General framework

The policy of is very clear on this subject: does not transfer any data to third-party companies for any reason other than one of the following :

  • Supply of services ordered: in order to be able to provide you with the transport or ancillary services offered, the data is transmitted to the companies concerned, namely:
    • Carriers: SNCF and its subsidiaries, any other rail carrier, bus or associated service (Junior et Cie) offering products on the site,
    • Partners: Insurance (Allianz), car hire (Avis) and any other related product sold on the site, directly or under white label;
  • subcontracting: uses contractors to operate its sites and provide you with the services and products proposed, and notably
    • Its main IT subcontractor is the company VSC Technologies, a sister company of and wholly-owned subsidiary of SNCF. In fact, most customer data is internalised and never leaves the SNCF group,
    • For the customer relationship: call centres, communication tools,
    • For payment: suppliers of partners offering products on the site,
    • For marketing services: marketing follow-up, dispatch of newsletters,
    • For the fight against fraud: specialist service provider (ACI Worldwide);
    • For the collection of customer reviews: Verified Reviews
  • SNCF cross-company services: is associated with the "SNCF Connect" programme from SNCF, and offers this service of a common customer account;
  • advertising: the data is sent to third-party companies for the management of advertising banners.

For all of these transfers of data, takes strict care to:

  • only work with trusted companies;
  • secure its relationships with these companies (contracts, audits, security insurance plan).

Specific case for transfers outside the EU

The policy of is not to transfer data outside the European Union, except for the following cases:

  • customer relationships: one of its call centres is located in Rabat in Morocco;
  • fraud prevention: ACI Worldwide, a subcontractor of, uses the data in the United States.

For all of these transfers of data outside the European Union, undertakes that particular vigilance will be exercised and that they will be carried out in a context of maximum security (model clauses from the European Commission).


How does it work for social netwoks ?

The sites use plug-ins for social networks, notably Facebook, Twitter, Linkedin, Google +. If you interact with these plug-ins (clicking the "Like" or "Share" buttons), the information related to your browsing and to the operations carried out on the sites will be sent to the company operating the social network in question.

Also, if you do not want a social network to which you belong to link information collected when browsing on the sites, you must disconnect from the social network in question before visiting the sites.

In all cases, the use of these plug-ins or the data collected when browsing with the social network activated is exclusively governed by the general conditions of the social networks concerned. We therefore invite you to read the personal data protection policies of these social networks to learn precisely what information is collected and how it is used.