Privacy Policy

1.1.1.Privacy Policy

Corrib Travel Ltd (the “Company”) is committed to maintaining robust privacy protections for its customers. Our privacy policy (the “Policy”) is designed to help you understand how we collect, use and safeguard the information you provide to us when you buy our service.

The terms “we,” “us,” and “our” refer to the Company.

“You” refers to you, as a user of our website or our service.

“Suppliers” refers to the parties (including retail parties and tour operators) who provide us with products and services that enable us to run our business.

You do not have to provide your personal information to us, but if you do not provide certain information we may be limited in what services we can offer to you. Where you refuse to provide mandatory personal information for travel purposes or allow us to disclose it to our Suppliers as required to fulfil your request our Suppliers will not be able to fulfil your travel booking.

This Policy forms part of your contract with us for the travel and/or those services provided.

What information do we collect?

When you purchase our services:

When you contact us, by email or phone, or call into speak to one of our sales consultants to book a holiday we may collect the following personal data (including some special category (sensitive) data):

  • Name, physical address, phone number, email address, date of birth, passport details, other ID document details;
  • Photo id;
  • Insurance details;
  • work history, cover letter, curriculum vitae
  • Relevant medical data and any special, dietary, religious or disability requests; and
  • Credit or debit card details.

When you contact us or we contact you or you take part in promotions, competitions, surveys or questionnaires about our services, we may collect:

Personal data you provide when you connect with us, including by email, post and phone or through social media, such as your name, email address and phone number.

Details of emails and other digital communications we may send to you that you open, including any links in them that you click on.

Your feedback and contributions to customer surveys and questionnaires.

Other sources of personal data:

We may use personal data from other sources, such as, your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency.

Personal data you provide about other individuals:

We use personal data about other individuals provided by you, such as those people on your booking.

By providing other people’s personal data, you must be sure that they agree to this and you are allowed to provide it. You should also ensure that, where appropriate, they understand how their personal data may be used by us.

CCTV

We operate CCTV in the shop. Recording is for security, health and safety reasons only and data is destroyed after 28 days. The recording data would only be used where security has been compromised and photographic evidence will be of use. This photographic evidence will only be reviewed by our employees and will only be shared on request with the security services i.e. Garda or Government Dept.

How do we use personal information?

We may collect, hold, use and disclose your information for the following purposes:

  • Administering services we are providing to you such as arranging your holiday booking.
  • Managing our relationship with you, including updates about your booking and handling complaints.
  • To contact you in the event of an emergency.
  • Some countries will only permit travel if you provide your Advance Passenger Information (API) i.e. passport details.  These requirements may differ depending upon your destination.  Even if not mandatory, we may exercise our discretion to provide this API to assist where appropriate.
  • To identify and tell you about services we think you may be interested in, including sending email newsletters (see Mailchimp privacy policy).
  • To improve your customer experience with us through customer feedback surveys (see Survey Monkey privacy policy).
  • Providing relevant information, which may include sensitive personal information, to insurers, their agents and medical staff in circumstances where we/they need to act on your behalf or in the interest of passengers or in an emergency.
  • To comply with our legal obligations, such as a court order, subpoena, or for identification of fraud or regulatory reporting and compliance.

When you provide your email address to us to enquire about booking a holiday, your contact details may be retained even if the transaction is not completed. These details are captured using a secure software program. This is so we can assist you in future with bookings, and as a result of this you may receive a follow up enquiry email.

How we share your information?

In order to provide the services requested by you we will need to share your personal data with other Suppliers of your travel arrangements, including airlines, hotels and transport companies.

We only share the minimum personal data that enable our Suppliers to provide their services to you and us. We are committed to working with Suppliers who are GDPR compliant. Our Supplier`s or their third party supplier’s use of your information is subject to their privacy policy.

We may post customer testimonials on our websites which might contain personal data. We obtain the customer`s consent via email prior to posting the testimonial. It may include their name, date of travel, and travel destination along with their testimonial, as applicable. If you wish to update or delete your testimonial, at any stage, please contact Dataprotection@corribtravel.ie with your request.

We also work with carefully selected Suppliers that carry out certain functions on our behalf. For example, companies that help us with IT services, storing data, and processing payments.

We may need to share personal data with other third parties (such as legal, accountants or other advisors, regulatory authorities, courts and government agencies), to defend or protect our legal rights, or where such disclosure is permitted by law, such as for the purpose of preventing fraud.

When we share personal data with other organisations we require them to keep it safe, and use it only for the lawful basis on which it was shared. They must not sell or use your personal data for their own marketing purposes.

What legal basis do we have for processing your personal data?

We will only process your personal data on the following legal basis:

Consent: When you give us explicit permission to process your personal data for example, when you sign up to receive our newsletter via our website or provide us with customer feedback via our feedback survey email. Should you not wish to receive such communication from us please simply indicate your preference to opt out by following the directions provided in the e-mail.

Contract: When we book a holiday on your behalf or take steps at your request prior to booking a holiday (i.e. obtaining a quote for a package holiday, flights, accommodation, a cruise holiday, car hire or insurance).

Legitimate interest: When it is in our or a third party`s legitimate interest and these interests do not override your right to privacy. For example, we may use your personal data to better understand your interests, or to improve our services offered.

Legal Obligation: when we are required by law, for example, it may be mandatory for some travel destinations to disclose and process your personal data and API for immigration, security, anti-terrorism purposes and any other purpose which they deem appropriate.

In some circumstances we may need to process special categories of personal data, for example health data for medical reasons, we will only do so if one or more additional conditions apply. For example, we have your explicit consent; it is necessary to fulfil our contract with you, to protect the vital interests of you or another individual and you are physically or legally incapable of giving consent; it is necessary to establish, exercise or defend legal claims; it is necessary for reasons of substantial public interest.

How we protect your personal data

Your data privacy is very important to us.  We have implemented appropriate organisational and technical measures to protect your data.  These measures are reviewed regularly to ensure that we continue to employ the necessary safeguards to meet the requirements of the GDPR and to protect your rights as a data subject.

Information communicated over the phone, via e-mail or through our website is captured and held securely in a software program and our travel management system.  We take every reasonable precaution to protect all information collected, including:

  • only sharing and providing access to your information to the minimum extent necessary;
  • using secure servers to store your information; and
  • using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) software or other similar encryption technologies to encrypt your personal and payment transactions

Transmission of information over email is secured by a TLS 2 encryption in transit, however, it is not secure at rest. If you submit any information to us over the internet by email you do so entirely at your own risk.

We do not process credit/debit card payments ourselves, we use a dedicated third-party payment portal, where information is transacted using industry-standard Secure Socket Layer (SSL) encryption algorithms.  We do not retain your debit or credit card information.

For information held on customer files, access is restricted to only those staff that require that information to perform their duties. All employees have been trained and are kept up-to-date on our security and privacy practices.

Where do we store and process personal data?

We store our customer files on our secure travel management software and in hard copy format. We take measures to ensure that this customer file is in a secure location at all times. Where necessary and in order to perform our contract with you we send your booking details to third parties Suppliers. We do take steps to ensure that we and our Suppliers store your booking details securely online.

In some cases these third parties, including airlines, hotels and transfer providers, may be situated outside of the European Economic Area (EEA). Where they are, they are obliged to make sure that your personal information is adequately protected.

Your rights regarding your personal data

  • The right to be advised of how we will use your personal information. This is set out in this Policy and we do our best to provide you with as much information as we can at the point at which you give us your data.
  • The right to ask us to correct any information you believe is incorrect.
  • The right to receive a copy of the personal data we hold about you or to request that we transfer this to another service provider.
  • In certain circumstances, the right to ask us to stop using information about you.
  • The right to lodge a complaint to the Data Protection Commissioner’s Office.
  • The right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
  • The right to withdraw consent that you have provided to us to use your personal information.

You can exercise these rights over your data by emailing us at Dataprotection@corribtravel.ie or by sending your access request by post to Corrib Travel, 2 Eyre Square, Galway.

We will comply with your requests, unless we have a lawful reason not to do so. We will need you to provide additional details to confirm your identity in order to process your request.

How long is your data retained for?

We will retain your personal data for only as long as it is necessary for the uses set out in this Policy and/or to meet legal and regulatory requirements. We are required by law to retain customer files for a period of 6 years.

After this period, we will securely erase personal data in accordance with our Company policy. We do not retain data for analytical, historical or other legitimate business purposes, however, if we do decide to, we will take appropriate measures to anonymise this data.

Children’s Privacy

We do not sell travel or other services for purchase by children. Please be aware that we have not designed this website for, and do not intend for it to be used by, anyone under age 18. In all cases where minors are travelling, the parent/guardian must give consent to the lead passenger to pass on personal information for those travelling.

We use this information for travel purposes only and will treat it with the utmost sensitivity, it will not be used for any other purpose or future holidays. It is the responsibility of the lead passenger to collect this information and pass it onto us.

Our website

We own and operate https://corribtravel.ie/ where you can sign up to receive our newsletter.
We do track “cookies” when you visit our website. A cookie is a small piece of data or a small text file stored by the browser on your computer, at the request of our server.  Cookies allow us, to determine how frequently particular pages are visited and to determine the most popular areas of our website.

Links to other websites

Our website contains links to other websites such as Facebook, Instagram and Twitter. This Policy only applies to the Company, when you link to other websites you should read their own privacy policies. We don’t control websites which we do not operate and are not responsible for their contents or use of them. Inclusion of these links to such websites does not imply any endorsement of the material on such websites.

This website uses “cookie” technology. A cookie is a small piece of data or a small text file stored by the browser on your computer, at the request of our server. We may use cookies to deliver content specific to your interests and to save your personal preferences so you do not have to re-enter them each time you connect to our website – our cookies are not available to other websites.  In particular cookies enable us:

  • to measure visitor traffic to our website and their usage patterns
  • to store information about your preferences, and so allow us to customise our website according to your individual interests
  • to speed up your searches
  • to recognise you when you return to our website.

The table below explains the cookies we use and why.

Name Purpose Activated Expires
Initiated by this website
PHPSESSID The PHPSESSID cookie is native to PHP and enables websites to store serialised state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. (expires when you close your browser) On visit When you close your browser
Initiated by Google Analytics | Read More
_ga Used to distinguish users. On visit After 2 Years
_gat Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. On visit After 30 Minutes
_gid Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named On visit 1 minute
gwcc This cookie allows Google to track any call conversions on mobile devices. For example if a customer is clicking a phone number on the contact us page to dial from their mobile device On visit After 3 Months
Initiated by Facebook | Read More
fr This cookie is used by Facebook for advertising purposes On visit 90 days

What are my choices regarding cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

Changes to this Policy

We may update this Policy in the future, and we reserve the right to amend this Policy at any time. Updated versions of the Policy will be posted on this website and are effective immediately on posting. Please check frequently, especially before you use this website, to see if this Policy has changed.