Privacy & cookie policies

UNIFE – PRIVACY NOTICE

This privacy notice provides information to individuals whose data are collected through the website www.unife.org and other websites controlled and/or operated by UNIFE that link to this privacy notice, and those individuals whom UNIFE encounters in conducting its activities, such as participants to UNIFE events, representatives of UNIFE members and public institutions and authorities, specialists in the fields of European and public affairs, transport and railways, UNIFE contacts and other people with whom UNIFE has a relationship (hereinafter each referred to as an “Individual”), regarding how their personal information is collected and processed by UNIFE or within its affiliated entities, in compliance with the applicable data protection laws, in particular the European Regulation 2016/679 of 27 April 2016 called the General Data Protection Regulation (hereinafter “GDPR”).

This privacy notice explains why and how personal information about Individuals (hereinafter “Personal Data”) is collected, what Personal Data is processed, who has access to Personal Data, how Personal Data is protected, how long Personal Data is retained, the rights of the Individuals and who to contact for further information. This notice is without prejudice to specific provisions set out in other related documents or any contract entered into between UNIFE and the Individual concerned or his/her organisation.

1. why unife PROCESSES PERSONAL DATA?

UNIFE, whose registered offices are located at Avenue Louise 221, 1050 Brussels, Belgium and registered with the Crossroads Bank for Enterprises under the number BE0453405417, keeps and processes Personal Data, whether or not in electronic form, for administrative, marketing and customer/supplier management purposes, especially in light of the following non-exhaustive activities:

(i) responding to any communication, inquiry or request which an Individual submits to UNIFE;
(ii) managing relationships and maintaining contact with the Individuals;
(iii) introducing the Individuals to other Individuals during projects of UNIFE events;
(iv) negotiating and executing agreements;
(v) processing information relating to a proposed or actual purchase or sale of products or services by UNIFE, including sending statements and invoices;
(vi) improving UNIFE’s products and/or services;
(vii) providing the Individuals with newsletters and marketing communications and/or any other information relating to the activities of UNIFE, and/or conducting surveys and market research;
(viii) legal and/or regulatory compliance, including dispute resolution.

2. What are the legal grounds for processing the PERSONAL data?

These data are processed on one or more of the following legal grounds:

The consent of the Individual concerned (e.g. for responding to a survey);
In view of the entering into and the performance of a sales contract or another contract with the Individual or his/her organisation, including the invoicing process;
To comply with legal obligations applicable to UNIFE (e.g. regarding tax matters, etc.);
In the framework of the legitimate interests of UNIFE and/or a third party, but which UNIFE believes also benefit the Individuals, such as, but not limited to, direct marketing and data analytics.

3. Which categories of personal data are processed?

Personal Data is all personal information relating to an identified or identifiable natural person who is an Individual.

For the abovementioned purposes, the processing of personal data may include the following categories:

Personal identification data, such as the name and the address;
Electronic identification data, such as the email address and the phone number;
Personal details, such as the date and place of birth, language, nationality, and gender;
Professional details, such as the organization/employer name and his/her function/position/role;
Financial data (bank account number, etc.);
Images and video footage;
Consumption habits (sales history, etc.);
Information collected through cookies and similar technology;
Survey data.

4. Where do the PERSONAL data come from?

When an Individual contacts UNIFE, Personal Data will likely come directly from the individual concerned. UNIFE may also contact an Individual for prospecting purposes if initial contact information has not been obtained directly from such individual, including receiving such information from publicly available sources or from other persons who have transmitted this data to UNIFE. During the course of the relationship, the Individual concerned, or another representative of his/her organization, will provide UNIFE with further information for the management of the relationship.

UNIFE may also receive or generate data relating to an Individual from other individuals or organisations, or those to whom such Individual communicates by email or other systems.

The Personal Data collected directly or indirectly by UNIFE is required to fulfil legal requirements and/or to enter into a contract and maintain contact for the duration of the relationship. Failure to provide UNIFE with required information will negatively affect UNIFE’s ability to communicate with the Individual concerned (including the ability to provide any applicable electronic newsletters if an Individual does not wish to share his/her email address) or to enter into a contract with the Individual or his/her organisation or to continue the performance of a contract once entered into without access to necessary Personal Data.

5. Who has access to the personal data?

For the abovementioned purposes, Personal Data will be shared on a need to know basis with:

the Individuals themselves or other individuals employed by or representing their organisation,
the personnel of UNIFE,
UNIFE members,
government, regulatory bodies and/or public authorities where it is necessary to comply with legal or regulatory obligations which UNIFE is subject to or as permitted by applicable law,
authorized third party agents, service providers, professional advisors and/or subcontractors of UNIFE such as for website maintenance, assistance with promotional campaigns, etc.

Also, UNIFE’s websites contain social media buttons allowing the user to share content with third parties. When using such buttons, some information (e.g. IP address) may be accessed by the social media operator. UNIFE does not control which information is accessed and how that information is processed by such operators. Please see the applicable privacy policies to check how they use this information.

6. Are the PERSONAL data transferred INTERNATIONALLY?

It may be necessary in limited circumstances to transfer Personal Data abroad or to an international organisation to process and/or store this information to comply with our legal or contractual requirements. For transfers of data outside the European Union, UNIFE has implemented appropriate safeguards in line with GDPR requirements. To ensure an appropriate level of protection for Personal Data, UNIFE will either use a data transfer agreement with the third-party recipient based on standard contractual clauses approved by the European Commission, ensure that the transfer is to a jurisdiction that is the subject of an adequacy decision by the European Commission or to the United States under the EU-US Privacy Shield framework.

7. How long are the PERSONAL data retained?

The Personal Data are retained no longer than necessary for the purposes described in this privacy notice. As a rule, and unless otherwise stated in other related documents for specific categories of Data, the Personal Data are retained during the term of the contract as well as following the expiration or termination of the contract for as long as UNIFE can have legal liability for which the use of these Data can be relevant, taking into account the applicable statutory periods of limitation and legal retention obligations. For marketing purposes, the applicable data will be retained as long as the Individuals concerned do not object.
That being said, information may be retained for a shorter period of time where an Individual objects to the processing of his/her Personal Data and there is no longer a legitimate purpose to retain such information.

8. How IS PERSONAL data protected?

UNIFE has implemented adequate technical and organizational measures to protect Personal Data and keep it as safe and secure as reasonably possible, protecting it against unauthorized, accidental or unlawful destruction, loss, alteration, misuse, disclosure or access and against other unlawful forms of processing. These security measures have been implemented taking into account the state of the art of the technology, their cost of implementation, the risks presented by the processing and the nature of the Personal Data in question.

9. What are the INDIVIDUAL’S rights and who can they contact UNIFE?

Individuals who have Personal Data collected and processed have the right at any time to contact UNIFE to access their Personal Data and, by providing enough proof of their identity, request a correction of any incorrect or incomplete information.

Subject to and in accordance with applicable law, Individuals may also have the right to:

• request the deletion of their Personal Data;
• request restrictions or object to the processing of their Personal Data;
• data portability, allowing the Individuals concerned to copy or transfer their Personal Data;
• withdraw their consent at any time where consent was provided to process their Personal Data, provided this will not affect the validity of the processing prior to such withdrawal of consent; and
• receive more information about the safeguards in case of international data transfers.

Individuals have also a right to lodge a complaint with the Belgian Data Protection Authority or another EU supervisory authority if they think UNIFE has not acted in line with any applicable data protection laws in respect of dealing with their Personal Data.

For any further information about these rights or to make a request, please contact UNIFE or its DPO at:

UNIFE:

By e-mail: general@unife.org
By letter: UNIFE – the European Rail Industry, Avenue Louise 221, 1050 Brussels

its DPO: GOlegal

By e-mail: dpo@unife.org, a332@golegal.be
By letter: GOlegal, Avenue Louise 523, 1050 Brussels, Belgium
By phone: +32 2 880 82 69

10. COOKIES AND SIMILAR TECHNOLOGY

The websites may use cookies and similar technology to collect and store information when Individuals visit these websites. For more information, please refer to the Cookies Policy available on the websites.

11. Changes TO PRIVACY NOTICE

This privacy notice may be updated from time to time as needed, notably to comply with changes in any applicable laws, regulations or requirements introduced by data protection authorities.

This privacy notice was last updated on March 8th, 2019.

Cookies policy

To ensure our website functions optimally and that we provide an efficient browsing experience for our users, this website uses “cookies” or similar technologies. Information about cookies and how and why we use them is set out in this Cookies Policy.
In this document, the words “UNIFE”, “we”, “us” and “our” refer to UNIFE and its affiliated entities.

1. What are Cookies ?

A cookie is a small text file, saved by the browser on the user’s device (computer / smartphone / tablet) when vi siting websites. The use of cookies allows websites to function as efficiently and simply as possible. Every user manages and controls their cookies at any time from their browser settings and can delete them when they leave the website they just visited. When a user disables cookies from his/her browser, he/she will be able to view the vast majority of the content of UNIFE’s website but disabling the cookies might prevent optimal functioning of UNIFE’s services. You may visit www.allaboutcookies.org for details on how to delete or reject cookies and for further information on cookies generally.

2. CATEGORIES/TYPES OF COOKIES

Cookies are often categorized according to the two following characteristics:

SESSION COOKIES” OR “PERMANENT COOKIES”:

Session cookies are automatically removed from the computer’s hard drive or the user’s browser memory when he/she logs out and/or closes the browser whereas permanent cookies remain stored on the computer’s hard drive or in the user’s browser memory for a limited period of time after the browser is disconnected or closed.

“third party cookies” or “first party cookies”:

First-party cookies are cookies that belong to UNIFE whereas third-party cookies are cookies that another party accesses or places on the user’s device through UNIFE’s website.

3. EXPLICIT CONSENT OR NOT VARY FROM THE FUNCTION OF COOKIES

Depending on their function, some cookies will require a prior and explicit consent, or not.

Generally speaking, cookies that are necessary for the proper functioning of the website do not require explicit consent (they are strictly necessary if you wish to visit this site) whereas those that are used to improve and simplify its use need explicit consent: you can completely refuse those cookies (see the table below with the most frequent types of cookies).

‘strictly necessary’ cookies :

These cookies are necessary for the operation of the website. They do not collect any information about the user that may be used for marketing purposes and are essential to use the websites.
They are exempt from the consent requirement in accordance with Article 129 of the Electronic Communications Act of 13 June 2005 (see points 3.1 and seq, of the opinion 04/2012 of the Article 29 Working Party, an independent European advisory body bringing together the members of the various national authorities for the protection of personal data about exceptions to the consent requirement for cookies).
‘functional’ cookies :
Those cookies are used to store the user’s login data, to secure the user’s login to the website, to provide live assistance. These cookies do not collect any information about the user that can be used for marketing purposes. These cookies are also exempt from the consent requirement (see points 3.1 and 3.3 of the opinion mentioned above).
‘Authentication’ cookies:
Those cookies allow users to identify themselves and gain access secure content. These cookies are usually session cookies and do not collect any information about the user that can be used for marketing purposes. These cookies are also exempt from the consent requirement (see section 3.2 of the opinion mentioned above).

‘performance’ cookies :
Those cookies allow to collect information about how users browse the websites, and to adapt and improve these websites accordingly. These cookies are usually session cookies and do not collect any information about the user that can be used for marketing purposes. These cookies are placed and used based on the consent given by the user.
‘targeting’/‘advertising’ or ‘third’ cookies :

The website owner could possibly conduct advertising campaigns, including the use of third parties who may sometimes place cookies (or similar technologies) to evaluate the success of the campaign, or show targeted advertising, adapted to the interests of the users, or to limit the number of views per user. For example, (links to) social networks or (videos hosted on) YouTube are third parties that may require, if necessary, to place cookies on the website. These cookies are placed and used based on the consent given by the user.
When a user refuses to use this type of cookies, the user can only access pages and services that do not require these cookies. The parts of the websites that technically allow the inclusion of third-party content – and therefore third-party cookies – will no longer be accessible and a message will inform the users.

4. The table below displays in DETAIL the cookies used on THE website

Below is a summary of the types of cookies used:

Category
Cookie name
Domain using the cookie

Cookie’s purpose
Preservation time of the cookie and opt out
First Party Cookie

PHPSESSID
www.irqb.org
Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.

The main purpose of this cookie is: Strictly Necessary
End of session