As a valued consumer, you are entitled to your personal privacy. With that in mind, BoltBus has adopted a statement that explains and confirms our commitment to provide you with a variety of travel services while maintaining your personal privacy. Please note that this statement is subject to change at any time without notice. Every effort, however, will be made to keep it updated to reflect our current policies.
Sharing of Personal Information
BoltBus will never sell your personal or financial information to any third party, but it may be shared with our affiliates. Your personal or financial information, however, may be shared with third parties, who are authorized by BoltBus, for the following purposes:
- Credit card verification and fraud detection purposes as part of your ticket purchase;
- Legal disclosure to a governmental agency, law enforcement authority or court as required by law in the good faith belief that disclosure is necessary or advisable.
In addition, if you decide to participate in our marketing programs (including but not limited to BoltBus Rewards, promotions or contests), your non-financial personal information may be released to reputable third parties in order to fulfill certain business requirements of those programs.
Personal Information Collected For Processing Transactions
BoltBus collects personal information (name, address, phone number, etc.) as well as a credit card number to process transactions. An e-mail address for an online purchase is optional; however, your e-mail address is required if you would like a copy of your confirmation statement e-mailed to you.
Post Purchase E-mail Communication
When you make a travel reservation with us and you provide your e-mail address during the purchase process, we may send you trip-related e-mails, including, without limitation e-mails that (a) confirm the details of your purchase, (b) describe service-related information in connection with your reservation or to inform you of upgrades or product enhancements related to your purchase, (c) request feedback on our services and/or your specific travel experiences, or (d) include special offers for products or services from BoltBus or our marketing partners.
For Marketing Programs
By participating in our marketing programs, you agree to honor and abide by the rules and regulations contained therein. Please read all rules before participating. BoltBus takes no responsibility for the specific privacy rules or terms and conditions of the contest sponsors or other third parties and we encourage you to examine the privacy policies contained on those sites.
E-mail Promotions, Offers and Updates
You may receive e-mail communications from us which may include special offers, BoltBus loyalty information or similar offerings. You may opt-out of receiving these messages at any time by selecting “unsubscribe” from any email communication.
Online Collection of Personal Information
BoltBus’s website is not directed at children under the age of thirteen, and accordingly, BoltBus does not intentionally collect any personal information from anyone under age thirteen. Children under the age of 13 are prohibited from using our site.
Non-Personal Information Collected
An Internet protocol (“IP”) address is a numeric code, for example, “18.104.22.168.” This code is used to communicate between your Internet service provider and the World Wide Web. The IP address does not identify you individually. BoltBus logs inbound IP addresses to administer our Website and to compile aggregate information on site traffic for internal use.
You have the option of being excluded from the various marketing contact lists by opting out at any time. Opt-out requests for contests, however, must be received within the duration of the contest to be removed for that contest. To stop messages coming to your cell phone, just reply “STOP.” To opt out, update or change any contact information, send us an e-mail to email@example.com with your name, e-mail address and mailing address.
BoltBus takes reasonable procedures to protect your personal and credit card information from misuse or unauthorized disclosure. For example, BoltBus uses encryption software from VeriSign, the industry leader in secure site software technologies to protect your information.Look for the gold key (Internet Explorer) or lock (Netscape) as well as the “s” after “http” in the address line of your browser. These signs mean the information sent from your computer to Boltbus.com is encrypted using Secure Socket Layer (SSL) technology.
Links to Other Websites
While we strive to partner with reputable firms, BoltBus takes no responsibility for any content, information collected, terms and conditions or privacy rules maintained on any linked site and we strongly encourage you to examine the privacy policies contained on these sites. Please inform us at firstname.lastname@example.org about any concerns you may have regarding any of our linked sites.
EU Residents: Your Rights
This section applies to EU residents only. It explains that you have a number of rights in relation to your personal data. However, the additional rights only apply when we process your personal data while you reside within the EU.
There are circumstances in which these rights may not apply, for example if we process your personal data while you are present in the United States, we may not have to comply with the EU regulations and so these rights may not apply. In summary, the additional rights set out in this section will take effect once you return to reside in the EU and we continue to process your personal data.
Purposes for which we will use your personal data
EU regulations require us to explain the type of information we collect about you and why as well as the legal basis for processing your personal data.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data including first name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data including billing address, home address, email address and telephone numbers.
- Financial Data including bank account and payment card details.
- Transaction Data including details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data including internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites.
- Profile Data including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data including information about how you use the websites, products and services.
- Health Data including information relating to your mobility and disability status to enable us to provide assisted travel.
- Marketing and Communications Data including your preferences in receiving marketing from us and third parties and your communication preferences.
We have set out below a list of all the ways we may use your personal data and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.
In some cases we may use more than one legal base for processing your personal data; this will depend on the specific purpose for which we are using your personal data. Please contact us at email@example.com if you have any questions about the specific legal base that we rely on for processing your personal data.
How long do we keep your personal data?
We will keep your personal data for no longer than is necessary for the purposes for which it was obtained. The criteria for determining the duration for which we will retain your personal data are as follows:
(1) we will retain your personal data in a form that permits identification only for as long as:
- we maintain an ongoing relationship with you; or
- your personal data is necessary in connection with the lawful purposes set out in this policy for which we have a valid legal basis.
(2) the duration of:
- any applicable limitation period under applicable law (i.e. any period during which any person could bring a legal claim against us in connection with your personal data, or to which your personal data may be relevant)
- an additional reasonable period following the end of such applicable limitation period.
(3) in addition, if any relevant legal claims are brought, we may continue to keep your personal data for such additional periods as are necessary in connection with that claim.
During the periods in paragraphs (2)a and (2)b above, we will restrict our processing of your personal data to the storage of, and maintaining the security of, those data, except to the extent that those data need to be reviewed in connection with any legal claim or obligation under applicable law.
After this period, your personal data will be anonymised so that you are no longer identified or identifiable from such information, or securely deleted/destroyed.
Any third parties that we engage will keep your data stored on their systems for as long as is necessary to provide the relevant services to you or us. If we end our relationship with any third-party providers, we will make sure that they securely delete or return your personal data to us.
We may retain personal data about you for statistical purposes (for example, to help us better advertise our services). Where data is retained for statistical purposes, it will always be anonymised, meaning that you will not be identifiable from that data.
Should we process your personal data while you reside within the EU, you have the right to request that we:
- provide you with a copy of the information we hold about you;
- update any of your personal information if it is inaccurate or out of date;
- delete the personal data we hold about you – if we are providing services to you and you ask us to delete personal data we hold about you then we may be unable to continue providing those services to you;
- restrict the way in which we process your personal data;
- stop processing your data if you have valid objections to such processing; and,
- transfer your personal data to a third party.
For more information on your rights and how to use your data, or if you would like to make any of the requests set out above, please contact us at firstname.lastname@example.org. We will respond to all such requests within the time period required by law. Occasionally, it may take us longer than a month if your request is particularly complex, you have made a number of requests or you have not supplied the information we need to respond to you. In this case, we will notify you and keep you updated.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Even if you consented to the processing of your personal data for marketing purposes (by checking the relevant box or by requesting information about services), you have the right to ask us to stop processing your personal data for such purposes. You can exercise this right at any time by contacting us at email@example.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights stated herein and as provided under the GDPR). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Who can you ask for more information?
We have appointed a Data Protection Officer who is responsible for data protection and protecting your privacy. You can contact them at firstname.lastname@example.org.
If you are unsatisfied with our response to any data protection issues you raise with us or our DPO, you have the right to make a complaint to the Information Commissioner’s Office (ICO) (link opens in a new tab). The ICO is the authority in the UK which is tasked with the protection of personal data and privacy.
If you have any questions about the use of your personal information or would like to correct or amend any personal information we maintain about you, please feel to contact us at email@example.com, or send a letter to:
P.O. Box 660362
Dallas, TX 75266-0362
Revised May 9, 2018