Direct Ferries Limited is committed to respecting and protecting your privacy and to complying with data protection and privacy laws. This Privacy Policy applies to all individuals who interact with us for the purposes of using or enquiring about our services (“you” or, “your”). This Privacy Policy sets out how we collect, use, store, share and protect data about you ("personal information").
It also explains your rights in relation to your personal information and how to contact us or the relevant regulator in the event you have a complaint. We want to make sure you can make informed decisions, so please take a few moments to read the sections below and learn how we may use your personal information.
Direct Ferries Limited ("Direct Ferries", "we", "our", or "us") is a private limited company incorporated in England and Wales with company registration number 03865405, having its registered address at Units 2 & 3, Three Rivers Business Centre, Felixstowe Road, Foxhall, Ipswich, England, IP10 0BF. We are an online aggregator providing ferry comparison and booking services. For data protection purposes, we are the data controller — the company that’s responsible for your privacy—and our ICO registration number is ZA173923.
You should read this Privacy Policy in conjunction with our Cookies Policy, the terms & conditions of use of Direct Ferries websites and/or apps and any separate terms & conditions issued with your booking of ferry tickets or other products and services.
What types of personal information do we collect from you?
We collect information when:
More specifically, we:
We collect the following categories of personal information (the exact information required will vary depending on the requirements of the ferry operator):
Personal information about other individuals
If you provide personal information to us about another individual (such as a family member, travel companion and/or child), you are responsible for ensuring that you have their consent (or the consent of the relevant person with parental responsibility) to provide that information for the uses set out in this Privacy Policy and for bringing this Privacy Policy to their attention.
Special categories of personal data
Some of the personal information you provide us, including medical details (such as mobility issues) (“Medical details”) may be treated as special category personal data to which additional protections apply under data protection law. Generally, we aim to limit the circumstances where such data is collected.
We process special category personal data for the purposes as set out in the table in Annex 1 below, which also details the corresponding legal basis we rely on to process the personal data for each purpose.
Children
Our website, app and services are not intended for children and we do not knowingly collect data relating to children except where you submit information about a child (or children) as part of your booking.
What do we use your personal information for?
The table at Annex 1 - which can be found at the end of this Privacy Policy - sets out the categories of personal information we collect about you (as defined above) and how we use that information. The table also lists the legal bases which we rely on to process the personal information.
When will we send you marketing?
We may send you marketing messages via email, text message or via push notifications within our app to keep you up to date with the latest and best offers, our latest service offerings, ferry timetable releases and to help you find ferry ticket prices.
You will receive these marketing messages from us if you have requested to receive such messages or if you are an existing customer and have not opted out of receiving marketing.
You can stop receiving marketing messages from us at any time by:
When you do any of the above, we will update your Account details so you don’t receive any more marketing messages.
While we will update your details as quickly as possible, please allow for up to 2 business days for this to take effect.
Unsubscribing from marketing messages will not stop service communications, such as booking confirmations and updates.
Interest-based advertising
We also participate in interest-based advertising and use third party advertising companies to serve you targeted advertisements based on your online browsing history and your interests. To do this, we or our advertising partners may collect your contact details, information about how you use or connect to the website or app, or the types of other websites, social media services, content and ads that you (or others using your device) visit or view or connect to our website so that we or our advertising partners may play or display ads on our website, on other websites, apps or services you may use, and on other devices you may use.
To learn about interest-based advertising and how you may be able to opt-out of some of this advertising and to limit some third party advertising cookies, you may wish to visit:
When will we share your information with others?
We may need to share your personal information with the following categories of recipients:
Travel service providers: these include ferry operators, operators for the provision of tickets, insurance providers and distributors of other services and products you’re purchasing via Direct Ferries.
Our service providers: we may share your personal information with third party vendors and other service providers that perform services for us or on our behalf, which may include providing marketing, courier, web hosting, fraud monitoring and/or prevention, online advertising and analytics services.
Professional advisors: we may share your personal information with our lawyers, accountants, insurers and other professional advisors to the extent we need to (for example, to defend ourselves against legal claims).
Purchasers and third parties in connection with a business transaction: your personal information may be disclosed to third parties (including a new owner) in connection with a business or corporate transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
Law enforcement, regulators, governmental and other relevant authorities: We may need to share your personal information with third parties as required by law or to fulfil your booking (including port authorities, customs, and passport offices) or if we reasonably believe that such action is necessary to (i) comply with the law and the reasonable requests of law enforcement; (ii) detect and investigate illegal activities and breaches of agreements; and/or (iii) exercise or protect the rights, property, or personal safety of Direct Ferries, its users or others. as required by law.
Other Direct Ferries group companies: we may disclose your personal information to companies within the Direct Ferries group of companies where they provide services on our behalf or where such sharing is otherwise necessary in accordance with the uses set out in Annex 1.
Payment processors: we may share your Payment details with credit card companies to validate your credit card details and obtain payment when you buy a product or service.
How we use cookies
We may use cookies and similar technologies to distinguish you from other users of our site and app. For more information about cookies and why we use these, please refer to our Cookie Policy here.
Your rights regarding your personal information
Right to Access & Transfer Data
You have the right to request a copy of any personal information that we hold about you. In certain circumstances, you have the right to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another company. We may ask you to supply appropriate evidence to verify your identity before responding to your request. Once your identity has been verified, we will respond as quickly as possible and in any event within the timescales in accordance with applicable data protection laws.
If you have an online account, you can log in to your account at any time to view any personal information stored there.
Right to Update & Amend
If any of the personal information we hold about you is inaccurate, you have the right to have that information corrected or completed where it is incomplete.
Right to Restriction
You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
Right to Complain
If you feel at any point that we have mishandled your data or infringed upon your rights set out under data protection laws, you can let us know by getting in touch with our customer service team or lodge a complaint with the supervisory authority responsible for data protection in the country you live in or the place of the alleged infringement. You can find a list of the supervisory authorities within the EU here: https://edpb.europa.eu/about-edpb/about-edpb/members_en. In the UK, the relevant supervisory authority is the Information Commissioner’s Office, and their details are available at www.ico.org.uk.
Right to Erasure
In some circumstances, you can request to have your personal information erased when it is no longer required to process a transaction, or we are not legally required to retain the information. Where your personal information is no longer required, any request to have the information erased will be carried out without undue delay and in any event within the timescales in accordance with applicable data protection laws.
Right to Object and Withdraw Consent
You have a right to object to the processing we carry out on the basis of legitimate interests in certain circumstances. If you have provided consent to any processing of your personal information, you have a right to withdraw that consent at any time (without affecting the lawfulness of our processing carried out before this point).
How to exercise your rights
You can write to us at any time to exercise any of the above mentioned rights in respect of any personal information we may hold about you. Our contact details are provided at the end of this Privacy Policy.
Please quote your name and address together with your booking reference and/or account number. If you are submitting a request for access to your personal information, we would be grateful if could also provide brief details of what information you want a copy of (this helps us to more readily locate your data).
We will take all reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.
International transfers of your personal information
All of our customer data is stored on servers held within the EU. To perform our contract with you we may in certain circumstances need to share some of your personal details with our partner ferry operators, group companies or our other service providers situated outside of the United Kingdom (“UK”) and/or the European Economic Area ("EEA").
In some cases, this might result in your personal information being transferred to a country not recognised as having an adequate level of protection for personal data. Where that is the case, these international transfers of your personal information will be made pursuant to appropriate safeguards, such as the international data transfer agreement adopted by the UK government or standard contractual clauses adopted by the European Commission.
We outsource certain of our customer service function to a contact centre provider which has personnel in South Africa who have remote access to personal data (that is stored in the UK/EEA). In this case, we rely on standard contractual clauses approved by the EU and UK and have conducted the appropriate risk assessments, and implemented appropriate contractual measures, to ensure that data accessed outside of the UK and EEA in this way is kept secure and to a minimum.
If you wish to enquire further about the safeguards we use, please contact us using the details set out at the end of this Privacy Policy.
Retaining and anonymising personal data
We keep your personal information as long as necessary to meet our legitimate business needs and to comply with our legal and/or regulatory requirements. After this time has passed, we will either delete your personal information or anonymise it so that it is no longer personally identifiable.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.
Information Security
Direct Ferries recognises that its customers are increasingly concerned about how companies protect personal information from misuse and abuse and about privacy in general. We implement appropriate technical and organisational measures, including encryption, to protect your personal information against accidental or unlawful destruction, loss, change or damage. All personal information we collect will be stored on our secure servers. We are constantly reviewing and enhancing our technical, physical and managerial procedures and rules to protect your personal data from unauthorised access, accidental loss and/or destruction. We use industry standard secure sockets layer (SSL) technology, for example, to encrypt sensitive information such as your credit card and other financial information.
Changes to this Policy
We may occasionally need to make changes to this page and our Privacy Policy to reflect changes in how we are processing your data or in response to changes in applicable data protection and privacy legislation. When we change this Privacy Policy in a material way, we will update the "last modified" date at the end of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.
If there are any significant changes, we make these clear either through the website or through another means of contact such as email.
Links to third party sites
Our website may, from time to time, contain links to and from third party websites, including those of other operators and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for their policies. Please check their individual policies before you submit any information to those websites.
Privacy Support
If you have any enquiry about this Privacy Policy, Direct Ferries' data protection practices or you wish to exercise one of your rights, please write to: Web department, Direct Ferries Ltd, 2-3 Three Rivers Business Centre, Felixstowe Road, Ipswich, Suffolk IP10 0BF, United Kingdom or email us at dpo@directferries.com.
If you are based in the EU, and you wish to exercise your rights under the EU GDPR or have any queries in relation to your rights or general privacy matters, please email our representative at eurep@directferries.com or by post to: The DPO Centre Europe Ltd, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2.
Last modified: 29.01.2025
ANNEX 1 – PERSONAL INFORMATION WE COLLECT AND HOW WE USE IT
Category of personal information | How we use it | Legal basis for processing |
Contact details, Account details | To help you create your account on our website. | This is necessary for the performance of our contract with you. |
Administration of your account, managing our relationship with you (including sending you information regarding bookings such as updates and/or reminders about your itinerary and asking for feedback), asking you to take a survey and informing you about changes to our policies, other terms, and other administrative information). | This is necessary for our legitimate interests to manage our relationship with our users and keep them updated. | |
Contact details, Account details, ID details, Payment details, Booking details | To fulfil and manage your bookings and deliver any other related services. | This is necessary for the performance of our contract with you. |
Correspondence and communications details, Contact details | To respond to queries and complaints and provide you with information and materials that you request from us. | It is necessary for our legitimate interests to respond to your queries and provide any information and materials requested in order to maintain good customer relations. |
Medical details | Information submitted by you to inform us about any medical issues or mobility assistance concerning a trip | Consent |
Payment details, Account details, Contact details | To process any purchases you make on the website or app. | This is necessary for the performance of our contract with you. |
To maintain accounts, transactions and records as required under applicable law. | This is necessary for compliance with a legal obligation. | |
Account details, Contact details and Service History details | Marketing and advertising (including sending you newsletters and measuring the effectiveness of our marketing). | Consent (if required under applicable law). Where consent is not required under applicable law (for example, where you are an existing customer, have not opted out of receiving our marketing communications and we are marketing products or services which are similar to what you have purchased), such processing is necessary in our legitimate interests to promote, develop and grow our business. |
Account details, Technical details | To correct errors and problems with the website or app. | It is necessary for our legitimate interests to monitor our website, app and services, to improve their performance and to ensure that they function properly and are secure. |
To protect the security of systems and data. | It is necessary for our legitimate interests to protect network, systems and data and to prevent and detect criminal activity (such as fraud) that could be damaging for you and/or us. | |
Contact details, Technical details, Usage details | To analyse your usage of the website and/or app, including for the purposes of improving our website and/or app and to ensure that content is presented in the most effective manner for you. | It is necessary for our legitimate interests to define types of users for our website, app and services, to keep our website and app updated and relevant, to develop our business and to inform our marketing strategy. |
To provide you with advertising aligned with your interests and to measure the effectiveness of such advertising. | Such processing is necessary in our legitimate interests to promote, develop and grow our business and to inform our marketing strategy. | |
Contact details | To enforce legal rights or defend or undertake legal proceedings. | It is in our legitimate interests or those of a third party provider, to protect our business, interests, and rights or those of others. |