You may wish to contact us regarding the certification of your role as security personnel. This processing of your data is necessary for Infrabel, in application of the Belgian Royal Decree of 9 August 2020 determining the requirements applicable to security personnel, in order to certify that you are authorised to perform one or more critical security tasks for Infrabel. Specifically, the processing of personal data is necessary to verify your competency and identity, as provided for in this Royal Decree.
Verification of identity, age and skills: Infrabel is required to verify the identity, skills and competences of the individual applying for certification. Specifically, Infrabel is required to verify that the person is of age and verify and certify certain specific knowledge and confirm certain data mentioned in the Royal Decree, such as (1) the surname, (2) the first name and (3) the date of birth of the person concerned.
Secure file: As the data controller, Infrabel ensures that the data processed within the scope of its powers are kept in a special secure file. The Infrabel staff members in charge of the certification mentioned above, as well as the specific employees of the Legal Department and the Compliance Department, have access to this file. The individuals concerned have the right to access and correct their data.
Retention period: Personal data processed in the exercising of powers referred to in this data processing are kept for five years from the end of the provision of services by the certified person (statutory limitation period). This period is necessary given the nature of the findings made by this type of staff member. After this period, the data will be destroyed or anonymised. If a copy of an identity document was communicated by the person to be certified, it will be kept only for the duration of the certification procedure.
Categories of data processed: the data necessary for the file are collected and processed (i.e. data relevant to the certification of the named security personnel, where appropriate, your full name, date of birth, number of the certificate, native language, data on the employer of the person to be certified (company number, VAT number, name, address), data on the person authorised to submit the request (name, first name, position, email address and telephone number), certificates demonstrating specific knowledge, attendance lists for in-service training days, proof of identity).
Categories of sensitive data: certificate of psychological fitness and medical fitness
Categories of data subjects: Security personnel from external firms. If you are an employee of Infrabel, the "Infrabel Employee Privacy Policy" applies to you.
Source of data: directly from you or from a third party (your employer, security service provider and our external service for prevention and protection at work. )
Legal basis for the processing: Statutory obligation, Art. 9, 13 and 14 of the Belgian Royal Decree of 9 August 2020.
Recipients of the processing: administrative authorities, police services, public prosecutors.
As part of the follow-up and processing of notifications and reports of violations of the Law of 27 April 2018 on the railway police, it is necessary for Infrabel to process data about you.
Specifically, the purpose of processing personal data in the exercising of the powers referred to in this Law is to ensure the management of reports of criminal offences, the penalties that may result from them and their enforcement, including the continuation of criminal or administrative proceedings.
The establishing officer must identify himself /herself by identification card. A copy of the fine or report is given to the perpetrator.
The establishing officer shall immediately notify the competent police services of any other criminal offence of which they have become aware in the performance of their duties.
Identity checks: the establishing officer may conduct identity checks to verify compliance with the railway's conditions of transport and the provisions of this Law. If persons who are asked to identify themselves by means of an official document that contains a photograph and enables their identity to be established, refuse or give a questionable identity, the establishing officer may request the assistance of the police. Within a reasonable time, the police shall provide the establishing officer in charge of the identification with the information necessary for the preparation of their report.
Members of the security service may carry out identity checks in accordance with Article 34, § 1, of the Law of 5 August 1992 on policing in the cases provided for in a cooperation protocol between the integrated police and the security service.
Access to the National Register and the Crossroads Bank for Vehicles: establishing officers whose functions require it and sanctioning officers have access to the data of the National Register, and security personnel and sanctioning officers have access to the Crossroads Bank for Vehicles.
Secure file: As the data controller, Infrabel ensures that the data processed within the scope of powers in the sense of the Law of 27 April 2018 are kept in a special secure file. Establishing officers, sanctioning officers and specialised Legal Department staff have access to this file.
Access to data: Access to the personal data is limited to the staff members involved in the follow-up and handling of the file in question, including the establishing officers, the sanctioning officer and the staff of Infrabel's Legal Department. Perpetrators have the right to access and correct their data.
Retention period: Personal data processed in the exercising of the powers referred to in this data processing is kept by law for five years from the day on which the administrative fine was imposed or the alternative measure was taken. After this period, the data will be destroyed or anonymised.
Categories of data processed: the data required for the case are collected and processed (i.e. information relevant to the management of the case such as, where applicable, name and first names, address and contact details, date and place of birth, gender, nationality, national registration number, vehicle registration number).
Categories of data subjects: Residents, passers-by, passengers
Source of data: Directly from you or by a third party (administrative authorities, police services, etc.), security service provider.
Legal basis for the processing: Statutory obligation, Law of 27 April 2018 on the railway police, including the follow-up of criminal and/or administrative proceedings.
Recipients of processing: administrative authorities, police services, prosecutors, security service provider.