We use cookies to provide you with a better browsing experience, analyze site traffic, personalize content and deliver targeted advertising. Find out how we use cookies and how you can control them by clicking on "Settings". By continuing your navigation, you are consenting to our use of cookies necessary for the proper functioning of the website and anonymous statistical monitoring.

Personal Data Protection Charter

Personal Data Protection Charter

Personal Data Protection Charter applicable as of May 25, 2018

Preamble

This Charter applies to all personal data processed by Eurolines SA, responsible for processing as per the French Data Protection Act of January 6, 1978, as amended (the “DPA”) and the Regulation (EU) 2016/679 of April 27, 2016, regarding the protection of natural persons with respect to processing of personal data and the free circulation of this data (the “GDPR”).

The terms “Eurolines,” “we,” or “our” used in this Charter shall refer to Eurolines, SA. The “Transdev Group” refers to all companies held or directly or indirectly controlled by Transdev Group, a limited company domiciled at 3 Allée de Grenelle, 92130 Issy-les-Moulineaux, registered with the Trade and Companies Register under number 521 477 851 as per Article L. 233-3 of the French Commercial Code.

When we use the terms “you” or “your,” this includes the potential customers and customers of Eurolines, visitors, or the users of our websites www.isilines.fr, www.isilines.com during the consultation or purchase of services proposed by Eurolines (the “Services”).

You may refer to our General Terms and Conditions of Sale [add link] (the “GTCS”) that describe the Services proposed and the conditions governing the provision of these Services.

Certain links on our websites may take you to websites not belonging to Eurolines. They have their own confidentiality and data protection policies, which may be different from ours. It is your responsibility to familiarize yourself with them.

This Charter may be modified, completed, or updated to comply with any change in the legal and regulatory context or CNIL policy.

 

Data collected

Eurolines makes sure to only collect and process data strictly required for the purpose for which it is processed (minimization of data).

We collect information when you visit our websites, register on our websites, participate in a contest, or when you make a purchase of our Services on our websites, on our business partners’ websites, in our sales offices, or in our partner travel agencies. Furthermore, we automatically receive and save information from your computer and browser.

The data collected may contain:

  • information related to our commercial relationship necessary to process your requests, execute our Services, or process your complaints, including: information related to your identity (first and last name, sex, date of birth), your contact information (mailing address, email address, telephone numbers), your travel itinerary (departure and arrival city, timetables), and the method of payment chosen (check, cash, credit card, PayPal, bitcoin, or Pledge).

It is hereby specified that we only process data related to the execution of your payments by credit card, PayPal, bitcoin, or Pledge. This data is directly processed by our partners, the contact details of which are provided in our GTCS, and in compliance with their own confidentiality and protection policies. 

  • Any information contained in the customer documentation or in the forms that you may complete as a prospect;
  • data collected using “cookies.” We use “cookies,” “tags,” and similar technologies on our Websites to recognize you, remember your preferences, and display content that will probably be of interest to you. Please see our cookie management policy [insert link] for more information on how we use “cookies”;
  • records of any correspondence and communications between us, including emails, instant messaging, communications on social networks, or any other type of communication exchanges;
  • the traffic data from access to the internet service or free Wifi;
  • any information we need to fulfill our legal and regulatory obligations.

 

Purposes of collection. Maximum storage periods

The processing performed by Eurolines fulfills an explicit, legitimate, and determined purpose. The data we collect or hold was collected directly from you.

Your information is processed only for the legal purposes provided for by the GDPR, in particular:

  • to fulfill our contractual obligations or for implementation of precontractual measures at your request; 
  • according to your consent, which you may withdraw at any time;
  • to fulfill our legal obligations;
  • as necessary in the public interest;
  • to protect our legitimate interests.

Eurolines only stores your data for the time required for the operations for which it was collected and in compliance with current legislation.  We may therefore save your data even if you decide to no longer use our Services, to comply with applicable legislation or to defend our interests or rights.

We collect and process information concerning you for the following purposes and maximum storage periods:

  • Provision of Services, processing, and execution of your instructions: we use your personal data for the provision of our Services or implementation of precontractual measures required to process your request. At the time of collection, you are informed of information required by us to process and provide the proposed Services.This processing is legally based on the performance of any agreement signed by you and/or any commitment made by you or by Eurolines.

Storage time: 10 years from the end of the contractual relationship. This period may be extended in the event of legal or administrative proceedings.

  • Compliance with applicable legislation: we make sure to comply with all legislation and regulations in force. This may concern, for example, the issuing of transportation roadmaps and group tickets or the collection of traffic data during use of the free Wifi proposed by Eurolines. We may share your data with the relevant legal authorities or any other third parties if expressly authorized by law, for the purposes of fulfillment of our transportation services, for traffic control, or for the prevention or detection of criminal activities. This processing may be based on compliance with a legal obligation, the public interest, or our legitimate interest.

Storage time: 10 years from the end of the contractual relationship. This period may be extended in the event of legal or administrative proceedings. Accounting data may be stored for 10 years as per current regulations.

  • Security and our activities: we implement security measures to facilitate our activities and ensure the protection of the data stored by us. We also implement security measures to protect our staff and facilities (in particular a video-surveillance system and monitoring of incivilities observed). This processing is based on our legitimate interest.

Storage time: 3 months for video-surveillance images; 10 years for incivilities from the time of the violation. This period may be extended in the event of legal or administrative proceedings. 

  • Product and service improvement: we collect and analyze your data to identify possible improvements in our products and services. The legal basis for processing of your data for this purpose is our legitimate interest.

Storage time: 3 years from the time of collection of the data.

  • Cookies: during viewing of our websites or use of online applications, we may ask you for your consent to the use of cookies. The legal basis for the processing of your data for this purpose is your consent. To find out more about cookies ; to configure your cookies

Storage time: Depending on the consent given by the person concerned, 13 months from collection.

Storage time: For customers, for the duration of the commercial relationship. For potential customers, 3 years from the time of collection.

  • Marketing operations: we use your data to provide you information concerning our products and services, as well as the products and services of our partners or other third parties. Unless you have refused, under the conditions defined by this Data Protection Charter, if you have purchased or requested information on our Products or our services, Eurolines may send you, by email or SMS, or in its Newsletter, information familiarizing you with and helping you better use our websites, products, and services and allowing you to take advantage of promotional offers on similar products. This use of your data is based on our legitimate interest or your consent. You may withdraw your consent to the use of your data for promotional purposes at any time, directly on our websites or by following the link inserted in our Newsletters.  

Storage time: For customers, for the duration of the commercial relationship. For potential customers, 3 years from the time of collection.

  • Defense and protection of our rights: we may use your data for the defense or protection of our rights of interests (in particular collection of amounts owed, assignment of receivables, defense of our intellectual property rights), legal actions, or management of claims or disputes.  This use is based on our legitimate interest.

Storage time: For the duration of the dispute or legal or administrative proceedings.

Data recipients

We may share your data with the following persons:

  • Our partners and subcontractors, for the execution of passenger road transportation operations;
  • Banks and payment companies indicated above, for execution of order payments made on our websites. 
  • Other companies of the Transdev Group;
  • Suppliers or subcontractors of Eurolines or the Transdev Group for provision of services, including their employees, directors, and managers;
  • Any person with an interest or taking on a risk with respect to or as part of the services we provide to you;
  • Auditors, the transport regulation authority (ARAFER), tax authorities, administrative authorities, or legal authorities or dispute resolution bodies, to comply with their requests.

Data security

We implement a variety of measures to ensure the security of your personal information. We also protect your offline information. Only employees needing to complete a specific task (such as invoicing or customer service) have access to personally identifiable information. The computers and servers used to store personally identifiable information are stored in a secure environment.

Your rights

Under the GDPR, you have the right to access, correct, delete, and limit the processing of your data. You also have a right to portability and to define what will be done with your data after your death with respect to all data concerning you to be exercised with Eurolines marketing service by emailing the following address: [email protected] or by sending a letter by mail to the following address: 215 avenue Georges Clemenceau, 92024 Nanterre, Cedex, accompanied by a signed copy of an identification document. You also have the right to file a complaint with the CNIL by email (see terms and conditions on https://www.cnil.fr/fr/plaintes/) or by mail to the following address: CNIL- 3 place de Fontenoy- TSA 80715- 75334 Paris Cedex 07.

Contact

For any request for information concerning the personal data protection policy implemented by Eurolines, please contact [email protected]