The various rights of the data subject
Privacy Policy
DIGIWEB PRIVACY NOTICE
and Cookies Policy
(GDPR updated May 2018)
Digiweb is committed to protecting your privacy, be that when you visit our websites, and/or provide us with information in when submitting an enquiry, or when you subscribe for and use our services. Digiweb seeks to ensure the highest standards of compliance with all relevant Data Protection Laws and Regulations.
This policy applies to all personal data (“Personal Data“) in our possession and specifically includes the following: call traffic details, service usage data and customer information (including name, address, fixed line number, mobile number, email address and all other contact details), and your payment details, including bank account or credit card information.
In addition to existing data protection legislation and ePrivacy regulations, the new General Data Protection Regulation (GDPR) requires that we give individuals specific information about what we are doing with their information. It sets out the detail that we should supply to individuals, and when we need to give it to you.
Under the GDPR, the information we give to you about the processing of Personal Data must be:
- Concise, transparent, intelligible and easily accessible;
- Written in clear and plain language, particularly if addressed to a child; and
- Free of charge.
We endeavour to meet those obligations
Where you provide us with your Personal Data in any of the ways described in below, you agree that we may collect, store and use it: (a) in order to perform our contractual obligations to you; (b) based on our legitimate interests for processing (i.e. for internal administrative purposes, data analytics and benchmarking (see below for more information), direct marketing, maintaining automated back-up systems or for the detection or prevention of crime); or (c) based on your consent, which you may withdraw at any time, as described in this Privacy Notice.
EXPLAINING THE DATA PROTECTION JARGON:
- Personal data is information about a living individual which is capable of identifying that individual.
- Processing is anything done with/to Personal Data, including storing it.
- The data subject is the person about whom Personal Data are processed.
- The data controller is the person or organisation who determines the how and what of data processing.
Key Information required in our Privacy Notice under Chapter III of the GDPR
Identity and contact details of the data controller and where applicable the controller’s representative and the data protection officer
Digiweb Limited (“Digiweb”), IDA Industrial Park, Dundalk County Louth, Ireland A91KR80, is the Data Controller. Enquires to datarequests@digiweb.ie, or by post to the address above, directed to the “data compliance manager”.
Purpose of the processing and the legal basis for the processing.
We need your Personal Data to; (i) provide service to you at a location, and arrange for the commissioning and installation of same; (ii) engage with you about delivery and service issues; (iii) communicate ongoing enhancements to, or issues with, the service, (iv) invoice you for the services, (v) collect payment from you for the services, and (vi) let you know about complementary services.
The legitimate interests of the data controller or third party (where applicable)
We have a legitimate interest in using Personal Data as part of the operation of our business and the provision of the services, but always balanced with your rights, and only where that legitimate interest is justified. Examples include using customer Personal Data to fulfil our service contract with you, get paid for the services we provide, for marketing, fraud prevention, intra-group transfers, or IT security. We may also have a legitimate interest in disclosing information about possible criminal acts or security threats to the authorities.
How we collect Personal Data
We may collect Personal Data when you;
- Register to use our websites, applications or services (including free trials); this may include your name (including business name), address, email address and telephone number. We may also ask you to provide additional information about your business and your preferences;
- place an order using our websites, applications or services;
- complete online forms (including call back requests), take part in surveys, post on our message boards, post any blogs, enter any competitions or prize draws, download information or publications or participate in any other interactive areas that appear on our website or within our application or service;
- interact with us using social media;
- provide your contact details to us when registering to use or accessing any websites, applications or services we make available or when you update those details; and
- contact us offline, for example by telephone, fax, SMS, email or post.
We will also collect your information where you only partially complete and/or abandon any information inputted into our website and/or other online forms and may use this information to contact you to remind you to complete any outstanding information and/or for marketing purposes.
Any recipients or categories of recipients of the Personal Data
Recipients of Personal Data include outsourced billing providers to generate and/or dispatch invoices, credit reference checkers, collection agencies, marketing agencies, third party wholesale service providers (like Open Eir, Siro, Enet, EutelSat), outsourced installation technicians, equipment dispatchers, Regulators and law enforcement agencies.
Details of international data transfers
We generally do not transfer Personal Data outside of the European Economic Area. We endeavour to ensure, where practical, that our sub-processors of your Personal Data do not transfer your Personal Data outside the European Economic Area. If such transfer is necessary, we only allow it where contractual assurances have been received that appropriate safeguards are in place, which may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA.
Retention period or criteria used for determining the retention period
Customer Personal Data is retained for up to two years after you cease to be an active customer. Customer credit card and bank account details are generally deleted within 18 months, unless payments are outstanding.
Invoices are retained for 6 years, and by their nature will contain some customer Personal Data, notwithstanding the deletion policy referred to above.
“Traffic data”, being details of the calls, emails, text messages, fax messages, internet access via an IP address made by subscribers (excluding content), are only held for as long as necessary to enable bills and telecommunications providers interconnect payments to be settled, and to meet specific legal requirements. Those legal requirements are primarily set out in the Communications (Retention of Data) Act 2011. Under the Act, fixed and mobile call records are retained for 2 years after the relevant calls have been made, and internet access, internet e-mail and internet telephony data for 12 months.
You have the right to apply for a copy of the information we hold about you. This is called a data subject access request and you can make a request by writing to us using the contact details above. We may require further information from you in order to verify your identity before disclosing any Personal Data to you.
You also have the right to have any inaccurate information about you corrected. We want to make sure that your information is accurate and up to date. You may ask us to correct or remove any information that you think is no longer up to date. Please contact us using the contact details below if you would like any corrections made to your information.
You have the right to object to the processing of your information e.g. for direct marketing purposes. You also have the right to have any information you provided to us on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another company, where technically feasible (“data portability”).
You also have the right to object to any decisions based on the automated processing of your personal data, including profiling.
The right to withdraw consent at any time, where relevant
Where you have given your consent to the processing of your of Personal Data, you may withdraw that consent in writing at any time, by notification to the address above. Note in addition to, or instead of your explicit consent, we may also rely on our legitimate interest as a lawful basis for processing your Personal Data, and that legitimate interest may survive the withdrawal of consent. At a minimum, while you are a customer, (or while we are owed outstanding payments), we will need to provide the service, attend to faults, and invoice and collect payment for the service.
The right to lodge a complaint with a supervisory authority
If you consider that the processing of Personal Data infringes the GDPR, you have the right to lodge a complaint with the office of the Data Protection Commissioner.
If you consider that the processing of Personal Data infringes the GDPR, you have the right to lodge a complaint with the office of the Data Protection Commissioner.
The provision of Personal Data as collected by Digiweb, is limited to that which is necessary to provide the service and collect payment, and communicate with the customer, it is a requirement of our services contract. A failure to provide the relevant current Personal Data could have the consequence that Digiweb is frustrated from performing its obligations under your service contract, however any minimum term or minimum usage obligations would subsist as binding obligations on you.
The existence of automated decision making, including profiling and information about how decisions are made, the significance and consequences
Two qualify under this heading, the processing must (i) be a decision taken using Personal Data processed solely by automatic means, and (ii) the decision must have a significant effect on the individual concerned. Digiweb does not use automated decision making to take material decisions about you or your Personal Data.
We Use Cookies!
“Cookies” are small text files sent from a website to the hard drive of a user’s computer to store bits of information related to that user. Cookies can store information about users, including IP addresses, navigational data, server information, data transfer times, user preferences, and passwords needed to access the special areas on our site.
Digiweb uses cookies for the purpose of storing and retrieving session information in our on-line systems, storing user preferences and for analysing traffic on our site. Third party cookies are used to measure the effectiveness of our online advertising campaigns. No Customer Data or Sensitive Data is stored in these cookies. The data collected using these cookies does not identify individual users.
There are four types of cookies used on the Digiweb websites:
- Strictly Necessary Cookies
These cookies are essential in order to enable you to move around the website and use its features.
- Performance Cookies
These cookies collect information about how visitors use the Digiweb website. Digiweb uses Google Analytics to track anonymized usage statistics for the site. This data is used to analyse how frequently people visit the site, how the website is found and which pages are most frequently viewed. These cookies don’t collect information that identifies a visitor. This information is combined with data from thousands of other users to create an overall view of website use, and is never identified individually or personally. These cookies are only used to identify ways to improve the website.
To opt out of being tracked by Google Analytics across all websites please visit: http://tools.google.com/dlpage/gaoptout
For more information about Google Analytics, and the cookies it sets, visit: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies - Functionality Cookies
These cookies allow us to remember choices you make (such as mobile device preferences). - Targeting Cookies
To measure the effectiveness of our online advertising campaigns we use 3rd party cookies. For example, for measuring how many unique browsers have seen a particular advertisement and how many of those subsequently visit our website. The data we or our agents collect using cookies does not identify individual users.
For more information about cookies and how to stop cookies being installed visit: http://www.allaboutcookies.org
Digiweb Limited
May 2018