Introduction
At AmmTrain, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our independent train reservation service.
As an independent third-party train booking platform, we understand the importance of maintaining the confidentiality of your travel information and personal data. This policy applies to all services offered by AmmTrain through our website, mobile applications, and customer service channels.
Last Updated: January 15, 2024 | Effective Date: January 15, 2024
By using our services, you consent to the data practices described in this policy. If you do not agree with any part of this Privacy Policy, please do not use our services.
Information We Collect
We collect various types of information to provide and improve our train reservation services:
Personal Information
When you make a booking or create an account, we collect:
- Contact Information: Name, email address, phone number, mailing address
- Booking Information: Travel dates, routes, passenger details, seating preferences
- Payment Information: Credit/debit card details, billing address (processed securely through PCI-compliant providers)
- Identification Details: Government-issued ID information when required for specific bookings
- Travel Preferences: Accommodation preferences, special requirements, loyalty program information
Automatically Collected Information
When you visit our website, we automatically collect:
- Device Information: IP address, browser type, device type, operating system
- Usage Data: Pages visited, time spent on site, click patterns, search queries
- Location Information: General location data based on IP address for regional pricing and availability
- Cookies and Tracking Technologies: Information about your browsing behavior and preferences
Information from Third Parties
We may receive information about you from:
- Travel service providers when processing your reservations
- Business partners offering complementary services
- Social media platforms when you connect your accounts
- Marketing and analytics providers
How We Use Your Information
We use the information we collect for the following purposes:
Service Delivery
Process your train reservations, manage bookings, provide customer support, and send booking confirmations and travel updates.
Account Management
Create and maintain your account, authenticate users, and provide personalized travel recommendations and preferences.
Communication
Send important service notifications, booking updates, travel alerts, and respond to your inquiries and support requests.
Service Improvement
Analyze usage patterns to improve our platform, develop new features, and enhance user experience and functionality.
Marketing & Promotions
Send promotional offers, travel deals, and newsletters (with your consent) about relevant train travel opportunities.
Security & Compliance
Protect against fraudulent activities, ensure platform security, and comply with legal obligations and industry standards.
Information Sharing and Disclosure
We respect your privacy and do not sell your personal information to third parties. We may share your information in the following circumstances:
With Travel Service Providers
We share necessary booking information with train operators and travel service providers to fulfill your reservations. This includes:
- Passenger names and contact information
- Travel itinerary and booking details
- Special requirements or preferences
- Payment confirmation details
With Service Partners
We work with trusted third-party service providers who assist us in operating our platform:
- Payment Processors: Secure payment gateways for transaction processing
- Customer Support: Service providers who help manage customer inquiries
- Analytics Providers: Tools that help us understand how users interact with our platform
- Marketing Partners: Services that help us reach potential customers (with appropriate safeguards)
Legal Requirements
We may disclose your information when required by law, such as:
- To comply with legal processes or governmental requests
- To protect our rights, privacy, safety, or property
- To enforce our terms of service and other agreements
- In connection with business transfers, mergers, or acquisitions
Important: We only share the minimum necessary information required for each specific purpose and ensure all third parties maintain appropriate security measures.
Data Security Measures
We implement comprehensive security measures to protect your personal information:
Technical Safeguards
- Encryption: All sensitive data is encrypted in transit using SSL/TLS protocols and at rest using AES-256 encryption
- Access Controls: Strict role-based access controls limit employee access to personal information
- Network Security: Firewalls, intrusion detection systems, and regular security monitoring
- Secure Payment Processing: PCI-DSS compliant payment processing with tokenization
Administrative Safeguards
- Employee Training: Regular privacy and security training for all staff members
- Security Policies: Comprehensive information security policies and procedures
- Incident Response: Established protocols for responding to security incidents
- Vendor Management: Due diligence and contractual obligations for third-party vendors
Physical Safeguards
- Data Center Security: Secure facilities with 24/7 monitoring and access controls
- Device Security: Company devices equipped with encryption and security software
- Document Destruction: Secure disposal of physical documents containing personal information
While we implement robust security measures, no method of transmission over the Internet or electronic storage is 100% secure. We continuously review and enhance our security practices to address emerging threats.
Your Privacy Rights
You have certain rights regarding your personal information:
Right to Access
Request a copy of the personal information we hold about you and how we use it.
Right to Correction
Request corrections to inaccurate or incomplete personal information in our records.
Right to Deletion
Request deletion of your personal information, subject to legal and contractual obligations.
Right to Object
Object to certain processing activities, such as direct marketing or profiling.
Right to Portability
Request transfer of your personal information to another service provider where feasible.
Right to Restriction
Request restriction of processing in certain circumstances while verification or disputes are resolved.
Exercising Your Rights
To exercise any of these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within 30 days and may need to verify your identity before processing certain requests.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your browsing experience and analyze website traffic.
Types of Cookies We Use
- Essential Cookies: Required for basic website functionality and cannot be disabled
- Performance Cookies: Help us understand how visitors interact with our website
- Functionality Cookies: Remember your preferences and settings for future visits
- Targeting Cookies: Used to deliver relevant advertisements and track campaign performance
- Analytics Cookies: Help us measure and analyze website usage and performance
Cookie Management
You can control cookie settings through your browser preferences. Most browsers allow you to:
- Block or delete cookies
- Block third-party cookies
- Clear cookies when you close your browser
- Receive notifications when cookies are set
Please note that disabling certain cookies may affect the functionality of our website and your ability to use some features.
Do Not Track Signals
Our website does not currently respond to "Do Not Track" signals from browsers. We instead provide the cookie controls described above to manage tracking preferences.
International Data Transfers
As a global train reservation service, your personal information may be transferred to and processed in countries outside of your residence.
When we transfer personal information internationally, we ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by relevant authorities
- Adequacy decisions for transfers to countries with approved data protection laws
- Binding corporate rules for intra-organizational transfers
- Other legally approved transfer mechanisms
By using our services, you consent to the transfer of your information to countries that may have different data protection rules than your country of residence.
Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Retention Periods
- Booking Information: 7 years from date of travel for financial and legal compliance
- Account Information: While your account remains active plus 3 years after last activity
- Marketing Preferences: Until you withdraw consent or opt-out
- Customer Service Records: 5 years from date of interaction
- Website Analytics: 26 months from date of collection
After the retention period expires, we securely delete or anonymize your personal information in accordance with our data destruction policies.
Children's Privacy
Our services are not directed to children under the age of 16. We do not knowingly collect personal information from children under 16.
If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.
If you believe we might have any information from or about a child under 16, please contact us immediately using the information provided in the "Contact Us" section.
Note: We may collect information about children when provided by parents or guardians for travel booking purposes, such as when booking family travel. In such cases, we only use this information to provide the requested services.
Third-Party Websites and Services
Our website may contain links to third-party websites, plug-ins, and services. This Privacy Policy does not apply to those third-party services.
When you click on links to third-party websites or services, we encourage you to read their privacy policies. We are not responsible for the content, privacy practices, or security of third-party websites.
Social Media Features
Our website may include social media features, such as Facebook "Like" buttons and Twitter "Tweet" buttons. These features may collect your IP address and which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policy of the company providing them.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
When we make changes to this Privacy Policy, we will:
- Update the "Last Updated" date at the top of this policy
- Post the updated policy on our website
- For significant changes, provide additional notice such as email notification or website banner
We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting your information.
Continued Use: Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
Frequently Asked Questions About Data Protection
We protect your payment information through multiple layers of security:
- All payment transactions are processed through PCI-DSS compliant payment processors
- We use tokenization so your actual payment details are never stored on our servers
- SSL/TLS encryption secures all data transmitted between your browser and our systems
- Regular security audits and vulnerability assessments ensure ongoing protection
- Multi-factor authentication for administrative access to payment systems
Yes, you can request deletion of your personal data by contacting our privacy team. However, please note that:
- We may need to retain certain information for legal or regulatory compliance
- Active bookings require retention of relevant data until travel completion
- Financial records must be maintained for accounting and tax purposes
- We will inform you of any limitations on deletion rights when you make your request
To submit a deletion request, please use the contact information provided in this policy.
We use your travel data for marketing only with your explicit consent and in the following ways:
- Personalized travel recommendations based on your previous routes and preferences
- Targeted promotions for destinations you've shown interest in
- Special offers on train services similar to your past bookings
- Seasonal promotions relevant to your travel patterns
You can opt-out of marketing communications at any time by using the unsubscribe link in our emails or by contacting us directly.
For inactive accounts, we have the following data retention practices:
- Accounts with no activity for 3 years are classified as dormant
- We send notification emails before account dormancy
- Dormant accounts are archived with limited data retention
- After 5 years of inactivity, personal data is anonymized or deleted
- Booking records may be retained separately for legal compliance
You can reactivate a dormant account by logging in or contacting customer service.
You can access your personal information through several methods:
- Log into your account to view and update most personal information
- Submit a formal data access request through our privacy contact
- Request a comprehensive data export in machine-readable format
- Review your booking history and preferences in your account dashboard
We aim to respond to access requests within 30 days and will provide the information free of charge, unless the request is manifestly unfounded or excessive.
We only share necessary information with train operators for specific purposes:
- Booking Fulfillment: Passenger details required for reservation processing
- Operational Needs: Contact information for travel updates or disruptions
- Special Requirements: Accessibility or medical needs for appropriate accommodation
- Legal Compliance: Information required by security or regulatory authorities
We do not share your data with train operators for their marketing purposes without your explicit consent. Each sharing arrangement is governed by data processing agreements that protect your information.
Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Privacy Officer
Email: privacy@ammtrain.com
Phone: 1-888-507-5786 (Ask for Privacy Officer)
Mail: AmmTrain Privacy Office, 123 Train Avenue, New York, NY 10001
Response Time: We aim to respond to all privacy-related inquiries within 48 hours.
Data Protection Authority
If you are not satisfied with our response to your privacy concern, you have the right to lodge a complaint with your local data protection authority.
Ready to Book Your Train Journey?
Loading Trains...
Have Privacy Questions?
Our privacy team is available to answer any questions about how we protect your data and handle your information
Explore More
Discover more about our services and policies