Privacy Notice

RPS is committed to protecting your privacy. Before providing us with any of your details, you must read the following important information which sets out the basis on which any personal data we collect from you or that you provide to us, will be processed, stored and/or transferred by us.

 

Data Controller

South Dublin County Council is the Data Controller for the information you provide to us. If you have any questions about the process, please contact:

Data Protection Officer
South Dublin County Council
County Hall
Tallaght
Dublin 24.

 

E-Mail: dataprotection@sdublincoco.ie.   Telephone: 01-4149000.

South Dublin County Council Personal Data Privacy Statement can be found here:

 

RPS (‘we’, ‘us’, ‘organisation’) is the Data Processor for the information you provide to us. If you have any questions about the process, please contact us at:

RPS, 20 Milton Park, Abingdon, Oxfordshire OX14 4SH (FAO: Data Protection)

dataprotection@rpsgroup.com

RPS is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

 

What information does the organisation collect?

The organisation may collect and process a range of information about you, for services that we may offer through numerous divisions. This will depend on the nature of our relationship with you.

Data may include your name, address and contact details, including email address and telephone numbers.

 

On what legal basis does the organisation process personal data?

Data protection laws require us to explain what legal grounds justify our processing of your personal information (this includes sharing it with other organisations). For some processing, more than one legal ground may be relevant (except where we rely on a consent). We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

  • Where we need to perform the contract, we have entered into with you.
  • Where we need to comply with a legal obligation.

 

Who has access to data?

Your information may be shared for the purposes of processing on specific service(s) you have entered into with the organisation. Information may be shared with the following parties, including (but not limited to):

  • managers & project team members across the organisation

 

More information can be found for the specific services we offer, at the point of collection from the organisation’s websites.

IT staff may also be required to access your data, if it is necessary for the performance of their roles, routine administration and in the management of our internal IT systems.

RPS will not share your data with third parties unless there is a requirement to do so.

 

For how long does the organisation keep data?

We keep your personal data for the period necessary to fulfil the purposes for which it has been collected and to comply with our legal obligations.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once this data is no longer required, we will retain and securely destroy your personal information in accordance with applicable laws and regulations.

 

Your rights

Here is a list of the rights that all individuals have under data protection laws.  They do not apply in all circumstances.  If you wish to exercise any of them, we will explain at that time if they are engaged or not.

  • The right to be informed about your processing of your personal information
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • The right to object to processing of your personal information
  • The right to restrict processing of your personal information
  • The right to have your personal information erased (the “right to be forgotten”)
  • The right to request access to your personal information and to obtain information about how we process it (see below for further details)
  • The right to move, copy or transfer your personal information (“data portability”)
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you

You have the right to complain to the department which enforces your local data protection laws:

 

Dublin – Data Protection Commission        https://www.dataprotection.ie/

 

Access to personal data

In the first instance, you should make any request for access to your data via dataprotection@sdublincoco.ie as data controller.

They may need to request specific information from you to help confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

 

What if you do not provide personal data?

You are under no statutory or contractual obligation to provide data to RPS. However, if you do not provide the information necessary, then the organisation may not be able to provide the necessary services to fulfil any contractual duties we engage in.

 

How we protect and store your personal data

The organisation takes the security of your data seriously. The organisation has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.

Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

Data will be stored on a designated server within the organisation’s IT system. All data deemed “personal information” is encrypted to ensure security of data.

 

Is personal data transferred outside the EU, UK or the EEA?

Your personal information is not transferred, processed, or stored outside of the Republic of Ireland by RPS.

 

Automated decision-making

We do not envisage that any decisions will be taken about you using automated means, however we will notify you in writing if this position changes.

 

Changes to this Privacy Notice

Any changes we may make to our privacy notice in the future will be representative of the effective date confirmed above.

 

Cookies

For more information, please see our Cookies Policy.

 

Contact

If you have any queries about this privacy notice, please contact: – dataprotection@rpsgroup.com