Data Protection
We are Registered Data Controllers.
Translink processes personal information in order to deliver and improve public transport services for the benefit of our customers.
Our various companies are registered as Data Controllers with the Information Commissioner’s Office and you will find much more detail on how we use, disclose and secure personal data on our published Group Privacy notice.
Our Data Protection Policy sets out the principles and how we will adhere to meeting our obligations under Data Protection legislation (Data Protection Act 2018 and the UK General Data Protection Regulation).
Contacting the Data Protection Officer
It is a requirement for public authorities to appoint a Data Protection Officer to oversee the collection, handling and use of personal data. The Data Protection Officer informs and advises Translink about our obligations to comply with the General Data Protection Regulation (GDPR) and other data protection legislation.
The Data Protection Officer for the Translink group can be contacted at dpo@translink.co.uk
Your rights under data protection legislation
Right of Access: Data protection legislation gives you a right to ask to see, and receive a copy of, any personal information that we hold about you. This is known as a subject access request.
This right is a limited one, where a person can seek information about themselves to ensure our processing is lawful. It is not an access route for other reasons.
Translink often receives requests from people for information (usually CCTV) they want to use in third-party matters not involving Translink. These often include:
- Disputes over liability in road traffic accidents not involving Translink (often from solicitors or insurance companies)
- Investigations by schools or parents into issues involving children, e.g. misbehaviour or bullying
- Personal investigation of matters like suspected theft, assault, family disputes or lost property
- Gathering evidence to make a claim outside of a normal legal process
- Seeking information about another person
No matter how sympathetic we are to the requester, these requests are almost always unsuccessful. This is usually because they are an inappropriate use of the access right or would impact on the privacy of other people. You should consider whether the request would be better made through a formal route like police, social services, through a court order etc.
Where subject access is an appropriate route, we may need some background information from you, and we will require proof of identity to make sure that personal data is not sent to the wrong person.
If you want to ask us for information which we may hold about you personally so that you can check on the lawfulness of our processing, you can make a written Subject Access Request to Data Protection Team, Translink, 22 Great Victoria Street, Belfast, BT2 7LX or by email to dpo@translink.co.uk.
The best way to apply is by using this form: Subject Access Request Form - Word (178kb) because it will guide you through the information we need. Whether you choose to use the form or not, we will not process your request without all of the information it requests.
We will have a calendar month to process a valid request.
Right to be Informed: You have the right to be informed about the collection and use of your personal data. This includes information on the purposes of processing, retention periods, and who the data will be shared with. We tell people when we're collecting their personal information and what we're going to do with it. This information will usually be provided to you when we collect your personal information, with a detailed summary in our Group Privacy notice.
Right to Rectification: If you believe the personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or complete it. If we find that the information should not be changed, we will contact you within one month to explain our decision and provide details about how you can challenge the decision if you are dissatisfied with the outcome.
Right to Erasure: Also known as the "right to be forgotten”. We take steps to make sure that your information is not kept for longer than necessary, but you can also ask us to delete your information in some circumstances.
The right to erasure does not apply to all information, such as information that we are legally obliged to hold, information that we need to keep for our official duties or information relating to legal claims. We may also refuse to delete information if there is no clear reason to do so or if it would be an excessive task.
Requests for deletion will normally be answered within one month. If we do not agree that we should delete your information we will explain our decision and provide details about how you can challenge the decision if you are dissatisfied with the outcome.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain situations, such as if you contest the accuracy of the data or if the processing is unlawful but you oppose the deletion of the data.
Right to Data Portability: You have the right to request that we provide your personal data to you or another controller in a structured, commonly used, and machine-readable format, where this is technically feasible.
Right to Object: You have the right to object to the processing of your personal data based on our legitimate interests or for direct marketing purposes. We will stop processing your data unless we have compelling legitimate grounds for the processing or if it is needed for legal claims etc.
To exercise any of these rights, or if you have any questions or concerns about how we handle your personal data, please contact us at dpo@translink.co.uk. We aim to respond to all requests within the relevant timeframes.
Internal reviews and right of appeal
If you make a request and are not satisfied with how we handled it, you may ask us for an internal review. You should write to Translink's General Counsel and Company Secretary, who has overall responsibility for Freedom of Information and Data Protection issues within Translink. Correspondence should be addressed to:
General Counsel
Translink
Floor 9
22 Great Victoria Street
Belfast
BT2 7LX
If you are not satisfied with our response, internal review or believe our processing of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner's Office (ICO)
Website: www.ico.org.uk
The address of the Information Commissioner is:
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire,
SK9 5AF
The address of the Information Commissioner’s Office for Northern Ireland is:
10th floor
Causeway Tower
9 James Street South
Belfast
BT2 8DN
You might also like
Still having a look about? You might also be interested in this...
Some cookies on this site are essential, and the site won't work as expected without them.
The Translink Group is committed to protecting and respecting your privacy.
In order to comply with the Freedom of Information Act 2000, public sector organisations such as ours have obligations to routinely publish information and respond to requests for certain information whenever it is possible to do so.
Translink is a trading name used by any one or more of the companies under the ultimate ownership of the Northern Ireland Transport Holding Company (NITHC).