Red Arrow Motorcoach Privacy Statement
Personal information refers to information about an identifiable individual but does not include contact information related to that individual’s employment.
Red Arrow is committed to protecting personal information. That commitment starts by complying with federal and provincial privacy laws, but goes farther, as Red Arrow aims to apply leading privacy practices to its operations.
Red Arrow is accountable for the personal information it collects.
Red Arrow has a Privacy Officer to manage its privacy obligations, whose responsibilities include:
The Privacy Officer may be reached at:
1857 Centre Avenue SE
Calgary, AB T2E 6L3
Collection of Personal Information: Purpose & Consent
Red Arrow only collects personal information it requires to provide transportation services.
Accordingly, Red Arrow relies on customers’ implied consent for the collection and use of that information as permitted by law.
Red Arrow collects information at the time of sale, including name, email address, physical address, telephone number and Date of Birth because it needs to know the identity of its customers, addresses for the provision of services, and contact information in case any change in the provision of services needs to be communicated.
Customers may seek to withdraw their consent to the collection, use, or disclosure of personal information by contacting the Privacy Officer. Subject to receiving such requests in a timely manner, and any overriding legal obligations, Red Arrow will take steps to accommodate such requests. Withdrawal of consent prior to the provision of transportation services will negatively affect Red Arrow’s ability to provide those services and may result in services not being provided.
Red Arrow does not collect information, including personal information, from any social media platform on which it is active, with the exception of the name and profile photo of individuals with whom it may directly communicate with through Facebook Messenger.
Limiting Use, Disclosure, and Retention
In addition to limiting the personal information that is collected, Red Arrow limits the use of that information, its disclosure and its retention.
Red Arrow limits the use of customers’ personal information to what is required to provide transportation services.
Red Arrow does not use personal information for statistics or research, and does not sell, rent or lease that information to third parties.
Red Arrow does not disclose personal information to third parties for any statistical or research use.
Red Arrow and its affiliates do not share personal information with each other, except as may be necessary for the provision of shared transportation services.
Red Arrow will not disclose an individual’s personal information without notice to that individual or his or her consent, except in very limited circumstances and only as permitted or required by law, including when disclosure is in the individual’s interest and consent cannot be obtained in a timely way.
When Red Arrow collects personal information in the course of acting as a service provider to federal and provincial governments, that information may be disclosed as required by that government and permitted by law.
In almost all cases, Red Arrow retains personal information for a minimum of one year, and otherwise for so long as is necessary to facilitate the provision of transportation services.
Red Arrow has reasonable security arrangements in place commensurate with the sensitivity of the type of personal information collected in order to guard against unauthorized access, collection, use, disclosure and disposal of that information.
Red Arrow collects customer information online and offline. When collected offline, the information is entered into an online database, and otherwise destroyed unless required for use by drivers.
For information stored electronically, Red Arrow data and data systems are physically situated in Canada.
Physically recorded personal information is limited to the information that Red Arrow drivers require during day-to-day operations.
When not in use by drivers, documents containing personal information are stored at local Red Arrow offices, which are subject to standard physical access controls. Any extra copies of such documents are disposed of on a daily basis in secured document containers and destroyed on a monthly basis.
Red Arrow does not retain copies of tickets bearing customers’ personal information.
Red Arrow does not collect or store customer financial information. When information such as a credit card number is transmitted to other websites (third party points of sale), it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
All Red Arrow employees receive privacy training upon employment, which includes review of:
- employee obligations to ensure that personal information is protected; and
- employee obligations to report any access breach or suspected access breach of personal information to the Privacy Officer.
Drivers are specifically trained to ensure proper use, storage and disposal of documents containing customer and passenger personal information.
Red Arrow has established a comprehensive IT Security Incident response plan setting forth processes and protocols for management and communications in the event of a security breach related to its collection, use, storage and disposal or disclosure of personal information. For details regarding Red Arrow IT Security Incident response plan please contact the Privacy Officer.