Privacy Notice

Introduction

This privacy notice sets out additional information in relation to the personal data that we may process when taking action in respect of parking charges or penalty fares.
This action is carried out by

Revenue Protection Support Services
P.O. Box 89, Portsmouth, PO1 1EG

RPSS is a trading name of London & Southeastern Railway Limited

Registered office
3rd Floor, 41-51 Grey Street, Newcastle Upon Tyne NE1 6EE
Registered in England and Wales Number 04860660

The data controller is:

London & Southeastern Railway Limited
Friars Bridge Court
41-45 Blackfriars Road
London
SE1 8PG
Registered in England company no. 04860660

Our Data Protection Manager is:

Mark Willson
3rd Floor, Friars Bridge Court
41 – 45 Blackfriars Road
London
SE1 8PG

Our nominated Data Protection Officer is:

John Sheehan
The Go-Ahead Group plc
4 Matthew Parker Street
Westminster
London
SW1H 9NP

More information about the Data Protection Law can be found on the Information Commissioners Website https://ico.org.uk/

The Information Commissioner is our regulator for data protection matters.


 This Privacy Policy explains:

• What personal data we collect about you
• How we use that personal data;
• How we keep information secure; and
• How you can contact us if you wish to exercise any of your rights in
• relation to the information or make a complaint


 

Information we may collect

We may collect and process information about you in order to take action in relation to penalty fares or parking charge notices. We may use personal data that has already been collected by us. You can find out more about this in the London & Southeastern Railway Limited Privacy Notice.

This information may include, details obtained by staff issuing a penalty fare, such as evidence of identity, age, description, station used, journey details, details obtained by carpark operators in respect of vehicle registration information, contact details, name, address evidence of ticket purchased and correspondence in relation to the penalty fare or parking charge. We may obtain details of the registered keeper from the DVLA in respect of registered owner details and any personal data you provide to us. We may use third party providers to verify identity or undertake debt recovery activities. We will also hold other information you provide to support an appeal.

We act as data processors in relation to services we provide to other train operators. In these circumstances we act on the instructions of the train operating company and they should be contacted in respect of any data protection queries you have.


How we use your information

We will only use the information you provide as permitted by Data Protection Law.

How we use your personal data
We use the personal data to pursue our legitimate interests of, administering the Penalty Fares Scheme, enforcing parking charges, revenue protection and collection of unpaid fares or charges, investigating fraud, prosecuting travel offences, protecting railway property and protecting the interests of other railway users or dealing with customer service in relation to responding to complaints or appeals.

We are part of a Group of Companies and share administrative services and support. Your data may therefore be shared with them for these purposes. We are also required to pass certain customer data to successor franchisees or the Department for Transport.


 

Hyperlinks
We may provide hyperlinks from the Site to websites of third parties. No liability is accepted for the contents of any site operated by a third party which may be accessed via links from the Site. These links are provided for your convenience only and do not imply that we approve or recommend the content of such sites. We encourage our users to be aware when they leave our site to read the privacy statements of each and every website that collects personally identifiable information.

Cookies
A cookie is a small piece of information that is sent to your browser when you access a website. Cookies contain information about your visits to that website and the purpose of cookies is to enable our websites to remember you, and your browsing habits, when you visit it again in the future. To find out more about cookies please see our Cookie Policy (below).


 

Sharing data with third parties
We may share your correspondence with:

• British Transport Police under a data sharing agreement to prevent and detect crime.
• Penalty Services Limited if you appeal a Penalty Notice issued to you.
• Passenger Focus if you have asked them to act on your behalf under a complaint handling procedure. Requests from ombudsmen are dealt with on a case-by-case basis to ensure that any such disclosure is lawful in accordance with Data Protection Law.
• We may also share information with other Train Operating Companies for the purpose of fraud prevention, to operate joint services or under National Rail Conditions. We will only do this where there is a formal data sharing agreement is in place, or where an ad hoc request is received this will be dealt with on a case-by-case basis to ensure that any such disclosure is lawful in accordance with Data Protection Law.


Where We Store Your Personal Information

The information that we collect from you will only be stored in the European Economic Area.

Information Security

We use a range of technical and organisational measures to safeguard access to and use of, your personal information and to ensure it retains its integrity and availability. These include structured access controls to systems, network protection, intrusion detection, physical access controls and staff training. We also consider anonymising or pseudonymising personal data where practical. We encrypt your financial information using SSL (Secure Sockets Layer) technology so that no one else can access your credit card details as they travel through the Internet. SSL is certified by Verisign and is recognised as a secure way to pay on-line. As you may be aware, no data transmission over the Internet can be entirely secure. As a result, while we will always use reasonable endeavours to protect the personal information you provide to us, we cannot guarantee the security of your information and the use of our facilities (e.g. email) is at your own risk.


 

Your rights

You can find out more about your rights on our main Privacy Policy

Please contact us at privacy@southeasternrailway.co.uk

We may need to ask for some further information, such as checking who you are. You can download and send this form, which will help us deal with your request more efficiently.

Please let us know if you want to receive the information electronically.

We aim to get the information to you without undue delay and within 30 days. If we have any trouble with this timeframe we will let you know within 30 days and explain what the problem is. Sometimes we may hold information that we don’t have to provide, for example it would prejudice a police investigation or contains someone else’s personal data.

Complaints
If you are not happy with the way in which we deal with your data or have dealt with a rights request, then please us know. Our Data Protection Manager is the first point of contact for dealing with Rights Requests and complaints. If you are not satisfied with the way in which they have handled your complaint or rights request then you can contact the Group Data Protection Officer.

If you are not satisfied with the response you can complain to the ICO. Its contact details are:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number

https://ico.org.uk/global/contact-us/

You also have the right to seek a judicial remedy, issue legal proceedings against us.

How long we keep your personal data for

We have policies and procedures in place to make sure we do not keep your personal data any longer than required to meet our legal and other obligations.

We generally retain personal data for around 6 months after the legal limitation periods in which claims can be brought or industry recommended periods. We would also retain information if we are under a legal or regulatory requirement to do so.

We may also keep your personal data for the purposes of our legitimate interests in running our Group businesses, including anonymising or pseudonymising data for analysis.

Changes to this Privacy Notice

We may occasionally update this statement.

Privacy Satement Last Updated: 22 May 2018

Penalty Fares Ltd (“Penalty Fares”/ “we” / “us”/“our”) Cookie Policy

1. What are Cookies?

Cookies are little data files that are placed onto the hardware device which you use to browse the internet (e.g. your Computer, Smartphone or Tablet, your “device”) by websites that you visit.  Cookies contain information about your visits to that website and the purpose of cookies is to enable our websites to remember you, and your browsing habits, when you visit it again in the future.

2. How do we use Cookies?

Cookies perform many different functions, from remembering that you are logged in during visits to what user preferences you may have selected. They also help us to identify which of our web pages are the most popular and what type of journey a visitor has through our site.

Cookies help us plan the content and layout of our site and recognise returning visitors that have been to our site before. They therefore play an important role in helping us to enhance the usability and performance of our site to improve your visits.
In order to help us understand how many visitors we have, which pages are visited, and to help us develop future improvements to our site, reporting and analysis is carried out using Google Analytics who will place cookies on your device. For more information on Google cookies we recommend you visit the Google website at https://policies.google.com/technologies/ads which outlines Google’s privacy policy and how to opt-out of tracking.

We do not use cookies to collect information that could identify you personally during your visit to our site [unless you create an account or log in to purchase a ticket from us. A list of the cookies that we use when you visit our site is contained in the table below.

Types of cookie that may be used during your visit to our website are:

• Session cookies
• Session and permanent cookies
• Anonymous permanent cookies
• Cookie to individually identify users who have logged in
• Third party cookies
• First party cookies

3. What Cookies are used  by this Site?

Cookie name Purpose
Session cookie  Session cookies enable our website to keep track of your movement from page to page so you don't get asked for the same information you've already given to the site. These cookies allow you to proceed through the pages of our site quickly and easily without having to authenticate or reprocess each new area you visit. They are automatically deleted when you close your web browser
Session and permanent cookies (also called persistent cookies) These help our website remember your preferences and settings when you visit again in the future. They therefore speed up and enhance your experience of services or functions offered.
For these cookies to work, they are stored on you device and are not deleted when the browser is closed.
Login cookie To individually identify users who have logged in.
Third party cookies

These are placed by another company (domain) and are used to help us track visitor behaviour and revenue in order for us to measure the performance of our website.

 

3rd Party cookies Purpose
Google Analytics

To track which pages on the site are most commonly used, the number of visitors to the site, page views, which browsers are used, entry pages etc.
We use the information provided to help us improve our site and identify the most popular pages.
Cookies last between one month and one year.


4. Web beacons

Web beacons are usually 1 pixel size transparent images that help website owners track the activity of users on certain website pages. They can also send the tracking server (ie. us, or our technology partners) information in cookies – such as whether an HTML email with a web beacon in it has been opened. We use web beacons together with cookies to help us understand how you interact with our website and the emails we send you, to help us improve your experience, to ensure that content is relevant to you, and to better manage our website and email content.

Further details on web beacons, and how to manage them, can be found here. http://www.allaboutcookies.org/

5. Can I opt out of cookies?

Yes. There are a number of options available. You can control the use of cookies on your device by using the settings in your web browser (e.g. Chrome, Internet Explorer, Firefox). For more detailed information about cookies (including how to manage their use via your browser)  go to www.aboutcookies.org/ .

However, please note – if you delete all your cookies, some features of our website, such as remembering your login details, will not function as a result.  This may then cause you problems when trying to purchase tickets as cookies are required to pass your information through the booking process.

Information requests and updates

Please be assured that Southeastern is happy, on request from you, to provide details of any personal information that you have provided us with (this may incur a small charge) and/or to cease to make use of your personal information for the above-mentioned purposes.

As we take the issue of protecting your personal data seriously, we follow strict storage and disclosure procedures which means that we may occasionally require proof or identity from you prior to disclosing such information.

So that we may provide you with an optimum service and comply with its obligations under UK Data Protection legislation, we would be grateful if you could please contact us by going to the feedback page if any personal information that you have provided to us becomes inaccurate or out of date.

Security

Southeastern is committed to the security of personal information and has security procedures in place to protect the loss, misuse or alteration of information under our control.

Access to our database containing personal information on registered users of the site is restricted internally. In order to increase security we ask you to input a password when you register as a user of the site. Please keep this password secret. In addition, we encrypt your financial information using SSL (Secure Sockets Layer) technology so that no one else can access your credit card details as they travel through the Internet. SSL is certified by Verisign and is recognised as a secure way to pay on-line. As you may be aware, no data transmission over the Internet can be entirely secure. As a result, while we will always use reasonable endeavours to protect the personal information you provide to us, we cannot guarantee the security of your information and the use of our facilities (eg e-mail) is at your own risk. If you have any questions about paying for your ticket through the Site, please contact Customer Services.

Changes to this policy

We reserve the right to change our Privacy Policy and our Terms and Conditions at any time. If we make changes, we will post them on this page and indicate page the policy's new effective date at the bottom of this page. We encourage you to refer to this policy on an ongoing basis so that you understand our current privacy policy. Unless stated otherwise, our current privacy policy applies to all information that we have about you and your account. By providing us with your email address, you expressly allow Southeastern to respond to you via your email address.

Cookie Policy Last Updated: 6 October 2008

IRIS

Revenue Protection Support Services
P.O. Box 89, Portsmouth, PO1 1EG

RPSS is a trading name of Southeastern

Registered office
Friars Bridge Court, 41-45 Blackfriars Road, London, SE1 8PG
Registered in England and Wales Number 04860660

Built by Arepo Solutions Ltd © 2018 All rights reserved - IRIS  |  Privacy Statement  |  Terms & Conditions