myTrip Privacy Notice

What does this policy cover?

This policy describes how myTrip by Passenger Limited (also referred to as "myTrip", "we" or "us") will make use of your data when you browse our website, use our app or purchase bus tickets from myTrip. myTrip is the controller of your personal data.

It also describes your data protection rights, including a right to object to some of the processing which myTrip carries out. More information about your rights, and how to exercise them, is set out in the “What rights do I have?” section.

What information do we collect?

We collect and process personal data about you when you interact with us and our app and website, and when you purchase goods and services from us. This includes:

  • your, email address and password;
  • your payment details, including name, billing addresses and credit card details, where you make purchases from us;
  • your history of ticket purchases and use
  • our marketing preferences, including any consents you have given us;
  • whether you have accepted terms and conditions
  • information related to the browser or device you use to access our website, and information on how you use and navigate through our website and app;
  • geolocation data, if you have enabled this feature in the app
  • locations you search for or favourites within the app;
  • feedback and other information you provide if you send us questions or comments.

What information do we receive from third parties?

The bus companies you use to make the journeys purchased through our app will provide us with certain information. In particular, they may send us reports on customer incidents and information on customers who do not meet reasonable standards of behaviour on the bus. They may also provide us with information about journey disruptions or share information relating to customer complaints.

We also receive your email address from your friends, family or employer if they purchase tickets on your behalf.

How do we use this information, and what is the legal basis for this use?

We process this personal data for the following purposes:

Contract

To fulfil a contract, or take steps linked to a contract: this is relevant where you purchase a ticket from us. This includes:

  • verifying your identity;
  • taking payments;
  • communicating with you about purchases or service information;
  • providing customer services;

Legitimate interests

As required by myTrip to conduct our business and pursue our legitimate interests, in particular:

  • we will use your information to provide products and services you have requested, and respond to any comments or complaints you may send us;
  • we monitor use of our websites and app, and use your information to help us monitor, improve and protect our app and services, both online and offline;
  • we use information you provide to personalise our app and journey recommendations for you;
  • if you provide a credit or debit card as payment, we also use a third party to check the validity of the card number you submit in order to prevent fraud (see data sharing below);
  • we monitor customer accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;
  • we use information you provide to investigate any complaints received from you or from others, about our website or our products or services;
  • we will use data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation); and
  • we use data of some individuals to invite them to take part in market research.

Consent

Where you give us consent:

  • we will send you direct marketing in relation to our relevant products and services, or other products and services provided by us, our affiliates and carefully selected partners;
  • we collect geolocation data when you use the app, to provide travel suggestions relevant to your area; and
  • we place cookies on our site and use similar technologies on the app – see the "Cookies & Trackers" section.

Required by law

For purposes which are required by law, in response to requests by government or law enforcement authorities conducting an investigation.

Withdrawing consent or otherwise objecting to direct marketing

Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. In any case, you always have an absolute right to opt-out of direct marketing at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.

Who will we share this data with, where and when?

We share your personal data with other companies in our corporate group, so that they can provide services to us and for the purpose of group-wide financial reporting.

Bus companies

When you buy a bus ticket through our app, we will share your booking details (account details, ticket status, ticket activation time, discounts applied) with the bus company so they can provide your travel. If you provide feedback about your travel experience, we will share this with the relevant bus company so they can improve the service they provide.

Other data sharing

Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

Personal data will also be shared with third party service providers, who will process it on behalf of myTrip for the purposes identified above. Such third parties include providers of website hosting, payment processing, identity verification services, app development and app and website maintenance.

In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.

Cookies and trackers

Cookies are small bits of data stored on the device you use to access our websites or apps, which are used to recognise repeat users.

We use cookies to collect data about visitors to our websites and apps, which optimises the functionality of these services.

We use Cookies for the following main reasons:

  • Collecting data about how customers interact and use our services
  • Make our websites and apps easier to use e.g. staying signed in for when you revisit the site
  • Security reasons e.g. to authenticate your identity
  • Improve our services

You can choose to remove or disable Cookies through your browser settings at any time.

The Cookies we use are:

Category

Name

Description

Internal

PHPSESSID

Anonymous cookie to help keep track of a user’s session

Cloudflare ID

__cfduid

This is used to identify individual clients behind a shared IP address and apply security settings on a per-client basis. For example, if the visitor is in a coffee shop where there are a bunch of infected machines, but the specific visitor’s machine is trusted (e.g. because they’ve completed a challenge within your Challenge Passage period), the cookie allows us to identify that client and not challenge them again. It does not correspond to any user ID in your web application, and does not store any personally identifiable information.

Visitor Tracking

_ga

_gat_gtag_UA_*

_gid

Used by Google Analytics to preserve user sessions.

Cookie Message

cookies_allowed

cookies_disallowed

Determines if the user has seen the cookie warning.

We also use tracking technology such as cookies on our website and software development kits (usually referred to as SDKs) in our app which allow us to monitor and improve our app and website.

Other trackers

Your use of the app may result in some trackers being stored that are not controlled by us. This may occur when the part of the app or website you are visiting makes use of a third party analytics or marketing tool or includes content displayed from a third party website, for example, Google or Twitter. You should review the privacy and cookie policies of these services to find out how these third parties use cookies and whether your cookie data will be transferred to a third country. A list of the third parties who place cookies on our app and website are listed below:

  • Google Inc
  • Stripe

What rights do I have?

You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping.

To exercise any of these rights, you can get in touch with us – or our data protection officer – using the details set out below. If you have unresolved concerns, you have the right to complain to a data protection authority where you live, work or where you believe a breach may have occurred. In the UK, this will be the Information Commissioner’s Office.

How do I get in touch with you?

We hope that we can satisfy queries you may have about the way we process your data. If you have any concerns about how we process your data, or would like to opt out of direct marketing, you can get in touch at [email protected] or by writing to Studio 2, 65 Seamoor Road, Bournemouth, BH4 9AE.

For general contact about myTrip, contact [email protected]

How long will you retain my data?

Where we process registration data, we do this for as long as you are an active user of our sites and for 6 years after this.

Where we process personal data for marketing purposes or with your consent, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future.

Where we process personal data for site security purposes, we retain it for 6 years.

We keep information collected from cookies and other trackers for 6 years.

Where we process personal data in connection with ticket purchases, we keep the data for 6 years from your last interaction with us.