Uisneach Management Company Limited understands that your privacy is important to you and that you care about how your personal data is used and shared online. We respect and value the privacy of everyone who visits this website (Our Site), accesses our premises and uses our services. We will only collect and use personal data in ways that are described here, and in a manner that is consistent with our obligations and your rights under the GDPR and applicable Data Protection Laws.
Who We Are?
Uisneach Management Company Limited is a private company registered in Ireland (CRO No: 559825). The company operates the Hill of Uisneach Site at Loughnavalley, Co Westmeath.
You can contact us at: Uisneach Management Company, Lunestown, Loughnavalley, Co Westmeath
Email: [email protected]
What Does This Policy Cover?
What Data Do We Collect?
Information you give us:
We retain two types of information:
Personal Data: this is data that identifies you or can be used to identify or contact you and may include your name, address, email address, user IP addresses in circumstances where they have not been deleted, clipped or anonymised, telephone number. Such information is only collected from you if you voluntarily submit it to us.
Non-Personal Data: We use the Non-Personal Data gathered from visitors to our website in an aggregate form to get a better understanding of where our visitors come from and to help us better design and organise out website.
Some areas of The Hill of Uisneach are equipped with Closed Circuit Television (CCTV). We may collect your personal data through the operation of the CCTV cameras.
It is in our legitimate interests to use the CCTV as follows:
- In the detection and prevention of crime
- To safeguard all those who access our premises and facilities
- To investigate security, health & safety incidents.
Recorded images are held for up to 30 days and then destroyed. Any CCTV footage identified as relevant to a formally reported incident may be retained for longer. Any CCTV footage identified as relevant to a formally reported incident involving a minor is retained for up to 18 years from the date of the reported incident (where an investigation or claim arising from such a reported incident takes longer than 18 years to be processed, the CCTV footage identified as relevant to that incident may be retained for longer than 18 years).
These records will not be shared with third parties unless there is suspicion of a crime, in which case we may be required to share your information to comply with our legal and regulatory obligations. This may then be shared with An Garda Síochana or other competent authorities.
How Do We Use Your Data?
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with Our obligations and safeguard your rights under the GDPR at all times.
Our use of your personal data will always have a lawful basis as follows:
- You have provided your consent to us using your personal data for direct marketing (i.e. to receive our newsletter) or to share your data with a third party for purposes of processing donations.
- It is necessary for our performance of a contract with you (where you have purchased something from Our Site, donated online or other business arrangements)
- It is necessary for compliance with a legal obligation to which we are subject (for example, to manage health and safety)
- It is within our legitimate interests for the proper administration of Uisneach Management Ltd and to manage our operations (for example, for the detection and prevention of crime and safeguarding all those who access our premises and facilities)
- the processing is necessary for reasons of public interest including in the area of public health
Specifically, we may use your data for the following purposes:
- Providing and managing your access to Our Site
- Supplying tickets, gifts, or options to donate to you (please note that we require your personal data in order to enter into a contract with you)
- Communication with you via email or another method that you have opted into (At any stage you may choose to opt out of such communications – contact us at [email protected])
- Arranging events for your organisation/ institution/ company and communicating these details to you
- Assist government bodies or other competent authorities relating to public health requirements
How and Where Do We Store Your Data?
We keep personal data for as long as there is a need to keep it in connection with the purposes for which it was collected. Data will be deleted in line with our data retention policy.
We are committed to ensuring that there are appropriate technical controls in place to protect your personal data including protection from misuse and unauthorised access. For example, our network is protected and routinely tested.
Do We Share Your Data?
We engage with third parties to supply some services to us. These may be for:
- payment processing
- delivery of goods
- ticket processing
- search engine facilities
- audit, legal and financial management
- insurance purposes
- Health & Safety
Whilst we allow relevant staff, consultants and/or external third party service providers acting on our behalf to access and use your personal data for the activities we have described in this policy (e.g. to provide services or products to you, to process payments), we only permit them to use it to deliver the relevant information, goods or services. We may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of our website. For example, we might inform third parties regarding the number of unique users who visit our website, the demographic breakdown of our community users of our website, or the activities that visitors to our website engage in while on our website. The third parties to whom we may provide this information may include potential or actual advertisers, providers of advertising services (including website tracking services), commercial partners, sponsors, licensees, researchers and other similar parties.
We will not disclose your Personal Data to third parties unless you have consented to this disclosure or unless the third party is required to fulfil your query (in such circumstances, the third party is bound by similar data protection requirements).
Some of your data may be stored in or outside of the European Economic Area (“the EEA”). If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be in Ireland.
In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, to comply with legal requirements, public interests or public health grounds, a court order, or a governmental authority.
As a data subject, you have the following rights under the GDPR, which this Policy and Our use of personal data have been designed to uphold:
Right to be informed: This privacy notice explains how we collect, use and store your personal data
Right to access: You have the right to find out if we are holding personal data on you. To exercise this right, you can make a “Subject Access Request” by contacting us as above
Right to rectification: You have the right to have inaccurate personal data changed or removed. It is important to us that the information that we hold about you is accurate and up to date. Please let us know if any of your details have changed.
Right to erasure (the right to be forgotten): You have the right to ask for your personal data to be erased from our records. However, this right is not absolute, and we can refuse this request, if this is the case, we will explain our reasons for our decision.
Right to restrict processing: You have the right to ask us to restrict the processing of your data. This is an alternative to erasure and usually a temporary measure to limit the way we use your data whilst another data related matter is being resolved.
Right to data portability: This right allows you to obtain and reuse the data that we hold on you in a machine-readable format for transmission to another data controller.
Right to object: You have the right to object to us processing your personal data in some circumstances where we process data based on a legitimate interest or in the public interest.
Rights with respect to automated decision making and profiling. We do not process your data in this way.
All requests, if valid, will usually be processed within a month. If we need longer to process your request, we will inform you at the earliest opportunity and in any case within one month from receiving your request. Please contact us at: [email protected] on any of these rights.
This policy was last updated on: 14/12/2021