Website Privacy and Data Protection Policy
DEBRA Ireland (“we”, “us” or “our”), a registered charity, is committed to respecting your privacy and protecting any personal information we process in relation to individuals in line with our obligations under the General Data Protection Regulation (No. 2016/679) (“GDPR”), the Data Protection Act 2018 and any other laws which apply to us in relation to the processing of personal data (collectively referred to as “Data Protection Laws”).
The Site is not intended for, directed at, intended for or likely to be accessed by children.
DEBRA Ireland is the national charity established to provide patient support services to those families living with EB in Ireland and is the controller of personal data processed in connection with its services.
Whose personal data we collect
The list below outlines the types of ‘association’ an individual may have with DEBRA Ireland. This list is not exhaustive.
- Current donors
- Fundraising supporters
- Service Users
The personal data we process may include:
|Category||Types of data processed|
· Title, Name
|Contact details||· Postal address, email address, contact phone numbers (home / work landline phone number, personal / work mobile number)|
|Financial data (to help the fundraising team to fulfil its function)||· Donations made to DEBRA Ireland
· Bank details for regular donors to DEBRA Ireland including account numbers
|Employment information||· Employer
|Special category data||
· Health information including medical condition information and dietary requirements
|Other information||· Such as attendance at DEBRA Ireland events|
What we do with the information collected
We may use your personal data for the following purposes:
|Purpose of the Processing||Legal Basis for the Processing|
|Administration purposes||Such processing is necessary for the performance of a contract with you, for our legitimate interests such as responding to queries and providing information which you request and where necessary for complying with our legal obligations.|
|Donations and tax relief purposes||The processing is necessary to support our legitimate interests in managing the business of DEBRA Ireland as a charity, provided such interests are not overridden by your interests and rights.|
|DEBRA Ireland communications which may be sent via, telephone or electronically, which can include, but is not limited to, the following:
· Information on fundraising events and activities
· Information on our campaigns and advocacy work
· Other relevant communications depending on your relationship with the Fundraising Team
|The processing relies on your consent or is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights.|
|DEBRA Ireland will contact you by post from time to time||The processing is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights.|
|Service provision as well as event management purposes||Explicit consent will typically be relied upon for the processing of special category data such as health data.|
|For fulfilling a contract that you have entered such as||Contractual necessity.|
|Enforcing and defending our rights||We have a legitimate interest in ensuring that our services and the Site are used in accordance with our terms and conditions of use and policies.
Where necessary for the purpose of complying with our legal obligations.
Where necessary for the purpose of establishing, exercising or defending a legal claim, a prospective legal claim, legal proceedings or prospective legal proceedings.
|Site services, including for troubleshooting, data analysis, and survey purposes||We have a legitimate interest in operating and maintaining the Site and for related purposes including improving our services.|
DEBRA Ireland use donor and supporter personal data for a number of purposes directly related to our fundraising to deliver our care, cure and advocacy services for families living with EB. We are committed to only contacting you based on the contact preferences we hold for you, which you can amend at any time.
If you would like to opt out of any use of your data at any time, you can do so by emailing [email protected]
Automated decision making and donor analysis
DEBRA Ireland does not carry out automated decision making. We analyse the outcomes of our fundraising campaigns, appeals and engagement with you. This allows us to understand how our campaigns work, enables us to make appropriate requests from you and ensure that communications with you are relevant. We also carry out research on publicly available data to understand our different types of donors to support our fundraising strategy. We rely on our legitimate interest as a charity for this processing.
We conduct fundraising appeals throughout the year using various forms of communication, including mail, email, and social media. If you provided us with your postal address, we may contact you by mail in relation to fundraising unless you opt-out.
We will only share fundraising and marketing communications with you by phone or email with your specific consent. This consent may be given by way of a tick box on our website or an online or physical form, or by conversation with one of our team over the phone or in person. You can opt-out of phone or email contact at any time either by following the instructions in the communication, or by emailing [email protected]
If you have given us your consent to use your email, we may also use it to match you against statistical profiles in Facebook or other services, so that you will be more likely to see information about DEBRA Ireland campaigns your social media timeline, and so that people who share your characteristics on those platforms will be more likely to see our campaigns as well. DEBRA does not access or use any of your other personal data through Facebook. To have your email address excluded from this processing, please email [email protected]
Who we share your information with
We would love to conduct all our fundraising and communications services ourselves. However, as a charity we continuously strive to improve efficiencies and cost effectiveness, and so to ensure the right and best technology and expertise, at times DEBRA Ireland engage the services of third parties. Your personal data may be disclosed to third parties if required for the purposes outlined in the table above. These may include (but are not limited to):
- mailing service providers and email marketing platforms;
- ground handlers managing certain DEBRA associated events (e.g. the Kerry Challenge)
- data cleansing and data import service providers;
- third parties who we engage to provide services to us, such as outsourced service providers, IT service providers, professional advisers and auditors;
- payment service providers;
- other public authorities and bodies where required or permitted by law, such as An Garda Síochána or other law enforcement authorities for the purposes of prevention, investigation or detection of crime; and
- we may share data as required to comply with any applicable law or regulation, a summons, search warrant, court or regulatory order, or other statutory requirement.
If we appoint a processor to process your personal data, we will ensure that this arrangement is subject to a formal agreement with the selected service provider.
How your data is used online
The Internet is not a secure environment we cannot guarantee that the security of any information you transmit to us via the Internet to be 100% secure. While we take reasonable measures to keep your information secure, we cannot guarantee your online data security. However, once we receive your personal data we take all reasonable technical and organisational measures to protect personal data from loss, misuse, alteration, or destruction, and to prevent any unauthorised or unlawful disclosure or processing.
Details of transfers outside the European Economic Area (EEA) and safeguards
Some of our service providers are outside the EEA (e.g. email management service providers). Therefore, sometimes we transfer your data outside the EEA. We will ensure suitable safeguards are in place to affect such transfers such as transferring personal data to a country that has been deemed by the European Commission to offer an adequate level of data protection, or entering into the standard contractual clauses as approved under EU law from time to time.
DEBRA Ireland’s full details are:
DEBRA Ireland, 8 Clanwilliam Terrace, Grand Canal Quay, Dublin 2, D02 R240
Email: [email protected]
Phone: 01 412 6924
DEBRA Ireland’s Data Protection Officer may be contacted at the address above or by email at [email protected].
Social Media Sites
The Fundraising Team manage the below listed social media pages. We are not responsible for the privacy practices of any external websites, device manufacturers or platforms which may be accessed or used in connection with a person’s use of the Site, our social media pages or apps. They are subject to their own privacy statements which may materially differ from those of DEBRA Ireland so users should review them for further information. Our social media sites (as listed below) may contain links to the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third-party websites.
Our Facebook page (https://www.facebook.com/DEBRA.Ireland) is used to share news articles and both old and recent photographs. Our Facebook page is open to the public therefore comments made on our posts will be visible to the public. You are responsible for the privacy setting on your personal Facebook profile at all times. We moderate all comments made on our Facebook posts and may remove/hide a comment if we feel it is inappropriate.
Our Twitter page (https://twitter.com/debraireland) is used to share news articles and both old and recent photographs. If tweets directed to @debraireland are deemed inappropriate and do not follow twitter’s rules (https://support.twitter.com/articles/18311#) we may report such instances.
Our Instagram page (https://www.instagram.com/debraireland) is used to share news articles and both old and recent photographs. Our page is open to the public therefore comments made on our posts will be visible to the public. We moderate all comments made on our Instagram posts and may remove/hide a comment if we feel it is inappropriate.