Gateway Children’s Services Privacy Statement
GATEWAY ORGANISATION LTD T/AS GATEWAY CHILDREN’S SERVICES
15 June 2018
Herein is called THE GATEWAY ORGANISATION LTD T/AS GATEWAY CHILDREN’S SERVICES (herein after called Gateway Children’s Services). GATEWAY CHILDREN’S SERVICES address is 9 Upper John Street, Sligo for the purposes of complying with the Data Protection Acts 1988, 2003, 2018, European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (SI 336) and Regulation 2016/679 GDPR.
The foundation of data protection as it applies to personal data is built upon 6 data protection principles:
- Lawfulness, fairness and transparency.
- Purpose limitations.
- Data minimisation.
- Storage limitations.
- Integrity and confidentiality
We want you, our staff, contractors, visitors and service users, viewing this website, to be informed as to our use and care of your personal data.
By visiting the WWW.GATEWAY.IE website you are deemed to be on notice of, and in agreement with, the manner in which we collect and process personal data which we receive via this website. If you do not agree with the manner in which we collect and process personal data, you should stop using this website now and not revisit. We hope you will stay with us though.
GATEWAY CHILDREN’S SERVICES Policy on Data Protection
Your right to privacy is recognised and respected. GATEWAY CHILDREN’S SERVICES will not collect any personal information about you on this website without your clear permission. Any personal information which you volunteer to us will be treated with the highest standards of security and confidentiality in full compliance with the provisions of current valid law.
We do not collect any personal data about you on this website, apart from the information you volunteer. Any information you provide in this way will not be made available to any third parties unless we have received your express consent or unless we are obliged to do so by law. We may use data which you have submitted to us for statistical, market research, search engine optimisation (SEO) or promotional purposes in the normal way. GATEWAY CHILDREN’S SERVICES will prohibit any third party linking data to you.
The contact page on the https://gateway.ie www.gateway.ie invites you to provide:
- NAME (First and Last)
- Your e-mail
- Subject interest
- Resume submission form (staff page)
Obtaining Copies of Your Data
If your right of access to the data which you have requested is not restricted by an exemption under the Data Protection Acts, and is correctly requested, we will supply a copy of any personal data relating to you which we have received from you via this website. We are entitled to destroy any personal data which you submit to us at our discretion and will do so for security and/or data minimisation reasons where appropriate. In the event that we have destroyed any personal data which you have supplied to us we will not have any obligation to supply you with copies of this destroyed data or verification of the destruction. We will endeavour to provide you with a personal data destruction date if available.
If you wish to obtain copies of your personal data which you believe we hold, you must write to us at: 9 UPPER JOHN STREET or email us at firstname.lastname@example.org. You should include any personal identifiers such as your Name, Address, phone number, e-mail etc. For obvious data security reasons we may require that you provide us with a valid photo identification to facilitate the access request. Indeed we reserve the right to require, see and confirm photo identification before passing any personal data to a requestor.
If you make a request in respect of your personal data, we will comply with this request within 30 days of receiving it clearly in writing.
Correcting Inaccurate Information
If you discover that we hold inaccurate information about you, you can request that we correct that information and GATEWAY CHILDREN’S SERVICES would very much encourage you to do so. Any such request must be in writing and should be transmitted to us either by post or by email at the address referred to above. We may require photo identification to confirm and fulfil the request.
We will review permissions already given by you before any actions are taken in respect of any further processing and update these as or if required by contacting you.
Deleting Your Data
In certain circumstances you may also request that data which you have supplied be deleted. If you wish to request a deletion, you will be expected to identify some contravention of data protection law in the manner in which we have processed the data which you require to be deleted. We may require photo identification to confirm and fulfil the deletion/rectification request.
If you have concerns about how personal data are processed via this www.gateway.ie or indeed have any other relevant complaints, please do not hesitate to bring these to the attention of GATEWAY CHILDREN’S SERVICES by calling 086 4038789 or emailing email@example.com.
Right to Communicate
If you provide us with any postal or email address, we may communicate with you by post or email to provide you with promotional information regarding services which we provide or to keep you informed of any relevant matters which we believe might be of some interest to you where you have consented. If you do not wish to receive this information from us you must notify us of this in writing, either by post or email (unsubscribe), address mentioned earlier.
GATEWAY CHILDREN’S SERVICES Newsletter
GATEWAY CHILDREN’S SERVICES reserve an option for you to receive our newsletter (should you wish) by email to keep you abreast of current products and services. This newsletter is administered by an external service provider called MailChimp.
MailChimp is a popular mail service handler and is registered with Privacy Shield and as such complies adequately with EU data protection rules. Of note is MailChimp’s undertaking to achieve GDPR compliance before 25 May 2018 (Regulation enforcement date) See their guide HERE.
You may unsubscribe from the newsletter by calling 086 4038789, emailing firstname.lastname@example.org or online
Purpose of data collection/processing
The Data Protection Act states that the purpose(s) for which the data are processed must be ‘specified, explicit and legitimate’. GATEWAY CHILDREN’S SERVICES outline the following purposes for which they process data:
GATEWAY CHILDREN’S SERVICES collect, processes and retains personal data for the following reasons:
- To communicate with, inform and answer queries from prospective, current or past customers and visitors.
- To provide an optimum environment for our service users
- To deliver relevant information to you
- To initiate and provide a quality legitimate service
- To fulfil obligations under law, including: The Data Protection Acts 1988-2003-2018, SI 336, GDPR 2016/679, Child Care Act 1991, Child Care (Placement of Children in Residential Care) Regulations 1995, Child Care (Standards in Children’s Residential Centres) Regulations 1996
- To inform prospective, current or past service users and visitors of further relevant information and activities as agreed. E.g. Information about current and new services, etc.
- To carry out our lawful responsibilities as a business in a viable manner
- To facilitate necessary communications between relevant customers, contractors, visitors, service users and systems to process and progress legitimate goals, activities and obligations.
The above list is not exhaustive given the broad nature of GATEWAY CHILDREN’S SERVICES within the industry and therefore this statement will be reviewed to reflect this variability as required.
The general personal data legitimate processing conditions under law underlying the purpose(s) of data collection by GATEWAY CHILDREN’S SERVICES are:
- You (prospective or previous) provided consent
- To prevent injury or other damage to you (the data subject): or serious loss of or damage to your property or otherwise to protect your vital interests
- Necessary for the administration of justice
- Necessary under an enactment
- That the processing serves an official function; or
- Where necessary for the purposes of the legitimate interests pursued by GATEWAY CHILDREN’S SERVICES or by any lawful third party in the absence of reasons which prejudice your fundamental rights and freedoms or your (the data subject’s) legitimate interests.
Data collected must be adequate, relevant and not excessive
GATEWAY CHILDREN’S SERVICES adhere to the principle that data gathered must be adequate, relevant and not excessive. It is important to note here that laws, rules and practices can evolve or change, so this will be reflected in the application and the operative spectrum of the three guiding principles below.
Adequate: To provide the services on offer, personal data must be gathered for the purpose of communication, information, administration and legal compliance.
Relevant: Only personal data, germane, appropriate and necessary under law to the requirements of the services/activities provided and legitimate interests of GATEWAY CHILDREN’S SERVICES are sought.
Not excessive: The necessity of having an ‘upper limit’ of personal data collection is acknowledged. GATEWAY CHILDREN’S SERVICES is mindful of the potential for ‘excessive data creep’.
Data Retention/Destruction and Minimisation
GATEWAY CHILDREN’S SERVICES seek to minimise the volume of personal data held. To facilitate this, unnecessary and/or superfluous data will be deleted/discarded in a secure manner. Where information must be held e.g. under a legal obligation. All files (electronic and hard-copy) are securely protected.
Interception by Third Parties
While we will treat any personal data received from you in accordance with the terms set out in this privacy statement and we will take all reasonable steps to store the data securely, we cannot ensure that your data is not intercepted by third parties in the course of being transmitted to us. In the event that any information is intercepted when being transmitted to us via the internet we bear no responsibility or liability to you for the manner in which any such intercepted data is used by any third parties.
Changes to Our Policy
Details of transfers to third country (ies)
GATEWAY CHILDREN’S SERVICES do not transfer personal data to third countries currently
The existence of each of data subject’s rights
Individuals (data subjects) are provided (GDPR 2016/679 Arts 12-22, DPA 2018 S.s 89-95) with the following rights to (summary):
- Transparent information and clear communication regarding their data
- Information as to how the subject’s data was collected
- Information as to how the subject’s data was collected but not from the subject him or her self
- Access by the data subject
- Rectification of data
- Erasure of data (Right to be forgotten)
- Restriction of processing
- Notification of rectification, erasure or processing
- Data portability
- Object to processing
- Object to automated processing/decision-making including profiling
An individual (data subject) has the right to withdraw consent at any time, where relevant. Should you wish to withdraw consent please contact GATEWAY CHILDREN’S SERVICES, 9 UPPER JOHN STREET, email us at email@example.com or 086 4038789
Automated decision-making, profiling decisions
GATEWAY CHILDREN’S SERVICES do not engage in automated decision-making currently
Personal Data Retention period
Personal data is only retained as long as it is needed or to fulfil a legal obligation
GATEWAY CHILDREN’S SERVICES hold personal data under various legal obligations including:
- The Terms of Employment (Information) Act, 1994 require that an employee’s terms and conditions of employment be retained for the duration of their employment.
- The National Minimum Wage Act, 2000, at section 22, provides for a 3 year retention period to show compliance with the Act’s provisions, for example, payslips showing the employees were paid at least minimum wage.
- The Organisation of Working Time Act, 1997, at section 25, and the Organisation of Working Time (Records) Prescribed Form and Exemptions) Regulations 2001, provide for a 3-year retention period for records of weekly working hours, the GATEWAY CHILDREN’S SERVICES and 9 Upper John Street of employee, the employee’s PPS numbers and a statement of their duties.
- The Protection of Young Persons (Employment) Act, 1996, at section 15, provides for a 3 year retention period of employment records relating to persons under 18 years of age.
- The Protection of Employment Acts, 1977-2007, at section 18, provides that where an employer has collective redundancies, it must retain the records to show that the provisions of the Act were complied with for a 3 year period
Please refer to our data retention policy for further information
Personal data source and whether it came from publicly accessible sources
Technical Details may be recorded via this www.gateway.ie (Cookies). Please consult our Cookies policy for more information.
Data Protection Commissioner
The Data Protection Commissioner’s office provides a wealth of helpful information and can be viewed HERE
You can lodge a complaint with the Commissioner’s Office by clicking HERE
GATEWAY CHILDREN’S SERVICES welcomes objective feedback about our data protection documents