Data Protection Statement for Usafety

Your Right to Privacy
In this statement we explain how “we respect your privacy in relation to the information you
provide to us when you use this website.
 
1.Introduction
Usafety is a leading provider to Health and Safety and Ergonomic services. Our services include Consultancy and Training. We deliver these services to a vary large range of clients from multinationals to SMEs in both the public and private sectors nationally. We provide practical solutions and partnership arrangements with our clients and quality of delivery in all cases.
In order to provide our services, we need to process Personal Data. We are committed to protecting the rights personal data of individuals in accordance with data protection legislation including the General Data Protection Regulation in Europe (the “GDPR”).
 
2.Contact Details
If you have any questions about this Data Protection Statement or the way in which your personal information/data is being used by us, please contact:
The Data Protection Officer,
Usafety
Unit 1-2B Glenrock Business Park,
Ballybane Industrial Estate
Galway. H91 FF25
Email:   info@usafety.ie
Tel:        +353 91 485580                
 
3.Purpose of this Data Protection Statement
This Data Protection Statement applies to Personal Data.
Definition of Personal Data:
“Personal Data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This Data Protection Statement describes our approach to data protection and sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be used by us where we are controllers of that Personal Data for the purposes of the GDPR. Please read this Statement carefully to understand our views and practices regarding the Personal Data we collect, as controllers under the GDPR, and how we will treat it.

4.Who this Data Protection Statement Applies to:
This Data Protection Statement provides specific information relating to the following individuals whose Personal Data we process:
business contact data including our customers, suppliers and business prospects “Business Contacts”; and
users/guests of our Website “Website Users”.
 
5.What Information do we collect?
We collect Business Contact Personal Data from business contacts.
We source Business Contact Personal Data in order to serve the business relationship. We will only ever source Personal Data that is necessary and in a way that would be generally expected.
We receive Personal Data about Business Contacts from a variety of sources, as follows:
Personal Data is often provided by the Business Contact as part of the business relationship;
the Personal Data may be collected directly or indirectly from another person within the company of the Business Contact;
the Personal Data may be collected through our website;
the Personal Data may be collected indirectly from a website or from a third party.

5.1.Web Data
We may collect Website User Personal Data from all visitors to our website in order to improve our services and develop the Website.
For more details refer to our Cookie Notice. Cookie Policy for Usafety.pdf

6.Categories of Personal Data
We process the following categories of Personal Data.
Personal Data
Description
Identification Data
This may include a person’s name, date of birth or PPS number.
Contact Data
This may include work and personal email addresses, mobile/telephone numbers, postal address or other social media links.
e Commerce Data
This may include communication data, contact data, invoice details, registration information and job position.
Communication Data
e.g. phone calls, video calls, texts or email correspondence.
Marketing Data
This may include Identification Data, Contact Data and any preferences in receiving marketing from Usafety and communication preferences.
Financial Data
May include Identification Data, Contact Data and payment related information, bank account details received as part of the services we deliver.
Web Data
This may include Personal Data on any forms on our website including Personal Data, information on the device you are using, Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, communications); comments, feedback.

7.Why we collect this information?
When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.
 
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services; 
To comply with any applicable laws and regulations.
 
8.Our Legal Basis for Processing Personal Data
We process all Personal Data lawfully and in accordance with the requirements of the law. The GDPR sets out the legal grounds for processing Personal Data.
When the Company processes Personal Data it is generally on one of the following legal basis:
 
Contract
We will process Personal Data where necessary to perform our obligations relating to or in accordance with any contract that we may have with you or to take steps at your request prior to entering into that contract;
 
Consent
For certain processing activities we may rely on your consent.
Where we are unable to collect consent for a particular processing activity, we will only process the Personal Data if we have another lawful basis for doing so.
You can withdraw consent provided by you at any time by contacting us at info@usafety.ie.
 
Legitimate Interest
At times we will need to process your Personal Data to pursue our legitimate business interests, for example for administrative purposes, to collect debts owing to us, to provide information to you, to expand our business opportunities, to operate, evaluate, maintain, develop and improve our websites and services or to maintain their security and protect intellectual property rights. 
We will not process your Personal Data on a legitimate interest basis where the impact of the processing on your interests or fundamental rights and freedoms outweigh our legitimate interests.
You may object to any processing we undertake on this basis. If you do not want us to process your Personal Data on the basis of our legitimate interests, contact us at info@usafety.ie and we will review our processing activities.
 
9.How do we store, share and disclose personal data?
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 
 
10. Processing Activities
               Service Delivery Activities:
For customer relationship management and learner/client support.
To send notifications and updates on changes to our services.
To fulfil registration requirements for our courses.
To fulfil our legal and contractual obligation.
To contact clients regarding payments.
Data Gathered:
Identification Data
Contact Data
Communications Data
 
Marketing Activities
To send e newsletter or other relevant information.
To contact you as part of our business relationship and general administration.
To inform you about conferences, webinars, update training workshops etc. that might interest you.
To deliver and organise training events and webinars.
Data Gathered:
Contact Data.
Marketing Data.
Web Data

Website Delivery
To respond to web forms completed and submitted by you.
To promote services.
To improve and administer the Website.
Internal operations including IT support, troubleshooting, data analysis, research and statistical and survey purposes.
To improve the security of our website and services.
Data Gathered:
Web Data
 
Administration of Customer Relationship
To manage and respond to complaints/appeals.
To notify clients of this Data Protection Statement.
Data Gathered:
Identification Data.
Contact Data.
Communication Data.
Financial Data.
 
11.Disclosure of Personal Data
In certain circumstances, we may disclose Personal Data to third parties as follows:
to business partners and subcontractors for the performance of any contract relating to our services, including email, Communication Platforms, Customer Relationship Management system, web developers, payment processors, hosting service providers, external consultants, auditors, IT consultants and lawyers;
to accreditation bodies governing the courses provided including but not limited to, Solas, QQI, PHECC and IHFES.
to analytics and search engine providers that assist us in the improvement and optimisation of the Website;
if we are under a duty to disclose or share Personal Data in order to comply with any legal obligation (including tax, audit or other authorities), or in order to enforce or apply any contracts that we have;
to protect our rights, property, or safety, or that of our Business Contacts or others. This may include exchanging Personal Data with other companies and organisations for the purpose of fraud protection. When we engage another organisation to perform services for us, we may provide them with information including Personal Data, in connection with the performance of those functions. We do not allow third parties to use Personal Data except for the purpose of providing these services.
 
12.Security Measures

We will take all steps reasonably necessary to ensure that all Personal Data is treated securely in accordance with this Data Protection Statement and the relevant law, including the GDPR.
In particular, we have put in place appropriate technical and organisational procedures to safeguard and secure the Personal Data we process.
We monitor for and do everything we can to prevent security breaches of the Personal Data that we process.
Once we have received your Personal Data, we will use strict procedures and security features for the purpose of preventing unauthorised access and ensuring that only those who need to have access to your Personal Data can access it.
We also use secure connections to protect Personal Data during its transmission.
If you think that there has been any loss or unauthorised access to Personal Data of any individual, please let us know immediately.
 
13.Retention
In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate business interests.  We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.

14.How do we communicate with our visitors?
We may contact you to notify you regarding your account, to troubleshoot problems to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.

15.How can you withdraw your consent?
If you don’t want us to process your data anymore, please contact us at 091 485580 or send us mail to: info@usafety.ie
 
16.Your Rights
You have various rights relating to how your Personal Data is used.

Right of access to the Personal Data we hold on you
You have the right to ask for all the Personal Data we have about you. When we receive a request from you in writing, we must give you access to everything we’ve recorded about you as well as details of the processing, the categories of Personal Data concerned and the recipients of the Personal Data.
We will provide the first copy of your Personal Data free of charge, but we may charge you a reasonable fee for any additional copies.
We cannot give you access to a copy of your Personal Data in some limited cases including where this might adversely affect the rights and freedoms of others.
 
Right of rectification of Personal Data
You should let us know if there is something inaccurate in your Personal Data.
We may not always be able to change or remove that Personal Data, but we will correct factual inaccuracies and may include your comments in the record to show that you disagree with it.  
 
Right of erasure of Personal Data (right to be forgotten)
In some circumstances you can ask for your Personal Data to be deleted, for example, where: 
your Personal Data is no longer needed for the reason that it was collected in the first place
you have removed your consent for us to use your Personal Data (where there is no other lawful basis for us to use it)
there is no lawful basis for the use of your Personal Data
deleting the Personal Data is a legal requirement
 
Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure.
 
Please note that we can’t delete your Personal Data where:
we are required to have it by law
it is used for freedom of expression 
it is used for public health purposes
it is used for scientific or historical research or statistical purposes where deleting the Personal Data would make it difficult or impossible to achieve the objectives of the processing
it is necessary for legal claims. 
 
Right to restrict what we use your Personal Data for
You have the right to ask us to restrict what we use your Personal Data for where:
you have identified inaccurate Personal Data, and have told us of it
where we have no legal reason to use the Personal Data, but you want us to restrict what we use it for rather than erase the Personal Data altogether
 
When Personal Data is restricted it can’t be used other than to securely store the Personal Data and with your consent to handle legal claims and protect others, or where it’s for important public interests.
 
Right to have your Personal Data moved to another provider (data portability)
You have the right to ask for your Personal Data to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.
This right only applies if we’re using your Personal Data with consent and if decisions were made by a computer and not a human being. It does not apply where it would adversely affect the rights and freedoms of others.

Right to object
You have the right to object to processing of your Personal Data which is based on public interest or legitimate interest processing.  We will no longer process the Personal Data unless we can demonstrate a compelling ground for the processing.
 
Right not to be subject to automated decision-making
You have the right not to be subject to a decision based solely on automated processing.  This right shall not apply where the processing is necessary for a contract with you, or the processing is undertaken with your explicit consent or the processing is authorised by law.

You can make a complaint
You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.

17.Data Protection Policy Updates
We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 
 
Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at 091 485580 or send us mail to: info@usafety.ie