We ensure that we use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information RE:LINK may collect about you and how we collect it
- How we will use that information
- Whether we disclose your details to anyone else
- Your choices regarding the information you provide to us.
If you have any queries about this please contact firstname.lastname@example.org
Who We Are
RE:LINK is an off-shoot of The Sacred Heart Messesnger magazine, itself published by Messenger Publications which is the publishing organisations of the Jesuits in Ireland.
We reach out to teachers and students through RE:LINK, offering unique content to complement the Irish Junior Certificate religious education curriculum.
How We Collect Data
RE:LINK collects information in the following ways:
- When you give it to us DIRECTLY
You may give us your information for the following reasons:
- to receive email updates, newsletters or campaigns
- to enter competitions
- to subscribe
- to submit an article for publication or consideration
- to complete a registration form for an event
- to communicate for marketing purposes
- When you give it to us INDIRECTLY
What Data We Collect
The type and quantity of information we collect and how we use it depends on why you are providing it.
If you subscribe we will collect:
- Your name
- Your postal address
- Your email address
- Customers and Supporters
If you are a customer, for example, you sign up for an event, we will usually collect:
- Your name
- Your contact details: postal and/or email address
We retain records of the events you have attended.
If you use your credit or debit card for any reason, we will ensure that this is done securely and in accordance with the Payment Card Industry Data Security Standard. You can find out more information about PCI DSS on their website – https://www.pcisecuritystandards.org/security_standards/index.php
We do not store your credit or debit card details at all, following the completion of your transaction. All card details and validation codes are securely destroyed once the payment or donation has been processed. Only staff authorised and trained to process payments will be able to see your card details.
Where it is appropriate in order to offer you a good service we may also ask for:
- Information on your reasons for attending an event
- Information on your previous experience of events
- Information relating to your health, disability, and dietary preference
In accordance with the laws concerning tax information, our accounts department will keep on file documentation regarding all purchases and invoices, in and out, for the number of years required by statute. This information will be kept on the Accounts system only, and will be password protected. This information will include:
- Your name
- Your contact details as provided at the time of transaction
- Invoice/Purchase details/donation, etc.
- Sensitive data
Data Protection law recognises that certain categories of personal information are more sensitive. This is known as sensitive personal data and covers health information, race, and religious beliefs. We do not usually collect ‘sensitive personal data’ about our supporters unless there is a clear reason for doing so, such as ensuring your needs are met if you attend an event. In this case, the information is not detailed, only referenced for that event, and is deleted as soon as practicable after the event.
Why We Collect Data
We will mainly use your data to:
- Provide you with the services, products or information you asked for
- Let you know about new services, products and ways you can support us
- Keep a record of your relationship with us
- Ensure we know how you prefer to be contacted
- Understand how we can improve our services, products or information.
If you enter your details onto one of our online forms, and you don’t ‘send’ or ‘submit’ the form, we may contact you to see if we can help with any problems you may be experiencing with the form or our websites.
We may also use your personal information to detect and reduce fraud.
How We Share Data
We will not normally share your data, neither with other organisations nor with the various apostolic works of the Jesuits In Ireland.
We will only share your information if:
- We are legally required to do so, e.g. by a law enforcement agency legitimately exercising a power or if compelled by an order of the Court
- We believe it is necessary to protect or defend our rights, property or the personal safety of our people or visitors to our premises or websites
- We are working with a carefully-selected partner that is carrying out work on our behalf. These partners may include mailing houses and IT specialists. The kind of work we may ask them to do includes processing, packaging, mailing and delivering purchases or magazines, sending postal mail, emails and text messages, carrying out research or analysis and processing payments. We only choose partners we can trust. We will only pass personal data to them if they have signed a contract that requires them to:
- abide by the requirements of the General Data Protection Regulation
- treat your information as carefully as we would
- only use the information for the purposes it was supplied (and not for their own purposes or the purposes of any other organisation)
- allow us to carry out checks to ensure they are doing all these things.
We will never share, sell or swap your details with any third parties for the purposes of their own marketing or the monetising of your data.
We will only ever share your data in other circumstances if we have your explicit and informed consent.
How We Store Data
We store information on computers located in Ireland. We may transfer data to our reputable third party suppliers as explained above (e.g. Our cloud storage, or technical support). These third parties may be situated inside or outside the European Economic Area, but will be required to be General Data Proctecion Regulation (GDPR) compliant. We may also store information in paper files.
We place a great importance on the security of all personally identifiable information associated with our supporters and customers. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal data under our control. For example, only authorised personnel are allowed to access user information and we use secure server software (SSL) to encrypt financial and personal information you input before it is sent to us. We password protect each computer terminal, and password protect our data files.
While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur while it is under our control, we use our best efforts to try to prevent this.
Unfortunately, the transmission of data across the internet is not completely secure and whilst we do our best to try to protect the security of your information we cannot guarantee that loss, misuse or alteration of data will not occur whilst data is being transferred.
Where you or we have provided a password enabling you to access parts of our websites it is your responsibility to keep this password confidential. Please don’t share your password with anyone.
We will keep your information only for as long as we need it to provide you with the services or information you have required, to administer your relationship with us, to inform the preferences of our supporters, to comply with the law, or to ensure we do not communicate with people that have asked us not to.
When we no longer need information we will always dispose of it securely, using specialist companies if necessary to do this work for us.
The General Data Protection regulation gives you certain rights over your data and how we use it. These include:
- the right to have inaccurate personal data rectified, blocked, erased or destroyed
- the right to prevent your data being used for direct marketing
- the right of access to a copy of the information we hold about you (known as a subject access request).
Access Requests must be made in writing by post with a description of the information you want to see, and proof of your identity. Please send your request by post to: Data protection, RE:LINK, Messenger Publications, 37 Lower Leeson Street, Dublin D02 W983.
We do not accept Access Requests by email so we can ensure that we only provide personal data to the right person.
We will respond within one month of receipt of your written request and confirmed ID. Please provide as much information as possible about the nature of your contact with us to help us locate your records.
Where you have provided your consent for our use of your personal information, you always have a right to withdraw your consent at any time.
For more information about your rights under the Data Protection Act go to the website of the Data Protection Commissioner at www.dataprotection.ie
For further information please contact our office on 01 6767491 or email email@example.com so we can direct your enquiry.