only use your data in accordance with our contractual provisions, and the applicable legislation.
Other than the cases detailed above, we undertake not to give access to your data to third parties without your prior consent, unless we are required to do so due to a legitimate reason (a legal obligation, measures against fraud or abuse, the exercise of rights of defence, etc.).
Your data may be sent abroad, so long as the destination State is deemed capable of guaranteeing an appropriate level of protection, according to the Federal Data Protection Commissioner, or if this transfer operates in the context of an international treaty with this State. In default of this, you will be expressly informed of such a transfer, and you will be requested to give your consent in prior advance.
d) Retention of your data
Your personal data will be retained as long as required for the execution of the above tasks, unless:
- You invoke your right to delete data concerning you, under the conditions described below;
- A longer retention period is authorised, or imposed, due to a legal or regulatory provision.
e) Security of your data
We take appropriate measures, both from a technical and organisational point of view, in order to protect your personal data from any manipulation, partial or total loss, or unauthorised third party access. Our security measures are regularly adapted to technical developments, and enhanced accordingly.
When you enter your password for our website, it is incumbent upon you to treat your information confidentially.
If you are signed up for the newsletter, your email address is stored for specific professional purposes, until you unsubscribe from the newsletter.
g) Your rights
In accordance with the Federal Law on data protection dated 19 June 1992 and its implementing decree, and also with European Regulation No. 2016/679/UE dated 27 April 2016 (applicable with effect from 25 May 2018), you have the following rights:
- To exercise your right of access, in order to obtain information on personal data concerning you;
- To request the updating of your data, if these are not accurate;
- To request the portability or deletion of your data;
- To request deletion of your account;
- To request limitation of the extent of processing of your data;
- To oppose the processing of your data, for legitimate reasons;
- To oppose, or withdraw your consent to the use, by our departments, of your contact details for sending you our documents, invitations, and newsletter via email or post.
These various rights can be exercised by email by contacting Mr Loïc Gioria (loic,firstname.lastname@example.org). For reasons of security and in order to avoid any fraudulent requests, this request must be accompanied by a proof of identity. The proof of ID will be destroyed once the application has been processed.
For all additional information, or in order to make a complaint, you can contact the Federal Data Protection and Information Commissioner (further information can be obtained from: https://www.edoeb.admin.ch/edoeb/en/home.html).
2 COLLECTION OF DATA RELATING TO TRAFFIC (COOKIES)
Most web browsers automatically accept cookies. You can, however, configure your browser so that it does not accept cookies, or so that it requests your authorisation each time. If you deactivate or block cookies, it is possible that you will no longer be able to use certain functionalities of our website.
Strictly necessary cookies
These cookies do not contain personal data. These cookies are necessary for the functioning of the website and cannot be deactivated. They store some of your preferences and your identifiers in memory. You can configure your browser so that it warns you of their existence or blocks these cookies, but without them, the website may not be able to function.
The data gathered is anonymous. These cookies enable us, for example, to count the number of visits to the website and to analyse the sources of traffic. Blocking these cookies would prevent us from obtaining high quality statistics.
The purpose of these cookies is to improve the user’s experience by improving personal functionalities. These cookies can be placed by third parties, some of whose services have been added on our pages.
3 LIMITATION OF LIABILITY AND FINAL PROVISIONS
a) Applications or technologies managed by third parties
You acknowledge that browsing the internet entails certain risks that we cannot control. We do not, in particular, control third party applications or other tracking technologies, even though they are present on our website. The confidentiality policies of these third parties should be consulted. We decline all responsibility in the case of an attack, infringement, or damage caused by third parties’ applications or third parties’ tracking technologies.
b) In the case of cyber attack
In the case of cyber attack, we do not assume any responsibility in the event of any infringement or damage caused by this intrusion, unless this is due to gross negligence.
c) Links to other websites
The website contains hypertext links to other sites that do not belong to the CIT. In consequence, we cannot be held responsible for the content or functioning of these sites, or for any damage arising from the use of these sites. The user therefore connects to these third party websites at his/her own risk.
d) Changes to the conditions
We may make changes to this Statement at any time. In this case, you will be notified appropriately, for example, on the homepage on our website.
e) Applicable law and forum
In the case of a dispute, only the courts of Bern (Switzerland) shall be competent and Swiss law is applicable.
If you have questions concerning the protection of data on our website, if you wish to obtain information concerning you, or to delete your data, please contact Mr Loïc Gioria, email@example.com.
Applicable with effect from 25 May 2018