EFFECTIVE: 2 March 2022
This privacy notice (“Notice”) describes how your personal data is used and shared (collectively, “used”) when you visit our website (regardless of where you visit it from) and tells you about your privacy rights and who protects them.
Who is the controller of the personal data to which this policy applies? Aramark and Fingal Country Council (collectively, “we”, “us”, “our”) jointly control the personal data to which this policy applies.
Vector Workplace and Facility Management Limited, trading as Aramark, is part of Aramark corporation. Aramark provides management services including management of the websites to which this Notice applies. It provides these services to Fingal County Council which is responsible at state level for the locations to which the websites relate. For more information on us please go to www.fingal.ie and https://northerneurope.aramark.com/
For further information please see the Contact Us section below for details.
When does this Notice apply? This Notice applies to personal data that we use in relation to the following websites:
and any other website or location to which this Notice is posted or linked, unless otherwise indicated (each a “Site”).
How will you use my personal data? We use your personal data only as described in this Notice and only when we have a lawful basis to do so. See the How We Use Your Personal Data section below for details.
Do you share my personal data with others? We do not sell your personal data or share it with anyone except as described in this notice. See the How We Share Your Personal Data section below for details.
Where will my personal data be transferred? Aramark is part of a global group of companies with affiliates and service providers within and outside of the European Economic Area (EEA) and the UK. As such, we may transfer your personal data amongst these parties outside the EEA or UK for purposes consistent with this Notice, including to countries with data protection laws which are not comparable to those within the EEA/UK. See the International Data Transfer section below for details on the safeguards applied to these transfers.
What are my rights? Data protection laws give you important rights and choices in relation to your personal data. See the section below on Your Rights for details.
Personal Data We Collect
Personal Data You Give Us. This includes personal data you may provide when you:
- Sign up to our newsletter;
- contact us to report a problem with our Site; or
- contact customer support;
- make a booking to visit an attraction or partake in a tour;
- make payment for a booking or visit and/or receive a refund;
- otherwise interact with us by phone, email, in person or other means.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
How We Use Your Personal Data
To fulfil our contract with you
We use your personal data:
- to effect bookings for visits to the visitor attractions;
- To take payment for any bookings made and to issue any refund.
To operate the Site
We use your personal data:
- to operate, maintain, and secure the Site;
- to study how the Site is used and to improve the Site and our other products and services;
- if you register for an account on the Site, to manage and communicate with you regarding your account, including by sending you Service announcements, technical notices, updates, security alerts, and support and administrative messages;
- to manage membership accounts;
- to better understand your needs and interests, and personalise your experience with the Site;
- to administer promotional activities on the Site; and
- to respond to your requests, questions and feedback.
To send marketing communications
If you request information from us, register for an account on the Site or participate in our surveys, promotions or events, we or our group companies may send you marketing communications if permitted by law, but you will be able to opt out. We may use a third party tool to do this.
To create anonymous data
We may collect anonymous data, including aggregated or anonymous data derived from personal data of our users. We make personal data into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.
For security, compliance, fraud prevention and safety
We use your personal data as we believe necessary or appropriate to (a) implement and operate security measures designed to protect the Site and your personal data; (b) enforce the terms and conditions that govern the Service; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorised, unethical or illegal activity.
To provide a requested service
If you participate in a promotion on the Site or request a service through the Site, we may request personal data that we need to facilitate your participation in the promotion or provide the requested service.
To comply with law
We use your personal data as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
With your consent
We will request your consent to use your personal data where required by law, such as where we use certain cookies or similar technologies or would like to send you certain marketing messages. If we request your consent to use your personal data, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us.
To share with third parties
We share your personal data with third parties in the limited cases described below.
Information about the legal bases of processing for the purposes above are detailed below:
|| Legal basis
|To fulfil a contract with you
||Once you have a booking we need to know the booking is yours and send you relevant information about your booking, like an email or postal confirmation.
To take payment for any bookings made and to issue any refunds.
|To operate the Site
To communicate with you
To create anonymous data
For compliance, fraud prevention and safety
|We use your data for our legitimate interest of which further detail is provided above. We consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
|To provide a requested service
|| Processing is necessary to provide the requested service or to take steps that you request prior to requesting the service or entering the relevant contract. If we are unable to process your personal data, we may not be able to provide you with the requested service.
|To comply with law
|| Processing is necessary to comply with our legal obligations.
|With your consent
|| Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when we requested your consent or by contacting us.
How We Share Your Personal Data
We may disclose your personal data to our subsidiaries and corporate affiliates for purposes consistent with this Notice.
We may employ third party companies and individuals to help us process your personal data as described in this Notice (such as hosting, data storage, website analytics and testing, email delivery and database management services). In particular we would like to highlight that we have engaged Retail Integration to provide us with services in connection with ticket bookings.
Compliance with Laws and Law Enforcement; Protection and Safety
We may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate as described above to comply with law and for security, compliance, fraud prevention and safety.
We may sell, transfer or otherwise share some or all of its business or assets, including your personal data, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganisation or sale of assets or in the event of bankruptcy.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
Third Party Sites
Our Site may contain links to third party websites and features. This Notice does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their websites, features or policies. Please read their privacy policies before you submit any data to them.
International Data Transfer
Where we transfer personal data to a country that is not approved under applicable law as providing a level of data protection comparable to the country of origin, we will transfer it subject to safeguards that allow us to conduct the transfer in accordance with applicable data protection laws. Please contact us for further information on the specific mechanism used by us if transferring your personal data out of the EEA.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. We have high security standards in order to protect your payment card details and use only “PCI DSS” (The Payment Card Industry Data Security Standard) approved organisations for payment services. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. If you have reason to believe that the Site or personal data you have shared with us is not secure, please contact us immediately.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Our Notice on Children
Our Site is not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us. We will delete such information from our files as soon as reasonably practicable.
Sensitive Personal Data
We ask that you not send us, and you not disclose, any sensitive personal data (e.g. social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics, genetic characteristics, criminal background or trade union membership) on or through the Site or otherwise to us.
If you send or disclose any sensitive personal data to us when you use the Site, you must consent to our processing and use of such sensitive personal data in accordance with this Notice. If you do not consent to our processing and use of such sensitive personal data, you must not submit such sensitive personal data to our Site.
Data protection laws give you certain rights regarding your personal data. You may ask us to take the following actions in relation to your personal data that we hold:
- Opt-out/Withdraw consent. Stop sending you direct marketing communications. You may continue to receive administrative and other non-marketing emails.
- Access. Provide you with information about our use of your personal data and give you access to it.
- Correct. Update or correct inaccuracies in your personal data.
- Delete. Delete your personal data.
- Transfer. Transfer a machine-readable copy of your personal data to you or a third party of your choice.
- Restrict. Restrict the processing of your personal data.
- Object. Object to our reliance on our legitimate interests as the legal basis for our use of your personal data as described in the Legal Information section.
You can submit these requests by using our contact details in the Contact Us section below. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.
Changes to this Notice
Any modifications to this Notice will be effective upon our posting of the modified Notice (or as otherwise indicated at the time of posting) on this page.
You can reach us by emailing email@example.com with any questions or concerns you may have regarding this policy or our processing of your personal data.