Personal data protection
Person responsible for the processing of personal data
Your personal data are processed by the company UIP RAIL whose headquarter is located in:
Address : rue Montoyer 23 – Brussels 1000 Belgium
Phone Number: +32 26 72 88 47
Purposes of collecting personal data
UIP RAIL is processing your personal data for the following purposes :
To provide you various information or services (sending newsletters, white papers, personalized offers, contests, promotional offers)
The recipients (receivers) of your personal data
Your personal data is stored by UIP RAIL. However, they may also be disclosed to our company’s employees or service providers only upon our request, following our instructions and excluding any other use.
The transfer of personal data outside the European Union
Personal data can only be transmitted outside the European Union to countries applying a data protection policy corresponding to the one in effect in the European Union.
The storage period and deletion of your personal data
The personal data collected will be kept for as long as necessary to achieve the different purposes. Once the objectives have been achieved, they will be deleted or anonymized.
The protection of personal data
UIP RAIL is committed to protecting your personal data from unauthorized access and manipulation through organizational and technical measures. Your personal data are treated in complete confidentiality by the persons authorised to do so and only for achieving the required purpose.
However, you should be aware that nowadays, there is a real risk of leaks of personal data.
In the event of an accidental or malicious leak, and in accordance with the General Data Protection Regulation (GDPR), UIP RAIL undertakes to notify the problem directly to the Data Protection Authority.
Your rights regarding your personal data
The General Data Protection Regulation (GDPR), which is effective since May 2018 in Belgium, stipulates that when using your personal data, you have certain rights at any times:
- Right to erase your data
- Right to data portability
- Right to access your data
- Right to rectify your data
- Right to restrict processing
- Right of opposition
In accordance with Article 12 of the GDPR, to exercise your rights, you must contact the entity responsible for processing your personal data in writing, electronically or orally. A copy of your identity card is also required and will not be valid orally.
As from the date of receipt of your request, the controller of your personal data must inform you of the measures relating to your case within a maximum period of one month. It should be noted that in some cases where the request is more complex, the response time can be extented to three months. If the latter situation arises, you should be informed and the data controller should contact you to explain the reasons for the extension.
If the entity in charge of processing your personal data does not accept your request, it must inform you of the reasons for its refusal within a period of one month from the date of receipt of your request.
You then have the possibility to file a judicial appeal by filing a complaint with the Data Protection Authority (DPA).