This Notice is designed to help you understand what kind of information we collect in connection with our services and how we will process and use this information. In the course of providing you with our services we will collect and process information that is commonly known as personal data.
This Notice describes how we collect, use, share, retain and safeguard personal data.
This Notice sets out your individual rights; we explain these later in the Notice but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
WHAT IS PERSONAL DATA?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details.
Personal data may contain information which is known as special categories of personal data. This may be information relating to and not limited to, data relating to criminal convictions and offences.
For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal data, where we are legally required to comply with specific data processing requirements.
PERSONAL DATA WE COLLECT
In order for us to provide and administer our membership services for you, we will collect and process personal data about you. We will also collect your personal data where you request information about our services.
We may also need to collect personal data relating to others in order to provide and administer your membership. In most circumstances, you will provide us with this information. Where you disclose the personal data of others, you must ensure you are entitled to do so.
You may provide us with personal data when completing online contact and membership application forms, when you contact us via the telephone, by text message, by email and when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
We will share your personal data within ARCHTI administration and if required with our Group Practitioner Insurance Company, Balens Insurances Ltd. and with Health Insurers for the purposes of verifying membership and qualification details. This is normal practice within Associations where it is necessary to share information in order to confirm qualifications, and approve eligibility for membership.
We also share personal data with authorised third parties, this is necessary where we are required to do so by law, and to verify qualifications.
Some examples follow:
– Training Colleges;
– Professional Associations;
– Graphic Designers if a member requests to place a logo or advertisement;
We do not collect your personal data when you visit our website. However, we do have “Google Analytics” and “Stat Counter” monitor our website pages for the purposes of counting the number of visitors to our website and web pages visited.
Where we collect data directly from you, we are considered to be the controller of that data i.e. we are the data controller. Where we use third parties to process your data, our website designer for example, these parties are known as processors of your personal data. Where there are other parties involved they may also process your data in which circumstance we will be a joint data controller of your personal data.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
As an Association, we will process the following categories of data:
Personal data such as an individual’s name, address, contact details and qualifications
Data relating to education and training qualifications, nationality and to criminal convictions and offences which may affect your membership eligibility.
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our services.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, Ireland is identified as the named territory where the processing of personal data takes place.
WHY DO WE NEED YOUR PERSONAL DATA?
We will use your personal data for the performance of our contract with you, to quote for and provide you our services, to process membership renewals, to administer your membership and refer you to our Group Insurance Scheme, to respond to any requests from you about services we provide and, if necessary, to process complaints. We will also use your personal data to manage your membership, promote your services on our website (if requested by you), and send you emails, text messages and our Newsletter.
Should it become necessary, we will use the special category and criminal conviction data we collect about you for the performance of our contract with you which is deemed to be necessary for reasons of substantial public interest.
In applying for our services you should understand that you are forming a contract with us. If you contact us for a quote or request details on the services we provide, we consider ourselves as having a legitimate business interest to provide you with further information about our services. You may request to be withdrawn from all such marketing activities at any time.
Data will be retained for the duration of your membership and for 5 years after termination of membership
Where you or law enforcement agencies inform us about any active investigation or potential criminal prosecution, we will comply with legal requirements when retaining this data.
The retaining of data is necessary where required for contractual, legal or regulatory purposes or for our legitimate business interests for statistical analysis (profiling) and service development.
Data stored on our website is stored in a database hosted by Blacknight Solutions on their servers which reside in Ireland. They are not permitted to use your personal data for any other purpose than for what has been agreed with us. These parties are also required to safeguard your personal data through the use of appropriate technical and organisational data security measures and are prohibited from disclosing or sharing your data with other third parties without our prior authorisation, or unless as required by law. Please contact the data privacy representative at Blacknight Solutions for further information on the measures undertaken to safeguard your data.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
– The right to be informed about the personal data being processed;
– The right of access to your personal data;
– The right to object to the processing of your personal data;
– The right to restrict the processing of your personal data;
– The right to rectification of your personal data;
– The right to erasure of your personal data;
– The right to data portability (to receive an electronic copy of your personal data);
– Rights relating to automated decision making including profiling.
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact our Data Privacy Representative by e-mailing email@example.com or by writing to The Data Protection Representative at ARCHTI, Mountshannon Business Centre, Mountshannon Road, Lisnagry, Co Limerick V94D5YP
PROTECTING YOUR DATA
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data with authorised third parties.
DATA PRIVACY REPRESENTATIVE
To ensure data privacy and protection has appropriate focus within our organisation we have a Data Privacy Representative who reports to our senior management team. The Data Privacy Representative, who may be contacted at: firstname.lastname@example.org
If you are dissatisfied with any aspect of the way in which we process your personal data please contact our Data Privacy Representative.