Privacy Notice

1. Introduction

Companjon is in the process of winding down its operations. This Privacy Notice explains how we continue to handle your personal data during this wind-down phase and what rights you have in relation to the processing of your personal data. This Privacy Policy is issued on behalf of Companjon Insurance DAC and Companjon Services DAC referred to here as ‘Companjon’.

2. Data Controller and Contact Details

Companjon Services DAC (company registration number 659078), with its registered office at Custom House Plaza, Harbourmaster Place, IFSC, Dublin 1, D01VY76, Ireland.

Companjon Insurance DAC (company registration number 669679), with its registered office at Custom House Plaza, Harbourmaster Place, IFSC, Dublin 1, D01VY76, Ireland.

For any data protection related comments or query, you can reach us by email at dataprivacy@companjon.com

3. Personal data we Process and Our Legal Basis

While we no longer offer new insurance solutions or services through our business partners, we continue to process personal data where we have a valid lawful basis. This will be for at least one of the following purposes:

Purpose of Processing	Lawful Basis for Processing
Administer your insurance solution and answer any queries you may have	Data processing for the conclusion and performance of the contract
Handle claims and complaints in accordance with the terms of our insurance solution	Data processing for the performance of the contract
To communicate with you in relation to payments	Data processing for the performance of the contract
Meet legal and regulatory requirements for example tax law, accounting and reporting obligations	Data processing is necessary to comply with legal obligation
To detect, prevent and investigate fraud	Data Processing is necessary for our legitimate interests
Health data is used for the purposes of processing certain types of claims	Consent

Type of Information

The type of information we process includes (not an exhaustive list):

Full name, country of residence, email address, mobile phone number, booking number, booking date (or purchase date), departure date, return date, cancellation date and time, ticket value, number of tickets, currency, one-way or return ticket, bus/train/flight information, ticket type, departure station name, arrival station name, content of messages provided to us via chat or email or any other channel of communications, metadata such as date and time, information on an incident or event, the amount of the loss, insured benefits, payment arrangements and payment information (such as International Bank Account Number), invoiced premiums, type of insurance benefit.

For some products we may collect special category data (e.g. health information) or details of other sensitive information. We recognise the sensitivity of collecting this information, so will only process it where we need it to handle claims.

Note: Where you provide personal data relating to a third party, you must ensure they are aware of and have agreed to such use, and that they have been informed of this Privacy Notice.

4. Is your personal data transferred to third parties?

Your personal data will be processed by our employees for the processing purposes listed above. Whenever your personal data is transmitted to external recipients (e.g. services providers, business partners, the insurer) that process the data, on behalf of Companjon or for their own purposes, they are legally required to ensure that your data is transmitted and processed in compliance with all applicable data protection laws. Such service providers may include our IT providers, customer service and claims support, audit, tax and consultancy providers.

We may also share your personal data on an ad hoc basis with regulatory and government bodies where we are required to do so by law.

5. Is your data transferred to a third country outside of the EU or EEA?

Where we or our service providers transfer your personal data to countries that are outside of the European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will take steps to ensure that any access of personal data outside the EU/EEA is carefully managed to protect your privacy rights and ensure that adequate safeguards are in place. This might include transfers or access in countries that are considered to provide adequate levels of data protection for your personal data as approved by the European Commission. Companjon adheres to the EU-U.S. Data Privacy Framework as set out by the U.S. Department of Commerce with respect to personal data that is transferred from the EEA to the United States within the scope of Data Privacy Framework.

For more information about data transfers and the safeguards we have put in place, please contact our data privacy team by emailing dataprivacy@companjon.com

6. How long will your data be stored?

Companjon will store your personal data only for as long as it is necessary for the purposes outlined above.

7. Your rights in relation to the processing of your personal data

As a data subject, you can assert a number of rights under the applicable data protection law in relation to your personal data. If you wish to make use of these rights, please contact dataprivacy@companjon.com

Right of access (Art. 15 GDPR): You have the right to ask for access to the personal data stored about you. You can also obtain a copy of your personal data.

Right to rectification (Art. 16 GDPR): You can request the rectification of incorrect personal data and the completion of incomplete personal data concerning you.

Right to erasure (Art. 17 GDPR): You can request the deletion of your personal data. This may be the case, for example, if the personal data is no longer necessary for the purposes for which it was collected or otherwise processed, or if you withdraw your consent, which is the basis for the processing of the personal data. Companjon may refuse to delete your personal data if the processing of your personal data is necessary to ensure compliance with a legal or regulatory obligation or to assert, exercise or defend legal claims.

Right to restriction of processing (Art. 18 GDPR): Furthermore, you may have a right to limit the processing of your personal data, i.e. to tag the personal data stored with the aim of limiting their future processing. One of the conditions specified in Art. 18 GDPR must be met for this purpose.

Right to withdraw consent (Art. 7(3) GDPR): When you have given consent to a processing of your personal data, you can withdraw such consent at any time and without giving reasons. This does not affect the lawfulness of processing based on your consent until withdrawal.

Right to data portability (Art. 20 GDPR): You may also have a right to obtain the personal data concerning you that you have provided, made available in a structured, common and machine-readable format. You may transfer this personal data to another responsible party at your discretion. In addition, you can demand that your personal data will be transferred directly to another controller, insofar as this is technically possible.

Right to object (Art. 21 GDPR): You may object to the processing of your personal data at any time for reasons arising from your specific situation, provided that the processing is based on the legitimate interests of Companjon or those of a third party. In this case, Companjon will no longer process your personal data, unless there are compelling reasons for continued processing which outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims. Your right to withdraw your consent to processing is possible at any time irrespective of this right of objection.

Right to lodge a complaint (Art. 77 GDPR): You have the right to lodge a complaint at the supervisory data protection authority regarding the data processing carried out by Companjon if you believe that it infringes applicable data protection law.

Changes to this Privacy Notice

Companjon may update this Privacy Notice during the wind-down process.

Last updated: April 2026