Data Protection

• Home
• Data Protection

• Share this on Facebook
• Tweet This
• Print This Page
• Help

INKEx and personal data

Introduction

Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic format.

The Data Protection Acts 1988 and 2003 (the “Data Protection Acts”) lay down strict rules about the way in which personal data and sensitive personal data are collected, accessed, used and disclosed. Since it acts variously as a data processor and a data controller, INKEx is alert to its responsibilities under this legislation.

The Data Protection Acts also permit individuals to access their personal data on request, and confer on individuals the right to have their personal data amended if found to be incorrect.
This document outlines INKEx’s privacy policies including an access request policy to help ensure that we comply with requests made under the provisions of the Data Protection Acts.

INKEx’s privacy policy relates to data acquired from different sources, and for different purposes, which are set out below. We are respectful of the privacy and data protection rights of individuals, and we use our best efforts to protect these at all times.

1.            INKEx re-use of regulatory data

INKEx re-uses public data supplied to CRO pursuant to the Companies Acts 1963-2009, including

1. Names of Company Directors and Secretaries
2. Dates of Directors’ and Secretaries’ appointment/resignation
3. Directors’ and Secretaries dates of birth
4. Directors’ and Secretaries’ home addresses
5. Changes to any of these particulars

INKEx acquires these data from a data re-seller, which in turn acquires them from the Companies Registration Office under the terms of a data licence contract (published on the CRO website at http://www.cro.ie/ena/downloads-re-use-of-information.aspx). The Directors’ and Secretaries names that appear on the microsites of individual companies are as supplied to us daily by our supplier, who in turn acquires these from the CRO.

Only item 1. above (names of Company Directors and Secretaries) is normally published on the INKEx website, in pursuit of INKEx’s public benefit purposes, which are to promote visibility, accountability and transparency for Irish nonprofits.

Specifically, they will not be made available, or used by INKEx for marketing or direct mail purposes.

INKEx has advised the Directors and Secretaries concerned of its intentions by means of an email communication to their organisation’s representative or a letter to their registered address.

2.            INKEx use of voluntarily disclosed data

Each nonprofit listed on INKEx’s website is invited to provide the name, a short biography and a photograph of their chief executive officer (or equivalent). These are published on the website and are stored in INKEx’s database in pursuit of INKEx’s public benefit purposes, which are to promote visibility, accountability and transparency for Irish nonprofits.

As well as being published on the free searchable website, these data may be made available for research/analysis purposes to other organisations which support or share INKEx’s values. They will not be made available, or used by INKEx for marketing or direct mail purposes.

3.            INKEx use of contact data

As a means of conducting its relationships with organisations listed on its free public website, INKEx requires a named contact in each organisation, and acquires their email address and telephone number(s).

The contact details so acquired are stored in INKEx’s internal customer relationship management system for INKEx’s own business uses and will be used for no other purpose without the explicit permission of the individuals concerned.

The data so created will be stored and archived, unless removed at the explicit request of the person in question.

Access Request Policy and Procedures

Under Section 3 of the Data Protection Acts any individual has the right to establish whether any personal data is kept about him or her. Where we hold such personal data on you, we will respond within 21 days of receipt of a request for information, giving you a description of the data we hold on you and the purposes for which it is kept.

Such requests, or inquiries about this policy should be made in writing to the Data Protection Co-Ordinator, INKEx at 37 Fitzwilliam Place, Dublin 2.
Please state in your letter that you are making your request under section 3 of the Data Protection Acts, and note that we do not accept section 3 requests via telephone, email or text message. Before we respond to your request, we may require that you provide us with satisfactory evidence of your identity and address.

Under Section 4 of the Data Protection Acts, an individual may ask for and receive a copy of any personal data held about him or her.

If you wish to make a request under this provision, please write to us at the same address, being as specific as possible about the information you wish to access, and providing a signed photocopy of a proof of identity (e.g. driving licence or passport with photo). We do not accept access requests via telephone, email or text message.

We undertake to respond to you in a reasonable time, or in all events no later than the statutory period of forty days.

If you are not satisfied with the outcome of your access request you are entitled to make a complaint to the Data Protection Commissioner who may investigate the matter for you.

INKEx does not currently levy a fee for the response to such requests but reserves the right to do so in the future.

Responsibility and review

Whereas responsibility for ensuring compliance with the requests made under the Data Protection Acts rests with INKEx, the degree of our responsibility varies depending upon whether we are acting in a particular instance as either a data controller or a data processor.

All employees and contractors of INKEx who separately collect, control or process the content and use of personal data are individually responsible for compliance with the Data Protection Acts. The Data Protection Co-Ordinator is INKEx’s Data Protection Officer, and co-ordinates the provision of support, assistance, advice, and training throughout the company to ensure we are in a position to comply with the legislation.

These policies will be reviewed regularly in light of any legislative or other relevant developments.