P&O Ferries Privacy Policy
Updated: Mon 11 Nov 2024
We take your data as seriously as we do your ferry travel and we’re committed to respecting and safeguarding your privacy and the personal information that you give us. We collect your personal information when you interact with us and use our websites. This policy details the information that we collect about you, why and how we use that information, your rights regarding that information and how you can update it.
We may make changed to this policy from time to time, so it is worth checking back occasionally to make sure you are happy. Where we make significant changed to this policy or how we use your
personal information, we will take additional steps to draw this to your attention. This privacy policy was last updated on September 2023. Please ensure that you read and understand this Policy. Where you interact with us or use this website, we assume that you have done so.
Where you provide personal information relating to other people who are part of the same ferry booking, please ensure you draw this Policy to their attention as it will also govern our use of their
personal information. If you have any questions regarding this policy, you can send them to customer.services@poferries.com, or you can write to us at P&O Ferries, Freepost BRI, CT17 3BR.
Or you can call us on 01304 44 88 88. You should note that you have certain rights under this Policy, including to object to certain uses of
your personal information. Further details are set out in relevant parts of the Policy.
1. Who are you?
We are P&O Ferries, a household name operator of ferry services across the English Channel, North Sea and Irish Sea, with almost 4,000 employees. We have a fleet of more than 20 ships and operate more than 30,000 sailings a year.
In addition to sailing on eight major routes between Britain, France, Northern Ireland, the Republic of Ireland, Holland, and Belgium, we operate intermodal continental hubs at Zeebrugge and Europoort and have our own logistics arm, P&O Ferry masters.
Every year we carry more than 10 million passengers, 1.6 million cars and 2.2 million freight units
And who is this “we”?
Any references to ‘we’ or ‘us’ in the below refers to the P&O Ferries group company that you are contracting with under our terms of business, or which you engage with before making a booking.
For our unit holders, any references to ‘we’ or ‘us’ in the below refers to P&O Ferries Limited, registration number 00237626, with respect to any unit holder (rather than specific booking) matters.
For any marketing materials that you receive or any competitions that we run, any references to ‘we’ or ‘us’ in the below refers to P&O Ferries Holding Limited. Registration number 6038077.
Each group company’s registered address is: Channel House, Channel View Road, Dover, CT17 9TJ.
2. What do you collect, and how?
4.1 Your Contact Details
This means your name, address, email address and telephone number. We collect this when you make a booking through our website or call center, or if you sign up to receive marketing communications on our website through one of the sign-up forms, but don’t make a booking. The below sets out how and why we use this information:
Send you a booking confirmation
(a) All part of our obligation to fulfil our contract with you. We do not send our paper tickets anymore, all our ‘tickets’ are electronic in the form of a booking confirmation email. We have to do this to make sure you have all of the information you need to travel. Keep you updated on any changes to your bookings
(b) Again, this is part of our obligation to fulfil our contract with you. Occasionally we will have to contact you to let you know that something has changed on your booking. For example if we have to make a change to a scheduled sailing time, we will send you an email or a text message to let you know of the change.
Fraud detection and prevention
(c) We need to process our payment safely and securely, and try to reduce fraud against us and our customers, which involves using your contact details in our fraud detection processes. It is in our legitimate interests to ensure that payments to our business are secure and protected from fraudulent activity.
Send you news, offers and information by email or post.
(d) We do love to keep you up to date with all the latest news and offers. We will only ever do this with your permission, and you can tell us to stop at any time.
To understand our customer base
(e) To understand where in the country our customers live. We do this as it is necessary for pursuit of our legitimate business interest, in this case to better understand how we can serve our customer base.
4.2 Sensitive Personal Information
When you book with us, we ask if you or anyone travelling with you requires any special assistance when using our services. This is to ensure we provide you and your party with the assistance you require. This is another aspect of fulfilling our contract with you. This information is only processed to allow you to travel with us safely and comfortably. We never use this information for marketing purposes. We only process this data with you consent, which you can withdraw at any time. If, however, you do wish to withdraw or withhold your consent to this use of your personal information, we will not be able to provide you with the special assistance you require and may decide that we are unable to provide services to you at all.
4.3 Your Payment Details
A vital part of making you booking is paying for it. Therefore, we have to collect your credit/debit card information. Below we have set out how and why we use this information:
Take payment and process refunds
(a) We need to do this to complete your transaction and book your ferry trip. We store your payment details so that if, for any reason, we need to refund your payment, we can do so.
Fraud detection and Prevention
(b) We need to process your payment safely and securely and try to reduce fraud against us and our customers. It is in our legitimate interests to ensure that payments to our business are secure and protected from fraudulent activity.
4.4 Details of Your Bookings and Quotes
What you buy from us, basically. This includes the routes, dates, and times that you travel. It also includes the names and gender of the people that you travel with and the make/model and registration of the vehicle that you’re travelling in. Below we have set out how and why we use this information:
Allow you to travel with us
We need this information to allow you to travel, and therefore fulfil our contract with you. We are required by law to produce manifests for each of our sailings, detailing who is on board in the event that anything goes wrong.
Provide you with the best possible customer service when you contact us
One more aspect of fulfilling our contact with you. Should you need to contact our Customer Care team for any reason, we need to be able to locate your booking history to help resolve your issue. We also retain this information after you have travelled with us, as it is in our legitimate interests to maintain internal records of any customer issues and complaints and improve our customer services more generally.
Tailor our communications to you
We want to make sure that any communications we send to you are relevant. We do not want to send you unwanted messages about our Larne to Cairnryan service if you have only done day trips from Dover, for example. As specified above, we will not send you any marketing materials without your consent, and you can tell us to stop at any time.
4.5 How You Interact with Our Website and Marketing Emails
When you arrive on our website we store a small amount of information about your visit and how you interact with us. This information is stored in a cookie in your browser (e.g. Internet Explorer or Chrome).
This information is then used to surface relevant information to you as and when you need it – meaning you have the best possible online experience with us.
Where we use cookies on our website, you may block these at any time. To do so, you can activate the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to use all the functionality provided through our website.
Need a little more detail? You can find the full details of the cookies we use and how we use them in our cookie policy. In addition to cookies, where you provide your consent for us to do so, our website will use the SessionCam website recording service. SessionCam is a product that has been developed by ServiceTick Ltd. SessionCam may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive personal data. Data collected by SessionCam from the P&O Ferries website is for P&O Ferries’ internal use only. The information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting.
4.6 Your Responses to Surveys
Occasionally we may send you a survey to gather your thoughts and opinions on our products and services. This may include the collection of some personal information (including your name and contact details).
We want to make sure that everyone who steps on board one of our ships have a great time. Our surveys give you the opportunity to give us the feedback we need to ensure we are giving you the level of service that you expect and deserve. This information is only used with you consent, which you may withdraw at any time.
4.7 Competition Entries
From time to time we will run competitions where we will ask you for your contact details. This is to ensure we can contact you if you’re lucky enough to win! We may also send you news, offers and information by email or post, this is because we’d love to keep you up to date with all the latest news and offers. We will only ever do this with your permission, and you can tell us to stop at any time.
4.8 Unitholder Entitlements
If you are a Unitholder with us, we will store and use your contact details (including your name, address and telephone number) and your unitholder number. As a Unitholder, you are entitled to discounted travel, and we need to let you know about your yearly entitlements. We need to use your contact details to fulfil our commitments to you by providing you with information about you Unitholder benefits.
4.9 When and How You Use Our App
When you install and use our app we collect and process information about you to deliver functionality within the app. This will include your email address, booking details (including passenger names, but not their contact details) and your location while using the app. Below we have set out how and why we use this information:
Allow you to login to the app and view your Bookings.
This is required for you to use and get the most out of the app. Without this you won’t be able to view and amend your bookings from within the app.
Send you relevant notifications
We’d like to send you notifications that are relevant to your bookings. These include information about any changes to your bookings as well as information about the services you can find on board. You can turn these notifications off at any time within the settings of the app.
Help you find your way around the ship
Location information will allow us to help you navigate our ships more easily. We’ll ask your permission to use this information when you install the app, and you can turn this off at any time in
your phone settings.
4.10 If You Have an Accident While Travelling with Us
If you are involved in an accident on one of our ferries, or on our premises, we will ask you to complete an accident form. This will require you to provide us with contact information and details
of your accident. We need to collect this information to comply with our legal requirements regarding the safety of our services, and should we need to follow-up with you in relation to the accident oruse the information in relation to a legal claim against us.
4.11 CCTV Footage
For security purposes, we collect CCTV footage in our premises and ships, which will involve the collection of your image if you are located at or visit our premises or ships where we maintain CCTV systems.
4.12 A Quick Word About Children
We do not and will not knowingly collect information from any unsupervised child under the age of 16. We only collect information relating to children as part of a ferry booking where they are one of the passengers, and the ferry booking has been made by an adult, or if a child is involved in an accident whilst travelling with us
3. Why do you do all of that?
We only process your personal information where we have a legal basis to do so. The legal basis will depend on the reason or reasons we collected and need to use your information. Under EU
and UK data protection laws in almost all cases the legal basis will be
-
Because we need to use your information so that we can process your booking, fulfil your travel arrangements, and otherwise perform the contract we have with you.
-
Because it is in our legitimate interests to use your personal information to operate and improve our business as a travel provider and protect our business against fraudulent activity. Where we rely upon our legitimate interests to process your personal information, we have specified that fact in this Policy.
-
Because we need to use your personal information to comply with a legal obligation.
-
To protect the vital interests of you or another person.
-
Because you have consented to us using your information for a particular purpose. Where we rely upon your consent to process your personal information, we have specified that fact in this Policy (and that you have a right to withdraw that consent at any time).
5.1 Processing Data for Marketing Purposes
If you’ve booked with us or given us your contact details to receive marketing we will only process this information for marketing purposes with your permission. You can find more information on how
to object or withdraw your permission to process for marketing purposes below, in the “Can I opt out” section.
4. How long do you keep it for?
We keep your personal information for no longer than necessary and the period for which we retain your personal information depends upon the reasons we collected it:
6.1 Marketing
If you’ve booked with us, and you have consented to us providing you with marketing materials, we’ll keep your details for marketing purposes for up to 5 years after your last interaction with us.
Once this period has elapsed, we’ll remove all of the personally identifiable information. This will leave an anonymised record that someone booked a ferry crossing, but we’ll no longer know who
you are.
If you’ve not booked with us but you’ve signed up to receive marketing communications (via our website, for example), we’ll keep your details for up to 2 years after the last time you interacted
with us. After this time, we’ll also delete your details.
6.2 Payment details
We will keep your payment details for a period of up to six (6) months following your payment to us. If, however, your booking is more than six (6) months after your payment to us, we will retain
your payment information until you have travelled with us.
6.3 Booking information
Save as set out above in relation to the retention of your data for marketing purposes, we will only retain your booking information for as long as necessary to comply with our legal obligations. In
most cases, this means storing this information for six years. Once this period has elapsed, we’ll remove all the personally identifiable information. This will leave an anonymised record that someone booked a ferry crossing, but we’ll no longer know who you are.
6.4 Customer Services Information
We keep details of any contact you make with our Customer Care team for a period of 2 years after we collect it. This is to ensure that we can provide the best customer care to you should you
travel with us in the future.
6.5 Information relating to accidents.
If you have an accident while travelling with us, we will retain your information for a period of up to 7 years following the accident to ensure that we have this information so that we can respond to
requests you may have about the accident, or should you wish to make a claim against us in relation to the accident.
5. How safe is my personal information?
We take all necessary steps to protect the personal information that you give us.
The personal information that you enter on our website while making a booking is encrypted via
HTTPS. This is demonstrated by the “padlock” icon in the address bar of your web browser (ie. Google Chrome/Internet Explorer/Mozilla Firefox) when on these pages.
We store all data in secured environments with access controls to ensure that only people with a legitimate reason can access your data.
When we transfer personal data electronically (for example to a third party service provider), we do so in an encrypted form via a secure transfer method (ie. SFTP).
6. Who will be using it?
We never sell your personal information to any third parties for any reason.
We will share your data with selected third-party service providers, agencies and subcontractors who do work on our behalf to provide services such as data storage, analysis, and marketing
services such as Salesforce, R-Cubed and or A-Ferry. Where this is necessary, we will only pass over the information necessary to carry out the specific service (delivery of a marketing mailing, for
example) and the third parties are under contract to keep your information safe and secure and not to disclose it to anyone or use it for their own marketing purposes.
When you make a booking with us, your payment will be processed by a third-party payment processor who specialises in the secure online capture and processing of credit/debit card
transactions. If you have any questions regarding the processing of payment transactions, please contact us.
In addition, we also work in association with third party product providers to offer you a range of products and services (P&O Insurance and P&O Travel Money, for example). When you purchase
one of those products, the relevant product provider will use the information you’ve given them to provide the purchased product or service and to carry out their obligations arising from any contracts
you have entered with them. In some cases, the third-party product providers will be acting as the Data Controller of your information and will have their own privacy policies. These third-party product providers will share your information with us which we will use in accordance with this privacy policy.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganization in
accordance with our legitimate interests, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our customers. However, we will take care to ensure that your privacy rights continue to be protected.
7. Do you transfer my data outside of the EU?
Some of our external third party service providers are based outside the European Economic Area ("EEA") or the UK so their processing of your personal data will involve a transfer of data outside
the EEA or the UK. Whenever we transfer your personal data out of the EEA or the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is
implemented:
-
We will ensure that there is an adequacy decision by the UK Government in the case of transfers out of the UK, or by the European Commission in the case of transfers out of the EEA, which means that the recipient country is deemed to provide adequate protection for such personal data. For further details, see the guidance from the Information Commissioner's Office ("ICO") in the UK: A guide to international transfers and from the European Commission: Adequacy decisions.
-
If the service provider is not in a country deemed to provide an adequate level of protection, we may use specific contracts approved by the European Commission or the UK Government for transfers out of the UK which give personal data transferred outside the EEA or the UK an adequate level of protection. For further details, see European Commission: Model contracts for the transfer of personal data to third countries or ICO: International data transfer agreement and guidance.
-
Alternatively, if the service provider is based in the US, we may transfer data to them if they are part of the EU-US Data Privacy Framework, which has been adopted by the European Commission as giving personal data an adequate level of protection. For further details, see European Commission: Questions & Answers: EU-US Data Privacy Framework. Once the ICO has approved an equivalent Data Privacy Framework between the UK and the US, we may transfer data to the US from the UK to participants in such UK-US Data Privacy Framework.
Please contact us if you would like further information on the specific mechanism used by us when transferring your personal data out of the EEA or the UK.
8. How can I update my details?
Obviously we want to make sure that our information is as accurate as possible. If the data we hold about you is incorrect or out-of-date, and you’d like us to make any changes, you can contact us by email on customer.services@poferries.com, by telephone on 01304 863000 or by writing to us at P&O Ferries, Freepost BRI, CT17 3BR.
9. Can I opt out?
Absolutely. You have the right to object to marketing or data processing at any time. We include unsubscribe links at the top and bottom of all marketing emails that we send. So if you’ve received
a marketing email from us and would like it to be the last, simply click the link at the top of the email. Please be aware though that we may still send you emails related to your bookings/purchases with us, for example booking confirmations and updates to your booking.
If you’ve received something through the post from us, you can unsubscribe by returning it to P&O Ferries, Freepost BRI, CT17 3BR.
Alternatively, if you’ve not received any marketing communications from us yet and want to make absolutely sure it stays that way, you can opt out of any and all direct marketing at any time by
contacting us on customer.services@poferries.com, by telephone on 01304 863000 or by writing to us at P&O Ferries, Freepost BRI, CT17 3BR.
10. Subject Access Requests, Objecting to use of your information and Right to be Forgotten
You can request that we provide access to / copies of all information that we hold about you.
You have the right to request that we stop using and/or delete your personal information. You have a right to ask us to restrict the way that we process your personal information in certain
specific circumstances.
You have a right to ask us to provide your personal information to a third party provider of services. This right only applies where we use your personal information on the basis of your consent or performance of a contract; and where our use of your information is carried out by automated means.
You have a right to ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person's legitimate interest.
You also have the right to request an update to any of your personal information which is out of date or incorrect.
If you wish to exercise these rights, you can contact us and tell us why. In certain circumstances we may not be able to stop using and/or delete your personal information but, if that is the case, we'll
let you know and tell you why.
You can exercise these rights by contacting us by email on customer.services@poferries.com, by telephone on 01304 863000 or by writing to us at P&O Ferries, Freepost BRI, CT17 3BR.
11. Making a complaint
If you have any queries or complaints about our collection, use or storage of your personal information, please contact us. We will investigate and attempt to resolve any such complaint or dispute regarding the use or disclosure of your personal information. You can contact us by email on customer.service@poferries.com, by telephone on 01304 863000 or by writing to us at P&O Ferries, Freepost BRI, CT17 3BR.
You also have the right to lodge a complaint about our processing of your personal information with the Information Commissioner's Office, the supervisory authority for data protection issues in England and Wales.
12. Links to other websites
Our website may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the
activities of such third-party websites or any association with their operators.
This privacy policy only applies to the personal information that we collect or which we receive from third party sources, and we cannot be responsible for personal information about you that is
collected and stored by third parties.
Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not
endorse or otherwise accept any responsibility or liability for the content of such third party websites or third party terms and conditions or policies.
13. Data Controllers
Any personal information processed by P&O Ferries in connection with this Privacy Policy is controlled by the relevant P&O Ferries company detailed at the start of this policy.
This P&O Ferries company will be considered the “Data Controller” of your personal information under European Union and UK data protection law.
In each case, the registered address of each P&O Ferries company is:
Channel House
Channel View Road
Dover
CT17 9TJ
Data Protection contact details: data.request@poferries.com