British Irish Chamber of Commerce Privacy Notice for Members and Business Contacts
The British Irish Chamber of Commerce, as a trade representative organisation whose principal place of business is at 13 Merrion Square North, Dublin 2, Ireland takes its responsibilities under applicable data protection law, including the General Data Protection Regulation (EU) 2016/679 and implementing legislation (“Data Protection Law”) very seriously. The purpose of this notice is to inform you about the data relating to you that we may collect and the uses (including disclosures to third parties) we may make of your data which includes information about membership and relevant business services and sending you invitations to events, relevant business referrals and business opportunities and legislative and advocacy updates.
The British Irish Chamber of Commerce is the controller in respect of the data we collect and we take all reasonable steps to ensure the safety and privacy of all information and, where appropriate, enter into contracts with any third party processors to protect the privacy of any personal data processed by us.
- What information do we collect
We collect personal data that you voluntarily provide to us, for example when you communicate with us via email, when you sign up for membership or related services or ask us to send you newsletters, briefings, or other materials and when you sign up for an event. Such data may include:
1.1 your name, job title and name of employer and any personal data you send to us to provide you with our services;
1.2 your contact details, including your business address, email address and telephone number;
1.3 records of invitations and briefings sent to you and of your attendance at our events;
1.4 information relating to particular areas that may be of interest to you.
If you are an employee or former employee of the British Irish Chamber of Commerce we also process certain data about your employment with us, including your start and finish date, payroll preferences and information related to your employment.
- Purpose of processing and legal bases
Your personal data is used by us and by third party service providers acting on our behalf for following purposes:
2.1 providing you with membership and related business information services;
2.2 for administration and billing purposes and for other purposes which are reasonably incidental to the services being provided;
2.3 sending or providing you with invitations, information and access to events, briefings, business referrals and opportunities, legislative and advocacy updates; and
2.4 maintaining our list of contacts.
The legal bases on which we collect, process and transfer your information in the manner described above are:
(a) For 2.1 and 2.2
(i) your consent (where we have sought it and you have provided it to us), and in which case, you can withdraw your consent at any time;
(ii) where any such processing is necessary for the performance of a contract between us; and
(iii) our legitimate interests in conducting our business in a responsible and commercially prudent manner.
(b) For 2.3 and 2.4
(i) Our legitimate interest in maintaining a business relationship and communicating with you, as a business contact, about our events and providing you with information about relevant legal and regulatory advocacy developments.
We may process special categories of data, such as accommodating any special requirements you may have for any events that you register to attend. Any use of such information is based on your consent.
- Sources of data
As well as collecting information from you, in some cases your personal data may be supplemented by information obtained from publicly available sources, including LinkedIn and your employer’s website, for the purpose of confirming your current business role so that we serve your interests.
- Sharing your data
We may disclose your personal data to third party recipients acting on your or our behalf, for the purposes of providing membership and related business services to you and for providing you with information which we believe you may be interested in.
We will retain your personal data for as long as it is reasonably necessary for us to provide you with membership and related business services. If you are a business contact, we will retain your personal data for as long as we consider you to be a business contact and we will give you the opportunity to unsubscribe if you no longer wish to receive communications and invitations from us.
- Security measures to keep your personal data safe
We employ appropriate technical and organisational security measures to help protect your personal data against loss and to guard against access by unauthorised persons. We carry out risk assessments on all third party service providers to make sure the personal data they hold is secure. We regularly review our security policies and procedures to ensure our systems are secure and protected.
- Necessity of provision of certain information and consequences
Apart from any statutory obligations, you are not under a statutory or contractual duty to provide us with any personal data. However, there are some pieces of information that you need to give us so that we can provide you with our services. We will notify you of any such required information. If you do not provide us with this information, we may not be in a position to provide our services to you.
- Transfers abroad
Where relevant and necessary for our business including our representation on your behalf, we may transfer your personal data outside the European Economic Area, including to a jurisdiction which is not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union. If and to the extent that we do so, we will ensure that appropriate measures are in place to comply with our obligations under applicable law governing such transfers, which may include (i) entering into a contract governing the transfer which contains the ‘standard contractual clauses’ approved for this purpose by the European Commission or (ii) seeking and obtaining your explicit consent to the transfer or (iii) where the transfer is necessary for the establishment, exercise or defence of legal claims.
- Your rights and how to update your information
You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your personal data:
9.1 the right to be provided with a copy of your personal data;
9.2 the right to request the rectification and/or erasure of your personal data;
9.3 the right to restrict the use of your personal data;
9.4 the right to object to the processing of your personal data, where we are processing it based on this being necessary for the purposes of our or of a third party’s, legitimate interests; and
9.5 the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller, where we are processing the data based on your consent or that this is necessary for the performance of a contract with you.
In order to exercise any of the rights set out above, or if you have any questions about how we process your personal data, you can email us at firstname.lastname@example.org or write to us at Data Protection Queries, The British Irish Chamber of Commerce, 13 Merrion Square North, Dublin 2, Ireland, D02 HW89. Please note that the limitation or deletion of your personal data may mean that we will be unable to provide you with the communications and/or invitations described above.
We are required to keep all personal data accurate and up to date. To assist us in doing so, we ask you to contact your usual business contact at the British Irish Chamber of Commerce or email email@example.com with any relevant changes, such as change of address or contact telephone numbers.
We take a high level of care in how your personal data is handled to ensure that it is safeguarded and our legal obligations are met. If you are not happy with the way we have used your information or addressed your rights, you may contact us at firstname.lastname@example.org. You also have the right to make a complaint to the Irish Data Protection Commission by emailing email@example.com.
If you no longer wish to receive further marketing communications and/or invitations from us, you can unsubscribe at any time by emailing us at firstname.lastname@example.org.