Privacy Policy

 

 

EIREBUS LIMITED

Privacy Policy

 

1. Identity and contact details of the controller and, where applicable, of the controller’s representative

 

Companies registered name, address & number: Eirebus Limited, Corduff Road, Blanchardstown, Dublin 15 D15KA03.

Company Reg. Number: 34247

Companies under the Eirebus Ltd Group are:

  • Eirebus
  • Eirebus DMC
  • Swords Express
  • Fingal Express
  • Budget Bus
  • Edinburgh Coach Lines
  • Gray Line Scotland
  • Thistle DMC

 

Eirebus Ltd Privacy Policy applies only to the following:

  • Eirebus Ltd clients.
  • Eirebus Ltd suppliers (contracted & not contracted).
  • Personal data gathered on Eirebus Ltd websites and applications.

 

Since Eirebus Ltd is responsible for the personal data of this grouping, Eirebus Ltd is then considered the data controller, which means that Eirebus Ltd is in control of how the grouping’s personal data is stored, processed or transferred. Personal data will only be dealt with in accordance with this Privacy Policy.

Eirebus Ltd Privacy Policy does not apply to personal data of the people (PAX) in the actual bookings. The data controller of this data is the company who the PAX made the booking with AKA the travel agent or supplier (e.g. the hotel the guest is staying at). Contact the relevant data controller directly if any questions on PAX personal data occur.

 

2. Contact details of the data protection officer, where applicable

 

If you have a query regarding the Eirebus Ltd policy or any aspect of our data protection policy you can contact us at DPO@Eirebus.ie or by writing at: Data Protection Officer, Corduff Road, Blanchardstown, Dublin 15 D15KA03

 

3. The purposes and legal basis of the processing

 

Why Eirebus Ltd needs to process data of those who are affected by this policy:

  • To fully perform an existing contract or to start negotiations entering a new contract.
  • To provide requested services and to make contact (if required) in connection with enquiries, bookings
  • To respond to any communications sent to us.
  • For legitimate business interests. Primarily future marketing purposes, including, but not limited to product offers and product information communications.

 

Any other data processing will be done in accordance with the GDPR.

 

4. The categories of personal data concerned

 

Eirebus Ltd collects the following information in order for the purpose of processing:

  • Name
  • Address
  • Email address
  • Telephone number
  • Company name
  • Billing & payment information
  • CCTV footage on coaches
  • CCTV footage on premises

 

Eirebus Ltd gather statistical and other analytical information collected on an aggregate basis of all visitors to our websites. This data comprises information that cannot be used to identify or contact user, such as demographic information regarding, for example,

  • User IP addresses,
  • Browser types
  • Anonymous statistical data involving the use of our website.

 

This information is solely used to gain a more informed understanding of how our websites are being used and to make our websites more relevant to our users.

Note – Eirebus Ltd websites use session cookies. Cookie consent is obtained either explicitly or implicitly requested via an opt-in.

 

5. The recipients, or categories of recipients, of the data, if any

 

The recipients of the data are the staff of Eirebus Ltd (Permanent, fixed term, contracted or trainee staff) who process the data only in the ways that have been defined in purposes and legal basis of the processing. Each staff member of Eirebus Ltd has been educated and trained in the importance of GDPR.

 

Eirebus Ltd may share personal information with any company within The Eirebus Ltd Group (Eirebus, Eirebus DMC, Swords Express, Fingal Express) for the purposes defined in this privacy policy only.

 

6. Give details of any planned transfers of personal data to a third country or international organisation

 

Eirebus Ltd will not disclose personal data to third parties unless Eirebus Ltd has consent to do so or unless the third party is required to fulfil a contracted task (e.g. data entry in such circumstances, the third party will have a data processor agreement signed to adhere to GDPR).

Eirebus Ltd will disclose personal data if it is believed in good faith that Eirebus Ltd are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirement.

The only exception to this policy occurs in the event of a sale, merger, receivership or liquidation or transfer of all or substantially all of the assets to Eirebus Ltd, provided that the third party agrees to adhere to the terms of the Privacy Policy and provided that the third party only uses data for the purposes that you provided it to Eirebus Ltd. Those affected by this privacy policy will be notified in the event of any such transfer.

 

7. How long will the personal data be stored for (or the criteria used to determine that period)?

 

Eirebus Ltd will retain personal data for the following reasons (only exception to these reasons is if Eirebus Ltd is required or permitted by law to hold onto the information for a specific amount of time):

  • Data that is required in order to perform a contract will be held on Eirebus Ltd system for a seven year period following completion of a travelling Pax’s trip (or upon contract termination, if later).
  • For legitimate business interests (as defined in purposes and legal basis of the processing) data that is no longer deemed necessary will be deleted from our system.
  • Data that is collected for marketing purposes (with consent) will be stored securely and used to communicate unless consent is withdrawn.

 

When personal data is deemed no longer necessary it will removed and deleted in a correct manner.

 

8. Describe the data subject’s rights to access, rectification, erasure and portability of the personal data

 

Those affected by this privacy policy have the following rights:

  • Right to access: the right to request, access and copy of the personal information that Eirebus Ltd.  is holding. Any access requests will need to be requested in writing or email (mailing & email address provided in the Data Protection Officer section above). Evidence of identification will be required as this ensures the personal information is not given to the wrong person. Information will be given within 30 days of the request.
  • Right to rectification: the right to have personal data rectified if it’s incorrect, out of date or incomplete.
  • Right to be forgotten: the right to withdraw consent given to process data and the right to request that Eirebus Ltd delete personal data from its system (only exception to this is Eirebus Ltd compliance with any legal obligations or if the data is required for any legal claims).
  • Right to restriction: The right to stop Eirebus Ltd from using personal data or limit how it is used.
  • Right to data portability: The right to request that Eirebus Ltd return any information provided in a structured, commonly used and machine-readable format also have the right to transmit data to another controller without hindrance from Eirebus Ltd.
  • Right to object: The right to object to the manner in which Eirebus Ltd. uses the personal data received (e.g. for marketing purposes).

 

Note – withdrawal of consent will lead to Eirebus Ltd. being unable to provide access to all or parts of the services that it provides to those who are affected by this privacy policy.

 

9. Detail the data subject’s right to lodge a complaint with a supervisory authority

 

Any complaints on how Eirebus Ltd uses personal data can be sent to the Data Commissioner’s office. More information can be provided on their website: www.dataprotection.ie

 

10. The origin of the personal data

 

Eirebus Ltd receives personal data through the following means:

  • Supplier/client form.
  • Through contractual negotiation and agreements.
  • Corresponding through email or phone.
  • Social media contact