Framework is committed to protecting your privacy, be that when you visit our website and/or provide us with information when submitting an enquiry, or when you use our services. Framework seeks to ensure the highest standards of compliance with all relevant Data Protection Laws and Regulations.
In accordance with the General Data Protection Regulation (GDPR), Framework has implemented this privacy notice to inform you of the types of data we process about you. We also include within this notice the reasons for processing your data, the lawful basis that permits us to process it, how long we keep your data for and your rights regarding your data.
This policy applies to all personal data (“Personal Data“) in our possession and specifically includes the following: FRC / client / service user information (including name, address, fixed line number, mobile number, email address and all other contact details).
In addition to existing data protection legislation and ePrivacy regulations, the new General Data Protection Regulation (GDPR) requires that we give individuals specific information about what we are doing with their information. It sets out the details that we should supply to individuals, and when we need to give it to you.
Under the GDPR, the information we give to you about the processing of Personal Data must be:
- Concise, transparent, intelligible and easily accessible;
- Written in clear and plain language, particularly if addressed to a child; and
- Free of charge.
We endeavour to meet those obligations.
Where you provide us with your Personal Data in any way, you agree that we may collect, store and use it: (a) in order to perform our contractual obligations and; (b) based on our legitimate interests for processing i.e. for internal administrative purposes, as described in this Privacy Notice.
EXPLAINING THE DATA PROTECTION JARGON:
- Personal data is information about a living individual which is capable of identifying that individual.
- Processing is anything done with/to Personal Data, including storing it.
- The data subject is the person about whom Personal Data are processed.
- The data controller is the person or organisation who determines the how and what of data processing.
KEY INFORMATION REQUIRED IN OUR PRIVACY NOTICE UNDER CHAPTER III OF THE GDPR
Identity the contact details of the data controller and where applicable the controller’s representative
Framework South East CLG, SHY Centre, St. John’s Park, Waterford. Enquires to email@example.com or firstname.lastname@example.org or by post to the address above, directed to the Manager.
Purpose of the processing and the legal basis for the processing.
We need your Personal Data in order to perform our contractual obligations and for our legitimate interests;
The legitimate interests of the data controller or third party (where applicable)
We have a legitimate interest in using Personal Data as part of the operation of our business and the provision of the services under our contractual obligations, but always balanced with your rights, and only where that legitimate interest is justified.
HOW WE COLLECT PERSONAL DATA
We may collect Personal Data as follows;
- In order to perform our contractual obligations and for our legitimate interests.
- Register to use our websites, applications or services; this may include your name (including business name), address, email address and telephone number. We may also ask you to provide additional information about your business and your preferences;
- Complete online forms (including call back requests), take part in surveys, post on our message boards, post any blogs, download information or publications or participate in any other interactive areas that appear on our website or within our application or service;
- Interact with us using social media;
- Provide your contact details to us when registering to use or accessing our website, applications or services we make available or when you update those details; and
- Contact us offline, for example by telephone, fax, SMS, email or post.
- We will also collect your information where you only partially complete and/or abandon any information inputted into our website and/or other online forms and may use this information to contact you to remind you to complete any outstanding information.
Details of international data transfers
We generally do not transfer Personal Data outside of the European Economic Area.
Retention period or criteria used for determining the retention period
FRC / Client / Service User Personal Data is retained for up to two years after you cease to be an active service user or as per the contractual agreement and our legitimate interests.
The various rights of the data subject
You have the right to apply for a copy of the information we hold about you. This is called a data subject access request and you can make a request by writing to us using the contact details above. We may require further information from you in order to verify your identity before disclosing any Personal Data to you.
You also have the right to have any inaccurate information about you corrected. We want to make sure that your information is accurate and up to date. You may ask us to correct or remove any information that you think is no longer up to date. Please contact us using the contact details below if you would like any corrections made to your information.
You have the right to object to the processing of your information.
The right to withdraw consent at any time, where relevant
Where you have given your consent to the processing of your of Personal Data, you may withdraw that consent in writing at any time, by notification to the address above. Note in addition to, or instead of your explicit consent, we may also rely on our legitimate interest as a lawful basis for processing your Personal Data, and that legitimate interest may survive the withdrawal of consent.
The right to lodge a complaint with a supervisory authority
If you consider that the processing of Personal Data infringes the GDPR, you have the right to lodge a complaint with the office of the Data Protection Commissioner. You can contact the ODPC at Data Protection Commissioner, Canal House, Station Road, Portarlington, R32 AP23, Co. Laois or by telephone on +353 57 8684800 or +353 (0)761 104 800 or Lo Call 1890 252 231 or email email@example.com.
The provision of Personal Data as collected by Framework, is limited to that which is necessary to provide the service as per our contractual obligations and for our legitimate interests. A failure to provide the relevant current Personal Data could have the consequence that Framework is frustrated from performing its obligations under the contract.
“Cookies” are small text files sent from a website to the hard drive of a user’s computer to store bits of information related to that user. Cookies can store information about users, including IP addresses, navigational data, server information, data transfer times, user preferences, and passwords needed to access the special areas on our site.