We process your personal data in accordance with the General Data Protection Regulation, also known as GDPR. In accordance with the General Data Protection Regulation, which came into force on 25 May 2018, you are entitled to know how your personal data is collected, used and stored. You also have the right to be “forgotten”, i.e. for us to erase your personal data from our records.
Personal data means name, address, telephone number, email, personal identity number and other information that may in some way be linked to an individual.
We collect data from you when you make a purchase on our website, when you log in to “My pages”, contact our customer service, participate in a competition or register as a subscriber for our newsletter. The data that we collect may include your first and last name, email address, phone number and if you have a case at customer service, information about the case is saved. When you choose to save your card details in connection with a purchase, the card details are encrypted and secure with our payment partner DIBS. Båtbussarna does not store any card details.
We also automatically receive and save information from your computer and browser, including your IP address, software and hardware information, and the pages you visit on our website. This content does not contain any personally identifiable data.
The data we collect from you is used to:
After completing a purchase on our website, ticket information, email, first name and last name (and mobile number when Swish is used as the payment method) is stored for 13 months.
When a case at customer service concludes, your email address and phone number are stored for a maximum of 12 months.
After the conclusion of a case at customer service, any bank details disappear immediately.
After subscription to our newsletter is activated, the first name, last name and email are stored in the recipient list until you terminate your subscription (via a link at the bottom of the mailing). However, your data remains on the servers of our partner Apsis.
The link between our website and your saved credit card at DIBS remains until you choose to remove your saved card on the “My details” page while logged in to “My pages”.
Merresor AB is the sole owner of the data collected on the website, via email or via telephone. Your personally identifiable data will not be sold, exchanged, transferred or shared with any other company for any purpose without your consent.
We do not sell, purchase, or otherwise transfer personally identifiable data to third parties. Exceptions apply for trusted parties who help us to run our website and our company, with the requirement that these parties agree to keep the data confidential.
We consider it to be necessary to share data in order to investigate, prevent or take action against illegal activities, suspected fraud, situations that pose a potential risk to a person's physical safety, breach of our terms of service or other situations when the law so requires.
Other information (non-personal data) such as visitor statistics however, may be distributed to third parties for marketing, advertising or other purposes.
We protect your personal data through a series of security measures. We use encryption methods to protect data transmitted online. Only those employees who are to perform a specific task (e.g. billing or customer service) have access to personally identifiable data. The computers/servers used to store personally identifiable data are located in a secure environment.
We use your email address primarily for sending out your e-ticket. In connection with your ticket purchase, you may accept newsletters from us with other information. If you wish to cancel your subscription to our newsletter, you will find a link at the bottom of the mailing where you can unsubscribe.
You are entitled to request your personal data and the information we have saved about you at any time. For example, the data may have been saved in connection with a ticket purchase, customer service contact or newsletter subscription. You also have the right to “be forgotten”, i.e. erased from our records.
Would you like to request a records extract? Please send your request by post and mark the envelope with “Records extract” or “Request to be forgotten”, along with a copy of your ID card and your signature, to the address below. Include your name, mobile phone number and email address so that we can find you in our records. Also tell us how you want us to send the information to you, e.g. via email, letter or telephone. As soon as we have dealt with your case, we will of course erase all your personal data.
111 64 Stockholm
Data protection Officer
Phone: 08-629 50 00