Privacy Policy TrainTripsEurope
Last updated: 13-05-2025
This privacy policy describes how TrainTripsEurope collects, uses, shares, and protects the personal data of users who create an account on our website (www.traintripseurope.com), log in, and make purchases through our online store.
1. Data Controller and Contact Information
TrainTripsEurope
Nijmegen, Netherlands
traintripseurope@hotmail.com
2. The Personal Data We Collect
We collect various categories of personal data depending on how you interact with our website and services:
When creating an account:
-
First and last name
-
Email address
-
Address
-
Phone number
-
Password (securely stored and not directly accessible by us)
When logging in:
-
Log data including IP address and timestamp
When making a purchase:
-
Billing details (name, address, postal code, city)
-
Payment information (we do not process credit card details directly; these are securely handled by our payment provider)
-
Order history
Other data:
-
Communication with customer support (emails, chat messages)
-
Device and technical data (IP address, browser type, operating system, device type)
-
Information submitted via forms or surveys
3. Purposes of Processing
We process your personal data for the following purposes:
-
Account Management: To create and manage your user account, verify your identity, and help recover your password.
-
Order Processing: To process your digital product purchases and handle payments.
-
Customer Support: To respond to your inquiries and assist you.
-
Improving Our Services: To analyze website usage and enhance our services and user experience.
-
Fraud Prevention and Security: To detect and prevent fraud or abuse and ensure the security of our platform.
-
Legal Compliance: To meet legal requirements such as invoice retention and recordkeeping.
4. Legal Basis for Processing
We process your data based on the following legal grounds:
-
Contract Performance: Processing account and order information is necessary to fulfill our agreement with you.
-
Consent: For activities such as placing non-essential cookies, we request your explicit consent. You can withdraw your consent at any time.
-
Legitimate Interest: We may process data to improve our services, detect fraud, or secure our systems. When doing so, we ensure that your rights and freedoms are not unduly impacted.
-
Legal Obligation: In some cases, we must process personal data to comply with applicable laws and regulations.
5. Recipients of Personal Data
We may share your data with the following categories of third parties:
-
Payment Providers: To facilitate secure payment transactions
-
IT and Hosting Providers: For website operations, data storage, and technical infrastructure
-
Analytics Providers: To monitor and analyze website usage
-
Government Authorities: If legally required, we may disclose personal data to competent authorities
6. Retention Periods
We retain your personal data only for as long as necessary to fulfill the purposes described in this policy and comply with applicable legal requirements. Specifically:
-
Account Data: Retained while your account is active and up to 12 months after deactivation for support purposes
-
Order Data: Retained for 8 years to comply with Dutch tax and administrative obligations
-
Log Data: Retained for up to 12 months for security and fraud prevention purposes
7. Your Rights
You have the following rights under the General Data Protection Regulation (GDPR):
-
Right of Access: You may request access to the personal data we hold about you
-
Right to Rectification: You may request correction of inaccurate or incomplete data
-
Right to Erasure: You may request the deletion of your data under certain conditions
-
Right to Restriction of Processing: You may ask us to limit the processing of your data in specific cases
-
Right to Data Portability: You may request to receive your data in a machine-readable format and transfer it to another provider
-
Right to Object: You may object to processing based on legitimate interests
-
Right Not to Be Subject to Automated Decision-Making: We do not use automated decisions or profiling
-
Right to Lodge a Complaint: You may lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), PO Box 93374, 2509 AJ The Hague, Netherlands
To exercise any of your rights, please contact us using the details provided in Section 1. We may ask you to verify your identity before we respond to your request.
8. Data Security
We implement appropriate technical and organizational measures to safeguard your personal data, including:
-
Securing our servers and networks
-
Using encryption (e.g. SSL/TLS) for sensitive data transfers
-
Access controls to restrict unauthorized access
-
Performing regular updates and security audits
9. Cookies and Similar Technologies
Our website only uses strictly necessary cookies that are essential for the proper functioning of our online store. These cookies are automatically placed by WooCommerce to support basic e-commerce features such as remembering the contents of your shopping cart and managing session data.
We do not use any marketing, tracking, or analytics cookies that require your prior consent. As such, no cookie banner is shown, in accordance with applicable data protection and ePrivacy laws.
10. Changes to This Privacy Policy
We reserve the right to modify this privacy policy at any time. Updates will be published on our website with the date of the latest revision. If there are significant changes, we will notify you via email or our website. We recommend reviewing this policy regularly to stay informed.
11. Governing Law and Jurisdiction
This privacy policy is governed by the laws of the Netherlands. Any disputes related to this policy will be submitted to the exclusive jurisdiction of the competent courts of the Netherlands.