This Privacy Notice includes all the information that we, as controller under the law and the General Data Protection Regulation, Regulation (EU) 2016/679 (“GDPR”), has an obligation to provide you with, as data subject of the data it collects and processes.
Registration Information: When you sign up for a PAME account, you give us your name, email, gender, date of birth and phone number.
Location Information: PAME is all about improving your mobility. To do this, we need to know where you are. When you open the Application on your mobile device, we receive your location. We may also collect the precise location of your device when the app is running in the foreground or background. If you record certain frequent locations, such as “home” and “work,” we receive that information, too.
Your location information is necessary for providing the best transportation options, determining drop off and pick up locations, and suggesting best route options based on previous journeys. Also, if the need ever arises, our team may use and share location information to help protect the safety of PAME Users or a member of the public. If you give us permission through your device settings or PAME app, we may collect your location while the app is off for service updates in your area.
Device Information: PAME receives information from Users’ devices, including IP address, mobile operating system version, phone carrier and manufacturer and push notification tokens.
Usage Information: To help us understand how you use the PAME application and to help us improve it, we automatically receive information about your interactions with the Application, like the pages or other content you view, your actions within the PAME app, and the dates and times of your visits.
If you are aged 16 or under, please get your parent/guardian's permission before you provide any personal information to Us.
We will need to process personal data relating to parents or guardians in that case – and we may also need to request for verification documentation to ensure that consent is given or authorised by the holder of parental responsibility.
We collect your personal data so that we can provide you with our services and generally for the following purposes:
a) You have consented to the use of your personal data for one or more specific purposes as explained herein;
b) Performance of our contractual obligations;
c) Compliance with legal obligations to which we are subject;
d) Protection of your vital interests;
e) Pursuing a legitimate interest;
We do not collect and we do not use any personal data other than that specifically mentioned above without your explicit consent unless you ask us to do so.
We don’t use automated decision-making processes or profiling while processing your data.
Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Application to:
· Create and manage your account;
· To verify your identity whenever you use your MOTION Card;
· To send you service messages;
· To send you information by email, about our products and services;
· Fraud prevention and detection;
· To verify and record your usage of our public transport services as efficiently as possible, to deduct the applicable charges from your Motion Card credit and to cap the fees charged from your card in line with our T&Cs;
· We will also use Usage Data including when you use the bus, from which bus stop you boarded the bus, and how much you paid on your trip to analyse your usage pattern. This will allow us to develop products and services which are beneficial to you, depending on your usage patterns.
· Provide customer service and support;
· Administer sweepstakes, promotions, and contests.
· Request feedback and contact you about your use of the Application.
Within CPT, your personal data is accessible only to those who need to, with a duty of confidentiality and only for the purposes mentioned in paragraph 2 above.
Outside our Company, recipients of your personal data may be any subcontractors or third parties who cooperate and/ or provide services to our Company in the context of its business, such as third-party service providers that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance, information technology services, provision and maintenance of software, insurance organizations, banks or other credit institutions, etc.
We choose our associates very carefully, after the necessary checks have been carried out and sufficient guarantees have been provided to implement appropriate technical and organizational measures in such manner that processing will meet the requirements of the GDPR and the relevant laws and ensure the protection of your rights.
The external recipients of your personal data may also any other persons, entities or relevant authorities to whom your data may need to be disclosed for the purposes stated in paragraph 2 and especially for compliance with our legal and regulatory obligations.
We process your personal data at our offices in Ireland, where they are also hosted and stored. We use administrative, technical, and physical security measures to help protect your personal information (such as physical and digital access controls, firewalls, antivirus, regular back-up, implementation of disaster recovery plans, encryption etc.).
In accordance with Company policy, your data is kept only for as long as necessary to fulfil the purposes stated in paragraph 2 above, or – in the case of consent – until you withdraw your consent. In addition, we retain your personal data for as long as necessary to comply with tax laws, to exercise our legal rights and generally to pursue our legitimate interests.
After this period, your personal data will be irreparably destroyed. Any data kept by us for marketing and information purposes will be retained until you inform us that you no longer wish to receive such information.
If your data will be transferred to entities or other third parties whose headquarters or place of data processing is not located in a member state of the European Union or the European Economic Area, we ensure before forwarding the data that, outside of legally permitted exceptional cases pertaining to the recipient, either an appropriate level of data protection exists (e.g., through an adequacy decision of the European Commission, through suitable guarantees such as a self-certification by the recipient for the EU-US Privacy Shield, or the agreement of EU standard contractual clauses between us and the recipient), or your sufficient consent exists.
You may at any time review or change the information in your account or terminate your account by:
· Logging into your account settings and updating your account; or
· Contacting us using the contact information provided below firstname.lastname@example.org.
If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:
· Unsubscribe from the service in your inbox; or;
· Contacting us using the contact information provided below email@example.com;
If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.
Should you believe that any personal information we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted by contacting us at the email address
In the event that you wish to complain about how we have handled your personal data, you may contact us at the above email address and telephone number. We will then look into your complaint and work with you to resolve the matter.If you still feel that your personal data has not been handled appropriately according to the law, you can submit your complaint with the Office of the Commissioner for Personal Data Protection, at 1 Iasonos Street, 2nd Floor, 1082 Nicosia, tel. +357 22 818456, email address firstname.lastname@example.org.