Pre-Hospital Emergency Care Council
Privacy Policy

General

This is the website of the Pre-Hospital Emergency Care Council (PHECC, we, us, our). We take our responsibility to protect your data seriously. PHECC is an independent statutory body established by a Statutory Instrument (S.I.) S. I. No 109 of 2000, S. I. No 575 of 2004 and S.I. No 166 of 2008.

The purpose of this notice is to inform you of the personal data relating to you that we collect and use in connection with this website and to help you to understand how this data is used including disclosures to third parties.

This notice relates to online processing of data only, for offline data processing, PHECC has a range of policies that relate to this processing including a Data Protection Policy, which may be requested at any time. If you have any further questions about this notice, about relevant policies or how we handle your personal data, which are not dealt with here, please get in touch by emailing the Data Protection Officer at PHECCDPO@ambitcompliance.ie

Data Controller

PHECC is located on the Second Floor, Beech House, Millennium Park, Osberstown, Naas, Co. Kildare W91 TK7N. This notice primarily refers to PHECC as the Data Controller of all personal data that is collected and used about you in connection with your visit to our website.

We take our responsibilities under applicable data protection law, including the EU General Data Protection Regulation (GDPR) and the Data Protection Acts 1988- 2018, very seriously. We are committed to protecting the data of all who make contact with us through this website and take our responsibility regarding our data subjects’ information very seriously. We will be clear and transparent about the information we are collecting and what we do with that information.

Data Protection Officer

In accordance with our obligations under Article 37 of the GDPR, we have appointed a Data Protection Officer (DPO). To contact the DPO please email PHECCDPO@ambitcompliance.ie

Collection , use and purpose of personal data

PHECC does not collect any personal data about you via this website, apart from information which you volunteer for the purposes listed below:

visiting the website
emailing us
registering for examinations
renewing existing licence
applying to join our statutory register of Pre-Hospital Emergency Care practitioners;
making a complaint or compliment.
paying for PHECC Examination, Registration, Recognition of Professional Qualifications, Recognition of Institution/Courses and CPG Approval Fees
paying for training and reference Materials

This personal data may include:

your name and contact details, including your address, phone number and email address;
your credit/debit card or bank account details; and
other personal data relating to you that you provide to us or that we generate about you in connection with your use of this website.

Lawful bases

Depending on the specific circumstance, the lawful bases on which we process your personal data are:

Processing is necessary for the legitimate interests pursued by PHECC and only where such interests do not interfere with your interests or fundamental rights;
Processing is necessary for compliance with our legal obligations;
Processing is necessary in the exercise of official authority vested in the controller; and
Processing is necessary for the performance of a contract with you or in order to take steps at your request prior to entering into a contract.
Processing is based on your consent

Security of personal data

PHECC follows strict security procedures in the storage and disclosure of personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using Transport Layer Security (TLS) technology. TLS is the industry standard method of encrypting personal data and so that they can be securely transferred over the Internet.

Third Parties and Data Processors

We may use the services of third parties and/or data processors for the processing of personal data to facilitate the smooth running of our business. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data. In each case, we conclude a service contract and data processing agreement with them.

Where we store personal data

We generally store personal data on servers located inside the European Economic Area. However, in certain cases it may be necessary for us to transfer certain data to servers located outside of the EU. It is important to be aware that the data protection standards in certain jurisdictions may not be equivalent to those in Europe but we will only transfer personal data outside the EEA where permitted by law and ensuring that it is subject to appropriate protections (e.g. Standard Contractual Clauses).

Data retention

PHECC will retain your personal data for as long as we need it for the purposes described above, or to comply with our obligations under applicable law and, if required, to deal with any claim or dispute that might arise between you and us. We will not hold your personal data for any longer than is necessary.

Your rights

You have certain legal rights concerning your personal data and the manner in which it is processed by PHECC. These include:

the right to be informed about the processing of your personal data
the right to access to your personal data;
the right to rectification your personal data;
the right to restrict the processing of their personal data in certain circumstances;
the right to erasure of personal data;
the right to data portability;
the right to object processing their personal data in certain circumstances;
Rights in relation to automated decision making, including profiling; and
the right to complain to the Irish Data Protection Commission (www.dataprotection.ie)

If you require further information or wish to exercise any of the above rights, please get in touch by emailing the Data Protection Officer at PHECCDPO@ambitcompliance.ie. In addition, the Data Protection Commission provides information in relation to your data protection rights at https://www.dataprotection.ie/.