At ItaliaRail.com, we are committed to protecting the online privacy of visitors to our website. This policy applies only to the website and online services provided by ItaliaRail.com. The purpose of this policy is to inform you about the types of information we gather about you when you visit our website, how we may use that information, and how we disclose it to third parties.
ItaliaRail.com complies with the U.S.-E.U. Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from the European Union member countries. ItaliaRail.com has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view ItaliaRail.com’s certification, please visit http://www.export.gov/safeharbor/ .
I. Information We Collect
Personal Information
At various locations on our websites, such as in our order forms (and potentially surveys and polls), we may request that you supply us with “personal information,” such as your name, email address, mailing and shipping addresses, home or work telephone number, and/or credit card information. You will always know when we are collecting personal information, because we only collect personal information when you voluntarily submit it to us through our online forms and questionnaires. Although you do not have to provide us with any information to visit our websites, you may not be able to fully utilize all of the services on our websites if you choose not to provide certain information. If you do choose to give us personal information through our websites, we will collect and retain that information.
Non-Personal Information
When you use our websites, we may also collect “non-personal information,” which is information that, by itself, cannot be used to identify or contact you, such as demographic information (your age, gender, income, education, profession, zip code, etc.). Non-personal information may also include technical information, such as your IP address, the type of browser you are using, the websites you visit immediately before and immediately after you visit our websites, and other anonymous data involving your use of our websites. Non-personal information may also include information that you provide us through your use of our website
Online Orders
We collect personal information from you when you purchase products from our online order process. For example, we require you to provide your name, contact information, shipping and billing addresses, and a credit card number before we process your orders. We also collect information about your transactions with us. We may use the information that you provide to communicate with you about products purchased through our online service, to provide customer support in connection with those products.
Cookies
We use “cookies” to enhance your visits to our websites. A cookie is a small amount of data that is sent to your browser from a web server and stored on your computer’s hard drive. Cookies do not store personal information about you, unless you knowingly provide it. Cookies can store non-personal information, such as what websites, or pages your browser has accessed. We use cookies to store information and personalize your experience with our websites. For example, cookies allow our websites to recognize your browser as a previous visitor, and thus save and remember any preferences that may have been set while you were previously browsing our websites. Our cookies can also store information you have placed in a “shopping cart.”
Although we are a U.S.-based company, we do have many customers that come from overseas. There have been recent changes in the U.K. and European Union laws surrounding cookies, and those changes can be found here. If you are a resident of the U.K. or European Union, we encourage you to follow this link and learn more about these recent changes to the law and how it relates to using our site.
You do have control over cookies. Most browsers can be set to notify you when a cookie is being placed on your computer. Most browsers can also be set to refuse to accept cookies, although this may affect your Internet experience. You can also erase cookies that are already on your computer. For more information about working with cookies, you should consult your user manual, FAQ, or “help” function of your specific browser and operating system software.
II. How We Use the Information
Our Services and Websites
We use your personal information to provide you any services that you may request or require, to communicate with you, to allow you to make purchases. We use aggregated non-personal information about our users to understand our website’s demographics, such as the geographic distribution of our users, the age ranges of our users, or a combination of these or other demographics. We use the non-personal information we collect to analyze how our websites are being used, and to improve the content of our websites, online product offerings, and promotional efforts.
Email Communications
If you send us an email with questions or comments, we may use your personal information to respond to your questions or comments, and we may save your questions or comments for future reference. However, aside from our reply to such an email, it is not our standard practice to send you email unless you request a particular service that involves email communications or in order to provide customer support in connection with those products. There may be times when you will have the opportunity to subscribe to an email list or electronic newsletter that will send information about our websites to your email address. However, we will provide you with the option to change your preferences and opt-out of receiving those communications.
Online Service
If you make a purchase through our online ordering service, we may use the information you provide to send you important announcements and updates regarding our website or online service. In those instances, we will provide you with the option to change your preferences and opt-out of receiving those communications. When you provide us with your personal information to make a purchase through our
online ordering, we only use this information to process your online order and credit card number. We also use your address and billing information to bill you and provide associated support.
III. Disclosure of Information to Third Parties
Except as specifically set forth in this Policy, we do not share your personal information with any non-affiliated third party without your permission. We may disclose aggregate information, such as demographic information, and our statistical analyses to third parties. This aggregate information does not include your personal information. Our websites may contain links to other websites. We have no control over the privacy practices or the content of any of our business partners, sponsors or other websites to which we provide links from our websites. You should check the applicable privacy policy of the third-party website when linking to other websites.
Service Providers
We sometimes engage unaffiliated businesses to assist us in providing you certain services. For example, we may hire a shipping company to help us deliver our products or services to you. We may also use third parties to process online transactions and credit card payments In those instances, we may need to share your personal information with them. We require these companies to use your personal information only to provide the particular product or service and do not authorize them to use your personal information for any other reason.
Other Disclosures
We may disclose personal information when we are required or requested to do so by law, court order or other government or law enforcement authority or regulatory agency; to enforce or apply our rights and agreements; or when we believe in good faith that disclosing this information is necessary or advisable, including, for example, to protect the rights, property, or safety of ItaliaRail.com, our users, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
IV. Security of Information
The security of your personal information is important to us. We maintain physical, electronic, and procedural safeguards to secure your personal information. However, “perfect security” does not exist on the Internet, and there is always some risk in transmitting information electronically. This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, your information is protected both online and off-line.
When our registration/order form asks users to enter sensitive information (such as credit card number), that information is encrypted and is protected with the best encryption software in the industry, SSL (Secure Sockets Layer). The site employs SSL via a digital certificate issued by Thawte.
If you have any questions about the security at our website, you can send an email to info@italiarail.com.
V. Information Accuracy
Any questions you may have regarding our Privacy Policy, the accuracy of your personal information or the use of your personal information, or any requests that we correct, update, or remove your information in our databases, should be directed via email to info@italiarail.com .
After receiving a request to change your information, we will make reasonable efforts to ensure that all of your personal information stored in databases we actively use to operate our website will be updated, corrected, changed or deleted, as appropriate, as soon as reasonably practicable. However, we reserve the right to retain in our archival files any information we remove from or change in our active website databases. We may retain such information to resolve disputes, troubleshoot problems and enforce our terms of use.
We encourage you to contact us at info@italiarail.com to resolve any issues or complaints. We would also like to notify you that you have the option of independent recourse should you choose.
ItaliaRail.com is committed to cooperating with European Union Data Protection Authorities (DPAs) in the investigation and resolution of complaints brought under the Safe Harbor; and will comply with any advice given by the DPAs where the DPAs take the view that the organization needs to take specific action to comply with the Safe Harbor Principles, including remedial or compensatory measures for the benefit of individuals affected by any non-compliance with the Principles, and will provide the DPAs with written confirmation that such action has been taken.
This Policy is effective as of May 1, 2013. We reserve the right to change this policy at any time, and will post any changes to this Policy as soon as they go into effect. Please refer back to this Policy on a regular basis.
VI. Trenitalia S.p.A. Night Train Personal Data Protection Policy
The below is the Personal Data Protection Policy of Trenitalia S.p.A.—the railway responsible for the night train service.
Personal data protection – Italian law 196/2003- art 13
According to the Italian law 196, dated June 30th 2003, article 13, “Code for the protection of personal data” and, as provided by Trenitalia transportation rules, we inform You that, as from October 1st 2010, it is compulsory to travel in night accommodations (beds and couchettes) provided with ID(Passport or Identity card).
The staff on board will record the following information: name, surname, reference number of the ID. As from December 12th 2010, when buying the ticket for the night trains, customers’ names travelling must be indicated on the ticket.
All of these data will be treated for all purposes related to the safety of all corporate assets of Trenitalia. Personal data listed above are also necessary for the validity of the ticket.
The holder of all customers’ data is Trenitalia S.p.A Company, in Rome, at p.zza della Croce Rossa 1, 00161.
The information requested will be kept as long as necessary, in order to pursuit all of the purposes listed above and they will be used exclusively by manual means and/or information systems, adopting the suitable measures to ensure the security and confidentiality of customers’ data.
All of the customers’ data will not be disclosed to third parties and they will not be disclosed outside Trenitalia, except for all the cases provided by law.
“Compagnia Internazionale delle Carrozze Letto e del Turismo S.A” and “Società Wasteels International Italia Srl” will be informed as companies in charge of the night services on the train and, consequently, of all customers’ data collection.
The list of all the persons in charge of customers’ data can be examined in Rome, at Trenitalia Divisione Passeggeri N/I building, at p.zza della Croce Rossa 1.
Any right against the responsible of data collection may be exercised under the italian law 196/03 article 7.