Privacy Policy
1.1.1.Privacy Policy
Fahy Travel Ltd (the “Company”) is committed to maintaining robust privacy protections for its customers. This privacy policy is designed to help you understand how we collect, use and safeguard the information you provide to us when you buy our service.
The terms “we,” “us,” and “our” refer to the Company.
“You” refers to you, as a user of our website or our service.
"Suppliers" refers to the parties (including retail parties and tour operators) who provide us with products and services that enable us to run our business.
You do not have to provide your personal information to us, but if you do not provide certain information we may be limited in what services we can offer to you. Where you refuse to provide mandatory personal information for travel purposes or allow us to disclose it to our Suppliers as required to fulfil your request our Suppliers will not be able to fulfil your travel booking.
This privacy policy forms part of your contract with us for the travel and/or those the services provided.
What information do we collect?
When you purchase our services with a sales consultant in our shop, over the phone or send an enquiry through our website, we may collect the following personal data (including some special category (sensitive) data):
-
Name, physical address, phone number, email address, date of birth, passport details, other ID document details;
-
Photo id;
-
Insurance details;
-
work history, cover letter, curriculum vitae
-
Relevant medical data and any special, dietary, religious or disability requests; and
-
Credit or debit card details.
When you contact us or we contact you or you take part in promotions, competitions, surveys or questionnaires about our services, we may collect:
Personal data you provide when you connect with us, including by email, post and phone or through social media, such as your name, email address and phone number.
Details of emails and other digital communications we may send to you that you open, including any links in them that you click on.
Your feedback and contributions to customer surveys and questionnaires.
Other sources of personal data:
We may use personal data from other sources, such as, your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency.
Personal data you provide about other individuals:
We use personal data about other individuals provided by you, such as those people on your booking.
By providing other people’s personal data, you must be sure that they agree to this and you are allowed to provide it. You should also ensure that, where appropriate, they understand how their personal data may be used by us.
CCTV
We operate CCTV in the shop. Recording is for security, health and safety reasons only and data is destroyed after 28 days. The recording data would only be used where security has been compromised and photographic evidence will be of use. This photographic evidence will only be reviewed by our employees and will only be shared on request with the security services i.e. Garda or Government Dept.
How do we use personal information?
We may collect, hold, use and disclose your information for the following purposes:
-
Administering services, we are providing to you such as arranging your holiday booking, and ensuring you hold the relevant documentation to enter your holiday destination.
-
Manage our relationship with you, including updates about your booking and handling complaints.
-
To contact you in the event of an emergency.
-
Some countries will only permit travel if you provide your Advance Passenger Information (API) i.e. passport details. These requirements may differ depending upon your destination. Even if not mandatory, we may exercise our discretion to provide this API to assist where appropriate.
-
To identify and tell you about services we think you may be interested in, including sending email newsletters (please see Mailchimp privacy policy).
-
To improve your customer experience with us through customer feedback surveys (please see Survey Monkey privacy policy).
-
Providing relevant information, which may include sensitive personal information, to insurers, their agents and medical staff in circumstances where we/they need to act on your behalf or in the interest of passengers or in an emergency.
-
To comply with our legal obligations, such as a court orders, subpoena, or for identification of fraud or regulatory reporting and compliance.
When you provide your email address to us to enquire about booking a holiday, your contact details may be retained even if the transaction is not completed. These details are captured using a secure software. This is so we can assist you in future with bookings, and as a result of this you may receive a follow up enquiry email.
How we share your information?
In order to provide the services requested by you we will need to share your personal data with other Suppliers of your travel arrangements, including airlines, hotels and transport companies.
We only share the minimum personal data that enable our Suppliers to provide their services to you and us. We are committed to working with Suppliers who are GDPR compliant. Our Supplier`s or their third-party supplier's use of your information is subject to their privacy policy.
We may post customer testimonials on our websites which might contain personal data. We obtain the customer`s consent via email prior to posting the testimonial. It may include their name, date of travel, and travel destination along with their testimonial, as applicable. If you wish to update or delete your testimonial, at any stage, please contact dataprotection@fahytravel.ie with your request.
We also work with carefully selected Suppliers that carry out certain functions on our behalf. For example, companies that help us with IT services, storing data, and processing payments.
We may need to share personal data with other third parties (such as legal, accountants or other advisors, regulatory authorities, courts and government agencies), to defend or protect our legal rights, or where such disclosure is permitted by law, such as for the purpose of preventing fraud.
When we share personal data with other organisations, we require them to keep it safe, and use it only for the lawful basis on which it was shared. They must not sell or use your personal data for their own marketing purposes.
What legal basis do we have for processing your personal data?
We will only process your personal data on the following legal basis:
Consent: When you give us explicit permission to process your personal data for example, when you sign up to receive our newsletter via our website or provide us with customer feedback via our feedback survey email. Should you not wish to receive such communication from us please simply indicate your preference to opt out by following the directions provided in the e-mail.
Contract: When we book a holiday on your behalf or take steps at your request prior to booking a holiday (i.e. obtaining a quote for a package holiday, flights, a cruise holiday, car hire or insurance).
Legitimate interest: When it is in our or a third party`s legitimate interest and these interests do not override your right to privacy. For example, we may use your personal data to better understand your interests, or to improve our services offered.
Legal Obligation: when we are required by law, for example, it may be mandatory for some travel destinations to disclose and process your personal data and API for immigration, security, anti-terrorism purposes and any other purpose which they deem appropriate.
In some circumstances we may need to process special categories of personal data, for example health data for medical reasons, we will only do so if one or more additional conditions apply. For example, we have your explicit consent; it is necessary to fulfil our contract with you, to protect the vital interests of you or another individual and you are physically or legally incapable of giving consent; it is necessary to establish, exercise or defend legal claims; it is necessary for reasons of substantial public interest.
How we protect your personal data
Your data privacy is very important to us. We have implemented appropriate organisational and technical measures to protect your data. These measures are reviewed regularly to ensure that we continue to employ the necessary safeguards to meet the requirements of the GDPR and to protect your rights as a data subject.
Information communicated over the phone, via e-mail or through our website is captured and held securely in secure software program and a travel management system. We take every reasonable precaution to protect all information collected, including:
-
only sharing and providing access to your information to the minimum extent necessary;
-
using secure servers to store your information; and
-
using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) software or other similar encryption technologies to encrypt your personal and payment transactions
Transmission of information over email is secured by a TLS 2 encryption in transit, however, it is not secure at rest. If you submit any information to us over the internet by email you do so entirely at your own risk.
We do not process credit/debit card payments ourselves, we use a dedicated third-party payment portal, where information is transacted using industry-standard Secure Socket Layer (SSL) encryption algorithms. We do not retain debit or credit card information.
For information held on customer files, access is restricted to only those staff that require that information to perform their duties. All employees have been trained and are kept up-to-date on our security and privacy practices.
Where do we store and process personal data?
We store our customer files on our secure travel management software and in hard copy format and we take measures to ensure that this file is in a secure location at all times.
Where necessary and in order to perform our contract with you we send your booking details to third parties. We do take steps to ensure that we and our Suppliers store your booking details securely online.
In some cases, these third parties, including airlines, hotels and transfer providers, may be situated outside of the European Economic Area (EEA). Where they do, they are obliged to make sure that your personal information is adequately protected.
Your rights regarding your personal data
-
The right to be advised of how we will use your personal information. This is set out in this privacy policy and we do our best to provide you with as much information as we can at the point at which you give us your data.
-
The right to ask us to correct any information you believe is incorrect.
-
The right to receive a copy of the personal data we hold about you or to request that we transfer this to another service provider.
-
In certain circumstances, the right to ask us to stop using information about you.
-
The right to lodge a complaint to the Data Protection Commissioner’s Office.
-
The right to ask us to limit or cease processing or erase information we hold about you in certain circumstances.
-
The right to withdraw consent that you have provided to us to use your personal information.
You can exercise these rights over your data by emailing us at dataprotection@fahytravel.ie or by sending your access request by post to Fahy Travel, 2 Bridge Street, Galway.
We will comply with your requests, unless we have a lawful reason not to do so. We will need you to provide additional details to confirm your identity in order to process your request.
How long is your data retained for?
We will retain your personal data for only as long as it is necessary for the uses set out in this privacy policy and/or to meet legal and regulatory requirements. We are required by law to retain customer files for a period of 6 years.
After this period, we will securely erase personal data in accordance with our Data Retention & Destruction policy. We do not retain data for analytical, historical or other legitimate business purposes, however, if we do decide to, we will take appropriate measures to anonymise this data.
Children’s Privacy
We do not sell travel or other services for purchase by children. Please be aware that we have not designed this website for, and do not intend for it to be used by, anyone under age 18. In all cases where minors are travelling, the parent/guardian must give consent to the lead passenger to pass on personal information for those travelling.
We use this information for travel purposes only and will treat it with the utmost sensitivity, it will not be used for any other purpose or future holidays. It is the responsibility of the lead passenger to collect this information and pass it onto us.
Our website
We own and operate http://www.fahytravel.ie/ where you can sign up to receive our newsletter.
We do track “cookies” when you visit our website. A cookie is a small piece of data or a small text file stored by the browser on your computer, at the request of our server. Cookies allow us, to determine how frequently particular pages are visited and to determine the most popular areas of our website.
In particular cookies enable us:
- to measure visitor traffic to our website and their usage patterns
- to store information about your preferences, and so allow us to customise our website according to your individual interests
- to speed up your searches
- to recognise you when you return to our website.
The table below explains the cookies we use and why.
Name | Purpose | Activated | Expires |
---|---|---|---|
Initiated by this website | |||
PHPSESSID | The PHPSESSID cookie is native to PHP and enables websites to store serialised state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie. (expires when you close your browser) | On visit | When you close your browser |
Initiated by Google Analytics | Read More | |||
_ga | Used to distinguish users. | On visit | After 2 Years |
_gat | Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics. | On visit | After 30 Minutes |
_gid | Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named | On visit | 1 minute |
Initiated by Facebook | Read More | |||
fr | This cookie is used by Facebook for advertising purposes | On visit | 90 days |
Initiated by GOOGLE | Read More | |||
1P_JAR | Used to gather website statistics, and track conversion rates. | On visit | 1 week |
APISID | This cookie is used by YouTube as part of their embedded functions on other websites | On visit | 2 Years |
CONSENT | These cookies are used to collect information about how visitors use our site. | On visit | 1 Year |
HSID | ‘SID’ and ‘HSID’ which contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. The combination of these two cookies allows us to block many types of attack, such as attempts to steal the content of forms that you complete on web pages. | On visit | 2 Years |
NID | These cookies are used by Google to store user preferences and information while viewing the pages with Google maps on them. | On visit | 1 Year |
OGPC | These cookies are used by Google to store user preferences and information when viewing pages with Google maps on them. | On visit | 1 Year |
OTZ | Google analytics cookie used for website traffic info | On visit | 1 Month |
SAPISID | enable Google to collect user information for videos hosted by YouTube | On visit | 2 Years |
SID | ‘SID’ and ‘HSID’ which contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time. The combination of these two cookies allows us to block many types of attack, such as attempts to steal the content of forms that you complete on web pages. | On visit | End of session |
SIDCC | Security cookie to protect users data from unauthorised access | On visit | |
SSID | This cookie carries out information about how the end user uses the website and any advertising that the end user may have seen before visiting the said website | On visit | End of session |
What are my choices regarding cookies
If you'd like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.
Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.
- For the Chrome browser click here https://support.google.com/accounts/answer/32050
- For the Internet Explorer browser click here http://support.microsoft.com/kb/278835
- For the Edge browser click here https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy
- For the Firefox browser click here https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
- For the Safari browser click here: https://support.apple.com/kb/PH21411?locale=en_US
- For the Opera browser click here https://www.opera.com/help/tutorials/security/privacy/
Links to other websites
Our website contains links to other websites such as Facebook, Instagram and Twitter. This privacy policy only applies to the Company, when you link to other websites you should read their own privacy policies. We don’t control websites which we do not operate and are not responsible for their contents or use of them. Inclusion of these links to such websites does not imply any endorsement of the material on such websites.
Changes to this Policy
We may update this policy in the future, and we reserve the right to amend this olicy at any time. Updated versions of the policy will be posted on this website and are effective immediately on posting. Please check frequently, especially before you use this website, to see if this policy has change