Please use a recent version of Google Chrome, Mozilla Firefox, Safari or Microsoft Edge to get the most out of the experience.Find a modern browser
At UITP, we make it a matter of pride to respect the privacy and to treat personal data we receive or have access to, in the strictest confidentiality and in accordance with the legislation in force, in particular the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and the free movement of such data ( hereinafter the “GDPR“),
The Union Internationale des Transports Publics, an international non for profit association (IVZW/IASBL), with registered address at rue Sainte-Marie, 6 in 1080 Brussels, Belgium and registered with the Belgian Crossroads Bank for Enterprises under number 0544.198.506 (hereinafter “UITP” or “we” or “us”) is the data controller of the personal data it collected from you. We are responsible for your personal data.
We might collect miscellaneous personal data from you, depending upon the reasons or the purposes for which your personal data are being shared with us (see point 3 below), such as:
We collect your data for different reasons:
3.1 For any reason related to our statutory goal and our core activity as described on our website www.UITP.org, to keep you informed about UITP, our activities and relevant sector related information and news, to invite you to and organize events, to duly perform the services that you require from us, to improve the quality of our products and services where possible, to answer to your reasonable expectations and more in general to facilitate communication with you where and when this necessary or deemed useful.
3.2 We may also use your data to carry out analysis and costumer profiling.
3.3 We can also collect your personal data for pure administrative, organizational or operational purposes, e.g. to identify you as a contact person, lawful representative of a corporation or similar legal entity.
3.4 We might also collect personal data to meet any applicable law, regulation, legal process or enforceable governmental request and/or where this would be necessary for the prevention of fraud.
The legal basis for the processing of your personal data is:
5.1. Directly from you.
Most of the personal data that we will obtain from you will be through your active intervention. We might collect your personal data via e-mail or any other electronic means, via our website, via telephone, via postal services, via your business card you have handed over to one of our employees or representatives.
Where required by law we will seek your prior consent before processing your personal data.
We will not collect personal data directly from minors under 16 years old unless we have obtained the consent of an adult who has the legal custody over the minor.
5.2. Indirectly via other sources.
We might collect personal data from you via other sources, such as via platforms or databases where you have made your personal data available to the public (e.g. LinkedIn, etc), via third parties, such as database vendors, partners with whom we work together, the employer you work for, your colleagues, public authorities and in general any other source other than you.
In the cases where we obtain personal data from you through another source than yourself, we will seek sufficient guarantees from that source that your personal data have been collected by that third party in compliance with privacy legislation and that where necessary your consent has been obtained to share your personal data with us and allow us to use it for the purposes that we envisage.
A cookie is a small piece of data stored in your web browser while you are browsing on one of our websites. When you browse the website(s) again in the future, the data stored in the cookie can be retrieved to notify us of your previous activity.
We have invested in a state-of-the-art IT infrastructure that allows us to protect your personal data to the maximum extent possible against theft, loss and any illegal use.
We constantly develop and improve internal security and data protection policies, which contains strict guidelines and manuals for our personnel with regards to an appropriate treatment of personal data
We regularly organize information- and training sessions for our personnel.
We will delete or anonymize your personal data completely and irreversibly:
Unless we are required to keep your personal data longer to:
8.1For organizational, administrative and efficiency reasons
We might share personal data with certain external service providers and partners where we deem this necessary or useful to duly perform the services to you and/or organize and optimize the efficiency of our activities.
We may e.g. rely on – and share your personal data with – third parties for technical services, such as external IT hosting providers, cloud service providers, external IT maintenance providers or for organizational purposes such as event organizers, providers of platforms for e-mail surveys, travel agencies, etc.
8.2.For legal and/or security reasons
We might share your personal data with outside companies, organizations, authorities or individuals if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
8.3. Not for third party’s commercial, promotional or marketing purposes
We will not disclose or share your personal data with third parties for their own commercial, marketing- or promotional purposes unless we would have obtained your consent thereto.
We will not share any sensitive data about you with third parties without your explicit consent.
UITP remains at all times liable towards you for a secure processing of your personal data by external parties to whom it has granted access to the personal data it collected from you.
We only share your personal data with external parties who can evidence and commit to an adequate protection of your personal data at the same – or at least at a similar – level as UITP and we will seek sufficient contractual guarantees to this effect.
We only transfer personal data to third parties in a non-EU country, only when that country provides an adequate level of protection within the meaning of the legislation in force, and, in particular the GDPR or within the limits permitted by the legislation in force, for example by ensuring the protection of data by appropriate contractual provisions.YOUR RIGHTS – OUR OBLIGATIONS: ACCES, CORRECTION, DELETION, RESTRICTION, OBJECTION
We take all reasonable steps to ensure that your personal data are kept accurate and up-to date for the purposes for which they were collected.
You have the right to be at all times and free of charge, be informed about your personal data.
You can at any time require access to your personal data, have them corrected and/or updated.
We will provide you with the ability to object to the processing of your personal data if such processing is not reasonably required for a legitimate business purpose as described in this policy or our compliance with law.
Where appropriate, we will also provide in an opt-out box or- link if you do not longer want to be included in our database. For example if you would not longer want to receive our newsletter.
Requests to restrict the use of your personal data and/or to delete your personal data will be subject to any applicable legal and ethical reporting or document filing or retention obligations imposed on us.
You also have the right to ask us to transfer your personal data to another data controller.
You have the right to lodge a complaint with a supervisory authority.
If you wish to contact us regarding our use of your personal data or object to the processing of your personal data, please contact us at privacypolicy(@)UITP.org or in writing by sending a letter to UITP, rue Sainte-Marie, 6 in 1080 Brussels, Belgium.