Data Privacy Policy and GDPR
At Comhlámh, we are committed to safeguarding your personal data and respecting your privacy. Our Data Privacy Policy outlines how we collect, use, store, and protect your personal information, ensuring compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws. We believe in transparency and want you to feel confident that your data is secure with us.
Whether you are a member, volunteer, partner, or visitor to our website, your privacy matters to us. This page provides detailed information about our data privacy practices and your rights under GDPR. We aim to empower you with the knowledge needed to make informed decisions about your personal information and to trust that we handle it responsibly and ethically.
Thank you for placing your trust in Comhlámh. If you have any questions or concerns about our Data Privacy Policy and/or Data Protection Policy, please do not hesitate to contact us.
Privacy Notice
1. What is Personal Data?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information
alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession.
The processing of personal data is governed by the EU General Data Protection Regulation (the “GDPR”) and the Data
Protection Act 2018.
2. Who are we?
Comhlámh is the data controller (contact details below). This means it determines how your personal data is processed and
for what purposes.
3. How do we process your data?
Comhlámh complies with its obligations under “GDPR” by keeping personal data up to date; by storing and destroying it
securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse,
unauthorised access, and disclosure and by ensuring that appropriate technical measures are in place to protect personal
data.
We use your personal data for the following purposes: employment, membership, contracts, provision of services and
renting or using of facilities.
Where we collect information from
Examples may include:
- From you directly, for example, when you fill out a membership application or become a donor, when you
register and take part in a course or public event we organise. - From external sources, for example, when you create an iDonate page or when you interact with us on social
media. - From other organisations, when you give permission or where your personal data is available publicly.
For example, if you work for a volunteer sending organisation or another NGO / social justice organisation. - From our website, when you visit. For example, we use software such as Google Analytics to identify which pages
on our website are visited most. This information is collected automatically. It does not contain any personal or
sensitive information, so browsing is anonymous. For information on this, and the use of cookies, please click
here.
4. What is the legal basis for processing your personal data?
Comhlámh obtains and processes personal data fairly and lawfully, in an open and transparent manner. We will only do so
if at least one of the following conditions applies:
- It is necessary to fulfil a contract or agreement we have with you. For example, if you make a donation or if you
are a paid member, we need to process your personal data so that we can manage the payment and send you an
acknowledgement. We need your data to process your contribution / donation including accessing your tax back
on your donation if appropriate. - We have your consent. For example, if you give us permission to keep you updated regarding our campaigns,
fundraising activity, membership mailings, E-link newsletters, information for facilities users, information for
course attendees etc. - It is in Comhlámh’s legitimate interests, and these interests are not overridden by your own rights or interests,
for example, to tailor our communications, or to contact you by post. - It is necessary for us to comply with a legal obligation. For example, your social insurance details, if you access
the VDW or PSPS schemes we will require your PPSN and other details so that we can process these schemes for
you. - It is necessary to protect your vital interests or those of another individual.
- It is in the public interest or where we have official authority vested in us.
5. Sharing your personal data
In certain circumstance, we might need to share personal data in pursuit of our legitimate interests, for example the use of
processors to manage communications, surveys, or the secure storage of your data through a data base. We will we never
provide or sell your personal details with third parties for the purpose of marketing. The only exception to this would be
where there was a lawful reason for your information to be provided to the police, regulatory bodies, or legal advisers.
6. International Transfer
All personal data is stored within the European Economic Area or countries whose data protection regimes have been
designated as adequate by the European Commission. We will not transfer any data to a third country or international
organisation without your explicit consent and without appropriate privacy safeguards in place.
7. How long do we keep your data?
We will only keep data in a form that permits personal identification for the duration necessary to fulfil our legal obligations
and operational objectives. Once the respective retention period has elapsed, Comhlámh undertakes to anonymise, destroy
or erase this data.
8. Your rights and your personal data
You have the following rights with respect to your personal data:
- The right to request a copy of your personal data, which [name of organisation] holds about you.
- The right to request that [name of organisation] correct any personal data if it is found to be inaccurate, incomplete or outof-date.
- The right to request your personal data is erased where it is no longer necessary or lawful for [name of organisation] to
retain such data. - The right to request that [name of organisation] provide you with a copy of your personal data and, in certain
circumstances, to transmit that data directly to another data controller. - The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction
is placed on further processing. - The right to object to the processing of personal data.
- The right to lodge a complaint with the Data Protection Commission.
The security of your information is of utmost importance to us. We seek to use reasonable measures to protect your
information as required by the law and in accordance with the policies Comhlámh has set. Sensitive data (known under
GDPR as Special Categories of Data) is held under strict security conditions. If you have any reason to believe that any
personal information, we hold is no longer secure, please contact us immediately.
9. Further processing
If we wish to use your personal data for a new purpose, not covered by this Privacy Notice, then we will provide you with a
new notice. The new notice will explain the new use of your personal data prior to commencing the processing. It will set
out the relevant purposes and processing conditions.
10. Contact details
To exercise all relevant rights, queries, or complaints please in the first instance contact us at the following location.
Comhlámh
12 Parliament Street
Dublin 2
01 478 3490
info@comhlamh.org
11. Complaints
You have the right to make a complaint to the Data Protection Commission which you can contact:
By phone: +353 (0761) 104 800;
Via email: info@dataprotection.ie; or
By writing to:
The Data Protection Commissioner,
Canal House, Station Road,
Portarlington, Co. Laois,
R32 AP23
Comhlámh and GDPR: Data Protection Policy
This policy applies to the processing by or on behalf of Comhlámh of personal data on natural persons (data subjects) resident in the European Economic Area regardless of whether the data is processed in the EEA or in another location. The policy is designed to ensure that Comhlámh complies with its obligations under the General Data Protection Regulation and any other relevant data protection laws and codes of conduct (herein collectively referred to as “the data protectionlaws”) operable within the EEA.
The policy is binding on all [trustees, senior managers, and staff of Comhlámh. Adherence to this policy is mandatory and non-compliance could lead to disciplinary action in accordance with the Comhlámh Constitution and contracts of employment.
Want to Dig Deeper?
Become a member
Join the growing Comhlámh community of like-minded people interested in activism.
Join our groups
Join us as a Member and get involved in one of our groups active on global and social justice issues.
Watch #FIRSTWEDS
Join our First Wednesdays conversations, explore the linkages between local and global justice issues.