Please read the following carefully to understand our practices and views regarding your data and how we treat it. When you visit our website or make an enquiry digitally or via phone, regarding our services or the making of specific purchase information is stored. We understand the importance of keeping such information secure and in providing you with information about what we do with said information.
Personal data, inclusive of information such as name, address, e-mail address, or telephone number of a data subject shall always be processed in line with the General Data Protection Regulation (GDPR), and by the country-specific data protection regulations applicable to Glenageary Montessori School.
Our company aims to inform the general public of the scope, and purpose of the personal data we collect, use and process using this declaration. Furthermore, the data subject is informed, utilising this data protection declaration, of the rights to which they are entitled.
- Use of personal data and automated decision making
You can visit our website without giving away any personal information. Glenageary Montessori uses Google Analytics and Cookies to improve our services, user experience and to analyse how the website gets used. Aside from the approximate location (IP address), the information gathered by Google Analytics is mostly anonymous traffic data that includes browser type information, device information and language information.
The information collected provides an overview of how people are accessing and using the https:www.glenagearymontessori.ie website. It is not used for purposes such as automated profiling or automated decision making.
As a responsible company, we do not use automatic decision-making or profiling.
- Information which we may collect from you
If you are visiting our website or accessing our applications, we collect the following information provided by your browser or mobile device:
- Pages accessed.
- Time of visit.
- Time of last visit.
- Name of the owner of the IP address.
- Reverse domain of the IP address.
- Referring site, application, or service, including the relevant search queries that led you to Tricel Killarney website.
- Browser information.
- Operating system and device information.
- IP address (from users signing in to the service, for security purposes).
We may also manage and process the following data about you:
Information that you provide through the act of filling forms on our site. This collection includes information provided at the time of registering to use our site, subscribing to our service or requesting further services or posting material.
We may keep a record of correspondence if you contact us.
We might ask you to complete surveys which we use for research purposes. However, you do not have to respond to them.
Details collected during your visits to our site. These details include, but is not limited to, location data, traffic data, weblogs or other communication data, whether this is required for our billing purposes or otherwise and the resources which you access.
We make use of information which we hold about you in the following ways:
To provide you with information of our services that you request from us or which we feel may be of interest to you, where you have consented to contact for such purposes.
To ensure that content on our website is presented most effectively for both you and your computer.
To carry out any obligations arising from contracts entered into between you and us.
To allow you to participate in interactive features of our service when you choose to do so.
To provide you with marketing information about our products or services.
To understand and analyse the usage trends and preferences of our visitors and users, to improve the service, and to develop new products, services and functionality.
To, on occasion, notify you regarding changes to our services.
We may use a visitors or users email address or other information – other than client data – to contact that visitor or user for the following:
Administrative purposes such as customer service, to address intellectual property infringement, the right to privacy violations or defamation issues such as those related to the client data or personal data posted on the service.
- Rights of the data subject
The right of confirmation (right to be informed)
Each data subject has the power granted by the European legislator to obtain from the controller the evidence regarding whether or not personal data concerning him or her is being processed. If a data subject wishes to avail themselves of this right, he or she can contact our Data Protection Officer or another employee of the controller at any given time.
Our site may contain links to and from websites belonging to our partner networks, advertisers and affiliates. If, on any occasion, you follow a link to these websites, note that these websites have individual privacy policies. We do not accept any responsibility, or liability, for these policies. Please check these policies before you submit any personal data to these websites.
The right of access to information
Every data subject has the right granted by the European legislator to obtain free information about his or her data stored at any time from the controller and to request, and receive, a copy of this information. Furthermore, the European directives and regulations grant the data subject access to the following information:
The purposes of the processing of data.
The categories of personal data concerned.
The recipients, or types of recipients, to whom the personal data have been or are to be disclosed. This element relates in particular to recipients in third countries or international organisations.
Where possible, the period believed necessary for the personal data to be stored, or, in cases where this is not possible, the criteria used to determine that period.
The right to request from the controller the correction or erasure of any personal data, or the restriction of processing of any personal data about the data subject, or to object to such processing.
The existence of the right to lodge a complaint with supervisory authority.
Where the personal data collected is not from the data subject, the relative source of any such available information.
Access to data related to the existence of automated decision-making, including profiling and, at least in such cases, meaningful information about the logic involved. Also, information about the significance and possible consequences that such processing may have for the data subject.
The data subject also has the right to obtain information as to whether personal data gets transferred to any third country or an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.
If a data subject wishes to avail himself of this right of access, he or she can contact our Data Protection Officer or another employee of the controller at any time.
Right to rectification
Every data subject has the right granted by the European legislator to obtain from the controller without undue delay the correction of inaccurate personal data concerning him or her. The data subject, taking into account the purposes of the processing, shall have the right to have incomplete personal data completed, through the provision of a supplementary statement.
If a data subject wishes to exercise this right to rectification, he or she can contact our Data Protection Officer or another employee of the controller at any time.
Right to erasure (Right to be forgotten)
Each data subject shall have the power granted by the European legislator to obtain from the controller the deletion of personal data concerning him or her without undue delay. The controller shall have a duty to erase personal data in a timely manner as per the subject’s request and inform other controllers that are also processing the data of said request where any of the following grounds apply, as long as the processing is not required:
The personal data ceases to be required for to the purposes for which they were collected or otherwise processed.
The data subject withdraws consent to which the processing is based and also where there is no other legal ground for the processing.
The data subject objects to the processing under Article 21(1) of the GDPR, and there are no overriding legitimate grounds for the processing or the subject data objects to the processing under Article 21(2) of the GDPR.
In the event of the unlawful processing of personal data.
The erasure of the personal data is necessary to comply with a legal obligation to which the controller is subject to within Union or Member State law.
The personal data collected was regarding the offer of information society services referred to in Article 8(1) of the GDPR.
If any of the outlined reasons above apply, and a data subject wishes to request the erasure of personal data stored by Tricel Killarney, he or she can contact our Data Protection Officer or another employee of the controller at any time. The Data Protection Officer of Tricel Killarney or another employee shall promptly ensure that the erasure request is complied with immediately.
In instances where the controller has made any personal data public, and an erasure request is submitted by the data subject, the controller must take all reasonable steps to inform other data controllers processing said personal data of the data subjects request for erasure. This includes any technical measures which may need to be employed and inclusive of the erasing of any links to or a copy of replication of those personal data as far as processing is not required. The Data Protection Officer of Tricel Killarney or another employee will arrange the necessary measures in individual cases.
Right to the restriction of processing
Each data subject shall have the power granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful, and the data subject opposes the erasure of the personal data and alternatively requests the restriction of their use.
The controller no longer requires the personal data for the purposes of the processing but is necessary by the data subject for the establishment, exercise or defence of legal claims.
The data subject has objected to processing (under Article 21 -1 of the GDPR) pending the verification whether the legitimate grounds of the controller override those of the data subject.
If any of the conditions outlined above are met, and the data subject wishes to request the restriction of the processing of personal data which is stored by Tricel Killarney, they can contact our Data Protection Officer or another employee of the controller at any time. The Data Protection Officer of Tricel Killarney or another employee will then arrange the restriction of the data processing.
Right to data portability
Each data subject has the right granted by the European legislator, to receive the personal data concerning him or her, which initially was provided to a controller. Said data would be received in a structured, commonly used and machine-readable format.
They also have the right to transmit such data to another controller, and to do so without hindrance from the controller to which the personal data was provided as long as the processing is:
Based on consent and the processing is carried out by automated means.
As long as the processing is not necessary for the performance of a task carried out in the public interest or the exercise of official authority vested in the controller.
Furthermore, in exercising his or her right to data portability, the data subject shall have the right to have their data transmitted directly from one controller to another. This type of transmission applies where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to assert this right to data portability, the data subject may at any time contact the Data Protection Officer designated by Tricel Killarney or another employee.
Right to object
Each data subject has the right granted by the European legislator to object, on grounds relating to his or her particular situation, at any time, to the processing of personal data concerning him or her. This right is based on point (e) or (f) of Article 6(1) of the GDPR. This right also applies to profiling based on these provisions.
Tricel Killarney shall no longer process the subject’s personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise or defence of legal claims.
If Tricel Killarney processes personal data for direct marketing purposes, the data subject shall have the right to object at any time to the processing of personal data concerning him or her for such marketing. This rule applies to profiling to the extent that it is related to such direct marketing. If the data subject objects to Tricel Killarney to the processing for direct marketing purposes, Tricel Killarney will no longer process the personal data for these purposes.
The data subject also has the right, on grounds relating to his or her particular situation, to object to the processing of personal data concerning him or her by Tricel Killarney for any scientific or historical research purposes. As well as for statistical purposes as outlined in Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject may directly contact the Data Protection Officer of Tricel Killarney or another employee. Also, the data subject is free in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use his or her right to object by automated means using technical specifications.
Right not to be subject to automated decision-making, including profiling
Each data subject has the right granted by the European legislator not to be subject to a decision based solely on automated processing. This right is inclusive of profiling, which produces legal effects concerning the data subject, or similarly significantly affects said data subject as long as the decision:
Is not necessary for entering into, or the performance of, any contract between the data subject and a data controller.
Is not authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests.
Is not based on the data subjects explicit consent.
If the decision is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or is based on the data subject’s explicit consent, Tricel Killarney will implement suitable measures to safeguard the data subject’s rights and freedoms and legitimate interests. This is inclusive of the right to obtain human intervention on the part of the controller or if necessary to express their point of view and to contest the decision.
If the data subject wishes to exercise the rights concerning automated individual decision-making, they can directly contact our Data Protection Officer of Tricel Killarney or another employee of the controller at any time.
Right to withdraw data protection consent
Each data subject shall have the right granted by the European legislator to withdraw his or her consent to the processing of his or her personal data at any time.
If the data subject wishes to exercise the right to withdraw the consent, they may directly contact our Data Protection Officer of Tricel Killarney or another employee of the controller at any time.
Is providing personal data mandatory?
Most of our services do not require any form of registration, allowing you to visit our site without you telling us who you are. However, some services may require you to provide personal data. In such situations, if you choose to withhold any personal data which is requested by us, it may not be possible for us to contact you in response to your query or provide information which you wish to request.
On the website of Tricel Killarney, users have the opportunity to subscribe to our enterprise’s newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter gets ordered from the controller.
A confirmation e-mail is sent to the e-mail address registered by a data subject in the double opt-in procedure. This confirmation e-mail is used to confirm the owner of the e-mail address as the data subject and is authorised to receive the newsletter.
During the registration process for the newsletter, we also store the IP address of the computer system as assigned by the internet service provider (ISP) and used by the data subject at the time of the registration, along with the date and time of the registration. The collection of this data is necessary to discern the (possible) mistreatment of the e-mail address of a data subject at a later stage. Therefore, it serves the aim of the legal protection of the controller.
For retraction of consent, a corresponding link (‘unsubscribe’) is included in each newsletter sent, follow this link to instigate the process of removing consent. Furthermore, it is possible to unsubscribe from the newsletter at any time directly on the website of the controller, or if preferable, you can communicate this requirement to the controller in a different way which is personally more suitable.
- Transferring and storing your data
All information provided to us by a given data subject is then stored on our secure servers. Unfortunately, the transmission of information via the internet is not entirely secure. We will do our best to protect your personal data. However, we cannot guarantee the security of your data transmitted to our site. Any transmission of data is at your own risk. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access.
- Legal basis for processing data
During a user’s registration, or later on the platform, they may provide information such as name, email address, telephone and other relevant data. This information is used to identify the user and to provide them with support services, mailings, sales and marketing actions, billing and to meet any contractual obligations.
Such as in a situation where the processing of personal data is essential for a contract to be executed in which the data subject is a party, for example, when processing operations are required for the supply of our services.
The same applies to processing operations essential for carrying out any pre-contractual measures. An example of such an instance is when a data subject is making queries and enquiries about our service. Or, in cases where our company is subject to a legal obligation in which the processing of personal data is required (an example would be the fulfilment of tax obligations).
Processing shall be lawful only if and to the extent that at least one of the following applies:
The data subject has given consent to the processing of their data for one or more specific purposes.
Processing is necessary for the performance of a contract to which the data subject is a party or to take steps at the request of the data subject before entering into a contract.
Processing is necessary for compliance with a legal obligations.
Processing is needed to protect the vital interests of the data subject or another natural person.
Processing is required for the performance of a task carried out in the public interest or the exercise of official authority vested in the controller.
Processing is necessary for the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
- The period for which the personal data is stored
The criteria used to determine the period of storage of personal information is the respective statutory retention period. After the expiration of that period, the corresponding data is deleted routinely, as long as it is no longer necessary for the fulfilment of the contract or the initiation of the said contract.
If you wish to request that we cease to use your registration information to provide you services contact us at email@example.com . We will retain and use your registration information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
- Disclosure of your information to third parties
We may share with third-party companies service providers or business partners to process our data and to support our business. These include for example server and hosting providers, payment processors and customer service and management tools.
Glenageary Montessori is not responsible for the privacy practices or the content of those other websites.
Your data may be processed by third parties, including Google Analytics, Google AdWords and specific components of social media applications (such as Facebook, LinkedIn, Twitter) integrated with our website.
In connection with a job application or inquiry, whether advertised on our website www.glenagearymontessori.ie website, you may provide us with information about yourself, such as a resume. We may use this information in order to address your inquiry or consider you for employment purposes. Unless you tell us not to do so, we may keep the information for future consideration.
- Your Consent
You do not have to consent to our services; your consent is given freely and unambiguously by you.
We do not use pre-ticked boxes or any other form of permission by default.
You can withdraw your consent at any time by emailing firstname.lastname@example.org . We keep a record of when your consent was given and withdrawn.
If you chose not to give consent for the use of your data, it would not be a detriment in either the use of our website or the services we provide. Consent is not a pre-condition of our service.