CRG
DATA PROTECTION NOTICE


BY DRIVING ON OUR PROJECTS AND THROUGH OUR TOLL PLAZAS YOU ARE CONSENTING TO CELTIC ROADS GROUP PROCESSING YOUR PERSONAL DATA IN THE WAYS THAT WE EXPLAIN IN THIS NOTICE AND ANY FUTURE VERSIONS OF IT.


HOW CRG USE YOUR INFORMATION

In this notice Celtic Roads Group explain how we collect information about you, how we use it and how you can interact with Celtic Roads Group or our operator about it.


WHO WE ARE 

In this notice Celtic Roads Group or CRG refers to any of three companies depending on the particular project;

·         Celtic Roads Group (Dundalk) DAC is the PPP on M1 Dundalk Western By-pass

·         Celtic Roads Group (Portlaoise) DAC is the PPP on M7/M8 Portlaoise By-pass

·         Celtic Roads Group (Waterford) DAC is the PPP on N25 Waterford By-pass

CRG are part of Public Private Partnership (PPP) contracts with Transport Infrastructure Ireland (TII) which permit CRG and our operator contractors to operate, collect tolls and maintain the motorway, dual carriageway and toll plazas on each of our projects. Our operator contractors are as follows for each of our projects and a reference to our operator in this notice refers to any of them;

·         NorthLink M1 Ltd is our operator on the M1 Dundalk Western By-pass

·         Midlink M7/M8 Ltd is our operator on the M7/M8 Portlaoise By-pass

·         SouthLink N25 Ltd is our operator on the N25 Waterford By-pass


HOW DATA IS COLLECTED ABOUT YOU AND YOUR CONSENT

In order for CRG to successfully operate and maintain a safe and secure motorway and toll plazas and to enable CRG to establish and manage the relationship with road users on our projects and at toll plazas, CRG have a legitimate business reason to control and process personal data.

CRG and our operator process personal information, for example, when you use the projects and the toll plazas, when you contact the plaza to make a query in respect of a toll transit, when you use a card to make payments, when you contact CRG or our operator to make a Subject Access Request, or when you apply for an exemption card.

CRG use vehicle plate recognition software and take still images of your vehicle at the toll plazas as a method of identification of the motor vehicles using the toll plazas. CRG also process CCTV to improve security, health and safety and for enforcement and to resolve any issues, incidents or accidents at some later stage. Please note that neither CRG nor our operator guarantee the quality of CCTV or images and therefore it might not be possible to identify personal data or data subjects. Facial recognition software is not used by our security systems.

CRG and our operator also process information from other PPPs, toll concessionaries, operators or tag providers that you may have a tag account with to allow road users uninterrupted use of all toll plazas in Ireland with one tag and so to perform the contract you have in place with your tag provider.

CRG do not have a database of all registered owners of motor vehicles but in the event that you cause damage to the motorway and do not stop to report the incident to our employees or you do not pay the toll fee as required by law, CRG or our operator may collect personal data from local and national authorities, the MIBI and An Garda Síochána in respect of ownership of motor vehicles and motor insurance details in order to assist CRG with enforcement.

Sensitive Personal Data

In order to avail of exemptions from toll charges for certain categories of drivers contained in the relevant Tolling Bye Laws, road users may be required to provide sensitive personal data.  CRG and our operator will only process sensitive personal data where absolutely required and only with your written consent.

HOW WE KEEP YOUR INFORMATION SAFE

We know that you care about how information about you is processed. We appreciate your trust in CRG to do that. To protect your information, our IT Department work very hard to ensure that CRG and our operator use security measures that comply with Irish law and meet international standards. This includes computer safeguards, secure files and secure buildings.

 

WHAT WE USE YOUR INFORMATION FOR

Data Analytics- Using Information in our business to improve our business

CRG analyse the information that we collect through your usage of the toll plazas. This helps us understand patterns of usage of the toll plazas. Our analysis helps CRG ensure that you are afforded a fast and uninterrupted journey through the toll plazas. CRG also provide TII with reports on the performance of the tolling and road operations.

Claims and Litigation

If you make a claim against CRG or our operator, the use of personal data may be necessary to investigate the matter and to resolve the claim.

If a claim is made against you for non-payment of a toll journey or for damage caused to the project or at the toll plazas, your personal data may be used to investigate the matter and to form the basis of the claim, to seek judgment and for enforcement purposes.

Payment

When you use a card to make a payment CRG use a post payment card system. If the payment is declined, for example, due to insufficient funds or due to being blocked because the card was stolen and therefore the use is unauthorised, CRG process the information so that the next time the card is used at the toll plazas that it will be immediately rejected.

Encryption is used to keep your card information safe. In addition to this CRG have Data Protection Agreements in place with the companies used to process your payment through your bank to keep your information safe.

Query Resolution

If you make a query in respect of your transit, it may be necessary to process personal data in order to resolve the query for you.

Our Legal Obligations

CRG have legal obligations, for example:

1)    to assist law enforcement agencies when they are investigating criminal activity;

2)    to operate the motorway and toll plazas in compliance with the relevant Tolling Bye Laws and with legislation;

3)    to operate and maintain the projects in compliance with our contract with TII;

4)    to co-operate with third parties in respect of interoperability contracts between tag service providers, other toll concessionaries and operators within Ireland.  

CRG may disclose personal data if under a duty to disclose or share customer data in order to comply with legal obligations or in order to protect rights, property or the safety of the staff of CRG, our operator, customers or others.

CRG will also disclose personal data if the disclosure is required in order to comply with an applicable law, summon, search warrant, a court or regulatory order, or other valid legal process which would include in the main but not limited to Section 8 of the Data Protection Act.

As part of the interoperable environment whereby those road users who transact using tag, information with other tag service providers and toll concessionaries within Ireland may be shared or exchanged through a centralised portal in order to deal with contractual requirements around payment and to resolve queries of road users.

Where we suspect criminal activity CRG will record this and report to the relevant enforcement agencies, which may be within or outside Ireland because we are legally obliged to do so.

DATA RETENTION

Personal data shall only be retained for as long as is required to conduct our business and satisfy our legal obligations. For CCTV, this is typically 30 days and for transaction images, this is typically 90 days. Longer times may be necessary where it is identified the records pertain to an incident, accident, claim or investigation.

YOUR INFORMATION AND THIRD PARTIES

CRG use other companies and individuals to work on our behalf in relation to the operations and maintenance of our projects or to give us advice to help us make decisions, for example to:

-          Analyse data

-          Collect toll charges at the toll plazas

-          Collect unpaid toll charges and debts

-          Collect unpaid repairs for damage caused on the motorway

-          Litigation purposes

CRG ensure suitable arrangements and agreements are in place with our third party contractors or specialists who may have access to or process personal data in order to keep your information confidential and to respect the laws on Data Protection.

CRG might require technical support from companies outside Ireland. These companies are within the EEA so this would not involve processing data outside the EEA. In all such cases this activity is supported by a contract which includes data protection clauses.

ACCESSING AND MANAGING YOUR INFORMATION

You have a right to make a request under Data Protection Act in respect of your personal data.  

To make a request for your data, please contact customer service in relation to the relevant project(s) in order to request and return a completed application Subject Access Request form;

Project

M1 PPP

M7/M8 PPP

N25 PPP

 

NorthLink Customer Service

MidLink Customer Service

SouthLink Customer Service

Through website:

www.crg.ie 

or

www.northlink.ie

www.crg.ie 

or

www.midlink.ie

www.crg.ie 

or

www.southlink.ie

By email:

info@crg.ie

or

info@northlink.ie

info@crg.ie

or

info@midlink.ie

info@crg.ie

or

info@southlink.ie

By post:

M1 Toll Plaza,

Balgeen,

Co Meath

A92 P785

M7/M8 Toll Plaza,

Fatharnagh,

Mountrath

Co Laois

N25 Toll Plaza,

Gracedieu Lower,

Waterford

By telephone:

041 928 9820

057 869 4900

051 319 700

Once we are satisfied that you are the data subject we will reply to you within 30 days. This is not to frustrate the application process but CRG do not want your personal data to end up in the hands of the wrong person.

Please also note that if you request the reply of communication via your email address, you are held solely responsible for the security and integrity of your own email account. Unfortunately, the transmission of information via the internet is not completely secure. Consequently, while CRG and our operator take all reasonable security measures, CRG cannot guarantee the privacy or confidentiality of information relating to you being passed via the internet and any transmission is entirely at your own risk.

CRG try to make sure that the information that we have about you is accurate and up to date. If your information changes or you believe that we may have information that is not accurate or not up to date, please write to CRG at the following address and CRG will review your case and amend your information accordingly;

Data Protection Officer,

Celtic Roads Group,

M1 Toll Plaza,

Balgeen,

Co Meath

A92 P785

Email:   info@crg.ie

 


RIGHT TO COMPLAIN

Any individual has the right to notify or complain to the Data Protection Commissioner of any concerns around your data. You can contact the Office of the Data Protection Commissioner at:

Telephone                     076 1104 800 or Lo Call Number 1890 252 231

Fax                               057 868 4757

Email                            info@dataprotection.ie

Postal Address:             Data Protection Commission,

Canal House,

Station Road,

Portarlington,

Co. Laois

R32 AP23

 

UPDATES

CRG review and update their Data Protection Notice from time to time. Any updates shall be made available on our website.

© 2018 CRG
Celtic Roads Group (Dundalk) DAC, M1 Toll Plaza, Balgeen, Drogheda, Co, Meath, Ireland | Registered Number: 378371
tel: +353 41 9829820 | fax: +353 1 +353 41 9829824