Thalys1 cares about its clients’ privacy and, whenever Thalys processes your personal data, it does so in accordance with the provisions of the Belgian Law of 8 December 1992 on the protection of privacy relating to the processing of personal data and its implementing decrees.
By using the Thalys websites and/or Thalys products/services, whether made available to you directly by Thalys or by its Partners, (the SNCF, the SNCB, the NS and the DB), you agree that Thalys may automatically collect and process your personal data in accordance with the purposes described below. Thalys is committed to keeping your personal data (that you supply occasionally there including any data that we collect when you use our websites and/or services) for a reasonable period limited to the accomplishment of the objective pursued at the time of their collection or for as long as the law requires.
In certain special circumstances, your consent may be requested after the collection of personal data, but before their use (for example, when we wish to use the personal data for a purpose that has not been determined in advance).
3. Processing of personal data
Thalys may request certain information from you in order to use its websites and/or for the offer of certain Thalys products and services, in particular search for transport tickets, registration for the Thalys TheCard programme or an application for a Thalys ThePass subscription. Furthermore, each time you visit one of the Thalys websites, Thalys’ web server automatically recognises your IP address and/or your domain name.
Description of personal data
You are likely to send us the following types of personal data:
- Your personal and professional contact details (in particular your names, demographic data such as gender, language, age, profile – professional experience and interests, address, telephone number, mobile phone number and e-mail address),
- Financial information such as the number of your credit/debit card or other invoicing details,
- Other unique information: user ID, password, preferred products and services, preferred methods of communication,
- Geo-localisation data, in particular your IP address or your physical location when you request services based on geo-localisation.
We take all reasonable measures to ensure that your personal data in our possession is kept up to date and to delete any personal data that would prove to be incorrect or that is no longer necessary. We encourage you to access your account(s) (if applicable) to consult your personal data from time to time in order to ensure that it is up to date.
The processing of personal data
This personal data is processed for customer management purposes and allows Thalys to deal with your request, in particular for transport tickets, to continually improve the websites and the products and services offered to you and adapt them to your needs.
Furthermore, this data will allow Thalys to send newsletters to you electronically and/or by post (“Newsletter”) and other marketing information on new products and services, promotions and benefits, etc.
Thalys may analyse this data, establish marketing and sales activities reports, the frequency of visits and establish marketing profiles. Thalys may also use your information for market and satisfaction studies or for the development of products and services and for strategic development purposes in order to develop new products and/or services and to make improvements to its communication plans in order to better fit with your profile. This personal data may also be used to allow you to take part in a competition and to inform you of the progress and the outcome of the latter.
4. Transfer of personal data
With regard to the supply of certain products and services, Thalys reserves the right to communicate your personal data to its Partners and to its subcontractors.
Furthermore, and where you have expressly consented to this, Thalys may communicate your personal data to Thalys’ contracted service providers who are offering products or services likely to be of interest to you. For example, hotels, car rental companies, travel agents, etc.
Both these service providers and the subcontractors and Partners of Thalys are contractually bound to comply with the confidentiality of personal data received in the name of Thalys and cannot in any case use them for a purpose other than the performance of services for Thalys.
These Partners and service providers have and apply different privacy policies and practices than those of Thalys. We therefore recommend that you review the privacy policies of our Partners and service providers in order to acquaint yourselves with their procedures for the collection, use and disclosure of your information.
5. Security and Confidentiality
Thalys undertakes to keep your personal data confidential and has established security procedures in order to avoid any loss, abuse, alteration or disclosure of these personal data. We shall update security measures in line with technological progress, as required.
Security measures have been implemented to ensure that personal data is not accessible to unauthorised persons. In the context of security procedures implemented by Thalys, we may ask you for proof of identity before being able to provide you with any of your personal data.
All financial transactions that you perform on Thalys websites with your payment methods are made through a secure server (“Secure Server Technology”) which provides:
- authentication that verifies your identity and guarantees secure browsing and secure access to your personal data,
- encryption which ensures the confidentiality of your personal data by modifying them so that they cannot be read by others,
- data integrity that checks that the transferred personal data has not been altered.
Personal data recorded by Thalys shall be destroyed by Thalys at the end of the legal or contractual period, or if Thalys no longer needs it for the accomplishment of the purpose pursued at the time of its collection.
6. Right of access, correction, deletion and objection
In accordance with the legislation, you have the right to access, correct and delete any data concerning you. You also have the right to object to its processing, within the limits of the law of 8 December 1992 relating to the processing of personal data. These rights are guaranteed and may be exercised at any time.
You can exercise your rights:
- Either by sending a letter to:
- for Thalys TheCard members: Service ThalysTheCard;
- for Thalys ThePass members: Service ThalysThePass;
- in all other cases, (in particular for users of the websites Thalys.com and ThalysInside, the mobile application Thalys.com and subscribers to the Thalys Newsletter ):
Service Clientèle (Customer Service)
- Or, if applicable, by consulting “my Thalys account” on the Thalys.com website, or “your account” on the Thalys Thecard.com and/or the ThalysInside.com website.
Unsubscribe to commercial communications and « right to be forgotten »
- Unsubscribe (opt-out) :
- You may at any time unsubscribe to Newsletters and other Thalys commercial communications by mail, telephone or by clicking the ‘unsubscribe’ link at the bottom of each email.
- Please note that when you exercise your right to oppose receiving direct marketing, this objection only applies to the email address given. In case you receive advertisements on more than one email address, you will have to unsubscribe as many times, either by going to ‘My Thalys Account’/’Your account’, either by clicking on the ‘Unsubscribe’ link on each communication. In the case that you unsubscribe per letter, it is important to clearly mention all email address to be deactivated.
- « Right to be forgotten » :
- Any express request to completely delete your personal data must be addressed to : email@example.com, providing your complete details (name, surname, email(s), complete postal address) and a copy of your ID.
When you first connect to the Thalys websites, we place “cookies” on your computer in order to identify your country and if applicable your preferred language. These cookies enable sites to record data about your browsing to facilitate your visit and optimise your experience.
You may refuse the downloading of cookies onto your computer, but this may cause reduced performance, slower speed or even prevent access to some of the sites’ services.
For further information on cookies and the way in which you can remove them according to the type of browser used, we recommend that you read the following document: https://www.thalys.com/be/en/cookies
8. Links to other websites
9. Commission de la protection de la vie privée (Commission for the Protection of Privacy)
For any further information or any complaints concerning the processing of your personal data, you may contact the Privacy Commission at rue de la Presse 35, in 1000 Brussels, to which Thalys has declared the processing.
Link : www.privacycommission.be/en
10. Applicable legislation
- Law of 8 December 1992 on the protection of privacy in relation to the processing of personal data (Belgian State Gazette, 18 March 1993);
- Royal Decree implementing the law of 8 December 1992 on the protection of privacy in relation to the processing of personal data, dated 13 February 2001 (Belgian State Gazette, 13 March 2001);
- Law of 11 March 2003 on certain legal aspects of information society services (Belgian State Gazette, 17 March 2003);
- Royal Decree of 4 April 2003 regulating the sending of e-mail advertising (Belgian State Gazette, 28 May 2003).