SUPPORT@TRANSLINKBARBADOS.COM      PHONE  +1 (246) 842 3375  

Translink Barbados

Bypass Privacy Policy

The effective date of this Privacy Policy is April 1, 2018.

 

Overview

Translink Barbados is committed to ensuring Bypass & Translink customer privacy and security. Specifically: (1) TB will not provide personally identifiable information (PII) from Bypass & Translink accounts to any third party without express customer consent, except as described in the Privacy Policy; (2) PII from Bypass & Translink accounts will never be provided to advertisers for their use; and (3) TBL will maintain a secure environment for customer PII.

This Privacy Policy is intended to provide an understanding of how Translink Barbados handles PII collected by the Bypass Fare Payment System (FPS) program. Among other things, this policy explains the types of information collected from Bypass customers; the third parties with whom TB may share this information; and the process by which Bypass customers are notified about material changes to this Policy.

TB engages in-house contractors to operate and maintain the Bypass program including conducting Customer Service Center (CSC) activities, on behalf of TB. Those contractors are collectively referred to as the “Bypass Contractors.” Bypass’’ Terms and Conditions notify customers that by enrolling in the Bypass Program and/or using the system, the customer is allowing TB, the Bypass Contractors, and other third parties referenced herein to process personal information according to the provisions set forth in the Bypass. Cardholder License Agreement and this Privacy Policy.

 

Definitions

The following definitions apply:

Personally Identifiable Information (PII): PII identifies or describes a person or can be directly linked to a specific individual. Examples of PII include but are not limited to, a person’s name, mailing address, business name, alternate contact information (if given), email address, Bypass card serial number, telephone number, bank account information, credit card number, security code and expiration date, photograph and Travel Pattern Data.

Aggregate Data or Aggregate Information: Aggregate Data or Aggregate Information is statistical information that is derived from collective data that relates to a group or category of persons from which PII has been removed. Aggregate Data reflects the characteristics of a large group of anonymous people. TB may use Aggregate Data and provide Aggregate Data to others for such things as generating statistical reports for the purpose of managing the Bypass program operations.

Anonymous Data or Anonymous Information: Anonymous Data or Anonymous Information is disaggregated data from which all PII has been removed, that does not identify or describe a person and that cannot be directly linked to a specific individual. TB may use Anonymous Data for any of its statutorily authorized purposes and may make Anonymous Data available to third parties.

Travel Pattern Data: Travel Pattern Data is information concerning an individual Bypass user’s trip start and end points, routes used, and date(s) and time(s) traveled. A Bypass user’s trip start and end points, routes used, and date(s) and time(s) traveled do not constitute Travel Pattern Data if such information (1) is dissociated from any specific individual to create Anonymous Data or (2) is combined with other data to create Aggregate Data.

 

Collection of Personally Identifiable Information

A Bypass card may either be registered or unregistered. TB, through the CSC, collects PII in order to register Bypass cards with the Bypass FPS. Examples of PII include a Bypass cardholder’s name, address, telephone number, email address, bank account information, credit card number and expiration date, photograph or other information that personally identifies a Bypass cardholder. TB obtains this PII from applications and other forms submitted by Bypass cardholders to the CSC by telephone, mail, facsimile transmission or by electronic submission through the Translink Barbados website. Travel Pattern Data is collected as a byproduct of the use of the Bypass card in the Bypass FPS.

 

How TB uses Personally Identifiable Information

TB uses the PII provided in order to process enrollments, manage accounts, promote Bypass. program improvements, perform data analysis to inform TB initiatives, respond to questions, send customer emails about Bypass. program updates, provide information regarding significant changes to this Privacy Policy, and otherwise communicate with Bypass. Customers, but only after satisfying any applicable requirements of law, such as requirements to seek customer consent to receive certain types of communications.

PII is only utilized as described in this Privacy Policy.

 

Third Parties with Whom TB May Share Personally Identifiable Information

TB may share PII with third-party service providers that offer important functions to us, which facilitate our support our services in some way. We, therefore, disclose user data to such third party service providers from time to time so that their services can be effectively performed.

TB may also share your information for the purposes of fraud prevention, risk management, customer service, legal compliance and the provision of our services, particularly in circumstances where:

  • You have consented or otherwise given us permission to share said information;
  • We have aggregated or de-identified the information, so that it cannot reasonably be used to identify you;
  • It is required by a third party service providers who we use in delivering our service, including certain advertising, referral, operations and technology services (such as hosting providers, identity verification, support, payment, and email service providers);
  • It is, or we reasonably believe it to be, required by applicable law or legal process;
  • It becomes necessary in order to protect the rights, property and safety of TB, our users and the public, including, for example, in connection with court proceedings, or to detect or prevent criminal activity, fraud, material misrepresentation, or to establish our rights or defend against legal claims; and
  • It relates to the sale, merger, transfer, or reorganization of all or part(s) of our business.

 

Retention of Personally Identifiable Information

TB, through Bypass. Contractors, shall only store the PII of a Bypass customer that is necessary to perform account functions such as billing, account settlement, or enforcement activities. All other information shall be discarded no more than four years and six months after fare payment has been made. All PII shall be discarded no later than four years and six months after the account is closed or terminated.

 

Security of Bypass Personally Identifiable Information

TB is committed to the security of customer PII. PII provided by Bypass customers is stored on computer servers that are located in secure, controlled facilities. Servers are designed with software, hardware and physical security measures in place to prevent unauthorized access.

Access to PII is controlled through the following administrative, technical, and physical security measures. By contract, third parties with whom TB shares PII are also required to implement adequate security measures to maintain the confidentiality of such information.

Administrative:

  • Access to PII is limited only to certain operations and technical employees for limited, approved purposes based on their specific work responsibilities.
  • Privacy and security training is required for employees with access to PII upon hire. In addition, regular periodic refresher training is required for those employees.

Technical:

  • Bypass network perimeters are protected with firewalls.
  • Electronic storage of PII is encrypted.
  • Electronic connections to and from the Translink website are encrypted.
  • Vulnerability and penetration tests are conducted on the Bypass system.
  • Employees’ use of Bypass customer databases is monitored.

Physical:

  • Physical access to TB and Bypass. Contractor servers is restricted to authorized technical personnel.
  • Data center access to approved technical personnel is restricted via passcode authentication and other security protocols.

In addition to TB’s policies and procedures implementing PII security, the Bypass customer must also do such things as safeguard passwords, PINs, and other authentication information that may be used to access a Bypass account. Bypass customers should not disclose authentication information to any third party and should notify TB of any unauthorized use of their passwords. MTC cannot secure PII that is released by Bypass customers or PII that customers request TB to release. In addition, there is a risk that unauthorized third parties may engage in illegal activity by such things as hacking into TB’s security system or the security system of a Bypass Contractor or by intercepting transmissions of personal information over the Internet. TB is not responsible for any data obtained in an unauthorized manner, and TB is the only entity that may authorize obtaining data from the Bypass FPS.

Please note that unless the Bypass customer initiates an inquiry or is logged into the secure Bypass customer website, the Bypass Contractors will never ask Bypass customers to provide or confirm any information in connection with Bypass such as credit card numbers, Bypass card serial numbers or other PII. If a customer ever has any doubt about the authenticity of an email regarding Bypass , the customer should open a new web browser, type in https://translinkbarbados.com/BypassLogin.html, log into the customer’s Bypass account, and then perform the requested activity.

 

Account access and controls

Creating an account with Bypass is at the customer’s discretion. The required account information consists of PII such as name, mailing address(es), email address, telephone number, bank account number, and credit card number, expiration date and security code. TB may request other optional information, such as alternate contact information, but, in such instances, clearly indicates that such information is optional.

Customers can review and update personal account information at any time. Customers are also able to modify, add, or delete any optional account information by signing into their Bypass account and editing the account profile. Deletion of some account information, such as a customer’s primary funding source, may require contacting the CSC by telephone. PII can also be reviewed and edited online as discussed below under “Updating Personally identifiable Information.”

Bypass customers can close their account at any time by submitting a completed Bypass Cancellation Form (available at translinkbarbados.com). All account information will be deleted no later than four years and six months after the account is closed or terminated.

 

Aggregate Data

TB may also combine the PII provided by Bypass customers in a non-identifiable format with other information to create Aggregate Data that may be disclosed to third parties. Aggregate Data is used by TB to improve the Bypass program, to inform other TB initiatives and for the marketing of Bypass. Aggregate Data does not contain any information that could be used to contact or identify individual Bypass customers or their accounts. For example, TB may inform third parties regarding the number of Bypass accounts within a particular parish. TB requires third parties with whom Aggregate Data is shared to agree that they will not attempt to make information personally identifiable, such as by combining it with other databases.

 

Anonymous Data

TB may also remove all PII from data developed as a byproduct of the use of the Bypass FPS to create Anonymous Data that may be disclosed to third parties. TB may use Anonymous Data for any of its statutorily authorized purposes and may make Anonymous Data available to third parties. Anonymous Data does not contain any information that could be used to track, contact or identify individual Bypass customers or their accounts. For example, TB may share a dataset that includes information such as where and approximately when a sample of anonymous Bypass users traveled on certain days in a given month. TB requires third parties with whom Anonymous Data is shared to agree that they will not attempt to make information personally identifiable such as by combining it with other databases or reverse engineering the data.

 

Bypass Mobile Website

The Bypass mobile-optimized website can be found at translinkbarbados.com. If a customer types in Translinkbarbados.com using a phone or tablet, translinkbarbados.com will redirect the customer to the mobile version of the website.

When the customer accesses translinkbarbados.com, location information, IP address, and other information may be collected by the mobile device’s platform provider and/or the customer’s data carrier. Before a customer accesses translinkbarbados.com via phone, he or she should review the terms of use and privacy policy of the customer’s platform provider and data carrier to determine how they collect, use, and/or retain PII. TB is not responsible for the terms of use or privacy policies of the platform providers or data carrier, or the use of PII, by such entities.

 

Website Usage Metrics

The Bypass websites use a third-party traffic measurement service called Google Analytics to gather and compute website usage metrics. Google Analytics collects customers’ IP addresses and the pages the users are visiting. TB and its contractors use this information for such things as analyzing results of Bypass marketing campaigns and making recommendations for website improvements and may include such information as Aggregate Data in operational reports and presentations. Google Analytics may set a cookie that will enable it to function properly. To find out more about Google Analytics’ privacy principles, visit the Google Analytics Privacy and Security Page at https://support.google.com/analytics/answer/6004245?hl=en.

 

Cookies

The Bypass website (Translinkbarbados.com) stores “cookies” on the computer systems of users of the websites. Cookies are small data elements that a website can store on a user’s system.

The cookies used by the Bypass website facilitates customers’ use of the websites (e.g. remember login names and passwords until the session has ended). The Bypass website does not require that users of the website accept these cookies. Customers may change their browser security settings to accept or reject cookies.

Once a patron leaves the Bypass website, the privacy policy of other websites visited or linked from the Bypass website should also be reviewed to understand how these external sites utilize cookies and how the information that is collected through the use of cookies on these websites is utilized.

TB does not knowingly engage in business with any company or vendor that uses spyware or malware. TB does not market detailed information collected from web sessions that can be directly tied to personal information. Further, TB does not provide Bypass customers with downloadable software that collects or utilizes any PII.

 

Third-Party Websites and Applications

The Translink Barbados website may contain links to third-party websites operated by entities that are affiliated with Bypass. These web links may be referenced within content or placed beside the names or logos of the other entities. In addition, third-party websites may exist that reference the Bypass website. TB does not disclose PII to these third-party websites.

WARNING: Once a patron enters external websites (whether through a service or content link or directly through a third-party website), TB is not responsible for the privacy practices of those other websites. Please review all privacy policies of external websites you may visit from links on the Bypass website before using or providing any information to such other websites.

In addition, TB is not responsible for third-party applications that access or make use of the Bypass website or any features thereof (“Apps”). Before a Bypass customer downloads or accesses Apps, he or she should review the terms of use and privacy policies of the Apps to determine how they collect, use, and/or retain PII. TB is not responsible for the terms of use or privacy policies of Apps, or the use of PII by such Apps.

 

Updating Personally Identifiable Information

Certain PII can be reviewed and edited online at www.translinkbarbados.com. The Bypass website uses functions that have the ability to collect and store self-reported data. These functions enable Bypass customers to revise, update or review information that has been previously submitted by going back to the applicable function, logging in, and making the desired changes. In addition to this method, customers may update their PII by telephoning Bypass Customer Service at +1(246) 842-3375.

Complaints or problems regarding updating personal information should be submitted via the website. The Bypass Customer Service Help will either resolve the issue or forward the complaint to an appropriate TB staff member for a response or resolution. TB strives to answer all queries within 48 business hours, but it may not always be feasible to do so.

 

Changes to this Privacy Policy

Material Changes – TB will inform Bypass customers if material changes are made to the Bypass Program Privacy Policy, in particular changes that expand the permissible uses or disclosures of PII allowed by the prior version of the Privacy Policy. If TB makes material changes to the Bypass Privacy Policy, TB will notify Bypass customers by means of posting a conspicuous notice on the Bypass section of the TB website that material changes have been made.

Immaterial Changes – TB may also make non-substantive changes to the Privacy Policy, such as those that do not affect the permissible uses or disclosures of PII. In these instances, TB may not post a special notice on the Bypass section of the TB website.

If TB decides to make any change to the Bypass Privacy Policy, material or immaterial, TB will post the revised policy on the Bypass website, along with the date of any amendment.

TB reserves the right to modify this Privacy Policy at any time, so the policy needs to be reviewed frequently by Bypass customers.

When TB revises the Privacy Policy, the “last updated” date at the top of the Privacy Policy will reflect the date of the last change. We encourage Bypass customers to review this Privacy Policy periodically to stay informed about how TB protects the security of PII collected for the Bypass Program. Continued use of the Bypass Program constitutes the customer’s agreement to this Privacy Policy and any updates.

 

Emails Sent to TB

This Privacy Policy does not apply to the content of emails transmitted directly to TB. Please do not send PII in an email directly to TB in order to keep content or data private.

 

Contact information

TB welcomes comments on the Bypass Privacy Policy. Also, if there are questions about this statement, please contact the TB at the contact information listed above.

 

History of Changes to Privacy Policy

 Date – Activity

April 1, 2018 – Privacy Policy established

 

Bypass Customer Service

Phone : +1 (246) 842-3375

Email : support@translinkbarbados.com

 

Translink Barbados, as an agency responsible for Bypass, is committed to operating its programs and services in accordance with federal, state and local civil rights and regulations

 

Copyright 2019. Translink Barbados. All right reserved.