How we protect and manage your personal data
The General Data Protection Regulation (GDPR) came into force on 25 May 2018 and amends existing data protection law and places enhanced accountability and transparency obligations on organisations when using your information. The GDPR also gives you greater control over your personal information, including a right to object to the processing of your personal information where that processing is carried out for our business purposes.
This policy explains the most important aspects of how we use your information and what rights you have in relation to your personal information.
1. Who we are
Throughout this document, ”we”, ”us”, ”our” and ”ours” refer to IPUT plc. Our Head Office is located at 47-49 St Stephen’s Green, Dublin 2.
2. The data we collect about you
The type of data we collect will vary depending on the type of service that you require from us. Types of data we hold include:
- 2.1 data to identify you, including your contact information;
- 2.2 data relating to your usage of our services;
- 2.3 information about you provided by others (if any); and
- 2.4 information which you have consented to us using;
- 2.5 information for your security, and protection of our employees and property.
3. When we collect your data
We collect information: (i) you give to us; and (ii) information provided to us by third parties.
4. How we use your data and the legal basis
We use, and share, your data where:
- 4.1 you have agreed or explicitly consented to the using of your data in a specific way (you may withdraw your consent at any time);
- 4.2 use is necessary in relation to providing you with a service (e.g. to contact you in relation to a family member);
- 4.3 use is necessary because we have to comply with a legal obligation (e.g. reporting to regulatory authorities or law enforcement); and
- 4.4 use is necessary to protect your “vital interests” in exceptional circumstances;
- 4.5 we legitimately need it to protect our employees and property.
5. Who we share your data with
When providing our services to you, we may share your information with:
- 5.1 third parties with whom: (i) we need to share your information to allow us to act on your behalf and (ii) you ask us to share your information;
- 5.2 third parties with whom we are legally obliged to share your data or third parties from whom we get advice;
- 5.3 where you have specifically consented, our direct marketing processors.
6. How long we hold your data for
We hold your personal data to comply with all legal requirements after which it is deleted.
7. Implications of not providing your data
If you do not provide information we may not be able to act on your behalf in an efficient and diligent manner.
We will tell you when we ask for information which is not a contractual requirement or is not needed to comply with our legal obligations.
8. Using companies to process your data outside the European Economic Area (EEA)
In some cases, we may transfer information about you and your products and services with us to our service providers and other organisations outside the EEA. We will always take steps to ensure that any transfer of information outside the EEA is carefully managed to protect your privacy rights.
In some locations we use CCTV cameras to protect you, our employees and our property. Window signage identifies the use of CCTV cameras. The footage is deleted after approximately 30 days and there is no access to it at local level. If you wish to exercise your data rights in relation to CCTV please see how to make your request in section 10 (below).
10. How to exercise your data rights
In accordance with the GDPR which came into force on 25 May 2018, you have a number of rights in relation to how we process your information including the right to:
- 10.1 object to a particular use of your personal data for our legitimate business interests;
- 10.2 find out if we use your information, access your information and receive copies of your information;
- 10.3 in certain circumstances, to have your information deleted or our use of your data restricted;
- 10.4 have inaccurate/incomplete information corrected and updated;
- 10.5 exercise the right to data portability (i.e. obtain a transferable copy of your information we hold to transfer to another provider); and
- 10.6 withdraw consent at any time where processing is based on consent.
If you wish to exercise any of your data rights, your request must be made in writing to email@example.com or by post to IPUT plc, 47-49 St Stephen’s Green, Dublin 2.
You should also furnish a copy of your photo identification and confirmation of the telephone number which you provided to us. This is to ensure confidentiality and that we give you the right information. We do not use this information for any other purpose and we will delete it shortly after your request has been actioned.
If we are unable to deal with your request fully within a calendar month we may extend this period by a further two calendar months and shall clearly communicate the reason why to you.
You also have the right to complain to the Data Protection Commission or any other supervisory authority. You can contact the office of the Data Protection Commission at:
- Telephone: +353 57 8684800 or +353 (0)761 104 800
- Lo-call number: 1890 252 231
- Fax: +353 57 868 4757
- E-mail: firstname.lastname@example.org
- Data Protection Commission
- Data Protection Commission
21 Fitzwilliam Square,
11. How to contact us
If you have questions about how we use your information, please email us at email@example.com or write to us at:
IPUT plc, 47-49 St Stephen’s Green, Dublin 2
We will update our Data Privacy Notice from time to time. Any updates will be made available and, where appropriate, notified to you by email, text or on our website.
IPUT plc takes the security of your details and your privacy very seriously, and we secure your details using industry-standard security and encryption techniques for safeguarding.
Why do you need my details? And are they safe?
If you fill in a form on “https://carrickminespark.com/” we will need to obtain your relevant details. We retain this information so that we can assist with your query or application form. All details are kept in strictest confidence and using industry-standard security measures. We will also process your data in compliance with the Irish Data Protections Act 1988 and 2003, as well as the Electronic Communications Act 2011.
If you wish to amend your details at any time, you can do so through writing to us providing a government-recognised form of identification. You can also request that your information be deleted, which we will do on the provision it is not required for our records.
We will also ensure that you only receive marketing emails from us if you choose this option, and your information will not be shared with third-parties.
You also have a Right of Access as per The Data Protection Acts 1988 & 2003 to receive a copy of all details held by IPUT plc. In order to do this, please contact us in writing requesting your information and enclosing both a Government-recognised form of identification and an administration/postage fee of €5.