Coach Hire Comparison

Home»Privacy Policy

Privacy Policy

© Copyright 2012 - 2024 Coach Hire Comparison Ltd  All Rights Reserved
 
(Latest Version Feb 2024)

 

INTRODUCTION

Coach Hire Comparison Limited (CHC) take your privacy very seriously. Please read this privacy notice carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you.

It also explains:

  • what personal information we collect about you;
  • how we keep your personal data secure;
  • for how long we keep your personal data;
  • your rights in relation to your personal data;
  • how to contact us or the relevant supervisory authorities should you have a complaint.

In this policy, please note the use of the following terms:

personal data    means any information that helps to identify a living individual (known as a data subject); for example, name, email address, phone number etc.

processing    means any operation or actions performed on personal data; for example, collection, recording, storing, altering, deleting or otherwise using personal data.

we, us and our    refers to CHC and its directors.

you and your    refers to the person whose data is processed.

When we collect, use and process personal data we must comply with the provisions of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are a ‘controller’ of that personal information, which means that we are primarily responsible for that data and we decide what data to collect and when, what we do with it, how we process it, who we share it with and how long to keep it. 

We are committed to preserving the privacy of your data so that we can:

  • deliver services of a high quality to our customers and service users;
  • comply with the law and the various regulations that we are subject to;
  • meet the expectations of our customers, service users, employees and third parties; and
  • protect our reputation.

If you are aged under 18, we recommend that you speak to an adult that you trust if you have any difficulties reaching an informed decision regarding the activation of any use of your information or our treatment of your information.

YOUR PERSONAL DATA

Personal data is collected from you either directly (i.e. information you provide to us, for example when you register with us, contact us by telephone, email or via our website or portal and purchase services from us) or indirectly (i.e. data we collect from you, for example when you are browsing our website, through the use of ‘cookies’).

How we collect and use your personal data depends upon how you access our services and your relationship to us, for example:

  • Where we supply services to you, you are our Customer;
  • Where you supply services to us, you are our Supplier;
  • Where you are a user of the service provided to our Customer, you are a Passenger; 
  • Where you are an employee of our Customer or Supplier, you are a Third Party Employee;
  • Where you are using our website or our portal, you are a User

In general, the data we collect may include:

For Customers (individuals/non-business) and Passengers

  • Your name and contact information, including email address and telephone number;
  • your gender (if you choose to give this to us);
  • journey details (e.g. pick-up and drop-off locations and times etc);
  • details of any special requirements;
  • details of any feedback you give us - this may be by phone, email, post or via social media;

For Customers (sole traders, partnerships and companies)

  • information to check and verify your identity (sole traders or partnerships)/the identity of the directors (companies and LLPs) e.g. copies of identity documents, such as a passport
  • website address;
  • business name and company registration number (if applicable);
  • signatures;
  • key person contact information, including email addresses and telephone numbers; 

For Suppliers 

  • information to check and verify your identity (sole traders or partnerships)/the identity of the directors (companies and LLPs) e.g. copies of identity documents, such as a passport
  • business name and company registration number If applicable);
  • registered address and operating address
  • website address;
  • copies of insurance documents;
  • copies of operator licence
  • signatures;
  • payment information e.g. bank account or other financial details;
  • fleet motor vehicle details e.g. make, model, colour, registration plate number;

For Third Party Employees

  • Your name and contact information, including email address and telephone number;
  • your gender (if you choose to give this to us);
  • motor vehicle details e.g. make, model, colour, registration plate number;
  • details of your location with a high degree of precision (when you permit the collection of location data)
  • Behaviour reports (occasionally)    

For Users 

  • account details, such as username, login details;
  • IP address, device type, IMEA numbers, MAC address of networks, other unique device identification, device operating system, browser type, mobile network information, app version number, storage usage, data usage, time zone settings etc;
  • the pages of our website, or other resources on our website, that you have accessed and when you accessed them;
  • details of any documents or other resources that you have downloaded from our website.
  • your activities on, and use of, our website which reveal your preferences, interests or manner of use of the website and the times of use;

Please note, our website may link to other third-party websites that may also gather information about you. Third-party websites will operate in accordance with their own separate privacy policies, and we have no control over any personal data that they may acquire, store and use. For privacy information relating to these other third-party websites, you should consult their privacy policies, as appropriate.

Our website is not intended for use by children, and we do not knowingly collect or use personal information relating to children.

In general terms, we may use this personal data to:

Customers, Suppliers, Passengers, Third Party Employees and Users

  • communicate with you;
  • monitor the progress of a journey;
  • customise our website and its content to your particular preferences;
  • notify you of any changes to our website or to our services that may affect you;
  • improve our services;
  • receive your reviews and respond to them.

Customers and Suppliers only

  • create and manage your account with us;
  • verify your identity;
  • conduct due diligence checks;
  • provide our services;
  • request services from you;
  • receive and process invoices.

Sometimes you can choose if you want to give us your information and let us use it. Where that is the case we will tell you and give you the choice before you give the information to us. We will also tell you whether declining to share the information will have any effect on your use of our services.

By providing us with someone else’s personal data, you confirm you’ve either got their permission to give it to us, or permission from their parent or guardian (if the person is under 16).

Please note that it is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal details change during your relationship with us.

LOCATION SERVICES/DATA

If you use one of our apps, we may request your consent to use location services to precisely identify your location.  If applicable, your consent will be requested each time the app is opened. We require access to that data in order to monitor the progress of a journey and provide feedback to our Customers on the location of the vehicle fulfilling the booking/job/trip.  

If you do not provide your consent, you may use the app but that will mean that the feature enabling the progress of your journey to be monitored will not be available. To withdraw your consent at any time you can either uninstall the app or stop tracking.   Please note, that will not affect the lawfulness of our use of that data in reliance on your consent before it was withdrawn.

We will not process your location data other than as strictly required to enable the progress of your journey to be monitored and when the trip “ends” location updates will no longer be available.

The location services in the app will not operate unless location services/data are generally enabled on your device. You may disable such functionality at any time by using the settings on your device to disable access to your location data.  

THE PURPOSES FOR WHICH YOUR INFORMATION IS USED

  • Data protection law requires that we only use your personal data for the purposes for which it was acquired, or where we have a proper reason for using it. Those reasons may include the following:
  • Where you have given consent to the use of your personal data for one or more specific purposes.
  • Where the use is necessary for the performance of a contract to which you are party, or in order to take steps at your request prior to entering into a contract.
  • Where the use is necessary for compliance with a legal obligation that we are subject to.
  • Where the use is necessary in order to protect your vital interests or those of another person.
  • Where the use is necessary for the performance of a task carried out in the public interest, or in the exercise of official authority vested in us.
  • Where the use is necessary for the purposes of our legitimate interests or those of a third party. A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ below).

The reasons referred to above set out the purposes for which data may generally be used. The specific position in relation to your personal data, however, is that we may use it for the following purposes:

Customers, Suppliers, Passengers, Third Party Employees and Users

What we use your information for

Our reasons

To provide our services to you

Our use of your personal data is based on the performance of a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

To respond to an enquiry

Our use of your personal data is based upon your consent.

To investigate and respond to a complaint

Depending on the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or
  • our legitimate interests, (to make sure that we are following our own internal procedures and to ensure that we are delivering the best service).

To ensure the smooth running of our services, such as checking the progress and outcome of a job placed with us

Our use of your personal data is based upon our legitimate interests (to ensure that we are delivering the best service).

We will use data relating to your location only based on your consent as described in ‘Location services/data’ (above)

In relation to information which you wish to include in, or post on, our website (for example by submitting a review of ourservices)

Depending on the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or
  • to comply with our legal and regulatory obligations; or

- our legitimate interests, i.e. to provide the best service to you.

Providing the functionalities, and improving the operation, of our website/app.  This may include taking such security measures as are appropriate and backing up the data we hold

Depending upon the circumstances, our use of your personal data is necessary:

  • for the performance of a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • to ensure the smooth running of our services, our use of your personal data is based upon our legitimate interests, or those of a third party.

To analyse the use made of ourwebsite/app. Here we may make use of your IP address, where youare based, the type and version of the browser you use, details of your operating system, how youcame to our website (for example whether you were referred from another website or from a search engine), how long you remained on our site, the number of pages on our site that you viewed, how you moved around our site, the links that you followed, and whether any of those links were used to leave our site

Depending on the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or

- our legitimate interests, (in that we are seeking to monitor and improve our website/app and/or the services we provide).

Conducting checks to detect fraud against you or us

Depending upon the circumstances, our use of your personal data is necessary:

  • to comply with our legal and regulatory obligations; or
  • for our legitimate interests, i.e. to minimise the risk of account or identity theft or fraud that could be damaging for you, a third party or us.

To enforce legal rights or defend or undertake legal proceedings

Depending on the circumstances, our use of your personal data is necessary:

  • to comply with our legal and regulatory obligations; or
  • for our legitimate interests, i.e. to protect our business, interests and rights.

Communications with you not related to marketing, including about changes to our terms or policies or changes to the website/app or service or other important notices

Depending on the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or
  • to comply with our legal and regulatory obligations; or
  • our legitimate interests, i.e. to provide the best service to you.

To protect the security of systems and data used to provide the website/app and its services

Our use of your personal data is necessary to comply with our legal and regulatory obligations.

We may also use your information to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests, i.e. to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.

Operational reasons, such as improving efficiency, training and quality control or to provide support to you

Our use of your personal data is based upon our legitimate interests, i.e. to be as efficient as we can so we can deliver the best service to you.

Statistical analysis to help us understand our customer base

Our use of your personal data is based upon:

  • your consent where this has been given; or
  • upon our legitimate interests in processing the data (in that we are seeking to monitor and improve the website/app and/or the services we provide).

Updating and enhancing customer records

Depending on the circumstances, our use of your personal data is necessary:

  • to perform our contract with you or to take steps at your request before entering into a contract; or
  • to comply with our legal and regulatory obligations; or
  • where neither of the above apply, for our legitimate interests, e.g. making sure that we can keep in touch with our customers about existing orders and new products.

Disclosures and other activities necessary to comply with legal and regulatory obligations, e.g. to record and demonstrate evidence of your consent to our use of your information where relevant

Our use of your personal data is necessary to comply with our legal and regulatory obligations.

To share your information with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency

In such cases, information will be anonymised where possible and only shared where necessary

Depending on the circumstances, our use of your personal data is necessary:

  • to comply with our legal and regulatory obligations; or
  • for our legitimate interests, i.e. to protect, realise or grow the value in our business and assets

Customers and Suppliers only

What we use your information for

Our reasons

Create and manage your account with us

Depending upon the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or
  • upon our legitimate interests (in that we are seeking to provide services as part of our business); or
  • the performance of a contract between us, and the steps needed to deliver those contractual services.

To verify your identity or carry out due diligence checks and to determine the initial suitability of your business to become (and remain) a supplier to us

Depending upon the circumstances, our use of your personal data is based upon:

  • your consent, where this has been given; or
  • upon our legitimate interests (in that we are seeking to provide services as part of our business); or

- the performance of a contract between us, and the steps needed to deliver those contractual services.

To supply services to you or request services from you

Our use of your personal data is necessary for the performance of a contract between us, and the steps needed to deliver those contractual services

To receive or process invoices

Depending upon the circumstances, our use of your personal data is based upon:

- your consent, where this has been given; or

- upon our legitimate interests (in that we are seeking to provide services as part of our business); or

- the performance of a contract between us, and the steps needed to deliver those contractual services.

Marketing our services to existing and former customers

Our use of your personal data is based upon our legitimate interests, i.e. to promote our business to existing and former customers

See ‘Marketing’ below for further information.

 

The purposes set out above will not apply to what is termed ‘special category personal information’. This includes personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, or trade union membership, genetic and biometric data, and data concerning health, sex life or sexual orientation. We will only ever process information of that nature where we are permitted to do so under data protection laws, for example:

  • where we have your explicit consent; or
  • the processing is necessary to protect your (or someone else’s) vital interests where you are physically or legally incapable of giving consent; or
  • the processing is necessary to establish, exercise or defend legal claims.

MARKETING

We will use your information to send you updates (by email, text message, telephone or post) about our services, including new services.

We have a legitimate interest in using your information for marketing purposes (see above ‘How and why we use your information’). This means we do not need your consent to send you marketing information. If we change our marketing approach in the future so that consent is needed, we will ask for this separately and clearly.

You have the right to opt out of receiving marketing communications at any time by contacting us – please see ‘How to contact us’ below.

We will always treat your information with the utmost respect and never sell or share it with other organisations outside the CMAC group for marketing purposes.

For more information on your right to object at any time to your information being used for marketing purposes, see ‘Your rights’ below.

SHARING YOUR DATA WITH OTHERS

Notwithstanding the fact that we will not share your personal data for marketing purposes, it may be necessary for us to share your personal data with others in order to perform our services for you, to comply with our contractual obligations to you, to comply with our legal or regulatory obligations to you, or to comply with any contractual, legal or regulatory obligations that we are subject to. 

We routinely share personal data with:

  • companies within the CMAC Group;
  • third parties we use to help deliver our services, for example sharing a Passenger’s information with a Supplier, so that they can provide the service or sharing driver and vehicle information with a Passenger or Customer, so that they can track the progress of a journey or sharing information between a Customer, Supplier and/or a Passenger, in order to deal with enquiries or resolve a complaint;

When sharing your personal data, we will ensure at all times that those with whom it is shared process it in an appropriate manner and take all necessary measures in order to protect it. We will only ever allow others to handle your personal data if we are satisfied that the measures which they take to protect that personal data are satisfactory.

Please be aware that, from time to time, we may be required to disclose your personal data to, and exchange information about you or relating to you with, government, law enforcement and regulatory bodies and agencies in order to comply with our legal and regulatory obligations.

We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.

Other than as set out above, we will not share your personal data with any other third party.

HOW LONG PERSONAL DATA IS KEPT

Personal data that is processed by us will not be retained for any longer than is necessary for that processing, or for purposes relating to or arising from that processing.

Where your personal data is retained after we have finished providing our service to you, or where the contract with you has ended in any other way, this will generally be for one of the following reasons:

  • so that we can respond to any questions, complaints or claims made by you or on your behalf;
  • so that we are able to demonstrate that your matter was dealt with adequately and that you were treated fairly; or
  • in order to comply with legal and regulatory requirements.

In general, we will retain your data for only so long as is necessary for the various objectives and purposes contained in this policy. Generally, we will retain personal data for up to 7 years after the end of any business relationship we have with you.  Please note, however, that different periods for keeping your personal data will apply depending upon the type of data being retained and the purpose of its retention.

YOUR RIGHTS IN RELATION TO YOUR DATA

You generally have the following rights, which you can usually exercise free of charge:

 

Access to a copy of your information

The right to be provided with a copy of your information

A more detailed explanation of this right is available here  

Correction (also known as rectification)

The right to require us to correct any mistakes in your information

A more detailed explanation of this right is available here

Erasure (also known as the right to be forgotten)

The right to require us to delete your information—in certain situations

A more detailed explanation of this right is available here

Restriction of use

The right to require us to restrict use of your information in certain circumstances, e.g. if you contest the accuracy of the data

A more detailed explanation of this right is available here

Data portability

The right to receive your information that you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

A more detailed explanation of this right is available here

To object to use

The right to object:

—at any time to your information being used for direct marketing (including profiling)

—in certain other situations to our continued use of your information, e.g. where we use your information for our legitimate interests unless there are compelling legitimate grounds for the processing to continue or the processing is required for the establishment, exercise or defence of legal claims

A more detailed explanation of this right is available here

Not to be subject to decisions without human involvement (automated decision making)

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

We do not make any such decisions based on data collected by the app

A more detailed explanation of this right is available here

The right to withdraw consents

If you have provided us with a consent to use your information, you have a right to withdraw that consent easily at any time

You may withdraw consents by emailing or writing to us – see ‘How to contact us’ below

Withdrawing a consent will not affect the lawfulness of our use of your information in reliance on that consent before it was withdrawn

 

For further information on each of those rights, including the circumstances in which they do and do not apply, please contact us (see ‘How to contact us’ below). You may also find it helpful to refer to the guidance from the UK’s Information Commissioner on your rights under the UK GDPR. 

If you would like to exercise any of those rights, please contact us (see ‘How to contact us’  below). When contacting us please:

  • provide enough information to identify yourself and any additional identity information we may reasonably request from you, and
  • let us know which right(s) you want to exercise and the information to which your request relates

ABOUT COOKIES

We use cookies in connection with the operation of our websites. A cookie is a small file that is sent by a web server (where we host our website) to a web browser (from where you view our website) and which is then stored by the browser. The cookie contains an identifier which is stored in your browser and then sent back to our server each time your browser accesses our website. These cookies may either be ‘persistent cookies’ (in which case they will continue to be held by your browser until they are deleted, or until a specified event/date) or they will be ‘session cookies’ which expire when you close your browser.

Usually, cookies do not hold any data by which you can be identified, although if we do hold personal data about you (for example, because you have subscribed to a service that we offer) the cookie may be linked to that data.

In addition to cookies used by us, our service providers may also use cookies, and those cookies may also be stored in your browser when you visit our website.

If you wish to do so then, usually, you can prevent cookies from being downloaded to your browser and can delete those that have already been downloaded. How this may be achieved varies between different browsers. Consult the website of your browser provider for more details.

However, you should be aware that if you block or delete cookies this may have a detrimental impact upon your ability to access our websites, and the services that we provide. It may mean that not all of the facilities on our website will be accessible by you, or it may mean that you are unable to access any member services which we provide.

KEEPING YOUR DATA SECURE

In order to ensure that your personal data is kept secure, and to prevent there being any breach of confidentiality, we have put in place security measures which are intended to prevent your personal data from being accidentally lost or used, or accessed unlawfully. Access to your personal data is restricted to those with a need to access it, and regard will be had to the need for confidentiality when that personal data is processed.

Our systems are subject to rigorous testing and we are ISO 27001 certified, meaning that we observe industry standards for information security.

In the event that there is a suspected data security breach you will be notified. Where relevant we will also inform the appropriate regulator (including the Information Commissioner’s Office) of a suspected data security breach where we are legally required to do so.

If you want detailed guidance from Get Safe Online on how to protect your information and other information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org Get Safe Online is supported by HM Government and leading businesses.

MAKING A COMPLAINT

If you have any queries or concerns as to the acquisition, use, storage or disposal of any personal data relating to you please contact us (see ‘How to contact us’ below)

Notwithstanding our best efforts, inevitably sometimes things do go wrong. If you are unhappy with any aspect of the use and/or protection of your personal data, you have the right to make a complaint to the Information Commissioner’s Office, who may be contacted in writing at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; by telephone on 0303 123 1113; by fax on 01625 524510; or online at www.ico.org.uk 

HOW TO CONTACT US

If you have any queries as to the acquisition, use, storage, or disposal of any personal data relating to you please contact dataprotection@cmacgroup.com   
We can also be contacted by post at CMAC Group UK Limited, Suite 1 The Globe Centre, St James Square, Accrington, BB5 0RE.

THIS POLICY

The terms and provisions of this privacy policy may be changed, updated and amended from time to time.

If you would like this policy to be supplied to you in another format (for example audio, large print, braille) please contact us (see ‘How to contact us’ above).