National Transport Authority
Active Travel Logger Website and Smarter Travel Step Counter
This Privacy Notice is issued by the National Transport Authority of Dún Scéine, Harcourt Lane, Dublin 8 (" NTA", " we", " us", " our").
As part of our work with employers and third level institutions to implement voluntary travel plans and promote public awareness of alternative means of transport, we provide fun and free walking, cycling and public transport challenges (" Smarter Travel Challenges") through our website, ActiveTravelLogger.ie (the " Active Travel Logger Website"). We also provide a free Smarter Travel Step Counter app for iOS or Android devices to assist participants in Smarter Travel Challenges (the " Smarter Travel Step Counter").
The purpose of this notice is to inform you of the data relating to you that we collect and use in connection with the Active Travel Logger Website and the Smarter Travel Step Counter and the uses (including disclosures to third parties) we make of such data. The NTA is not responsible for the content or privacy practices of any linked sites.
If you have any questions about our use of your personal data, please contact us at firstname.lastname@example.org or you can contact our Data Protection Officer at email@example.com.
Personal Data that we Collect and Process
We will collect and process personal data relating to you in connection with your use of the Active Travel Logger Website and the Smarter Travel Step Counter and our relationship with you. This personal data may include:
- your name and contact details, including your address, phone number and email address;
- your photograph;
- your gender;
- your weight;
- your average activity levels;
- information relating to your health;
- your mode of transport to work or college;
- distance you travel to work or college;
- your organisation, i.e. your employer or college;
- the username and password to your account on the Active Travel Logger Website;
- any other personal data relating to you that you provide to us or that we generate about you in connection with your use of the Active Travel Logger Website and the Smarter Travel Step Counter.
|Cookie Name||Category||Expiration Time||Purpose|
|.AspNet.ApplicationCookie||Strictly necessary||2 weeks, or until browser closed or user logged out||This stores user claims. If Keep Me Logged In is checked then this lasts until 31 Dec 9999.|
|_ga||Performance||2 years||This is used by Google Analytics to distinguish between users.|
|_gat||Performance||1 minute||This is used by Google Analytics to throttle request rate.|
|GdprAccepted||Strictly necessary||Persistent||This is set when a user accepts the current GDPR declaration.|
|_gid||Performance||24 hours||This is used by Google Analytics to distinguish between users.|
|JSESSIONID||Functional||Persistent||This stores a session identifier so that New Relic can monitor session counts for an application.|
|NID||Functional||6 months||The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on. This cookie is also used to customize ads, Google uses such cookies to remember your most recent searches, your previous interactions with an advertiser’s ads or search results, and your visits to an advertiser’s website.|
|__RequestVerificationToken||Strictly necessary||Persistent||This cookie is used to prevent Cross Site Request Forgery attacks.|
|stw.alerts||Functional||2 months||This stores which alerts have been dismissed by the user so as to not show them again.|
Collection of Technical Information
Technical details in connection with visits to the Active Travel Logger Website are logged by our internet service provider. When you visit the Active Travel Logger Website, the following information is retained about that visit:
IP (Internet Protocol) address;
the date and time each computer accesses the website;
the pages accessed and the documents downloaded by each computer;
the type and version of the browser used to access the website;
the addresses of any third party webpages which refer visitors to our website;
keywords used in search engines and directories to find our website;
keywords and phrases used to search our website;
the top-level domain name used (for example .ie, .com, .org, .net);
the previous website address from which the visitor reached us, including any search terms used;
click-stream data which shows the traffic of visitors around this web site (for example pages accessed and documents downloaded);
type of web browser used by the website visitor.
No attempt is made to identify individual users or to associate the technical details listed above with any individual.
Purposes of Processing and Legal Basis
We will use personal data relating to you for the purpose of:
registering you with a user account on the Active Travel Logger Website;
managing your user account and providing you with customer support;
allowing you to access the Smarter Travel Step Counter to count and/or sync steps;
running competitions and promotions and Smarter Travel Challenges and awarding prizes to participants;
uploading photographs to social media, websites, ezines and reports in relation to Smarter Travel Challenges, promotions and competitions;
contacting you in order to provide you with updates in relation to Smarter Travel Challenges;
carrying out research and customer satisfaction surveys;
sending you promotional and marketing materials, subject to any preference that you express when we collect your contact details or subsequently. You can opt out of receiving promotional and marketing materials from us at any time by contacting firstname.lastname@example.org.
generating reports and analysing statistics regarding participation in Smarter Travel Challenges (where possible, personal data will be anonymised before being used for this purpose);
generating and analysing statistics regarding usage of the Active Travel Logger Website, including the frequency of use of individual pages (where possible, personal data will be anonymised before being used for this purpose);
fraud prevention, investigation and detection;
establishing, exercising or defending legal claims;
performing our functions as a public authority and complying with our legal obligations.
The legal bases on which we process your personal data are:
that this is necessary for the performance of our contract with you governing your use of the Active Travel Logger Website and the Smarter Travel Step Counter;
that this is necessary for the performance of tasks that we carry out in the public interest or in the exercise of official authority vested in us by law;
that this is necessary for compliance with a legal obligation that applies to us; or
in the circumstances where you have given consent to the processing
Recipients of Data
We may disclose your personal data to other organisations in connection with the above purposes, including:
to third parties who we engage to provide services to us in connection with the Active Travel Logger Website and the Smarter Travel Step Counter such as outsourced service providers, IT service providers, professional advisers and auditors;
to other public authorities and bodies where required or permitted by law, such as the Gardaí or other law enforcement authorities for the purposes of the prevention, investigation or detection of crime.
We will not hold your personal data for longer than is necessary. The data retention policy of the Smarter Travel Workplaces and Smarter Travel Campus programmes for personal data is 24 months. We will keep your personal data on file for 24 months from your last activity, after which time, your data will be securely deleted.
In connection with the above we might transfer your personal data outside the European Economic Area, including to a jurisdiction which is not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union. If and to the extent that we do so, we will ensure that appropriate measures are in place to comply with our obligations under applicable law governing such transfers. These may include entering into a contract governing the transfer that contains the 'standard contractual clauses' approved for this purpose by the European Commission or, in respect of transfers to the United States of America, ensuring that the transfer is covered by the EU-US Privacy Shield framework. If you would like to receive further details of the measures that we have taken in this regard, please contact us at email@example.com.
Requirement to Provide Data
You are not obliged to provide us with any personal data except where you decide to create a user account and we need it for this purpose. If you do not provide us with the information required to create an account, we will not be able to create one for you.
You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your personal data:
- the right to access your personal data;
- the right to request the rectification and/or erasure of your personal data;
- the right to restrict the use of your personal data;
- the right to object to the processing of your personal data;
- the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller; and
- where our processing of your personal data is based on you having provided consent, the right to withdraw your consent to the processing at any time].
If you wish to exercise any of the rights set out above, please contact us at firstname.lastname@example.org.
We may occasionally update this policy. We encourage you to periodically review this policy for the latest information on our privacy practices.
If you are not happy with the way we are using your personal data or how we facilitate your rights or comply with our obligations under applicable data protection law, you have the right to make a complaint to the Data Protection Commissioner by emailing email@example.com.