Website Privacy and Data Protection Policy

Introduction

DEBRA Ireland (“we”, “us” or “our”), a registered charity, is committed to respecting your privacy and protecting any personal information we process in relation to individuals in line with our obligations under the General Data Protection Regulation (No. 2016/679) (“GDPR”), the Data Protection Act 2018 and any other laws which apply to us in relation to the processing of personal data (collectively referred to as “Data Protection Laws”).

In this Privacy Policy, “controller”, “personal data” and “process” (and its derivatives) have the meanings given to those terms in the Data Protection Laws. References to “we”, “us” or “our” refers to DEBRA Ireland.  The purpose of this privacy policy is to outline how we process personal data, including through use of this site, regardless of how you access or use our site (the “Site”) – whether via personal computers, mobile devices or otherwise. Our aim is to be transparent about what we do and to make it easy for you to control the use of your data based on your preferences.

The Site is not intended for, directed at, intended for or likely to be accessed by children.

DEBRA Ireland is the national charity established to provide patient support services to those families living with EB in Ireland and is the controller of personal data processed in connection with its services.

Please also see our Cookie Policy here (https://debraireland.org/cookie-policy/) for further details about the ways in which we collect and use your personal data.

Please note that this privacy policy is a dynamic document

From time to time, we may amend this Privacy Policy. Any changes to this Privacy Policy will be posted on the DEBRA Ireland website so that you are always aware of how any personal data is processed. If at any time we decide to process personal data in a manner significantly different from that stated in this Privacy Policy, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail.

Whose personal data we collect

The list below outlines the types of ‘association’ an individual may have with DEBRA Ireland. This list is not exhaustive.

  • Current donors
  • Eventers
  • Corporates
  • Fundraising supporters
  • Service Users

The personal data we process may include:

Category Types of data processed
Demographic data  

·         Title, Name

Contact details ·         Postal address, email address, contact phone numbers (home / work landline phone number, personal / work mobile number)
Financial data (to help the fundraising team to fulfil its function) ·         Donations made to DEBRA Ireland

·         Bank details for regular donors to DEBRA Ireland including account numbers

Employment information ·         Employer

·         Position

Special category data  

·         Health information including medical condition information and dietary requirements

Other information ·        Such as attendance at DEBRA Ireland events

What we do with the information collected

We may use your personal data for the following purposes:

Purpose of the Processing Legal Basis for the Processing
Administration purposes Such processing is necessary for the performance of a contract with you, for our legitimate interests such as responding to queries and providing information which you request and where necessary for complying with our legal obligations.
Donations and tax relief purposes The processing is necessary to support our legitimate interests in managing the business of DEBRA Ireland as a charity, provided such interests are not overridden by your interests and rights.
DEBRA Ireland communications which may be sent via, telephone or electronically, which can include, but is not limited to, the following:

·         Information on fundraising events and activities

·         Information on our campaigns and advocacy work

·         Other relevant communications depending on your relationship with the Fundraising Team

The processing relies on your consent or is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights. 
DEBRA Ireland will contact you by post from time to time The processing is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights. 
Service provision as well as event management purposes Explicit consent will typically be relied upon for the processing of special category data such as health data.
For fulfilling a contract that you have entered such as Contractual necessity.
Enforcing and defending our rights We have a legitimate interest in ensuring that our services and the Site are used in accordance with our terms and conditions of use and policies.

Where necessary for the purpose of complying with our legal obligations.

 

Where necessary for the purpose of establishing, exercising or defending a legal claim, a prospective legal claim, legal proceedings or prospective legal proceedings.

Site services, including for troubleshooting, data analysis, and survey purposes We have a legitimate interest in operating and maintaining the Site and for related purposes including improving our services.

Contact preferences

We are committed to only contacting you based on the contact preferences we hold for you, which you can amend at any time.

If you would like to opt out from communications from us at any time, you can do so by contacting us at the details set out below.

Automated decision making and donor analysis

DEBRA does not carry out automated decision making.  We analyse the outcomes of our fundraising campaigns, appeals and engagement with you. This allows us to understand how our campaigns work, enables us to make appropriate requests from you and ensure that communications with you are relevant. We also carry out research on publicly available data to understand our different types of donors to support our fundraising strategy. We rely on our legitimate interest as a charity for this processing.

Who we share your information with

Your personal data may be disclosed to third parties if required for the purposes outlined in the table above. These may include (but are not limited to):

  • mailing service providers and email marketing platforms;
  • ground handlers managing certain DEBRA associated events (e.g. the Kerry Challenge and the Wicklow Mountains Challenge);
  • data cleansing and data import service providers;
  • third parties who we engage to provide services to us, such as outsourced service providers, IT service providers, professional advisers and auditors;
  • payment service providers;
  • other public authorities and bodies where required or permitted by law, such as An Garda Síochána or other law enforcement authorities for the purposes of prevention, investigation or detection of crime; and
  • we may share data as required to comply with any applicable law or regulation, a summons, search warrant, court or regulatory order, or other statutory requirement.

If we appoint a processor to process your personal data, we will ensure that this arrangement is subject to a formal agreement with the selected service provider.

How your data is used online

The Internet is not a secure environment we cannot guarantee that the security of any information you transmit to us via the Internet to be 100% secure. While we take reasonable measures to keep your information secure, we cannot guarantee your online data security. However, once we receive your personal data we take all reasonable technical and organisational measures to protect personal data from loss, misuse, alteration or destruction and to prevent any unauthorised or unlawful disclosure or processing.

Details of transfers outside the European Economic Area (EEA) and safeguards

Some of our service providers are outside the EEA (e.g. email management service providers). Therefore, sometimes we transfer your data outside the EEA. We will ensure suitable safeguards are in place to effect such transfers such as transferring personal data to a country that has been deemed by the European Commission to offer an adequate level of data protection or entering into the standard contractual clauses as approved under EU law from time to time.

Contact us

DEBRA Ireland’s full details are:

DEBRA Ireland, 8 Clanwilliam Terrace, Grand Canal Quay, Dublin 2, D02 R240

CHY: 8703

Email[email protected]

Phone: 01 412 6924

DEBRA Ireland’s data protection officer may be contacted at the address above or by email at [email protected].

Social Media Sites

The Fundraising Team manage the below listed social media pages.  We are not responsible for the privacy practices of any external websites, device manufacturers or platforms which may be accessed or used in connection with a person’s use of the Site, our social media pages or apps. They are subject to their own privacy statements which may materially differ from those of DEBRA Ireland so users should review them for further information. Our social media sites (as listed below) may contain links to the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third-party websites.

Facebook

Our Facebook page (https://www.facebook.com/DEBRA.Ireland) is used to share news articles and both old and recent photographs. Our Facebook page is open to the public therefore comments made on our posts will be visible to the public. You are responsible for the privacy setting on your personal Facebook profile at all times. We moderate all comments made on our Facebook posts and may remove/hide a comment if we feel it is inappropriate.

Twitter

Our Twitter page (https://twitter.com/debraireland) is used to share news articles and both old and recent photographs. If tweets directed to @debraireland are deemed inappropriate and do not follow twitter’s rules (https://support.twitter.com/articles/18311#) we may report such instances.

Instagram

Our Instagram page (https://www.instagram.com/debraireland) is used to share news articles and both old and recent photographs. Our page is open to the public therefore comments made on our posts will be visible to the public. We moderate all comments made on our Instagram posts and may remove/hide a comment if we feel it is inappropriate.