Data Protection Notice




Welcome to DirectRoute Ltd. This notice explains how we handle and use your personal information and your rights in relation to that information. Under the GDPR of May 2018, DirectRoute Ltd is the controller of that information.

Direct Route Ltd (“The …… Organisation”, “we”, “our” or “us”) is committed to protecting and respecting your privacy.

This Privacy Notice explains why and how we will use the personal information that we have obtained from you or others, with whom we share it and the rights you have in connection with the information we use. Please read the following carefully.

This policy describes the way we handle and use the personal information that we obtain from all the different interactions you may have with us as a business, including when you visit our social media pages or website currently located at or when you contact us.

DirectRoute Ltd is the controller in relation to the processing activities described below. This means that Direct Route Ltd decides why and how your personal information is processed. Please see the section at the end of this policy for our contact and legal information.


In this notice DirectRoute refers to DirectRoute Fermoy (M8) Limited and DirectRoute (Limerick) Limited. DirectRoute are part of a Public Private Partnership contract with Transport Infrastructure Ireland (TII) which permits DirectRoute to operate, collect tolls and maintain the M8 and Limerick Tunnel motorways and toll plazas.


In order for DirectRoute to successfully operate and maintain a safe and secure motorway and toll plaza/s and to enable DirectRoute to establish and manage the relationship with users of the motorway and toll plazas, DirectRoute have a legitimate business reason to process personal data.

DirectRoute process personal information, for example, when you use the motorway and the toll plazas, when you apply to DirectRoute to set up a tag account, when you contact DirectRoute to make a query in respect of a toll transit, when you use a card to make payment, when you contact DirectRoute to make a Subject Access Request, when you apply for an disabled exemption card.

DirectRoute process CCTV to improve security, health and safety and for enforcement and to resolve any issues raised by you with DirectRoute at a later stage. Please note that DirectRoute cannot always guarantee the quality of the CCTV so it might not always be possible to identify any personal data or data subjects from our CCTV. No facial recognition software is used by DirectRoute.

DirectRoute also process information from other toll concessionaries or tag providers that you may have a tag account with to allow road users uninterrupted use of all the toll plazas in Ireland with one tag and so to perform the contract you have in place with your tag provider.

DirectRoute do not have a database of all registered owners of motor vehicles in Ireland but in the event that you cause damage to the motorway and do not stop to report the incident to our employees or you do not pay the toll fee as required by law, DirectRoute may collect personal data from local and national authorities, the MIBI and An Garda Síochána in respect of ownership of motor vehicles and motor insurance details in order to assist DirectRoute with enforcement.

Sensitive Personal Data

In order to avail of disabled exemptions for the toll charges for certain categories of drivers contained in the local Toll Bye Laws, road users may provide sensitive personal data to DirectRoute.  DirectRoute will only process sensitive personal data where they are absolutely required to do so and only with your written consent.


We know that you care about how information about you is processed. We appreciate your trust in DirectRoute to do that. To protect your information, our IT Department work very hard to ensure that DirectRoute use security measures that comply with Irish law and meet international standards. This includes computer safeguards, secure files and secure buildings.


We only disclose your personal information outside our business in limited circumstances. If we do, we will put in place a contract that requires recipients to protect your personal information, unless we are legally required to share that information. Any contractors or recipients that work for us will be obliged to follow our instructions. We do not sell your personal information to third parties.

We may disclose your information to our third-party service providers, agents and subcontractors (Suppliers) for the purposes of providing services to us or directly to you on our behalf, including the operation and maintenance of our Site, and social media pages.

When we use Suppliers, we only disclose to them any personal information that is necessary for them to provide their services and only where we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.


Data Analytics- Using Information in our business to improve our business

DirectRoute analyse the information that we collect through your usage of the toll plazas. This helps us understand patterns of usage of the toll plazas. Our analysis helps DirectRoute ensure that you are afforded a fast and uninterrupted journey through the toll plazas


If you make a claim against DirectRoute we will use personal data to investigate the matter and attempt to defend the claim.

If DirectRoute wish to make a claim against you for non-payment of a toll journey or for damage caused to the motorway or at the toll plazas, DirectRoute will use your personal data to investigate the matter and to form the basis of the claim, to seek judgment and for enforcement.


When you use a card to make a payment DirectRoute use a post payment card system. If the payment is declined, for example, due to insufficient funds or due to being blocked because the card was stolen and therefore the use is unauthorised, DirectRoute process the information so that the next time the card is used at the toll plazas that it will be immediately rejected.

Encryption is used to keep your card information safe. In addition to this DirectRoute have Data Protection Agreements in place with the companies used to process your payment through your bank to keep your information safe.

Query Resolution

If you make a query in respect of your transit DirectRoute will have to process your personal information to resolve the query for you.

Our Legal Obligations

DirectRoute have legal obligations, for example:

1)     to assist law enforcement agencies when they are investigating criminal activity;

2)     to operate the motorway and toll plazas in compliance with the local Bye Laws and with legislation;

3)     to operate and maintain the motorway in compliance with our contract with TII;

4)     to co-operate with third parties in respect of interoperability contracts between tag providers and other toll concessionaries within Ireland.  

DirectRoute may disclose personal data if under a duty to disclose or share customer data in order to comply with legal obligations or in order to protect rights, property or the safety of the staff of DirectRoute, its customers or others.

DirectRoute will also disclose personal data if the disclosure is required in order to comply with an applicable law, summons, search warrant, a court or regulatory order, or other valid legal process which would include in the main but not limited to Section 41 (B) of the Data Protection Act, 2018.

Often DirectRoute have to share information with other tag providers and toll concessionaries within Ireland through a centralised portal in order to deal with contractual requirements to resolve the queries of motorway users.  This ensures that you are in a position to use one tag on all the motorways throughout Ireland.

Where we suspect criminal activity DirectRoute will record this and report to the relevant enforcement agencies, which may be within or outside Ireland because we are legally obliged to do so.


DirectRoute will only retain personal data for as long as is required to conduct our business and satisfy our legal obligations.

We are obliged to retain certain information to ensure accuracy, to help maintain quality of service and for legal, regulatory, fraud prevention and legitimate business purposes.

Other information will be retained for no longer than is necessary for the purpose for which it was obtained by us or as required or permitted for legal, regulatory, fraud prevention and legitimate business purposes.

We will not hold your personal information in an identifiable format for any longer than is necessary for the purposes for which we collected it. For certain purposes we retain your personal information indefinitely (e.g. to supress marketing messages).


We sometimes use other companies and individuals to work on our behalf to collect monies or to give us advice to help us make decisions, for example to:

-          Analyse data

-          Collect toll charges at the toll plazas

-          Collect unpaid toll charges and debts

-          Collect unpaid repairs for damage caused on the motorway

-          Litigation purposes

We have a contract and GDPR agreement in place with all third parties to whom we give your information to or to whom have access to your information for these purposes to keep your information confidential and to respect the laws on Data Protection.

DirectRoute might require technical support from companies outside Ireland. These companies are in the EEA so this would not involve processing data outside the EEA. In all such cases this activity is supported by a contract which includes data protection clauses.


You have a right to make a request under Article 15 of GDPR in respect of your personal data. 

You can access guidance to assist you with this request at the following link which can be copied and pasted into your browser;


Once we are satisfied that you are the data subject we will reply to you within 30 days. This is not to frustrate you but DirectRoute do not want your personal data to end up in the hands of the wrong person.

Please also note that if you request the reply of communication via your email address, you are held solely responsible for the security and integrity of your own email account. Unfortunately, the transmission of information via the internet is not completely secure. Consequently, while DirectRoute will take all reasonable security measures, DirectRoute cannot guarantee the privacy or confidentiality of information relating to you being passed via the Internet; any transmission is entirely at your own risk.

DirectRoute try to make sure that the information that we have about you is accurate and up to date. If your information changes or you believe that we have information that is not accurate or not up to date, please write to DirectRoute at the following address and DirectRoute will update your information immediately;

Data Protection Officer,

DirectRoute Limited, Richmond House, Richmond Hill, Fermoy, Co Cork              or

DirectRoute Limited, Mainline Toll Plaza, Coonagh, Limerick

Email    [email protected]


You also have a right to complain to the Data Protection Commissioner. You can contact the Office of the Data Protection Commissioner at:

Telephone         +353 (0)761 104 800 or Lo Call Number 1890 252 231

Fax                   +353 57 868 4757

Email                [email protected]

Postal Address:            Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23, Co. Laois


DirectRoute will update their Data Protection Notices from time to time. Any updates will be made available on this website or if you are a tag account holder, will be notified to you by post or email