Privacy policy

Table of Contents

At daa plc, in keeping with our commitment to be open with all passengers, customers, partners and employees, we have developed this Privacy Statement Overview, a quick and simple summary explaining how we manage, share and look after your information.

We are determined to deliver a great welcome and a great service to all passengers, customers, and partners. To enable this, we need to collect a range of information about you, if you are a passenger – your name and flight details, or if you are a car park customer – your name, car registration and email address. This Privacy Statement covers people who may interact with us in the following ways:

People that use products or services offered via daa
People that sign up to receive information from daa, Dublin Airport, Cork Airport and The Loop (e.g. newsletters)
People that send us feedback via our websites or social media channels
Visitors to our websites
Passengers and other visitors to daa-owned properties, Dublin Airport and Cork Airport.
If you have any general queries about your experience in dealing with us, please contact customerexperience@daa.ie.

If you have any questions or comments about this Privacy Statement, please contact our Data Protection Officer by email at dataprotection@daa.ie or in writing at:

Data Protection Officer, Cargo Building 6, Corballis Park, Dublin Airport.

We fully respect your right to privacy and undertake to only collect data as required to deliver the services you need, or with your clear permission and consent. In addition, we are required to implement statutory regulations in civil aviation as part of our role as an airport operator. The reasons for processing your data may include the following:

1. Delivering the passenger experience – our job is to get you through your airport journey as smoothly and comfortably as possible. Due to the highly regulated nature of air travel, we are required to process data for safety and security reasons as described in detail below.

2. Providing additional services at the airport – we provide additional services which you may choose to use to enhance your journey. In providing these services to you, we may need to gather some data. For example, these services may require that we process payments, and keep your name and other details, such as car registration and email address; we may gather details of your travelling companions or special dietary needs to enable us to plan and deliver the relevant travel services. Additional services we deliver directly include:

2.1. Car parking services to provide you with access to the most convenient parking locations – click here for further details and our Car Parking Privacy Statement.

2.2. Fast Track services to save you time getting through Security Screening – click here for further details and our Fast Track Privacy Statement.

2.3. Lounge services to help you relax or do some work before you fly – click here for further details and our Lounge Privacy Statement.

2.4. Airport Club services – membership provides convenience and unlimited access to services such as Airport Parking Security Fast Track, and Lounges in both Terminals 1 and 2 – click here for further details and our Airport Club Privacy Statement.

2.5. Platinum Services – our suite of travel services to optimise your journey includes premium departures and arrivals facilities, private check in, dedicated Security Screening, suites and chauffeur-driven escort to your plane – click here for further details and our Platinum Services Privacy Statement.

2.6. The Loop Retail Services – Duty Free – for in-store purchases, we do not collect personal data (we do not retain payment data in our shops). However, in order to provide duty free prices, we collect flight details as provided on your boarding card. The information collected is limited to the item purchased and flight information such as the airline and destination details. See here for the loop.ie and see here for Privacy Statement details.

2.7. The Loop Retail Services – ‘Click & Collect’ – we offer a ‘Click & Collect’ service that requires us to collect information to enable us to identify you at the point of collection and to communicate with you if you ask us to – see here for the loop.ie and see here for Privacy Statement details.

3. Providing free wi-fi while you use our airports – under Irish law, all ‘Internet Service Providers’ or ISPs are obliged to maintain records of internet access for a period of 12 months. As we do not collect your name as part of the wi-fi sign-up, we store the IP address assigned to you and the MAC address of the device you used to access to wi-fi service. We keep these records as required by law.

4. Protecting the welfare of passengers, visitors and staff at Dublin Airport – we may need to record personal details relating to any individuals involved in incidents or accidents in the airport or its environs.

5. We may also perform statistical analysis on passenger and customer flows to improve our services and plan for future enhancements to our airport facilities – in this situation, we will anonymise your data before any analysis is performed so we cannot identify you.

6. Ensuring the safety and security of civil aviation – this includes CCTV and Queue Measurement:

6.1. Safety and Security – Closed Circuit Television (CCTV) – as the operator of Dublin Airport and Cork Airport, daa are obliged to keep the airports and their environs safe and secure. To assist us in this, we operate CCTV security systems both landside and airside and our Airport Police manage these important security controls. CCTV images of you are considered to be personal data and we carefully safeguard access to these images. We retain all CCTV footage for 30 days.

6.2. Safety and Security – Queue Measurement – we are also obliged by statutory regulations in civil aviation to measure how long it takes to get you safely through the security screening process. We do this by monitoring passengers’ mobile devices while they move through the screening area. We only access the MAC address of your wi-fi or Bluetooth interface, and purge this data after six (6) years. You are free to switch off your wi-fi or Bluetooth as you go through security or the airport generally if you wish.

6.3. If you use the automatic border controls such as passport e-readers, you may be required to provide personal data. This system is controlled by Irish Naturalisation & Immigration Service (INIS) for the purpose of border control.

6.4. If purchasing goods from the retail outlets post US Preclearance, officially known as US Customs & Border Patrol (USCBP), your passport may be requested to verify your age and residency status. We are required to collect this data under the terms of the treaty to implement USCBP agreed between Ireland and the USA.

6.5. If travelling to the USA, you may have been asked to provide some personal information in advance. You may be asked to provide additional details at US Preclearance, officially known as US Customs & Border Patrol (USCBP). This information is collected by USCBP and daa has no access to this data. Click here for additional information on US Customs & Border Patrol.

 

We may also need to share your data with partners such as your airline or their ground handler, to help get you to your destination.

Where this data is provided by us to the third party to deliver a service to you, the processing is covered by this Privacy Statement. Where you provide your data directly to a third party, we have no involvement in that transaction or access to the data and the processing is the responsibility of the third party. An example of this would be going online to rent a car for collection at the airport.

Where data is provided by us to a regulatory body or law enforcement agency to meet statutory or regulatory obligations, activities undertaken by those parties is outside our control and hence fall outside of the scope of this Privacy Statement.

Agencies that we may be obliged to share information with include:

  1. An Garda Síochana (National Police Service)
  2. Garda National Immigration Bureau (GNIB)
  3. Irish Naturalisation and Immigration Service (INIS)
  4. Revenue – Irish Tax and Customs Service
The purpose of this statement is to let you know what to expect when daa plc (daa) collects personal information via Closed Circuit Television (CCTV) cameras located through the Dublin Airport campus. With this Privacy Statement, we want to provide transparency on how we treat personal data and the purposes for which we collect data. This Privacy Statement applies to people that visit the Dublin Airport campus. This Privacy Statement does not apply to CCTV data processing by third parties, such as airlines, handling agents, or retail tenants. daa has no access to data processing by third parties or to the data involved, unless otherwise stated, and cannot be held responsible for it. We operate CCTV cameras located through the Dublin Airport campus, including in terminal buildings and surrounding environs. Your personal data may be collected through the operation of these CCTV cameras. The purpose for collecting the personal information that you provide is to allow us to:
  • Protect the safety of passengers and staff at Dublin Airport
  • Prevent, detect, and respond to criminal activity
  • Comply with our legal and regulatory obligations to safeguard and protect civil aviation
  • Investigate safety and security incidents in response to reported incidents, complaints, claims, or regulatory / compliance audits or other issues.
CCTV data may also be used to monitor passenger or vehicle flows or to conduct statistical analysis of those flows. This processing is carried out in daa’s legitimate interests and allows us to ensure we can continue to invest in the infrastructure to meet passengers’ future needs at Dublin Airport. This does not affect your rights as a data subject. See your rights in relation to your information below. We may be required to share your information to Comply with our legal and regulatory obligations Investigate safety incidents, security incidents or criminal activity. We may share personal data relating to you recorded on CCTV with:
  • Competent authorities such as An Garda Síochana or the Irish Aviation Authority
  • Third parties who operate retail outlets, or who provide services to passengers such as airlines or handling agents where we have a statutory obligation to do so.
All personal data collected for the purposes specified in this statement is processed inside the European Union (EU) or the European Economic Area (EEA) and will never be transferred to countries located outside the EU or the EEA. We retain CCTV footage for thirty (30) days. Any CCTV footage identified as relevant to a formally reported incident is retained for six (6) years from the date of the reported incident. Where an investigation or claim arising from a reported incident take longer than 6 years to be processed, the CCTV footage identified as relevant to that incident may be retained for longer than 6 years.

Your rights as a data subject are as follows:

  1. Right of access – you have the right to find out if we hold any personal data relating to you. You also have the right to obtain a copy of any such personal data we hold on you. The request, referred to as a Data Access Request.
  2. Right to rectification – you have the right to request we rectify any information we hold about you that is inaccurate.
  3. Right to erasure – you have the right to request we erase any information we hold on you, provided there is valid grounds for doing so.
  4. Right to restriction of processing – you have the right to request we temporarily restrict the processing of your personal data, provided there are valid grounds for doing so.
  5. Right to object – you have the right to object to the processing of your personal data, namely in the case processing is carried out in the legitimate interests of daa.
  6. Right to lodge a complaint – if you are unhappy with how we have acted in handling your personal data, you have the right to lodge a complaint with the supervisory authority in your EEA country of residence, place of work, or with the Office of the Data Protection Commissioner in Ireland.

Any personal information that you provide to daa or its subsidiaries will be treated with the highest standards of security and confidentiality and handled in accordance with Data Protection laws and the General Data Protection Regulation.

Security of your personal data is very important to us. We take all reasonable technical and organisational measures to prevent the loss, misuse, unauthorised access, disclosure, or alteration of your personal data. These measures include:

  1. We apply various levels of access control to restrict access to your personal information to daa employees and contractors who require a level of access as part of their role
  2. We work with experienced, specialised vendors to develop and maintain our platforms
  3. We regularly review and audit our security and data protection policies and procedures to ensure a high level of operational security is maintained.

You have a right to obtain a copy of any information relating to you kept on computer or in a structured manual filing system by daa. All you need to do is write to us and ask for it under the Data Protection Acts. We refer to these requests as Data Access Requests.

Please download the PDF here for Data Access Request guidance.

If we wish to gather information to contact you, e.g. for marketing purposes, we will ask for your consent to do so in advance. If you have purchased products or services from us, we may offer you reminders or information to assist us in delivering those services unless you have asked us not to contact you in relation to products or services purchased. If you have provided consent, you can unsubscribe at any time to remove that consent.

This Privacy Statement applies to individuals that have given their consent to avail of direct marketing communications from daa plc regarding promotions, products or services electronically via email, SMS and / or push notifications.

We would like to provide you with information about new products, promotions, special offers, services and other information that we feel you may be interested in. As part of a purchase on our digital channels, we offer you the opportunity to opt in to our marketing communications.

You will always be given the opportunity to withdraw that consent on every electronic communication you receive from daa plc by unsubscribing at any time.

When you sign up to marketing communications, we’ll normally contact you by email, but we may also send you marketing texts if you have given us your mobile number for this purpose.

Cookies, Web Browsing and Cookie Preferences Management

Our websites use cookies. Cookies are small text files which are created on your computer or mobile device when you visit a website. Some cookies are necessary for our web site to function, and others allow us to add enhanced features, analyse our web site performance and re-market advertising to you based on your web browsing activity.

When you visit our website, we may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is used to make the site work as you expect it to and give you a more personalised web experience. The information does not always directly identify you, for example, our analytics and performance cookies are aggregated and anonymised. Because we respect your right to privacy, you can choose not to allow some types of cookies.

Click on the different category headings below to find out more. You can change your default settings very easily. To turn cookies on, click the button to the right. To turn cookies off, click the button to the left.

You can use our websites with no loss of functionality if cookies are disabled in your web browser.

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookie name Expiry Description
ARRAffinity Session This cookie is set by websites run on the Windows Azure cloud platform. It is used for load balancing to make sure the visitor page requests are routed to the same server in any browsing session.
OptanonConsent

Persistent

This cookie required for the OneTrust cookie consent banner.
OptanonAlertBoxClosed

Persistent

This cookie required for the OneTrust cookie consent banner.

 

Marketing and Advertising Cookies

Please note that video content (Vimeo and You Tube) can only play if you accept these Marketing & Advertising cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising. 

Cookie Name Expiry Description
vuid 2 years This a Vimeo cookie to allow the hosting and sharing of videos.

 

Site Analytics and Performance Cookies

These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.

Cookie Name Expiry Description
_gat_UA-nnnnnnn-nn 0 This is a Google Analytics cookie that contains the unique identity number of the account or website it relates to, to limit the amount of data recorded by Google on high traffic volume websites.
_ga 2 years This is a Google Analytics cookie used to distinguish unique users.
_gid 1 day This is a Google Analytics cookie used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing.

_gclxxxx

90 days

This is a Google conversion tracking cookie.

_gali

This is a Google Analytics cookie used to distinguish unique users.

 

Cookie Management and Your Preferences

When you access our web site, you are presented with a statement of our cookie usage and you have two options, to ‘Accept All’ and give permission for all cookies to load on to your browser and device, or to ‘Manage My Preferences’, which allows you to select which cookies you wish to keep off , switch off or indeed, switch on.

You can also delete your cookie options in your browsers.

Even after your cookie banner acceptance, you can still delete or block the use of cookies in your browser settings. However, once you do this, some features of our websites may not work as intended.

You can delete the cookies stored on your device or alternatively you can change your privacy settings on your browser via the following links:

Google Chrome

  • Open the 'Menu' (icon) on the toolbar
  • Choose 'Settings'
  • Open 'Advanced Settings'
  • Go to the 'Privacy' section and click on 'Content Settings'
  • In the 'Cookies' section, you can choose how cookies are used when you browse using Chrome.

Mozilla Firefox

  • Open the 'Edit' menu
  • Choose 'Preferences'
  • Open 'Privacy & Security'
  • Choose 'Cookies'.

Microsoft Internet Explorer

  • Open the 'Tools' menu
  • Select 'Internet Options'
  • Open the 'Security' tab
  • Choose the 'Internet' zone
  • Identify the security level 'High' for this zone
  • Click 'OK'.

We review our Privacy Statements on a regular basis, and any updates will be highlighted in the version date below.

This Privacy Statement was last updated on: October 5, 2020 and is effective from October 5, 2020.

If you have any general queries about your experience in dealing with us, please contact customerexperience@daa.ie. If you have any questions or comments about this Privacy Statement, please contact our Data Protection Officer by email at dataprotection@daa.ie or in writing at: Data Protection Officer, Cargo Building 6, Corballis Park, Dublin Airport.