Pre-Hospital Emergency Care Council
This is the website of the Pre-Hospital Emergency Care Council (PHECC). We take our responsibility to protect your data seriously.
This policy governs the online processing activities of this website. For offline processing of personal data, please request a copy of our Data Protection Policy from our Data Protection Officer (contact details below).
Who we are
PHECC is the controller of the personal data it processes. We are an independent statutory body established by a Statutory Instrument (S.I.) S. I. No 109 of 2000, S. I. No 575 of 2004 and S.I. No 166 of 2008.
DPO Contact Details
PHECC has appointed Ambit Compliance as our Data Protection Officer. If you wish to contact our Data Protection Officer in relation to our processing of your personal data, you can do so by e-mailing PHECCDPO@ambitcompliance.ie
We will not collect any personal information about you on this website without your clear knowledge and permission. Any personal information which you volunteer to us will be treated strictly in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988-2018. Where data is submitted it will be used for the stated purpose and any reasonably incidental purposes only.
We do not sell or distribute your personal information to third parties for purposes of allowing them to market products and services to you.
Communicating via the internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third-parties.
The information we collect
- For general web-browsing certain statistical information is available to us via our internet service provider. This information may include the IP and logical address of the server you are using, the top level domain name from which you access the internet (for example .ie, .com, etc.), the type of browser you are using, the date and time you access our site and the internet address linking to our site. We may also use temporary “session” cookies which enable a visitor’s web browser to remember which pages on this website have already been visited.
- If you choose to donate money through our ‘Donate Now’ page, we will require your name, phone number, address, email and card details. If you choose to make an ‘In Memory’ donation you also have the option of providing the name of your loved one. If you wish for us to send a memory card we will require the name and address of the recipient.
- When you make a donation to us you are given the option to sign up to receive information from us in the future, about our work, upcoming events or campaigns. We will not send this information to you unless you opt in to receive it. If you change your mind you can always opt out by informing us by e-mail at email@example.com .
- You have an opportunity to send us information via this website, such as through the firstname.lastname@example.org where you may send e-mails, request brochures/proposals or provide feedback. You may also choose to provide us with personal data (e.g. name, e-mail, postal address or other contact details) in an e-mail message to the address listed on our site. Our Registration forms collect your name, email, phone number and message content. We use all of these details solely for the purpose for which you provided them.
- Information contained within a job application (CV) where that is sent via our website or by e-mail.
The purpose of collecting information
- Website functionality - we analyse website users’ pattern of use to help us to improve, administer and diagnose problems with our server and website.
Complaint handling – we may use the data you provide to us via our email address.
Responding to your query – you may provide us with personal data through our email address while seeking information about volunteering, fundraising or our services.
Legal basis for processing
We process the personal data we gather through our website under the following lawful basis:
- Consent: We will only process your data for marketing purposes with your consent. For processing activities for which we rely on consent as a basis for processing, you have the right to withdraw that consent at any time.
- Contract: We may process the data you provide while fulfilling our obligations under a contract e.g. during the provision of products or services to you.
- Statutory: Some processing activities are required by law e.g. Revenue reporting.
For processing activities that are based on a statutory or contractual requirement, you may request your data not be processed for that purpose. However, this is not an absolute right and may be over-ridden by our statutory obligations. In other cases, requesting that data should not be processed for a particular purpose may prevent us from executing a contract or delivering a service to you.
Under data protection law, data subjects have certain rights. Subject to certain restrictions, which are set out below, you can exercise these rights in relation to your personal data we process.
- The right to be informed about the processing of your personal data
- The right to access your personal data
- The right to rectification of your personal data
- The right to erasure of your personal data
- The right to data portability
- The right to object to processing of your personal data
- The right to restrict processing of your personal data
- Rights in relation to automated decision making, including profiling.
- You have the right to complain to the Irish Data Protection Commission (www.dataprotection.ie) and to seek compensation through the courts.
We reserve the right to request you to provide additional information in order to enable us to identify your personal data and/or to verify your identity.
Restriction of data subject rights in certain circumstances
Article 23 of the GDPR allows for data subject rights to be restricted in certain circumstances. In addition, the 2018 Act contains certain provisions dealing with the restriction of rights of data subjects, in particular Sections 59, 60 and 61, which give further effect to the provisions of Article 23. Further information can be found here.
Who we share your information with
We do not share your information with third parties other than those set out in this policy. We may share your information in the following circumstances:
- Business Transfer: Where some or all of our charity and/or its assets may potentially be or have been acquired, we may need to transfer your personal information to the new or prospective owners.
- Revenue: to claim tax back.
- Other: We will share your information with a third party other than a service provider where you have given your consent for us to do so.
Where we store personal information
We generally store personal information on servers located inside the European Economic Area. However, in certain cases it may be necessary for us to transfer certain information to servers located outside of the EU. It is important to be aware that the privacy protections in certain jurisdictions may not be equivalent to those in Europe but we will only transfer your information outside the EEA where permitted by law and ensuring that it is subject to appropriate protections.
PHECC retains personal data for a range of periods as set out in our Data Retention Policy.
PHECC take our security responsibilities seriously, employing the most appropriate physical and technical measures. We review our security policy regularly.
Governing Law and Jurisdiction
This legal policy and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.
If you have any questions about this policy, our practices relating to the website or your dealing with the website you can contact the PHECC Data Protection Officer at PHECCDPO@ambitcompliance.ie
Changes to this policy
Prepared by Ambit Compliance.