Home / Event Privacy Notice
Introduction
We are The Irish Computer Society with an address at 20 Harcourt Street, Dublin 2 D02 H364, Ireland (“ICS”, “we“, “our” or “us”).
The mission of ICS is to advance, promote and represent the interests of ICT professionals in Ireland. and we take the protection of personal data very seriously, being committed to protecting it at all times.
This Event Privacy Notice (“this Notice”) describes how we collect, use and safeguard personal information about you before, during and after your attendance at ICS events (including those events we may sponsor). When this Notice refers to “you” or “your” we mean you as identified as an attendee at an event.
In this Notice, “Personal Data” means information relating to a living individual who is or can be identified either from that data or from that data in conjunction with other information that is in, or is likely to come into, our possession. Any Personal Data that is collected by us is referred to as “Your Personal Data” in this Notice. Where we ask you for Personal Data, we will only do this where we require that information for specific purposes, for example event registration.
Any Personal Data you provide and from which you can be identified is stored securely and confidentially and is processed fairly and lawfully in accordance with Data Protection Laws, namely the Data Protection Acts 1988 to 2018, the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011, and any other applicable law or regulation (including updates) relating to the processing of Personal Data, (the “Data Protection Laws”).
The Collection and Use of Personal Data
We collect Personal Data about event attendees when we interact directly with you about our events. To register you for an event or webinar we will use: Basic Information; Contact Information; Financial Information; and Profile Information (for ICS only). This is required by us to perform a contract with you (or your parent/guardian where you do not have legal capacity to do so).
We may also obtain Personal Data directly from you through our website when you (i) fill out an event application form; (ii) sign up for an event and/or (ii) sign up to our mailing list. We may from time to time also collect additional Personal Data during a particular event and its exact purpose will be explained at that time.
We do not collect or process special categories of personal data (these include information about your health, genetic and biometric data, your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, or trade union membership). We also do not collect any information about criminal convictions and offences. We do however process information necessary to provide ‘reasonable accommodation’ (if requested by you) in accordance with the Irish Equality Acts, this for example may relate to dietary requirements or accessibility.
We will only use Your Personal Data for the purposes for which we collect it, unless we believe that we need to use Your Personal Data for another reason that is compatible with the original purpose.
Please contact us if you would like further information on how we use (or process) Your Personal Data, see ‘How to Contact Us below’.
The Legal Basis for Using Your Personal Data
We will use Your Personal Data, and share that data, for any one or more of the following legal bases (reasons):
- if we have a good reason to use Your Personal Data (this is also known as our “legitimate interests”), this could include activities related to CPD, networking opportunities, events and webinars, special interest groups, policy positions and updates and speaking opportunities in addition to everyday business operations, administrative tasks, such as troubleshooting, data analysis, and data security. In this case, we will carefully consider and balance any potential impact (either positive or negative) on your rights before we process your Personal Data for our legitimate interests. We do not use Your Personal Data for activities where our interests are overridden by the impact on you;
- where we have an agreement with you or on your behalf to do so, to deliver events and webinars and to manage our relationship with you while we do so; and/or
- where we must comply with a legal obligation.
We may process Your Personal Data for more than one of the legal bases above, depending on the specific purpose for which we are using Your Personal Data.
Who We Share Your Personal Data With
We will not disclose Your Personal Data to third parties unless required by law to do so, or as otherwise set out in this Notice.
We will from time to time send some/all of Your Personal Data in our possession to certain recipients as detailed below:
Other event attendees: for certain events, in order to encourage networking, ICS may circulate event attendee lists to other attendees of the same event prior to, during or after that event. You can ask for further information in relation to these attendance lists through the ‘Contact us’ details below.
Publication in print and online: ICS may use photographs or videos from events on its website or social media channels.
Transfers to service providers: ICS may transfer your personal details to third parties involved in the hosting or organising of events, such as sponsors, catering companies, exhibitors, stationery providers or hospitality staff at event locations. Such transfers are made for the legitimate interests pursued by ICS in order to ensure the effective operation of our events. You can ask for further information in relation to these third party service providers though the ‘Contact us’ details below.
Lecturers and presenters: the name and firm details for attendees on training courses will be shared with lecturers in order for them to tailor the course content appropriately. The name and firm details of attendees at other events may be shared with presenters/speakers at events who are Members of ICS. This is based on the legitimate interests of representatives of the Institute in facilitating an improved member experience.
How Long We Hold (Retain) Your Personal Data
We will only retain Your Personal Data for as long as reasonably necessary to fulfil the purposes it was collected for, and to satisfy any legal, regulatory, tax, accounting or reporting requirements. We may retain Your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of further communications or interaction with you.
To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of Your Personal Data, the purposes for which we process Your Personal Data, whether we can achieve those purposes through other means, and the applicable legal, regulatory or other retention requirements.
You have the right to request deletion of your Personal Data. Please see ‘Your Legal Rights regarding Your Personal Data’ below for further information.
Your Legal Rights Regarding Your Personal Data
You may at any time request a copy of Your Personal Data from us and, if you have any comments, concerns or complaints about our use of Your Personal Data, please contact us (see ‘How to Contact Us’ below).
For security reasons, we may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is to ensure that Your Personal Data is not disclosed to any person who does not have a right to receive it.
You have the following rights under Data Protection Laws and we, as controller of Your Personal Data held by ICS, will comply with those rights which are explained in more detail below. We will respond to any rights that you exercise without undue delay and in any event within one month of receiving your request, unless the request is particularly complex, in which case we will respond within three months (we will inform you within the first month if it will take longer than one month for us to respond).
Right to be provided with a copy of Your Personal Data: you have the right to obtain confirmation as to whether personal data concerning you is being processed, and, where that is the case, to request access to (or a copy of) the personal data, as well as certain information on how we are processing such data. If, to comply with your request, we would have to disclose Personal Data relating to or identifying another individual, we may need to withhold that Personal Data or edit the information to remove the identity of that individual.
Right to rectification: you have the right to obtain from us the rectification of inaccurate personal data concerning you. Considering the purpose of the processing, you may also, in some cases, be entitled to supplemental information regarding incomplete personal data.
Right to erasure (right to be forgotten): you may, in certain circumstances, have your personal data deleted, for example if your personal information is no longer necessary in relation to the purpose for which it was collected, if you have objected to the processing of personal data and we do not have a legitimate interest which outweighs your interest, if the personal data has been processed unlawfully, or if the personal data must be deleted to comply with a legal obligation.
Right to restriction of processing: you may require that we restrict the processing of your personal data in certain cases, e.g., where we no longer need your personal data, but you need it to determine, enforce or defend legal claims or you have objected to processing based on our legitimate interest in order to enable us to check if our interest overrides your interest.
Right to data portability: in some circumstances, you may be entitled to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit that data to another controller.
Right to object: you have the right to object to the processing of your personal data in certain circumstances, for example where the processing is based on our legitimate interest. If so, in order to continue processing, we must be able to show compelling legitimate grounds that override your interests, rights and freedoms.
Right to complain to the Data Protection Commission: If you do not think that we have processed Your Personal Data in accordance with this Notice, please contact us in the first instance (see ‘How to Contact Us’ below). If you are not satisfied with our response you can lodge a complaint to the Data Protection Commission or exercise any of your other rights pursuant to Data Protection Laws. Information about how to do this is available on the Data Protection Commission website at https://www.dataprotection.ie
For further rights under Data Protection Laws you should refer to the Data Protection Commission website (as above) or the ICS General Privacy Notice at www.ics.ie/privacynotice/
How to Contact Us
If you have any questions about this Notice or our data protection practices please contact us at:
The Irish Computer Society
20 Harcourt Street, Dublin 2, D02 H364
Telephone: 01 2377788
Email: info@ics.ie
To find out more you may also visit www.ics.ie
Updates
We will keep this Event Privacy Notice updated with any relevant changes to how personal data is processed by ICS over time.