Croí, The West of Ireland Cardiac and Stroke Foundation Company Limited by Guarantee (Croí) (Charities Regulator Registered Number: 20016616 | Charity No: 7500) with registered Head Office at Croí House, Moyola Lane, Newcastle, Galway, H91 FF68 is committed to compliance with the new GDPR effective May 25th 2018 in order to protect the rights of the Data Subject. Your privacy is very important to us, which is why we make sure you are always in control of what we do with your personal information.
What personal data we collect and why we collect it
We will only use your personal data when the law permits us. Croí collects details provided by you for the purposes of our programmes, which could include fundraising, health promotion and awareness campaigns, information and training purposes, CPR training & accreditation and to support our public health lobbying initiatives. Information may include:
- Your name, postal address, telephone number, e-mail address, subscriber name or screen name, and/or method of payment of donation/registration/course fees;
- Personal and contact details you give Croí when subscribing to receive general information;
- Information we may collect via cookies or similar technology stored on your device about how you use our website
- Your IP address;
- Information from our web servers about online activity.
We may use your personal data for the following purposes:
- Providing you with services – we may process information about you when you avail of our services.
- Legal and Contractual obligations – we may process your data to comply with our legal and/or contractual obligations.
- Running our Foundation – we will process your data to monitor and improve the quality of our services and to meet certain legal and regulatory obligations that apply to our organisation, including administration, operations and security.
- Marketing – We will process your data when marketing the activities of our Foundation, running competitions, promotions, research and conducting surveys.
Visitors to our website
We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered from this site with any personally identifying information from any source. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Use of your information and your preferences
Unless you have voluntarily given your consent for any other reason, we do not use your name or email address for anything other than replying to your message.
If you have opted-in in to receive communications, we may use your information to send you news and latest updates about Croí products, events and services in line with your contact preferences. We may contact you by post, email, telephone and SMS for these purposes as specified in your preferences on sign up. Your information may be passed to and used by all Croí departments in line with the purpose for which you agreed to receive information and may also be anonymised and used for statistical purposes. If you discover that we hold inaccurate information about you, you have the right to ask for incorrect, inaccurate or incomplete personal data to be corrected.
A cookie is a small piece of data that may be stored on your computer or mobile device. It allows a website “remember” your actions or preferences over a length of time. The following categories describe the range of cookies that can be used during your visit to our website.
- Remembering your settings and your preferences
- Measuring website usage (Google Analytics)
- Third party services and social networks – Croí maintains social network accounts particularly on Facebook, Twitter and LinkedIn. We embed widgets from these networks to provide follow buttons, like boxes and stream embeds. This may result in cookies being set by these networks and third parties while using our website.
Embedded content from other websites
Croí may collect statistics about the behaviour of visitors to its websites. Croí may display this information publicly or provide it to others. However, Croí does not disclose personally-identifying information other than as described below.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
If you have voluntarily signed up for our e-newsletter, we will store your details securely on a database with the providers of our email newsletter, MailChimp. We will only ever send you emails if you have voluntarily signed up for our newsletter and you can request to stop receiving emails and to be removed from our database at any time.
How we protect your data
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
The information you provide to us is stored on secure servers. We use Realex to process payments which are PCI compliant. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
For how long will Croí hold your personal data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Under REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) you have the right to:
- information about the processing of your personal data;
- obtain access to the personal data held about you;
- ask for incorrect, inaccurate or incomplete personal data to be corrected;
- request that personal data be erased when it’s no longer needed or if processing it is unlawful;
- object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;
- request the restriction of the processing of your personal data in specific cases;
- receive your personal data in a machine-readable format and send it to another controller (‘data portability’);
- request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
You can exercise these rights at any time by contacting us via email at firstname.lastname@example.org or in writing at: The Data Protection Officer, Croí, The West of Ireland Cardiac and Stroke Foundation, Croí House, Moyola Lane, Newcastle, Galway, H91 FF68. There is no fee for this service and in line with GDPR we will respond to you within one calendar month of receipt of the request. You will be required to provide legal proof of your identify and address (for eg. passport or drivers license and utility bill).
You have the right to object to the processing of your data and Croí will respect that right but may need to continue to process your data where processing is necessary for the performance of a contract or for compliance with a legal obligation to which the Croí as data controller is subject.