Revised March 2022
We at ICERT respect your right to privacy and comply with our obligations under the General Data Protection Regulation. The purpose of this Privacy Statement is to set out how we deal with personal data given to ICERT. Advanced Productivity Skillnet and also provided to ICERT while visiting the ICERT website – www.icert.ie and other websites under ICERT control.
Any links to other external websites are clearly identifiable as such, and ICERT has no responsibility for the content or the privacy policies of these other websites. While we take care of the safety of information on our websites on an ongoing basis, if you are not happy with this Privacy Statement you should not use any of our websites.
ICERT is a not-for-profit organisation established by leading companies in Ireland with a deep commitment to continuous improvement.
We are a knowledge-sharing network of cross-sectoral businesses committed to helping each other. At ICERT our goal is to assist our member companies to be the most competitive in their field.
ICERT PERSONAL DATA COLLECTION AND MANAGEMENT
1. Types of information collected by ICERT
We collect and further process two types of information:
This is data that identifies you or can be used to identify or contact you and may include your name, address, e-mail address, user IP addresses in circumstances where they have not been deleted, clipped or anonymised and telephone number. Such information is only collected from you if you voluntarily submit it to use and we use it to deliver ICERT services and information to you. ICERT collects personal data in the following circumstances.
Under ICERT membership, member organisations are asked to nominate named contacts in their business/ organisation with whom ICBE may communicate with to provide ICERT services. These contact details are collected on a business-to-business basis and the legal basis for such data protection is to facilitate the necessary performance of the membership agreement.
In addition, member companies may provide employee details to ICERT when seeking training services from ICERT.
Other personal data processed by ICERT are for attending ICERT events and training courses, and research studies.
We will also have supplier contact details, which will contain individual names.
The ICERT websites are not intended for children, and we do not knowingly collect data relating to children.
Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.
2. Purposes for which we hold your Information
We use the Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise our website.
We will process any Personal Data you provide to us for the following purposes:
- to contact you if we are to respond to any communications from you
- to confirm your identity
- to process any orders from you i.e. membership application, event bookings or training
- to review and update our membership contact details
- to notify you of changes and updates to our services and to our websites
- to provide you with e-zines and newsletters for which you subscribe (please see section 6 for further details)
- to contact you about training and events, site visits or Calls for Support communications
- to provide you with training which either you or your employer have requested
- to give you access to our website User Portal / Resource Area
ICERT uses member contact and other relevant personal information to provide membership services to member companies. These services, and any personal information given to enable their provision, are provided under ICERT membership agreement.
It is core to ICERT membership services that ICERT communicates with its members to keep them informed and up to date on what we are doing on their behalf and to seek their views and input (including Calls for Support) on issues of relevance.
While ICERT member interactions are business-to-business, they contain – principally via member contact details – some personal data. The relevant legal basis for processing any such personal data in ICERT member communications is contractual and membership necessity.
ICERT relies on its legitimate business interest as a business representative organisation to provide information on a range of shared knowledge, training and collaboration initiatives.
ICERTprovides information, training and events to non-members who enquire, generally via the website in the first instance. Non-members may
also contact ICERT via the phone, e-mail or via personal interaction with an ICERT staff member. Non-members include individuals attending ICERT training or events in their personal capacity.
When you attend an ICERT event, we will need your name, email address, payment information and, in some cases, your dietary preferences. This information is necessary and used by us in organising and administering the event. If the event is an annual event we will hold your contact details to let you know when it is next being held. If you are a speaker at an ICERT event, we will publicly promote your involvement via Twitter, LinkedIn, media interviews, emails and webinars. This data may continue to be processed by those platform providers after the event has ended.
ICERT provides a range of training programmes to members, primarily through three Skillnet Networks. These networks are co-funded by Skillnet Ireland and member companies. Skillnet Ireland is funded from the National Training Fund through the Department of Further and Higher Education, Research, Innovation and Science. These programmes are also open to non ICERT members. ICERT training programs may involve other third-party contractors to ICERT or may be provided in association with other programme operators.
See ICERT Trainee Privacy Statement, which is sent to all training providers providing ICERT and ICERT training.
The following Trainee Personal Data is collected via the Attendance & Trainee Profile Forms:
- Email address and phone number
- Gender and age range
- NFQ level attained
- Company name and address
- Occupational category
This data is transferred from profile forms to the Sonrai Database operated and maintained by Skillnet Ireland.
The data collected is the minimum necessary to comply with monitoring and evaluation activities necessary and forms the legitimate interest legal basis for collection under the mandate between Skillnet Ireland and the Department of Further and Higher Education, Research, Innovation and Science.
Training Providers & other ICERT Partners
ICBE requires Training Providers and all others to agree to process this personal or business data based on our instructions and requirements consistent with this Privacy Statement, Skillnet Ireland Privacy Statement and GDPR.
All training providers and others are required to comply with this Privacy Statement when they process personal data on behalf of ICERT.
- Data cannot be added to the providers database or mailing list; unless they have acquired explicit permission from individual trainees.
- Data can only be used for the training program/reason specified; unless they have acquired explicit permission from individual trainees.
- Data privacy rights of participants must be honoured and protected. These rights are set down later in this privacy statement.
Training providers are required to shred any hard copy Skillnet forms and delete any soft copy Skillnet forms within 7 working days of sending to ICERT; unless they have acquired explicit permission to retain data from individual trainees and then manage that data as per their own Data Protection Policy.
None of our partners will share any information outside of carrying out work for ICERT.
3. Disclosure of information to other third parties
We may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of our website. For example, we occasionally inform third parties – usually sponsors of ICERT events and initiatives – of the number of unique users who visit our websites, the demographic breakdown of our community users of our websites, or the activities that visitors to our website engage in while on our website.
We will not disclose your Personal Data to other third parties unless you have consented to our doing so. We will, however, disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court, workplace relations forum, regulatory order, or other statutory requirement.
We may occasionally transfer personal data outside the EEA, but will not do so without your permission nor without appropriate assurances on the adequacy of data privacy protection commitments.
Your Personal Data is held on secure servers which are hosted by ourselves in accordance with our data retention schedule. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. Any transmission of data is, therefore, at your own risk. Once we receive your data, we use appropriate technical and physical security measures, including firewalls and anti-virus protection to protect your personal data, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to. Our suppliers are also required to use appropriate data protection compliance measures. We will continue to revise policies and implement additional security features as new technologies become available
Credit card payments are taken by telephone and will only be retained until payment for the event has been successfully completed.
All employees and contractors are required to comply with this Privacy Statement when they process personal data on our behalf. Any failure by ICERT employees or parties contracted to ICERT to comply with the data protection rules (including as they are outlined in this Privacy Statement) may result in disciplinary action or sanction.
- We keep member contact information until the member requests to unsubscribe
- We keep non-member contact information until the non-member requests to unsubscribe
- We review contact lists annually across ICERT for member organisations and non members
- We keep finance information for invoicing purposes for seven years as required by revenue.
- We keep employer relations files for seven years from file closure.
This information is then shredded/deleted.
We retain contact details for events. This allows us to let you know when the event is next held which maybe annually.
If you unsubscribe from ICERT communications, we will delete your contact details promptly.
ICERT Training Data:
Our Networks input personal details from the hard & soft copy forms directly into the Sonraí database managed by Skillnet Ireland. Once details have been entered on the Sonraí database, the hard copy forms are shredded, and soft copy forms are deleted, within 7 working days of entry.
Personal data will be held on the Sonraí Database for a period of three years from the end of the preceding calendar year. Skillnet Ireland is responsible for maintaining the Sonraí database and purging data as appropriate.
6. Calls for Support
Through the Call for Support initiative we invite members to send us queries for best practice which we share with selected/relevant members via email for their input. You may request to be added or removed from this database. Removal from this database does not impact on your membership.
8. Your rights
When we use your personal data to provide you with ICERT services (such as events, information or training), you have the following rights: The right to:
- be informed about processing of your data – which this Privacy Statement does
- access your personal data
- object to personal data processing
- object to any direct marketing – either use the ‘unsubscribe’ button on our emails or contact us directly by email to firstname.lastname@example.org
- personal data portability – if and when it arises
- have your data rectified if its inaccurate
- erasure (in some circumstances)
- have your data restricted or blocked from processing where appropriate To exercise any of these rights, please email us at email@example.com
If you are not happy with the way we have handled your data, and are unable to resolve the issue with us personally, you can complain to the Data Protection Commissioner.
9. Changes to the privacy statement
Any changes to this Privacy Statement will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use Personal Data in a manner significantly different from that stated in this Website Privacy Statement, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail, and you will have a choice as to whether or not we use your information in the new manner.
The ICERT will occasionally record webinars that are originally broadcast through Zoom, Teams or other video broadcasting platforms. This includes webinars and online meetings that are delivered by the ICERT and training partners.
The purpose for recording these is to facilitate enhanced learning opportunities by giving attendees the opportunity to replay the session at a future date and/or facilitate those who could not attend the original broadcasting of the sessions.
These recordings may be hosted on the ICERT YouTube channel and posted on the ICERT website. Some of these recording may be password protected and only made available to the attendees on the webinar/meeting. Others may be made more freely available.
Attendees are notified at the start of the session if it is being recorded.
If you have any questions regarding the above statement please contact us at firstname.lastname@example.org
© 2022 ICERT