Personal data on the sncf.com website

Personal data protection policy

SNCF is committed to maintaining the highest ethical standards, in particular when it comes to the protection of personal data.

In the course of its business, SNCF collects and processes personal data concerning its customers, its employees, and its partners (such as suppliers and service providers).

In an effort to promote innovation while at the same time building strong, lasting relationships based on mutual respect and shared, socially responsible values, SNCF uses technical and organizational measures to protect the personal data that it processes.

This policy describes SNCF’s commitments concerning the protection of personal data.

SNCF informs its customers, employees, and partners of the processing of their data.

SNCF’s aim in collecting personal data is optimizing management of its relationships with its customers, employees, and partners.

When SNCF processes data, it does so for specific purposes. Each time it processes data, there is a legitimate, defined, and explicit purpose.

SNCF ensures that the data are retained in a form that permits identification of the data subjects for no longer than is necessary to accomplish the purpose of this processing.

Each time it processes data, SNCF undertakes to collect and use only such data as are adequate, relevant, and limited to what is necessary for the purposes for which the data are processed.

For SNCF, the security of personal data is a high priority.

SNCF takes technical and organizational measures to ensure that data are processed in a manner that ensures protection against accidental loss, destruction, or damage that could undermine their confidentiality or integrity.

When developing, designing, selecting, and using tools for the processing of personal data, SNCF ensures (where applicable, working together with the tools’ publishers) that they provide an optimal level of protection for processed data.

SNCF takes measures that comply with the principles of data protection by design and data protection by default. To that end, when possible and/or necessary, SNCF uses the techniques of pseudonymizing and encrypting data.

When using a service provider, SNCF communicates personal data only after obtaining the provider’s commitment to comply with SNCF’s own security rules.

SNCF conducts audits of its own departments and of its service providers to verify compliance with data security rules.

SNCF follows strict authorization policies to ensure that the data it processes are transmitted only to persons authorized to have access to them.

When SNCF needs to transfer data to a location outside the European Union, it does so only in accordance with specific contractual provisions and in compliance with the requirements of the competent supervisory authorities.

SNCF is particularly careful to respect the rights of data subjects:

  • the right to be informed
  • the right to access
  • the right to rectification
  • the right to erasure (the “right to be forgotten”)
  • the right to restrict processing
  • the right to data portability
  • the right to object
  • the right to issue directives regarding the retention, erasure, and communication of personal data after the data subject is deceased

SNCF is able to respond to requests by data subjects to exercise their rights throughout processing, in compliance with the conditions and time limits imposed by applicable regulations.

Data subjects may make requests to exercise their rights by electronic means and/or by post, using the contact information provided in information notices, application and website terms of use, data collection forms, etc.

Data subjects must clearly state their first and last name, attach a copy of a form of identification, and indicate the address to which they would like the response to be sent.

SNCF informs all data subjects wishing to exercise their rights if it is impossible to comply with their request.

Management of personal data

Data entered on forms available through the sncf.com site are not collected by sncf.com.

Please contact the relevant data controller and refer to information notices regarding relevant processing.

Cookies and SNCF.com

When you visit SNCF.com, cookies are set on your computer, mobile phone or tablet to enhance your use of the site and improve its performance. Here’s what you need to know about how cookies work and what tools are available to manage them.

Learn more about cookies on the website of the French National Data Protection Commission (CNIL)

How cookies are used

Cookies are small files that are created when you visit a website.

What are they for? On SNCF.com, cookies store your information to identify you, to manage your on-line activity, and to offer products and services tailored to your profile. They help us understand you better and improve your user experience.

When you visit SNCF.com, cookies are set on your computer, mobile or tablet to support navigation and offer optimized services that are customized for you. This website does not collect user-specific information.

  • Necessary cookies

These cookies are necessary for the site to work properly and for you to move through it smoothly and easily. Disabling them may impair the site’s normal performance or prevent it from working at all.

  • Performance cookies

These cookies specialize in collecting information. They give us a better understanding of your user behaviour so we can analyse, enhance and optimize the site’s performance, but they do not collect personal information.

  • Functionality cookies

These cookies allow our website to remember your choices and preferences, so we can personalize your navigation and present relevant content. In the process, they improve your user experience.

  • Third-party cookies

These cookies are set by third-party companies referenced on the site.  When you visit SNCF.com, third-party cookies may store data collected by SNCF Group partners, who use them for marketing and presentation, and to deliver targeted, personalized advertising.

SNCF.com has no control over data collected by third parties: they act on their own behalf.

Want to disable cookies on our site?

At any time, you can choose to disable cookies or to be informed whenever SNCF.com sets cookies on your device. You can accept or refuse cookies on a case-by-case basis.

If you set your browser to refuse cookies, please remember that you may not be able to access some of the functionalities of SNCF.com.

Disable cookies using your browser

Cookies required to make SNCF.com work

Name of cookie   Purpose Expires  

CookieConsent 

Stores the user's cookie consent state for the current domain  

1 year 
cookieEnabled 

Used to check cookie consent management  

29 days 

has_js 

Records whether the user has enabled JavaScript in the browser When browser is closed 

SESS# 

Preserves the user's session state across page requests 1 day 
SSESS#  Preserves the user's session state across page requests. 23 days 

SNCCACHE 

Used to improve loading performance if the user returns to the site (cache)  When browser is closed 

SNCSESSION 

Used to manage the session 

When browser is closed 

 

Preferences

Name of cookie  Purpose Expires  
usbl.#.c.#

Used by usabilla to manage exposure to campaigns

Persistent*

 

Audience measurement cookies

Name of cookie  Purpose Expires 
_at.hist.# Used by the social sharing platform AddThis to store the user’s usage history for the AddThis sharing widget  Eliminated in the first half 2019 
trackEnabled

Used to authorize tracking 

29 days 
_gat_UA-1308810-53 Google analytics. Site statistics  13 months 
_gat_UA-1308810-55 Google analytics. Site statistics  13 months 
_gid Google analytics. Site statistics  13 months 

 

Navigation cookies

Name of cookie  Purpose  Expires 
accessibility Saves the contrast value used for navigation (feature for the visually impaired, accessibility)  180 days 
accessibility-animation Remembers whether the user has disabled animations (feature for the visually impaired, accessibility) 180 days 

 

Marketing Cookies

Name of cookie  Purpose  Expires 
_cs_#  ContentSquare. Analyses the user’s path through the site to improve the user experience When browser is closed 
_cs_c ContentSquare. Analyses the user’s path through the site to improve the user experience 13 months 
cs_ex ContentSquare. Analyses the user’s path through the site to improve the user experience 29 days 
_cs_id ContentSquare. Analyses the user’s path through the site to improve the user experience 13 months 
_cs_s ContentSquare. Analyses the user’s path through the site to improve the user experience 1 day 
csAnalysisEventsPersisted ContentSquare. Analyses the user’s path through the site to improve the user experience Persistent* 
__atuvc AddThis. Updates the counter of a website's social sharing features 1 year 
__atuvs Ensures that the updated counter is displayed to the user if a page is shared with the social sharing service AddThis. 1 day 
_at.cww Used by the social sharing platform AddThis 

Persistent*

Eliminated in the first half 2019 
at-lojson-cache-  Used by the social sharing platform AddThis 

Persistent*

Eliminated in the first half 2019 
at-rand  Used by the social sharing platform AddThis 

Persistent*

Eliminated in the first half 2019 
_fbp Used by Facebook to deliver a series of advertisement products, such as targeted offers from third party advertisers  1 day 

 

Other Cookies

Name of cookie  Purpose  Expires 
Date1stVisit  Used to store date of first visit  29 days 
SNC_city  Used to identify the server responding to the request  When browser is closed 

VSCT_CUSTOM_DEFAULT_ 
CORRELATIONID_VAR_NAME 

  When browser is closed 

* These persistant cookies allow us to recuperate the last events of a session. They do not stock any personal data.