Arthritis Ireland is committed to protecting privacy.

This page explains our approach to protecting the privacy of our members, friends, staff, volunteers and our community.

 

Privacy Statement

print version share on facebook

Introduction

At Arthritis Ireland (AI) we are committed to protecting your privacy, and to compliance with best practice in Data Protection.

We believe that your personal data is very important and must be treated with respect and properly protected. So we will continually monitor and update this policy, and our data protection measures to ensure we remain compliant – and that your data is as protected as it should be.

We wouldn’t want our data treated any differently.

The following questions help to explain our approach to data protection:

What personal data does Arthritis Ireland collect?

What is this personal data used for?

Who is your data shared with?

Where does personal data come from?

How is data stored?

Who is responsible for ensuring compliance with the relevant laws and regulations?

Who has access to the data?

What is the legal basis for collecting data?

How you can check what data we have about you?

Does Arthritis Ireland collect any “special” data?

How can you ask for data to be removed, limited or corrected?

How long we keep your data for, and why?

What additional Data Protection involves the Arthritis Website?

 

What personal data does Arthritis Ireland collect?

The data we routinely collect includes names, addresses, phone numbers & email addressesWe collect this data directly from our friends & members, donors, service users, and other supporters when they join or engage with Arthritis Ireland.

For some people we may collect additional information including data related to medical conditions, or financial details connected to donations to AI, or fees for services or products provided.

We also collect data arising from accessing our courses or events, or usage of our online resources

Staff:

As part of our responsibilities as an employer, we also process employee personal information. This includes names, addresses, contact details, email addresses, and may include next of kinWe initially collect this data directly from our staff when they join the AI, and we update this periodically.

We may also store additional data such as relevant medical information, education & training and other factors related to the job role. We will also keep information relating to disciplinary matters and sanctions.

Volunteers:

We also collect data in relation to our many valuable volunteers, connected with their role as trustees & committee members, ambassadors, helpline facilitators, trainers and other volunteers. This may include the above, as well as information related to training or other engagement concerning their role with AI.

Back to list.

What is this personal data used for?

We use data collected for the fulfilment of our mission; administration of the organisation; organisation and delivery of services & events; communication of information, and the general provision of support to people living with arthritis.

We store and use staff data according to our role and obligations as an employer, and to enable the professional development and growth of our valued staff.

Back to list.

Who is your data shared with?

In general we do not share your data with anyone, with the following exceptions:

We contract and use external GDPR compliant data processors to help fulfil our services, and to distribute & manage our mailings and campaigns.

Information on Data Processors we use is available from AI, by clicking here.

We also share your information with financial institutions (e.g. banks, payment processors) to the extent necessary to facilitate payments to (and in certain instances from) Arthritis Ireland.

We may share data with public bodies to the extent that we are obliged to under law.

Personal data concerning our staff is shared with the Revenue Commissioners under legal obligation.

Back to list.

Where does personal data come from?

Most data are collected when individuals first – and freely - engage with AI, or when they update their information with us, or our supervised data processors.

All data collection is in accordance with GDPR and respectful of your rights as individuals.

Back to list.

How is data stored?

Information is mainly stored in digital form on computers and in the form of written documents stored at our offices at 1 Clanwilliam Square, Grand Canal Quay, Dublin 2.

In our Data Processors securely store information, on our instructions, in compliance with the GDPR. Their Privacy Policies can be accessed by clicking here.

Back to list.

Who is responsible for ensuring compliance with the relevant laws and regulations?

Under the GDPR (General Data Protection Regulation) we do not have a statutory requirement to have a Data Protection Officer.

To contact the person who is responsible for ensuring Arthritis Ireland discharges its obligations under the GDPR please click here.

Back to list.

Who has access to the data?

Staff and volunteers of AI have appropriate access to data in order for them to carry out their legitimate tasks for the organisation. Appropriate access is dependent on their role with the organisation.

Back to list.

What is the legal basis for collecting data?

AI collects personal data that is necessary for the purposes of its legitimate interests as both a membership organisation and a leading medical research and support charity.

The storage and use of certain elements of data, and related to certain data subjects (individuals) is subject to the positive and clear consent of the individuals concerned. Consent is collected through the following channels:

· Membership / Friend application forms

· Payment instruction forms

· Request for information / enrolment on communication circular forms

· Through direct, phone and email-based communication

For some data, such as that relating to financial matters, the basis for its collection and retention is to comply with our legal obligations. For other purposes collection and retention may be to comply with contracts entered into.

Staff data as necessary is collected for the purposes of our legitimate interests as an employer.

Back to list.

How you can check what data we have about you?

Personal data held is available to view and update following contact the AI office.

For electronic and periodic communications opportunities are provided to unsubscribe (by email) or opt-out (appeals and campaigns).

Staff may directly request a copy of their data from the AI office.

Individuals can contact us with a “Subject Access Request” to ask us to provide any other information we hold about them. If interested in any particular aspects, specifying them will help us to provide requested information quickly and efficiently.

We are required to provide this within one month.

Back to list.

Does Arthritis Ireland collect any “special” data?

The GDPR refers to sensitive personal data as “special categories of personal data”. 

Of these categories, and as a medical charity, we record some health data of members / supporters where it is volunteered. 

In addition, we conduct research and may run campaigns to promote the collection of medical related data. All such data is treated in full compliance with GDPR, and in most cases we anonymise any data made available for further analysis or research.

If an individual wishes to change data held, they can do this at any time by contacting the AI office.

The only other data which falls into this category concerns Garda Vetting reports in relation to certain (staff or volunteer) roles within the organisation, concerning the supervision of minors and/or vulnerable adults. Such data is attained in accordance with our legal responsibilities or legitimate interests.

Back to list.

How can you ask for data to be removed, limited or corrected?

Individuals can limit how their data is used by Arthritis Ireland. 

· They can choose not to receive information emails, texts, calls, or post from AI.

· They can also request to have all their data removed from our records.

Any of these options can be implemented by contacting the AI office.

Back to list.

How long we keep your data for, and why?

We normally keep friends/members’ data after they resign their membership, or membership lapses, in case they later wish to re-join. However, we will delete any individual’s contact details entirely on request.

Since underlying statistical data, and in particular demographic and medical data (e.g. gender / age / condition /. County / occupation), informs and is valuable in respect of the purpose for which it was originally collected and processed, such data is not deleted by AI.

However all such data is never processed or shared externally, without first being anonymised.

Other data, such as that relating to accounting or personnel matters, is kept for the legally required period.

Back to list.

What additional Data Protection involves the Arthritis Website?

Our website uses cookie technology. A cookie is a little piece of text stored by the browser on your computer, at the request of our server. We may use cookies to deliver content specific to your interests and to save your personal preferences so you do not have to re-enter them each time you connect to our website. Our cookies are not available to other websites.

You are always free to decline our cookies, if your browser permits, or to ask your browser to indicate when a cookie is being sent. You can also delete cookie files from your computer at your discretion. Note that if you decline our cookies or ask for notification each time a cookie is being sent, this may affect your ease of use of this website.

Technical details in connection with visits to this website are logged by our internet service provider for our statistical purposes. No information is collected that could be used by us to identify website visitors. The technical details logged are confined to the following items:

· the IP address of the visitor's web server.

· the top-level domain name used (for example .i.e., .com, .org, .net).

· the previous website address from which the visitor reached us, including any search terms used.

· clickstream data which shows the traffic of visitors around this web site (for example pages accessed and documents downloaded) .

· the type of web browser used by the website visitor.

The data collected is used to better understand the needs and information requirements of our visitors and community, and informs the development of our site and services.

The site will record any data you supply to us for the following purposes:

· to send you alerts via email which you have requested.

· to allow you to access your sponsorship pages.

· to record donations or sponsorship payments you have made. 

Arthritis Ireland will make no attempt to identify individual visitors, or to associate the technical details listed above with any individual.It is the policy of Arthritis Ireland never to disclose such technical information in respect of individual website visitors to any third party (apart from our internet service provider, which records such data on our behalf and which is bound by confidentiality provisions in this regard), unless obliged to disclose such information by a rule of law. The technical information will be used only by Arthritis Ireland, and only for statistical and other administrative purposes.

Back to list.

discussion forum blog get the ezine shop
Arthritis Ireland on facebook Arthritis Ireland on Twitter Arthritis Ireland on Google Plus Arthritis Ireland on YouTube Arthritis Ireland on YouTube Arthritis Ireland on YouTube