Irish Georgian SocietyPrivacy Policy

Irish Georgian Foundation – Privacy Policy

Last updated: 24 May 2018

The privacy and security of your personal information is extremely important to us. This privacy policy explains how and why we use your personal data, to make sure you stay informed and can be confident about giving us your information.

We’ll keep this page updated to show you know all the things we do with your personal data. This policy applies if you’re a supporter of the Irish Georgian Society (IGS) (member, donor, volunteer, customer, employee) or use any of our services, visit our website, email, call or write to us.

We’ll never sell your personal data and will only share it with organisations we work with when it’s necessary and the privacy and security of your data is assured.

The IGS operates in compliance with applicable Irish and EU data protection law in terms of the collection and use of personal data.

  1. Obtain and process information lawfully, fairly and in a transparent manner The IGS will obtain and process personal data fairly in accordance with the fulfilment of its functions and its legal obligations.
  2. Give a copy of his/her personal data to any individual, on request The IGS will have procedures in place to ensure that data subjects can exercise their rights under the data protection legislation.
  3. Keep it only for one or more specified and lawful purposes The IGS will keep data for purposes that are specific, lawful and clearly stated and the data will only be processed in a manner compatible with these purposes.
  4. Process data only in ways compatible with the purposes for which it was given initially The IGS will only use and disclose personal data in ways that are necessary for, or compatible with, the purpose/s for which it collects and keeps the data.
  5. Keep it safe and secure The IGS will take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of the data and against their accidental loss or destruction.
  6. Keep it accurate, complete and up-to-date The IGS will have procedures that are adequate to ensure high levels of data accuracy and completeness and to ensure that personal data is kept up-to-date.
  7. Ensure that it is adequate, relevant and not excessive Personal data kept by the IGS will be adequate, relevant and not excessive in relation to the purpose/s for which they are kept.
  8. Retain it for no longer than is necessary

The IGS will retain data for no longer than necessary in accordance with its data retention policy. This has regard to derogations in the Data Protection Act which allow for the processing of special categories of personal data where such processing is in the public interest, for scientific or historical research purposes or for statistical purposes (sections 39, 51, 58, 69 & 88).

What personal data do we collect?

Your personal data (any information which identifies you, or which can be identified as relating to you personally such as your name, address, phone number, email address) will be collected and used by us in accordance with this policy. We’ll only collect the personal data that we need.

We collect personal data in connection with specific activities such as registration or membership requests, placing orders, booking events, donations, volunteering, conducting research, etc.

You can give us your personal data by filling in forms on our website, by registering as a member or using other social media functions on our website or by corresponding with us (by phone, email or by joining as a member/supporter/customer).

This personal data you give us may include name, title, address, date of birth, age, gender, demographic information, email address, telephone numbers, personal description, usernames and passwords.

CCTV cameras are installed in the City Assembly House for security purposes. The footage captured by these cameras is retained for up to 12 months.

How we use your personal data

We’ll only use your personal data on relevant lawful grounds as permitted by applicable Irish and EU data protection law.

Personal data provided to us will be used for the purpose or purposes outlined in any fair processing notice in a transparent manner at the time of collection or registration where appropriate, in accordance with any preferences you express.

When you purchase something from our online shop (shop.igs.ie), as part of the buying and selling process, we collect the personal information you give us which is necessary for the completion of this transaction such as your name, address and email address.

When you browse our online store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Email newsletter marketing (if applicable): With your consent, we may send you emails about our events and programmes.

How do you get my consent? When you provide us with personal information to complete a transaction, registering or renewing your membership, placing an order, this implies that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your express consent, or provide you with an opportunity to say no.

How do I withdraw my consent? If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at dcahill@igs.ie or by post at: Irish Georgian Society, City Assembly House, 58 South William Street, Dublin 2

Third Party Services

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers. Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy.

Donorbox

Our membership payment processing system is operated by Donorbox. It is an online platform specifically designed to capture information necessary to service membership. Donorbox takes reasonable precautions to protect our users' information. Your account information is located on a secured server behind a firewall. (https://donorbox.org/privacy)

Shopify

Our online bookshop (shop.igs.ie) is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.

Payment *** If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).

PayPal

Shopify uses PayPal as its secure payment processing gateway. You can find their privacy policy here: https://www.paypal.com/ie/webapps/mpp/ua/privacy-full

Eventbrite

IGS uses Eventbrite as its online ticketing platform for events, you can find their privacy policy here: https://www.eventbrite.com/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy

Mailchimp

Our monthly newsletter is delivered through Mailchimp. You can opt in or out of these communications at any time. You can find their privacy policy online at: https://mailchimp.com/legal/privacy/

External Links When you click on links on our website, they may direct you away from our website. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements. These are listed above.

Security

To protect your personal information, we take appropriate precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

Cookies and Google Analytics

Cookies are small text files stored on your computer when you visit certain websites. We use first party cookies (cookies that we have set, that can only be read by our website) to personalise your online experience. We also use third party cookies (cookies that are set by an organisation other than the owner of the website) for the purposes of website measurement and targeted advertising. You can control the use of cookies via your browser.

Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.

_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc). _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer. cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart. _secure_session_id, unique token, sessional storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.

You can read about how Google complies with data protection laws on their website here: https://privacy.google.com/businesses/compliance/#?modal_active=none

External suppliers

For the purposes of fulfilling your membership, such as direct mail and IT services, we may need to share your data with our external suppliers but will only do so to the extent necessary for the purposes of providing those services.

IGS London and IGS Inc

We may need to share data with Irish Georgian Society London (UK) and Irish Georgian Society Inc. (USA) for the purposes of servicing your membership.

Changes to this Privacy Policy

We reserve the right to modify this privacy policy at any time, so please review it frequently. We’ll amend this privacy policy from time to time to ensure it remains up to date and reflects how and why we use your personal data and the requirements of Irish and EU data protection law. Please visit our website to keep up to date with any changes. The current version will always be posted on our website.

Further information

These guidelines provide a general introduction and should be used in conjunction with the comprehensive Data Protection advice and guidelines on www.dataprotection.ie, the website of the Irish Data Protection Commissioner (Office of the Data Protection Commissioner, Canal House, Station House, Portarlington, Co Laois).

If you wish to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our the Society at dcahill@igs.ie or by post at: Irish Georgian Society [Re: Data Protection Officer] City Assembly House, 58 South William Street, Dublin 2

[If, after engaging with us, you are unhappy with how we have handled your personal data or implemented this privacy policy, you have a right to complain to the Office of the Data Protection Commissioner, Canal House, Station House, Portarlington, Co Laois.]

Terms & Conditions Although every reasonable effort has been made to ensure that the information on this website was accurate at the time of publication, we accept no responsibility for any errors, omissions or misleading statements on any site which you may be able to access through a link on this site.

If you create an account on our website, you are responsible for maintaining the security of your account and you are fully responsible for all activities that occur under the account and any other actions taken in connection with the account. You must immediately notify the Irish Georgian Society of any unauthorized uses of your account or any other breaches of security. The Irish Georgian Society will not be liable for any acts or omissions by you, including any damages of any kind incurred as a result of such acts or omissions.

Irish Georgian Foundation operating as Irish Georgian Society. Revenue (Charities Unit): CHY 6372, Charities Regulatory Authority number 20011505