GDPR DATA PROTECTION PRINCIPLES
Kerry Writers’ Museum commits itself to operating on the basis of the following privacy principles:
- Lawfulness, Fairness, and Transparency
- Beyond upholding your legal rights, our aim is to provide our services fairly to you, and to be transparent in the way we process your data.
- We will always provide you with a clear statement of the purpose behind a data processing.
- We will always provide you with a clear statement on how that processing is compatible with your legal rights, also known as the legal or lawful basis for processing.
- One common example of a lawful basis is where processing is necessary for a service or contract that you have requested. Another common basis is where we have a legal obligation to process your data, such as to protect against fraud. Your consent can sometimes also be a legal basis for processing.
- Purpose limitation
- We aim to collect your data only for specific, limited purposes that we will specify to you in advance as clearly as we can.
- Moreover, in the event we ever rearrange how we do things, we aim never to process your data in a way that is incompatible with the original purposes.
- Data Minimisation
We try only to process the personal data that we really need – no more and no less.
We will try to correct or erase, depending on what is appropriate in the context, personal data that are inaccurate.
- Storage Limitation
No one needs or wants their data floating around for eternity, so we try to delete data when we no longer need them.
- Integrity and Confidentiality
We protect your data with the appropriate technologies and business practices. We guard against unauthorised or unlawful processing, and against accidental loss, destruction, or damage to your data.
- We aim to document, as necessary and appropriate, the things we do for your protection.
- You also have a number of rights that you can use to check up on us and hold us accountable.
- Finally, in addition to holding ourselves accountable, we also demand that our processors commit themselves to the protections you deserve. We aim to be transparent in our choice of processors so that you can hold them accountable too.
CONSENT TO COLLECT INFORMATION
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at email@example.com or mailing us at: Kerry Writers’ Museum, 24 The Square, Listowel, Co. Kerry, V31 RD93, Ireland.
TYPES OF DATA WE COLLECT
Contact information and Purchasing Data
When you purchase a course, product or gift voucher(s) through Kerry Writers’ Museum’s office or website your name, address data, email and contact number will be stored in our system. We do not share your personal details with any other company without your consent.
We may provide course facilitators with your email address so that they can provide you with materials for the duration of your course. Facilitators are not permitted to use your information for any other purpose unless given permission by you.
We may contact you regarding your experience of the Kerry Writers’ Museum services and resources. This feedback and information is used to improve our services and is never passed on to other organisations.
As part of the registration process for our monthly e-newsletter, we collect personal information. We use that information for a couple of reasons: to inform you about the activities of Kerry Writers’ Museum; to contact you if we need to obtain or provide additional information; to check our records are right and to check every now and then that you’re happy and satisfied. We don’t rent or trade email lists with other organisations and businesses.
We use a third-party provider, MailChimp, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing our Manager Cara Trant at firstname.lastname@example.org.
Our store is hosted on Paypal. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Paypal’s data storage, databases and the general Paypal application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Paypal stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
Website Google Analytics
When someone visits www.kerrywritersmuseum.com we use Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
When you use Kerry Writers’ Museum’s Wi-Fi, we do not collect any information about your activities.
When you click on links on our website, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
ACCESS TO YOUR PERSONAL INFORMATION
You are entitled to view, amend, or delete the personal information that we hold. Email your request to our Executive Director Cara Trant at email@example.com with the subject line ‘Data Protection’.
CHANGES TO THIS POLICY
This policy was reviewed on 21.05.2022 and will be re-examined on a yearly basis.