Galway Rape Crisis Centre Privacy Statement
The Galway Rape Crisis Centre (GRCC) will not collect any information about individuals, except where it is specifically and knowingly provided by them. We take our clients’ and supporters’ privacy seriously and endeavour to ensure that their information is kept securely and safely, and can be accessed only by those who have the authorisation to do so. This organisation will process personal data in compliance with the General Data Protection Regulations (GDPR) outlined in the Data Protection Act 2018, effective from 25 May 2018.
This Privacy Statement sets out how we collect, use and store your personal information that identifies or could identify you. We want our supporters and those that we support to have confidence in how we collect and process any personal information shared with us. This Statement will be regularly reviewed by our Executive Team and Board on an annual basis and updated accordingly. GRCC is committed to protecting the personal information of everyone who shares their information with us in the course of our work.
Galway Rape Crisis Centre CLG is a charity dedicated to providing a professional, caring and confidential counselling and support service for those in our community affected by sexual abuse and sexual violence. We also work towards ending cultural and societal tolerance of sexual violence through advocacy, awareness raising and education programmes. We are a ‘data controller’ and we are responsible for and control the processing of your personal information. This organisation commits to not collect any information about individuals, except where it is specifically and knowingly provided by them. We take our clients’ privacy seriously and endeavour to ensure that their information is kept securely and safely, and can be accessed only by those who have authorisation to do so. This organisation will process Personal Data in compliance with the General Data Protection Regulations (GDPR) outlined in the Data Protection Act 2018, effective from 25 May 2018.
What data is being collected?
The personal information we collect includes details such as your name, email address, postal address, telephone number and credit/debit card details. GRCC collects information from the public in a number of ways. For example, we ask for contact and other information when members of the public engage with our campaigns, get in touch with us, or attend a GRCC event. We use this information to keep you informed about other events which may be of interest to you; to help improve our services; and to keep a record of our communications with you. If you are a financial supporter and send us a donation by post or online, or make a regular contribution to GRCC through your bank account or credit card, we will ask for information that enables us to effectively administer your donation. This will generally include your name, contact information such as address, email or telephone number, your payment details and whether you wish GRCC to claim tax paid on your donation. All the personal data we hold about you will be processed and stored securely by our staff in Ireland for no longer than is necessary as detailed below. We will comply with our obligations in compliance with the General Data Protection Regulations (GDPR) outlined in the Data Protection Act 2018, effective from 25 May 2018.
Why are we collecting this information?
We process personal data for certain legitimate interests, which include some or all of the following:
- To reply to your email;
- Where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the beneﬁt of our supporters, students and clients;
- To enhance the security of our network and information systems;
- To better understand how people interact with our websites;
- To provide postal communications which we think will be of interest to you;
- To determine the eﬀectiveness of promotional campaigns; and
- Where stated, we may use the personal information you provide to contact you in the future about GRCC’s work with the option to opt out of this at any time.
We like to learn about your personal motivation for supporting Galway Rape Crisis Centre and your experiences as a supporter to improve our relationships with supporters and their experiences with us. We use the data to help us give you the information about events, campaigns and services which are most relevant and important to you. We may carry out research, segmentation and/or analysis of the personal information that you have provided to us and add publicly available information to help us tailor our communications to you; to better understand your preferences; and to continue to find the most cost-effective ways to campaign, fundraise, raise awareness and provide our services.
What is the legal basis for processing the data?
The GRCC processes personal data under a number of lawful processing conditions. We process individuals’ information under the following conditions:
- The individual has given consent to the processing of their personal data for one or more specific purposes;
- The processing is necessary for the performance of a contract to which the individual is party or in order to take steps at the request of the individual prior to entering a contract.
- The processing is necessary for compliance with a legal obligation to which the GRCC is subject.
- The processing is necessary in order to protect the vital interests of the individual or of another person;
- The processing is necessary for the purposes of the legitimate interests pursued by the GRCC, except where such interests are overridden by the interests or fundamental rights and freedoms of the individual which require protection of personal data, in particular where the data subject is a child;
- The processing is necessary for reasons of substantial public interest;
Not all conditions will apply to each piece of data, but at least one condition will apply to each piece of data.
Will the data be shared with any third parties?
This organisation offers a high level of confidentiality to its clients and financial supporters and will endeavour at all times to maintain anonymity. However, there are circumstances in which we cannot guarantee complete confidentiality for both ethical and legal reasons. These include our legal obligations under the Child Protection Act 2017 and Withholding of Information Act 2012, as well as where information is subpoenaed by the courts or we are made aware of safety and welfare concerns.
How long will the information be stored?
We store financial records of donations for a period of seven years, as required by the Revenue Commission for audit purposes. If a financial supporter has requested to have their contact details removed before this date, this financial information is anonymised where possible. In terms of client information, we are also obligated under professional law by our accreditation body and by our insurance to store clients’ information for this length of time.
What rights does the data subject have?
GRCC complies with requests for the disclosure of personal information in line with data protection legislation and best practice. This could include requests from law enforcement, Revenue or tax agencies. In these circumstances, the request must be submitted in writing and in accordance with the relevant legal requirements. As a data subject, you have the following rights under the GDPR which are applicable to information which is processed by GRCC. This Privacy Statement and our use of personal data have been designed to uphold and protect these rights:
- The right to access the personal data we hold on you;
- The right to correct and update the personal data we hold on you;
- The right to have your personal data erased;
- The right to object to processing of your personal data;
- The right to data portability;
- The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought;
- The right to object to the processing of personal data where applicable;
- The right to lodge a complaint with the relevant National Authority.
If you have any cause for complaint about our use of your personal data, please contact us using the details provided below and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the Data Protection Commissioner. For further information about your rights, please contact the Data Protection Commissioner at www.dataprotection.ie.
The GRCC is committed to protecting the privacy of users of its websites in compliance with the Data Protection Acts of 1988 – 2018 and the General Data Protection Regulation (GDPR). Any external links to other websites are clearly identifiable, and we are not responsible for the content or the privacy policies of those other websites.
What are cookies and why do we use them?
Types of cookies
There are three types of cookies used on our websites:
These cookies are essential in order to enable you to move around our websites and use its features. These cookies are deleted when you close your browser.
These cookies collect information about how users use our websites. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This helps us analyse data about web page traffic and improve our websites. These cookies do not collect information that identifies a website user. This information is combined with data from thousands of other users to create an overall view of website use and is never identified individually or personally. These cookies are only used to identify ways to improve the websites. To opt out of being tracked by Google Analytics across all websites please visit: http://tools.google.com/dlpage/gaoptout.For more information about Google Analytics, and the cookies it sets, please visit:https://developers.google.com/analytics/resources/concepts/gaConceptsCookies.
These cookies allow us to recognise you and remember choices you make (such as choice of language or mobile device preferences) when you return to our websites. Whenever you visit the same web site again, the information stored in the cookie can be retrieved to notify the website (and only that website) of your previous activity.
Enabling and Disabling cookies
Most browsers automatically accept cookies. You have the ability to accept or decline cookies or request that you are warned when a website is trying to install a cookie. This can be done by modifying the settings in your browser. Please note that disabling cookies may affect the functionality of some parts of our websites.
For more information about managing cookies and how to stop cookies being installed visit http://www.allaboutcookies.org/manage-cookies/.
How can you ask a question about this document or raise a complaint?
You can ask a question about this document or raise a complaint by contacting the GRCC’s Data Protection Officer:
- By email: [email protected] Galway Rape Crisis Centre
- By telephone: 091 564800
- In writing: Galway Rape Crisis Centre, The Lodge, Forster Court, Galway H91 EA03
If you wish to change your communication preference and our use of your information, you can do this at any time by emailing [email protected].
Galway Rape Crisis Centre does not, and will never, share, sell or exchange your information with other organisation for their own marketing purposes or commercial gain.