ICBE Privacy Statement
Revised August 2019 and applicable from 1st September 2019
We at the Irish Centre for Business Excellence (ICBE) respect your right to privacy and comply with our obligations under the General Data Protection Regulation. The purpose of this Privacy Statement is to set out how we deal with personal data given to ICBE, Aviation Skillnet, ICBE Business Excellence Skillnet and ICBE Advanced Productivity Skillnet and also provided to ICBE while visiting the ICBE website – www.icbe.ie and other websites under ICBE control, such as conference www.theknowledgemap.biz or training specific sites.
Any links to other external websites are clearly identifiable as such, and ICBE has no responsibility for the content or the privacy policies of these other websites. While we take care of the safety of information on our websites on an ongoing basis, if you are not happy with this Privacy Statement you should not use any of our websites.
About the ICBE
The Irish Centre for Business Excellence (ICBE) is a not-for-profit organisation established by leading companies in Ireland with a deep commitment to continuous improvement.
We are a knowledge-sharing network of cross-sectoral businesses committed to helping each other. At ICBE our goal is to assist our member companies to be the most competitive in their field.
ICBE PERSONAL DATA COLLECTION AND MANAGEMENT
- Types of information collected by ICBE
We collect and further process two types of information:
This is data that identifies you or can be used to identify or contact you and may include your name, address, e-mail address, user IP addresses in circumstances where they have not been deleted, clipped or anonymised and telephone number. Such information is only collected from you if you voluntarily submit it to use and we use it to deliver ICBE services and information to you. ICBE collects personal data in the following circumstances.
Under ICBE membership, member organisations are asked to nominate named contacts in their business/ organisation with whom ICBE may communicate with to provide ICBE services. These contact details are collected on a business-to-business basis and the legal basis for such data protection is to facilitate the necessary performance of the membership agreement.
In addition, member companies may provide employee details to ICBE when seeking training services from ICBE.
Other personal data processed by ICBE are for attending ICBE events and training courses, and research studies.
We will also have supplier contact details, which will contain individual names.
The ICBE websites are not intended for children and we do not knowingly collect data relating to children.
Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.
- Purposes for which we hold your Information
We use the Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise our website.
We will process any Personal Data you provide to us for the following purposes:
- to contact you if we are to respond to any communications from you
- to confirm your identity
- to process any orders from you i.e. membership application, event bookings or training
- to review and update our membership contact details
- to notify you of changes and updates to our services and to our websites
- to provide you with e-zines and newsletters for which you subscribe (please see section 6 for further details)
- to contact you about training and events, site visits or Calls for Support communications
- to provide you with training which either you or your employer have requested
ICBE uses member contact and other relevant personal information to provide membership services to member companies. These services, and any personal information given to enable their provision, are provided under ICBE membership agreement.
It is core to ICBE membership services that ICBE communicates with its members to keep them informed and up to date on what we are doing on their behalf and to seek their views and input (including Calls for Support) on issues of relevance.
While ICBE member interactions are business-to-business, they contain – principally via member contact details – some personal data. The relevant legal basis for processing any such personal data in ICBE member communications is contractual and membership necessity.
ICBE relies on its legitimate business interest as a business representative organisation to provide information on a range of shared knowledge, training and collaboration initiatives.
ICBE provides information, training and events to non-members who enquire, generally via the website in the first instance. Non-members may also contact ICBE via the phone, e-mail or via personal interaction with an ICBE staff member. Non-members include individuals attending ICBE training or events in their personal capacity.
When you attend an ICBE event, we will need your name, email address, payment information and, in some cases, your dietary preferences. This information is necessary and used by us in organising and administering the event. If the event is an annual event (e.g. ICBE National Conference) we will hold your contact details to let you know when it is next being held. If you are a speaker at an ICBE event, we will publicly promote your involvement via Twitter, LinkedIn, media interviews, emails and webinars. This data may continue to be processed by those platform providers after the event has ended.
Skillnet Ireland is deemed to be the Data Controller for the personal data recorded for training programmes only. Under the terms of our relationship with Skillnet Ireland, ICBE and the 3 Skillnet Networks it promotes are classed as Data Processors for the purposes of managing personal data obtained for the purposes of managing and administering the training provision. Any such data obtained through the Skillnet process is only used for Skillnet Ireland purposes and is not used for any other purpose.
ICBE provides a range of training programmes to members, primarily through three Skillnet Networks. These networks are co-funded by Skillnet Ireland and member companies. Skillnet Ireland is funded from the National Training Fund through the Department of Education and Skills. These programmes are also open to non ICBE members. ICBE training programs may involve other third-party contractors to ICBE or may be provided in association with other programme operators.
See Skillnet Ireland Trainee Privacy Statement, which is sent to all training providers providing ICBE and ICBE Skillnet Network training.
The following Trainee Personal Data is collected via the Attendance & Trainee Profile Forms:
- Email address and phone number;
- Gender and age range;
- NFQ level attained;
- Company name and address;
- Occupational category.
This data is transferred from profile forms to the Sonrai Database operated and maintained by Skillnet Ireland
The data collected is the minimum necessary to comply with monitoring and evaluation activities necessary and forms the legitimate interest legal basis for collection under the mandate between Skillnet Ireland and the Department of Education and Skills.
ICBE requires Training Providers to agree to process this personal or business data based on our instructions and requirements consistent with this Privacy Statement, Skillnet Ireland Privacy Statement and GDPR.
All training providers are required to comply with this Privacy Statement when they process personal data on behalf of ICBE.
- Data cannot be added to the Training Providers database or mailing list; unless they have acquired explicit permission from individual trainees.
- Data can only be used for the training program/event specified; unless they have acquired explicit permission from individual trainees.
- Data privacy rights of training participants must be honoured and protected. These rights are set down later in this privacy statement.
Training providers are required to shred any hard copy Skillnet forms and delete any soft copy Skillnet forms within 7 working days of sending to ICBE; unless they have acquired explicit permission to retain data from individual trainees and then manage that data as per their own Data Protection Policy.
- Disclosure of information to third parties
We may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of our website. For example, we occasionally inform third parties – usually sponsors of ICBE events and initiatives – of the number of unique users who visit our websites, the demographic breakdown of our community users of our websites, or the activities that visitors to our website engage in while on our website.
We will not disclose your Personal Data to third parties unless you have consented to our doing so. We will, however, disclose your Personal Data if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court, workplace relations forum, regulatory order, or other statutory requirement.
We may occasionally transfer personal data outside the EEA, but will not do so without your permission nor without appropriate assurances on the adequacy of data privacy protection commitments.
Your Personal Data is held on secure servers which are hosted by ourselves in accordance with our data retention schedule. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. Any transmission of data is, therefore, at your own risk. Once we receive your data, we use appropriate technical and physical security measures, including firewalls and anti-virus protection to protect your personal data, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to. Our suppliers are also required to use appropriate data protection compliance measures. We will continue to revise policies and implement additional security features as new technologies become available
Credit card payments are taken by telephone and will only be retained until payment for the event has been successfully completed.
All employees and contractors are required to comply with this Privacy Statement when they process personal data on our behalf. Any failure by ICBE employees or parties contracted to ICBE to comply with the data protection rules (including as they are outlined in this Privacy Statement) may result in disciplinary action or sanction.
- We keep member contact information until the member requests to unsubscribe
- We keep non-member contact information until the non-member requests to unsubscribe
- We review contact lists annually across ICBE for member organisations and non members
- We keep finance information for invoicing purposes for seven years as required by revenue.
- We keep employer relations files for seven years from file closure.
This information is then shredded/deleted.
We retain contact details for events. This allows us to let you know when the event is next held which maybe annually.
If you unsubscribe from ICBE communications, we will delete your contact details promptly.
Skillnet Training Data:
Our Networks input personal details from the hard copy forms directly into the Sonraí database managed by Skillnet Ireland. Once details have been entered on the Sonraí database, the hard copy forms are shredded, and soft copy forms are deleted, within 7 working days of entry.
Personal data will be held on the Sonraí Database for a period of three years from the end of the preceding calendar year. Skillnet Ireland are responsible for maintaining the Sonraí database and purging data as appropriate.
- Calls for Support
Through the Call for Support initiative we invite members to send us queries for best practice which we share with selected/relevant members via email for their input. You may request to be added or removed from this database. Removal from this database does not impact on your membership.
- Your rights
When we use your personal data to provide you with ICBE services (such as events, information or training), you have the following rights: The right to:
- be informed about processing of your data – which this Privacy Statement does
- access your personal data
- object to personal data processing
- object to any direct marketing – either use the ‘unsubscribe’ button on our emails or contact us directly by email to firstname.lastname@example.org
- personal data portability – if and when it arises
- have your data rectified if its inaccurate
- erasure (in some circumstances)
- have your data restricted or blocked from processing where appropriate
To exercise any of these rights, please email us at email@example.com
If you are not happy with the way we have handled your data, and are unable to resolve the issue with us personally, you can complain to the Data Protection Commissioner
- Changes to the privacy statement
Any changes to this Privacy Statement will be posted on this website so you are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any time we decide to use Personal Data in a manner significantly different from that stated in this Website Privacy Statement, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail, and you will have a choice as to whether or not we use your information in the new manner.
If you have any questions regarding the above statement please contact us at firstname.lastname@example.org
© 2019 ICBE