Last updated: 16 February 2024
At a glance this is what you need to know
But just in case you’re on the move or do not have time to read it in full we have summarised the key points for you in our 'speed read' section below.
Great Western Railway (GWR, we, our or us) is a trading name of First Greater Western Limited. We are registered as a data controller with the Information Commissioner's Office and our registration number is Z9382315.
- We have appointed a Data Protection Officer. They are responsible for our approach to data protection and protecting your privacy. You can contact them at GWR.DPO@firstgroup.co.uk.
- We process (i.e. handle) your personal data to provide our services to you. Under data protection laws, we are only permitted to process your personal data where we have a legal basis for doing so. We will only ever process your personal data in compliance with applicable law.
- We will keep your personal data for as long as we need it. How long we need your personal data depends on what we are using it for, whether that is to provide services to you, for our own legitimate interests (described below) or so that we can comply with the law. We will actively review the information we hold and when there is no longer a customer, legal or business need for us to hold it, we will either delete it securely or in some cases anonymise it.
- We may transfer your personal data to a recipient located outside of the United Kingdom (UK). If we do this, we will ensure that the transfer mechanism provides an adequate level of protection, which has been recognised by the United Kingdom.
- You have important rights under laws aimed at protecting your personal data. This policy sets out your rights and how you can exercise them. For more information, read section 12. You also have the right to make a complaint to the Information Commissioner's Office if you are unhappy with how we have handled your personal data. For more information read section 13.
1. About Great Western Railway
This section sets out who we are. It provides some useful information about us including our company number, registered address and data controller registration number (provided by the information commissioner’s office).
3. What personal data do we collect about you?
This section informs you of exactly what personal data we collect about you and why. This includes information that is provided to us directly by you as well as information that we gather from your visits to our website and information that we receive from other sources.
4. How is your personal data collected?
This section explains to you the different ways in which we will collect the personal data that you provide to us.
5. Purposes for which we will use your personal data
This section explains the purposes for which we will use your personal data we hold. We also set out what we consider to be the legal basis for processing your personal data for each purpose, this is to ensure that you have all the information that we are required to provide you by law.
This section explains how we will ensure that you only receive communications that you wish to receive. We will ensure that you have total control over the information that you receive.
7. Who will have access to your personal data?
This section explains which of our employees will have access to your personal data. It also explains the reason for our employees accessing your personal data.
8. Who else might we share your personal data with?
This section informs you of who we share your personal data with. It also explains the reason for sharing; this is largely so that we can provide our services to you.
9. How do we protect your personal data?
This section explains how we keep your personal data safe and where it will be held. It also explains how we may process your personal data outside of the United Kingdom, but that we will only do so using recognised mechanisms which offer an adequate level of protection.
10. How long do we keep your personal data?
This section explains the length of time that we will retain your personal data. It also explains why we would hold your personal data for such time periods.
11. What are your rights?
This section explains that you have rights in relation to your personal data. It also explains what these rights are and how you can go about exercising them.
13. Who can you ask for more information?
This section provides you with contact information should you have any questions or concerns about the way we handle your personal data. It also explains how you can contact the data protection regulator should you be unsatisfied with our response to your data protection issues.
Last updated: 20 February 2023
What is a cookie?
Cookies are text files containing small amounts of information which are downloaded to your personal computer, mobile or other device when you visit a website.
Cookies are then sent back to the originating website on each subsequent visit, or to another website that recognises that cookie. Cookies are useful because they allow a website to recognise a user's device.
Cookies in themselves do not identify you, just the computer or device you are using. Cookies do lots of different jobs, like making it easier for you to log onto, and use, our site during future visits, letting you navigate between pages efficiently, remembering your preferences, and generally improving your experience. They also allow us to monitor traffic on our site and can also help to ensure that advertising you see online is more relevant to you and your interests.
Cookies themselves only record which areas of our site have been visited by your computer or device and for how long. Allowing us to create a cookie does not give us access to the rest of your computer, and does not allow us to see any personally identifiable data about you.
Types of Cookies
We've arranged the Cookies we use into three groups:
a) Required cookies: These Cookies are necessary for core features of this site to operate properly. Because they are needed for the site’s operation, they are always set to "Active". They include, for example, cookies that enable you to log into secure areas of our website or make a purchase.
b) Functionality cookies: These Cookies allow us to analyze site usage in order to evaluate and improve its performance. They are also used to provide a better user experience on the site, such as by measuring interactions with particular content or remembering settings.
c) Advertising cookies: These Cookies are used by advertising companies to inform and serve personalized ads more relevant to your interests. These Cookies also may facilitate sharing information with social networks or recording your interactions with particular ads.
Cookies we use
You can find more information about the individual cookies we use and the purposes for which we use them in the table below. If you choose not to accept any Functionality or Advertising cookies or your browser is not compatible with our cookie preference tool we will only use Required cookies.
Cookies and similar technologies set by third partiesOn some pages of our site other organisations, for example Facebook and other platforms (such as Twitter, Instagram, Snapchat and Amazon), may also set their own cookies or use other similar technologies (e.g. web beacons, pixels and local storage technologies) to collect or receive information from our website or elsewhere on the internet and use that information to provide measurement services and target ads. Because of how these technologies work, our site cannot access this information. These third parties are responsible for setting out their own cookie and privacy policies.
You can opt-out of the collection and use of information for ad targeting at websites such as:
Facebook also provide certain features (e.g. pixels, SDKs and APIs) which are known as Facebook tools. We may use these Facebook tools to optimise our communication and improve targeted communications through Facebook, Instagram and the Facebook Audience Network.
Google provide advertising services through Google’s advertising and marketing platforms (e.g. DoubleClick for Publishers, Google AdX, and Adwords). AdWords remarketing cookies allow us to target our advertising across Google search and other websites to people that have previously visited this website.
Google also uses various conversion cookies to help advertisers determine how many times people who click on their ads end up purchasing their products. These cookies allow Google and the advertiser to tell that you clicked the ad and later visited the advertiser site. To opt out of Google Analytics across all sites, you may install the Google Analytics Opt-Out Browser here. To opt out of Google Analytics for display advertising or customize Google display network ads, you can visit the Google Ads Settings page.
These links may also assist you:https://adssettings.google.com
In addition, with most Internet browsers, you can erase or block cookies or ask to receive a warning before a cookie is stored. The “Help” function within your browser should tell you how. Alternatively, you may wish to visit the following sites:
which contain comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your computer as well as more general information about cookies.
Please be aware that restricting cookies may have a negative impact on the functionality of the Website.