Privacy Policy

Mullins Bus Hire ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services, in accordance with the General Data Protection Regulation (GDPR) and Irish data protection laws.

Mullins Bus Hire is the data controller for the purposes of data protection law. Our contact details are:

3.1 Personal Information

We may collect the following personal information:

• Name and contact details (email, phone number, address)
• Payment information (processed securely through our payment providers)
• Travel preferences and booking history
• Communication records with our customer service team
• Special requirements (mobility assistance, dietary needs)

3.2 Technical Information

• IP address and device information
• Browser type and version
• Website usage data and cookies
• Location data (with your consent)

We use your personal information for the following purposes:

• Service Provision: To provide transport services, process bookings, and manage your travel arrangements
• Communication: To send booking confirmations, travel updates, and customer service communications
• Payment Processing: To process payments and manage refunds
• Legal Compliance: To comply with legal obligations and resolve disputes
• Service Improvement: To improve our services and develop new offerings
• Marketing: To send promotional communications (with your consent)

We process your personal data under the following legal bases:

• Contract Performance: To fulfil our contractual obligations to provide transport services
• Legitimate Interests: For service improvement, fraud prevention, and business operations
• Legal Obligation: To comply with legal and regulatory requirements
• Consent: For marketing communications and optional data processing

We may share your information with:

• Service Providers: Payment processors, email service providers, and IT support companies
• Legal Authorities: When required by law or to protect our rights and safety
• Business Partners: Tour operators and other transport providers (with your consent)
• Emergency Services: In case of medical emergencies or safety incidents

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security audits and monitoring
• Access controls and staff training
• Secure payment processing through certified providers

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Booking Data: 7 years for accounting and legal purposes
• Marketing Data: Until you withdraw consent or 3 years of inactivity
• Website Analytics: 26 months maximum
• Customer Service Records: 3 years from last contact

Under GDPR, you have the following rights:

• Access: Request copies of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your personal data
• Restriction: Limit how we process your data
• Portability: Transfer your data to another service
• Objection: Object to certain types of processing
• Withdraw Consent: For consent-based processing

To exercise these rights, contact us at [email protected]. We will respond within one month.

Our website uses cookies and similar technologies to:

• Ensure proper website functionality
• Remember your preferences and login status
• Analyse website usage and performance
• Provide personalised content and advertising

You can control cookies through your browser settings. Some website features may not work properly if you disable cookies.

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA) where our service providers are located. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for countries with equivalent data protection
• Certification schemes and codes of conduct

Our services are not directed to children under 16. We do not knowingly collect personal information from children under 16 without parental consent. If you believe we have collected such information, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on our website and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

If you have concerns about how we handle your personal data, please contact us first at [email protected]. You also have the right to lodge a complaint with the Data Protection Commission of Ireland: