Pre-Hospital Emergency Care Council
Privacy Policy


This is the website of the Pre-Hospital Emergency Care Council (PHECC). We take our responsibility to protect your data seriously.

This policy discloses our information gathering and dissemination practices relating to this website. In order to fully understand your rights, we encourage you to read this policy in full. We are not responsible for the content or privacy practices of other websites even if their link appears on our site. We reserve the right to modify this privacy policy at any time. Each time you use this website you shall be bound by the then current privacy policy and accordingly you should review the privacy policy each time you use this website.

This policy governs the online processing activities of this website. For offline processing of personal data, please request a copy of our Data Protection Policy from our Data Protection Officer (contact details below).

Who we are

PHECC is the controller of the personal data it processes. We are an independent statutory body established by a Statutory Instrument (S.I.) S. I. No 109 of 2000, S. I. No 575 of 2004 and  S.I. No 166 of 2008.

DPO Contact Details

PHECC has appointed Ambit Compliance as our Data Protection Officer.  If you wish to contact our Data Protection Officer in relation to our processing of your personal data, you can do so by e-mailing PHECCDPO@ambitcompliance.ie

Data Protection

We will not collect any personal information about you on this website without your clear knowledge and permission. Any personal information which you volunteer to us will be treated strictly in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988-2018. Where data is submitted it will be used for the stated purpose and any reasonably incidental purposes only. We do not sell or distribute your personal information to third parties for purposes of allowing them to market products and services to you. Communicating via the internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third-parties. The information we collect
  • For general web-browsing certain statistical information is available to us via our internet service provider. This information may include the IP and logical address of the server you are using, the top level domain name from which you access the internet (for example .ie, .com, etc.), the type of browser you are using, the date and time you access our site and the internet address linking to our site. We may also use temporary “session” cookies which enable a visitor’s web browser to remember which pages on this website have already been visited.
  • If you choose to donate money through our ‘Donate Now’ page, we will require your name, phone number, address, email and card details. If you choose to make an ‘In Memory’ donation you also have the option of providing the name of your loved one. If you wish for us to send a memory card we will require the name and address of the recipient.
  • When you make a donation to us you are given the option to sign up to receive information from us in the future, about our work, upcoming events or campaigns. We will not send this information to you unless you opt in to receive it. If you change your mind you can always opt out by informing us by e-mail at info@phecc.ie .
  • You have an opportunity to send us information via this website, such as through the info@phecc.ie where you may send e-mails, request brochures/proposals or provide feedback. You may also choose to provide us with personal data (e.g. name, e-mail, postal address or other contact details) in an e-mail message to the address listed on our site. Our Registration forms collect your name, email, phone number and message content. We use all of these details solely for the purpose for which you provided them.
  • Information contained within a job application (CV) where that is sent via our website or by e-mail.

The purpose of collecting information

  • Website functionality - we analyse website users’ pattern of use to help us to improve, administer and diagnose problems with our server and website.
    Complaint handling – we may use the data you provide to us via our email address.
    Responding to your query – you may provide us with personal data through our email address while seeking information about volunteering, fundraising or our services.

Legal basis for processing

We process the personal data we gather through our website under the following lawful basis:

  1. Consent: We will only process your data for marketing purposes with your consent. For processing activities for which we rely on consent as a basis for processing, you have the right to withdraw that consent at any time.
  2. Contract: We may process the data you provide while fulfilling our obligations under a contract e.g. during the provision of products or services to you.
  3. Statutory: Some processing activities are required by law e.g. Revenue reporting.

For processing activities that are based on a statutory or contractual requirement, you may request your data not be processed for that purpose. However, this is not an absolute right and may be over-ridden by our statutory obligations. In other cases, requesting that data should not be processed for a particular purpose may prevent us from executing a contract or delivering a service to you.

Your rights

Under data protection law, data subjects have certain rights. Subject to certain restrictions, which are set out below, you can exercise these rights in relation to your personal data we process.

  1. The right to be informed about the processing of your personal data
  2. The right to access your personal data
  3. The right to rectification of your personal data
  4. The right to erasure of your personal data
  5. The right to data portability
  6. The right to object to processing of your personal data
  7. The right to restrict processing of your personal data
  8. Rights in relation to automated decision making, including profiling.
  9. You have the right to complain to the Irish Data Protection Commission (www.dataprotection.ie) and to seek compensation through the courts.

We reserve the right to request you to provide additional information in order to enable us to identify your personal data and/or to verify your identity.

Restriction of data subject rights in certain circumstances

Article 23 of the GDPR allows for data subject rights to be restricted in certain circumstances. In addition, the 2018 Act contains certain provisions dealing with the restriction of rights of data subjects, in particular Sections 59, 60 and 61, which give further effect to the provisions of Article 23. Further information can be found here.

Who we share your information with

We do not share your information with third parties other than those set out in this policy. We may share your information in the following circumstances:

  • Service providers: We may need to share personal information with our service providers, such as where necessary to provide our services to you. If there has been a breach of our terms of use, we may also share personal information with our legal advisors. All of our service providers will be obliged to keep your personal information safe and secure.
  • Business Transfer: Where some or all of our charity and/or its assets may potentially be or have been acquired, we may need to transfer your personal information to the new or prospective owners.
  • Legal and safety: In certain instances, we may share information where we reasonably believe that it is necessary for legal reasons, to defend our legal rights, to enforce our terms of use or to protect our rights, property, users, customers or the safety of any person. For example, we may provide personal information where ordered by a court to do so.
  • Revenue: to claim tax back.
  • Other: We will share your information with a third party other than a service provider where you have given your consent for us to do so.

 

Where we store personal information

We generally store personal information on servers located inside the European Economic Area. However, in certain cases it may be necessary for us to transfer certain information to servers located outside of the EU. It is important to be aware that the privacy protections in certain jurisdictions may not be equivalent to those in Europe but we will only transfer your information outside the EEA where permitted by law and ensuring that it is subject to appropriate protections.

Data Retention

PHECC retains personal data for a range of periods as set out in our Data Retention Policy.

Security

PHECC take our security responsibilities seriously, employing the most appropriate physical and technical measures. We review our security policy regularly.

Governing Law and Jurisdiction

This legal policy and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.

General

Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Policy is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.

Contacting us

If you have any questions about this policy, our practices relating to the website or your dealing with the website you can contact the PHECC Data Protection Officer at PHECCDPO@ambitcompliance.ie

Changes to this policy

We may revise this policy on occasion. This privacy policy was last updated 09 March 2022.

Prepared by Ambit Compliance.