This Privacy Policy explains The Abbey Group responsibility to personal information (how it’s

gathered, used and kept secure & private).

1. Identity and contact details

Company name, head office address & number: Abbey Tours Ltd T/A Abbey Group, 22 Bridge

Company Reg. N

Companies under the Abbey Group:

xAbbey Ireland -

xAbbey UK –

oScotland office: 67 Shandwick Place, Edinburgh EH2 4SD, Scotland

Tel: 00441316565900

oLondon Office: 1-3 Staple Inn, London WC1V 7QH, England

Tel: 00442077307182

xMoloney & Kelly -5 City Gate, Bridge Street Lower, Dublin, D08 DV07, Ireland

Tel: 0035316909450

xAbbey Conference & Events –

Email Address: privacy@abbey.ie

The Abbey Group will be referred to as A.G. in this privacy policy.

A.G.’s Privacy policy applies only to the following:

xAbbey’s Clients.

xAbbey’s Suppliers (contracted & not contracted).

xPersonal data gathered on A.G.’s Websites and Applications.

Since A.G. is responsible for the personal data of this grouping, A.G. is then considered the data

controller, which means that A.G. is in control of how the grouping’s personal data is stored,

processed or transferred. Personal data will only be dealt with in accordance to this Privacy

Policy.

A.G.’s Privacy Policy does not apply to personal data of the people (PAX) in the actual bookings.

The data controllers of this data is the company who the PAX made the booking with AKA The

travel agent or supplier (e.g. the hotel the guest is staying at). Contact the relevant data controller

directly if any questions on PAX personal data occur.

Merchants Hall, 25/26 Merchants Quay Dublin 8, D08 NT3K, Ireland

Merchants Hall, 25/26 Merchants Quay Dublin 8, D08 NT3K, Ireland Tel: 0035316486100

Merchants Hall, 25/26 Merchants Quay Dublin 8, D08 NT3K, Ireland

D08 HV07

Tel: 0035316486100

2. Data Protection Officer Information.

You can contact A.G. at privacy@abbey.ie or by writing to the at: Data Protection, Abbey Ireland

& UK,

3. Purposes and legal basis of the processing

Why A.G. needs to process data of those who are affected by this Policy are as follows:

xTo fully perform an existing contract or to start negotiations to entering a new contract.

xTo provide requested services and to contact (if required) in connection with enquiries,

booking or to respond to any communications send to us.

xFor legit business interests. Primarily future marketing purposes, including, but not limited

to product offers and product information communications.

Any other data processing will be done in accordance of the GDPR.

4. The categories of personal data concerned

A.G collects the following information in order for the purpose of processing:

xName

xAddress

xEmail address

xTelephone number

xBilling & Payment information.

A.G. gather statistical and other analytical information collected on an aggregate basis of all

visitors to our website. This data comprises information that cannot be used to identify or contact

user, such as demographic information regarding, for example,

xUser IP addresses,

xBrowser types

xAnonymous statistical data involving the use of our website.

This information is solely used to gain a more informed understanding of how our websites are

being used and to make our websites more relevant to our users.

Note –A.G. Websites uses session cookies. Cookie consent is obtained either explicitly or

implicitly requested via an opt-in or text message.

A.G. receives personal data through the following means:

xSupplier/Client Form.

xThrough contractual negotiation and agreements.

xCorresponding through email or phone

5. The recipients of the data

The recipients of the data are the A.G. staff (Permanent, fixed term, contracted or trainee staff)

who process the data only in the ways that have been defined in purposes and legal basis of the

processing. Each Staff member of A.G. have been educated and train in the importance of

GDPR.

Merchants Hall, 25/26 Merchants Quay Dublin 8, D08 NT3K, Ireland

A.G. may share personal information with any company within The Abbey Group (Abbey Ireland,

Abbey UK, Moloney & Kelly and Abbey Conference & Events) for the purposes defined in this

6. Personal data to a third country or international organisation

A.G. will not disclose Personal Data to third parties unless A.G. has consent to do so or unless

the third party is required to fulfil a contracted task (e.g. data entry in such circumstances, the

third party will have a data processor agreement signed to adhere to GDPR).

A.G. will disclose Personal Data if it is believed in good faith that A.G. are required to disclose it in

order to comply with any applicable law, a summons, a search warrant, a court or regulatory

order, or other statutory requirement.

The only exception to this policy occurs in the event of a sale, merger, receivership or liquidation

or transfer of all or substantially all of the assets to A.G., provided that the third party agrees to

adhere to the terms of the Privacy Policy and provided that the third party only uses data for the

purposes that you provided it to A.G.. Those effected by this privacy policy will be notified in the

event of any such transfer.

7. How long will the personal data be stored for

A.G. will retain personal data the following reasons (only exception to these reasons are if A.G. is

required or permitted by law to hold onto the information a specific amount of time):

xData that is required in order to perform a contract, will be held on A.G.’s system for a

seven year period following completion of a travelling Pax’s trip (or upon contract

termination, if later).

xFor legit business interests (as defined in purposes and legal basis of the processing)

Data that is no longer deemed necessary will be deleted from our system

When personal data is deemed no longer necessary, it will removed and deleted in a correct

manner.

8. Data subject’s rights

Those affected by this privacy policy have the following rights:

xRight to access: the right to request, access and copy of the personal information that

A.G. is holding. A.G. can charge a reasonable fee for 2 or more personal data requests.

On copy of personal data will be charged at no cost. Any access requests will need to be

requested in writing or email (Mailing & Email address provided in the Data Protection

Officer Section above). Evidence of identification will be required as this makes sure that

the personal information is not given to the wrong person. Information will be given within

30 days.

xRight to rectification: the right to have personal data rectified if it’s incorrect, out of date or

incomplete.

xRight to be forgotten: the right to withdraw consent given to process data and the right to

request that A.G. delete personal data from the A.G.’s System (only exception to this is

A.G.’s compliance to with an legal obligations or if the data is required for any legal

claims)

xRight to restriction: The right to stop A.G. from using personal data or limit how it is used.

xRight to Data portability: The right to request that A.G. return any information provided in

a structured, commonly used and machine-readable format also have the right to

transmit data to another controller without hindrance from A.G.

xRight to object: The right to object how A.G. is uses the personal data received (e.g.

marketing purposes).

Note –Withdrawal of consent will lead to A.G. being unable to provide access to all or parts of the

services A.G. provides to those who are affected by this privacy policy.

9. Lodging a complaint

Any complaints on how A.G. uses personal data can be sent to the Data Commissioner’s office.

More information can be provided on their website: www.dataprotection.ie