Data Protection Statement
This statement is effective as and from May 2018 and describes how we process your personal information. You have a number of rights in relation to your information including the right to object to processing of your personal information where that processing is carried out for our legitimate interests. In this statement we use the terms “we” and “our” to refer to DNA IT Solutions.
Who we are and how to contact us.
DNA IT Solutions is a Managed IT Service business, we are the controller responsible for your personal data in this case.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this data protection statement and our approach to privacy. If you have any questions about this data protection statement, including any request to exercise your legal rights, please contact the DPO using the details below;
Data Protection Officer, DNA IT Solutions, Junction J2, Maynooth Business Campus, Maynooth, Co Kildare. email: [email protected]
The purpose and legal basis for processing your information.
We collect your information for a number of purposes:
To enter into and perform a contract with you – When we are engaged to carry out services it is necessary to collect personal information from you in order to seek and receive your instructions in relation to those services and to carry out those services.
For our legitimate business interests – Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms.
We may use your personal information to manage our everyday business needs, our legitimate interest is the effective management of our business. Our legitimate interest is to connect with our clients and to update our clients on services which we provide.
We will, in certain circumstances, rely on your explicit consent to process your personal data, including, sensitive personal data. This consent can by withdrawn at any time by using the contact details of the DPO set out above.
Types of Information we collect and some examples of how we use it
We may collect, use, store and transfer different kinds of personal information about you as follows and use it for a variety of different purposes
Information type / Example of how we use it;
Address, email address, telephone numbers – We use this information to carry out instructed work, to send you information about project developments and services and to respond to your queries.
Interactions with our staff and partners – We use this information to keep a record of your interactions with us, to monitor and train our staff or to provide you with services.
Images from CCTV camera in an around the DNA IT Solutions premises – We use these images for security purposes.
Your information and Third Party Service Providers
Third Party Service Providers: We may share your personal information with third party service providers that perform services and functions at our direction and on our behalf such as accountants, business advisors, marketing companies who carry out marketing campaigns on our behalf and providers of security and administrative services.
An Garda Síochána, government bodies, or other government officials: we may share your personal information with an Gardaí, or other government bodies or agencies including but not limited to the Revenue Commissioners, where required to do so by law.
We will retain your personal information for the purpose of satisfying any legal, accounting or reporting requirements. How long certain information is stored depends on the nature of the information we hold and the purpose for which it is processed. For example, we may hold some personal information for a period of seven years from the date of completion of any contract with you.
Transfers outside the European Economic Area
We may transfer your personal data outside the European Economic Area. These countries do not always afford an equivalent level of privacy protection and in such circumstances we take specific steps, in accordance with data protection law and to protect your personal information. In particular, for transfers of personal data, outside the EEA where there is no adequacy decision by the European Commission we may rely on contractual protection approved by the European Commission.
You have several rights under data protection law in relation to how we use your personal information. You have the right free of charge to;
Request a copy of the personal information we hold about you.
Rectify any inaccurate personal data we hold about you.
Erase personal information we hold about you.
Restrict processing of your personal information.
Object our use of your personal information for our legitimate interests.
Receive your personal information in a structured commonly used and machine readable format.
To have that data transmitted to another data controller.
These rights are in some circumstances limited by data protection legislation. If you wish to exercise any of these rights, please contact us using the contact details contained in this form. We will endeavour to respond to your request within a month. If we are unable to deal with your request within a month we may extend this period by a further period of two months and we will explain why.
You also have the right to lodge a complaint to the Office of the Data Protection Commission.
We will update this data protection statement from time to time. Any updates will be made available and, where appropriate notified to you.