Please read the following to learn more about how we collect, store, use and disclose your personal data*.
*Personal data is data relating to a living individual who can be identified, or is identifiable, using this data or if this data is used in conjunction with other data that is in County Wexford Chamber’s possession, or could come into its possession.
This policy applies to all Wexford Chamber volunteers, employees and all third parties responsible for the processing of personal data on behalf of Wexford Chamber.
Wexford Chamber respect your right to privacy and will not collect any personal information about you on this website without your clear permission. Any personal data that you volunteer to Wexford Chamber, if retained, will be held on secure servers and will only be used to better our service offering. Our Chamber is committed to conducting business in accordance with all applicable data protection laws and regulations and in line with the highest standards of ethical conduct.
This policy sets forth the expected behaviours of Wexford Chamber employees, volunteers and third parties in relation to the collection, use, retention, transfer, disclosure and destruction of any personal data belonging to a member (i.e. the data subject).
Who is the data controller?
Wexford Chamber, Chamber Offices, Hill Street, Wexford.. We can be contacted on firstname.lastname@example.org or phone 053 9122226.
What personal data do we collect?
When you use the Website: We will collect any personal data that you choose to send to us or provide to us. If you submit your personal data to us (e.g. using the application form; subscribing to our mailing lists; registering for an event), we use your personal data for purposes made clear to you at the time you submit your information.
When you engage as a member of Wexford Chamber: We receive and store personal data that you provide directly to us. The types of personal data we may collect directly from you include: names, email addresses, postal addresses, phone numbers, job titles, transactional information (including invoices due / paid), as well as any other contact or other information they choose to provide us in connection with our engagement.
Personal data we automatically collect
When you use our website: We collect certain information related to your device, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our website.
For further information on how this data is collected, please see the “Cookies Policy” below.
How do we use the personal data?
Wexford Chamber’s uses the personal data of its contacts for the following broad purposes:
- To provide Chamber services to our members including but not limited to:
- Networking opportunities
- Learning events
- Promoting members
- Export documentation assistance
- Start up business assistance
- Process and complete transactions, and send related information, including transaction confirmations and invoices;
- Manage our customers’ use of our services, respond to enquiries and comments and provide customer service and support;
- Send customers industry updates, event news/notifications and administrative communications;
- For any other purposes about which we notify customers and users.
Legal Basis for Processing
Wexford Chamber will process personal data in accordance with all applicable laws and applicable contractual obligations. Our legal basis for processing data will range from contract (membership application), consent (non-members) and legitimate business interest.
Where you have provided your consent, we may also use your information to communicate with you via email and, possibly, social media/phone regarding products, services, offers, promotions and events we think may be of interest to you. You will always be able to opt-out of such communications at any time using a one-click UNSUBSCRIBE option within every marketing email.
How do we share and disclose the personal data to third parties?
We do not rent or sell your personal data to anyone.
We may share and disclose information (including Personal Data) about our site visitors or customers in the following limited circumstances:
Vendors, consultants and other service providers:
We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf. These companies include (for example) our payment processing providers (netpay), website analytics companies (e.g. google analytics), email platform (e.g. Microsoft Office 365), mail service providers (e.g. mailchimp), CRM service provider (MindAClient), our website developer (Graphedia), CRM system (MindAClient) and others. Appropriate controls are in place to ensure data is only disclosed to these 3rd parties in compliance with data protection law.
Unless we tell you differently and you consent, our 3rd parties do not have any right to use the personal data we share with them beyond what is necessary to assist us.
Protection of Wexford Chamber and Others:
We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of Wexford Chamber, our employees, volunteer, our members, or others.
Disclosures for National Security or Law Enforcement:
Under certain circumstances, we may be required to disclose your personal data in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
Is personal data secure?
We use appropriate technical, organizational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction.
For example, on our website:
- We use regular Malware Scanning on our site to confirm it is safe to use.
- We use a range of security tools to monitor activity on the site and identify unusual activity.
- Your personal information is only accessible to a limited number of persons who have special access rights to such systems and are required to keep the information confidential.
- In addition, all information you supply through the website is encrypted via Secure Socket Layer (SSL) technology between your browser and the site.
- We do not store your credit card information on our servers.
In terms of local devices, Wexford Chamber has implemented a range of security measures to protect the information we hold in our records. For example:
- All devices (including backup devices) use disk encryption so data is secure at rest.
- Devices automatically lock after a short period of inactivity to reduce the risk of unauthorised access.
- Devices are ‘patched’ (updated with the latest security updates) on a regular basis.
- Information is backed up hourly to our NAS drive.
- All servers (including WiFi) are completely segregated from those of our iHub tenants to alleviate the risk of unauthorized access.
The 3rd party service providers who we employ to perform certain tasks also commit to implementing appropriate security measures to protect the data that we disclose to them.
Unfortunately, no company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.
For how long is personal data retained?
Different types of personal data is retained for different periods of time.
At a high level, personal data is retained for only as long as Wexford Chamber has a legitimate basis to retain the data.
- Personal data you provide when signing up for our email marketing lists is retained until such time as you unsubscribe. After you unsubscribe, we retain minimal information to ensure we do not forget that you have unsubscribed.
- Personal data provided as part of a membership contract is retained for a period of 2 years after the membership has ended.
- Email correspondence which is not required to be kept for regulatory reasons will be deleted after a period of 1 year.
Decisions based on Automated Processing
Wexford Chamber does not make decisions based solely on automated processing that could have legal or otherwise significant effects on you.
Under current data protection laws and under GDPR (when it is applied from 25th May 2018), you have certain rights. These include:
Right to access – You may request a copy of all personal data held by Wexford Chamber about you. Please contact our office for an access request form should you require a copy of your file. Email email@example.com
Right to rectify – You have the right to ask County Kildare Chamber to correct any inaccuracies in the personal data held about you.
Right to erasure – You have the right to ask that we erase any personal data we are processing about you. Please note that we may still be legally allowed or obliged to retain your information. For example, as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and defend or establish a legal claim.
Right to restrict – In certain circumstances, you have the right to request that we restrict the processing of your personal data.
Right to object – In certain circumstances, you have the right to object to our processing of your personal data.
Right not to be subjected to automated decision making – You have the right not to be subjected to automated decision making where the decision has legal or significant effects.
Right to withdraw consent – Where we are processing your personal data on the basis of your consent, you have the right to withdraw your consent at any time. For example, if we are sending you marketing emails, you can withdraw your consent immediately by clicking the UNSUBSCRIBE link in the footer of the email.
How to exercise your rights
Please contact us at firstname.lastname@example.org and provide us with as much information as possible to enable us to complete your request.
Right to complain
If you believe Wexford Chamber is breaching your data protection rights, you have the right to complain to the data protection authorities. In Ireland, this is the Office of the Data Protection Commissioner (Click here to visit the ODPC’s website).
Changes to this policy
Last Edited on 6th November 2018