– The controller for the purposes of GDPR is the Irish Banking Culture Board establishment office. You can contact this office at firstname.lastname@example.org
The lawful basis for processing your data and who we share it with:
We process data:
– to respond to your query when you send us an email
– to comply with our legal obligations
The legal basis for this processing is your consent, which consent must be freely given, specific, informed and unambiguous.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.
We may share this data with third parties who provide a service to us such as our external content management system or IT provider, or as reasonably necessary. These third parties may only process this data for the purpose of providing us with their services, and no other purpose. These third parties may transfer data to countries outside of the European Economic Area (EEA) subject to appropriate safeguards being in place.
We will retain this data for no more than 12 months after the closure date of the survey on which you submit your personal data or until, where applicable, you exercise your right of erasure; we will then erase your data without undue delay.
Information we may collect from you
We collect personal data from you which you provide voluntarily to us, or which we collect automatically via our services with which you interact. We may also be given other personal data relating to you by other persons, or we may obtain such other personal data about you as may be provided to us in the course of our legitimate business activities.
We may collect and process Data in the course of your interaction with our Site, which could contain your personal data. This may include but not be limited to the following:
– your full name; your address; your various email addresses; your various phone numbers including mobile phone numbers.
-We may also process other data, which is not personal data for example our site may use technologies such as “session cookies” or third party analytical tools.
Security and where we store your personal data
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. We will do our best to protect your personal data, and will encrypt all stored information using standard AES256 encryption protocol for data transmitted to us. Any transmission of data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek and to prevent unauthorised access.
As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We will continue to revise policies and implement additional security features as new technologies become available. The transmission of information via the internet is not completely secure.
As an individual person, you have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:
– right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
– right to rectification- you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
– right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
– right to restriction of processing or to object to processing – you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
-. Right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine-readable format.
In order to exercise any of the rights set out above, please contact us at the contact details contained in this Policy.
If you are unhappy with how we process personal data, we ask you to contact us as soon as possible so that we can attempt to rectify the situation.
You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commission (contact details below).
Changes to this policy
We reserve the right to change this Policy from time to time at our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you acknowledge that you have read and understand this Policy.
Questions, comments, requests and complaints regarding this Policy and the information we hold are welcome and should be addressed to us at email@example.com All requests will be dealt with promptly and efficiently.
Contact details for the Irish Data Protection Commission are as follows:
Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, Ireland
Telephone: +353 76 1104800
LoCall: 1890 252231