Privacy Policy

We are working with UK-based associates to ensure the implementation of appropriate safeguards on the transfer of personal data from the EEA/UK in line with the Schrems II case.

Opening statement

We at the Institute of Sustainable Trade, an initiative of the Irish Exporters Association, know you care about how your personal information is used and shared, and we take your privacy seriously. Please read the following to learn more about how we collect, store, use and disclose information about you when you interact with us digitally through our website and social media sites or if you use any of our products or services (collectively the “Services”) and/or attend our events, interact with us at trade shows, purchase from us or interact with us via marketing in any manner.

For the purpose of this Privacy Statement, the data controller is the Irish Exporters Association whose registered office is at 28 Merrion Square North, Dublin 2, D02 AW80. The data subject(s) are members of the Irish Exporters Association and their approved contacts as well as any non-member companies who purchase our Services, attend our events and interact with us having provided consent via our opt-in procedures or where there is a legitimate business interest.

As controller of the data processing, we have implemented a number of measures to protect data subjects on our website. Our webpages have an SSL certificate which encrypts data exchanged via HTTP.

We use Google ReCaptcha on our website and as a website owner we have legitimate interest in protecting our users and our site against abusive automated spying and SPAM. Further information on Google reCAPTCHA is available here: www.google.com/recaptcha/intro/android.html.

What does this Privacy Policy cover?

This Privacy Policy covers our treatment of information that we gather when you are accessing or using our Website or Services or when you contact us in any manner. We gather various types of information, including information that identifies you as an individual (“Personal Information”), from our users, as explained in more detail below.

Please note that this Privacy Policy, while intended to be as complete and accurate as reasonably possible, is not exhaustive and may be updated from time to time. Date of recent amendments will always appear at the top of the statement.

What information do we collect?

Information You Provide to Us:

When you use the Website: We may collect any Personal Information that you choose to send to us or provide to us, for example, on our online form or as members using the members section. If you contact us through the Website, we will keep a record of our correspondence and if you sign up to an event, training course or other related Service we will keep a record in order to process your request.

When you use the Services: We receive and store information you provide directly to us. For example, when setting up new users/members, we collect Personal Information, such as name, company, telephone number, job titles and e-mail address, to provide you with Services. The types of information we may collect directly from our customers and their users include: names, email addresses, postal addresses, phone numbers, job titles, transactional information (including Services purchased), details of attendance at our events, interactions with our staff, publicly available information, information relating to subscription to our marketing mailing lists, as well as any other contact or other information they choose to provide us or upload to our systems in connection with the Services.

When you interact with us on social media: Data use is covered by the terms and conditions and privacy notices of each digital platform (LinkedIn, Twitter, Instagram, Facebook).

Information We Automatically Collect:

When you use our Website: When you visit the Website, we collect certain information related to your device, such as your device’s IP address, referring website, the pages your device visited, and the time and duration that your device visited our Website.

When you use our Services: Usage information – we keep track of user activity in relation to the types of the Services our members and/or clients and their users use or have expressed an interest in, the configuration of their computers, and performance metrics related to their use of the Services.  Log information – we log information about our customers and their users when you use one of the Services including Trade Assists, Events, Consular Services or Training. Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.

For further information, please see COOKIE POLICY

How do we use the information?

The legal basis for the processing of Personal Data by the Institute of Sustainable Trade, an initiative of the Irish Exporters Association includes:

Necessary for entering into or the performance of a contract: It is necessary to process the Personal Data provided by you to enter into and perform our contract with you as a member of the Institute of Sustainable Trade, or a customer or client of our Training Department. Under these terms, we process your Personal Data to: execute the terms of Membership and provide services, including the processing of payment of membership fees, to facilitate requests for services by you throughout membership, to inform you about our events, to monitor your attendance at events, including adding you to attendee lists for registration processes.

In order to enter into a contract of membership with the Institute of Sustainable Trade or to use the Services of Events, Training Services, you are obliged to provide us with Personal Data, if you do not wish to provide us with the required Personal Data, you will be unable to avail of the Institute of Sustainable Trade’s Services.

Necessary for the purposes of the legitimate interests: As part of your engagement with the Institute of Sustainable Trade, we may obtain, collect and process your Personal Data where we have a legitimate interest to do so, except where such interests are overridden by your interests or fundamental rights or freedoms. We may obtain, collect and process Personal Data in order to grow membership of the Institute of Sustainable Trade, facilitate engagement and connection between users, facilitate and promote Irish Exporters Association Events, Training and Consular Services and to process and respond to requests for Trade Assists.

Consent to the processing for one or more specific purposes: As part of your engagement with the Institute of Sustainable Trade, we may obtain, collect and process your Personal Data where you have given consent to the processing of your Personal Data for one or more specific purposes, for example, to execute the terms of Membership and provide services and to monitor your attendance at events, including adding you to attendee lists for registration processes.

Website: We will use the information we collect via our Website:

·        To administer our Website, our events and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes;

·        To improve our Website to ensure that content is presented in the most effective manner for you and for your computer;

·        Analyse customers’ use of the Websites for trend monitoring, marketing and advertising purposes;

·        For purposes made clear to you at the time you submit your information – for example but not exclusively to fulfil your request to attend an event, to provide you with access to one of our webinar’s or to provide you with information you have requested about the Services;

·        As part of our efforts to keep our Website safe and secure; and

·        To develop new products and services.

Services: We may use the information we collect from our members and / or clients & customers and their users in connection with the Services we provide for a range of reasons, including to:

·        To set up a member account;

·        Provide, operate and maintain the Services;

·        Process and complete transactions, and send related information, including transaction confirmations and invoices;

·        Manage our members & customers’ use of the Services, respond to enquiries and comments and provide customer service and support;

·        Send members & customers technical alerts, updates, surveys, security notifications, and administrative communications;

·        Investigate and prevent fraudulent activities, unauthorized access to the Services, and other illegal activities; and

·        For any other purposes about which we notify members, customers and users.

We may also use the information you send to us via the Website and/or Services, to communicate with you via email, and possibly other means, regarding products, services, surveys, offers, promotions and events we think may be of interest to you or to send you our newsletter, if this is in accordance with your marketing preferences.  However, you will always be able to opt-out of such communications at any time (see the “Your Rights” section below).

How do we share and disclose information to third parties?

We do not rent or sell your Personal Information to anyone. We may share and disclose information (including Personal Information) about our customers in the following limited circumstances:

 

Vendors, consultants and other service providers:  We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf.

These companies include (for example) our payment processing providers, website analytics companies (e.g. Google Analytics, Hubspot), product feedback or software providers (e.g. WebEx, Moodle), CRM service providers (e.g. OnePage, Hubspot), email service providers (e.g. Mailchimp, Hubspot), feedback questionnaires and surveys platforms (e.g. Survey Monkey and Google Forms), and others. We ensure that we only work with companies that are GDPR compliant and endeavour to ensure the security of your information and that it is processed according to GDPR Provisions.

If the Institute of Sustainable Trade has received your Personal Information in the EU and subsequently transfers that information to a third-party agent or service provider for processing, the Institute of Sustainable Trade shall remain responsible for ensuring that such third-party agent or service provider processes your Personal Information to the standard required by our GDPR commitments. Unless we tell you differently and you consent, our agents do not have any right to use the Personal Information we share with them beyond what is necessary to assist us. Where we transfer personal data outside of the EU, we will only do so to a country which the EU Commission has decided ensures an adequate level of protection in line with EU data protection standards or if there are appropriate safeguards in place to protect your personal data, such as entering an EU Commission approved Standard Contractual Clauses.

Business Transfers: We may choose to buy or sell assets and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.

Protection of Institute of Sustainable Trade and Others: We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of Irish Exporters Association, our employees, our users, or others.

Disclosures for National Security or Law Enforcement: Under certain circumstances, we may be required to disclose your Personal Information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.

Is Personal Information about me secure?

We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction.  Unfortunately, no company or service can guarantee complete security. Unauthorised entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

Cookies and other tracking technologies

Our Websites and some of our Services use cookies (small text files containing a string of alphanumeric characters that we put on your computer) and other similar tracking technologies (like web beacons, tags and scripts) to uniquely identify your browser and to gather information about how you interact with the Websites and Services. We use this information for the following purposes:

·        Assisting you in navigation;

·        Assisting you in registration and your ability to provide feedback;

·        Analysing your use of our products, services or applications; and

·        Assisting with our promotional and marketing efforts (including behavioural advertising).

·        Please consult our Cookie Policy for more information about the type of cookies and tracking technologies that we use on this Website and why, and how to accept and reject them.

We also may use clear gifs in HTML-based emails sent to our users to track which emails are opened by recipients. This information is used to enable more accurate reporting, improve the effectiveness of our marketing, and make our Services and Websites better for our users.

We also utilise Google Analytics, a web analysis service provided by Google, to better understand your use of our Websites and Services. Google Analytics collects information such as how often users visit the Websites, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Websites, to prepare reports on users activities and share them with other Google services. Google may use the data collected on the Websites to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.

We also utilise Hubspot to analyse data and to better understand visitors journey by the activities they carry out on our website and the open rates of email from the campaigns we send to subscribers. The contents of your personal data which you may provide to us on our website such as newsletter subscriptions are stored on the servers of HubSpot or journey on our pages are tracked by hubspot. More here: https://legal.hubspot.com/cookie-policy

By using the website you declare your consent to the collection of analytical data. You can always unsubscribe from the Hubspot tracking using the “DO NOT TRACK” button in the cookie message.

We use Google Forms and Survey Monkey to collate feedback on our existing products and services, and from time to time test the market for new opportunities. More here: https://www.surveymonkey.com/curiosity/surveymonkey-committed-to-gdpr-compliance/

https://business.safety.google/compliance/

We also send data for the number of video plays to Vimeo restricted by Vimeo Data privacy available here.

Your Privacy Rights

What choices do I have?

You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our Services or Products.

Cookies

You can accept or reject cookies through our Privacy Preference Centre, accessible by clicking the “cookie settings” button in our Cookie policy. You can also do so by adjusting your web browser controls. Please consult our Cookie Policy for more information about our use of cookies and how to accept and reject them.

Marketing Communications

The Institute of Sustainable Trade currently sends marketing communications through two distinct channels, to those users who are members and/or clients or customers and to individuals who have expressed an interest in being communicated to by the Irish Exporters Association. You can opt-out of receiving certain promotional or marketing communications from us at any time, by using the unsubscribe link in the email communications we send and / or by contacting the Irish Exporters Association and asking to be removed.

If you are a member or have opted to be contacted by the Institute of Sustainable Trade for our Services, we will still send you non-promotional communications, like service related emails.

We use Hubspot to cover digital marketing, sales and to manage our customer relationships and we do this by: allowing you to contact us through contact forms, sign up to our various newsletters and subscriptions, downloading material we make available on our website, make social media sharing available to you and for data analysis of visitors and a customer journey.

How can I update and access my information (Exercise my Data Subject Rights)?

·        Under the General Data Protection Regulation, you have the following rights:

·        Right to be forgotten – if you ask us, we will erase all data we hold;

·        Right to be informed – this privacy policy explains what information we collect and how we use it;

·        Right of access – you have the right to request all of your personal data we have. You can do this by sending us an email to Karl Picard, GDPR Compliance Officer, Irish Exporters Association karlpicard@irishexporters.ie

·        Right to data portability – you may, in certain circumstances, request us to provide you with your personal data which you have given us in a structured, commonly used and machine-readable format and you may request us to transmit your personal data directly to another data controller where this is technically feasible.

·        Right to rectification – you have the right to request that we amend any inaccurate personal data that we have about you.

·        Right to object – you have the right to object and be removed from any direct marketing emails.

Who can view your data?

The Chief Executive, Membership Development Team, Consular Department Team, Trade Services Department Team, Marketing Department Team, Operations and Accounts Team can view your account to assist with any queries you may have. Information (such as your name, email address, job title, phone number and interaction with the Irish Exporters Association) is stored on OnePage CRM and Hubspot and is processed in a GDPR-compliant manner. The Privacy Policy of OnePage CRM and Hubspot can be viewed here:

https://www.onepagecrm.com/privacy

https://knowledge.hubspot.com/account/hubspot-cloud-infrastructure-frequently-asked-questions; https://legal.hubspot.com/dpa

Data Retention

Your Personal Data will be retained for as long as you remain a member, customer or client of the Irish Exporters Association, or the Services that we provide, and thereafter for a period of no more than two years. Once we have determined that we no longer need to hold your Personal Data, we will delete it from our systems.

Please note that in certain circumstances, we may hold your data for a longer period, for example, if we are processing an ongoing claim or believe in good faith that the law or a relevant regulator may reasonably in our view expect or require us to preserve your Personal Data.

Linked Websites

For your convenience, hyperlinks may be posted on the Website that link to other websites (the “Linked Sites”). We are not responsible for, and this Privacy Policy does not apply to, the privacy practices of any Linked Sites or of any companies that we do not own or control. Linked Sites may collect information in addition to that which we collect on the Websites. We do not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read the privacy policy of each Linked Site that you visit to understand how the information that is collected about you is used and protected.

Children

We do not knowingly collect or solicit personal information from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us with Personal Information, please contact us at karlpicard@irishexporters.ie

Will Irish Exporters Association ever change this Privacy Policy?

We’re constantly trying to improve our Website and Services, so we may need to change this Privacy Policy from time to time as well. We will alert you to material changes by, for example, placing a notice on our Website and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You can see when this Privacy Policy was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy Policy.

What if I have questions about this policy?

If you have any questions or concerns regarding our privacy policies, please send us detailed information to:

Karl Picard | GDPR Compliance Officer

Irish Exporters Association and Institute of Sustainable Trade | 28 Merrion Square Dublin 2

Tel: +353 (0)1 642 4171 | E-mail: karlpicard@irishexporters.ie

If you are not satisfied by the effort and response of the Irish Exporters Association, you have the right to lodge a complaint with the Data Protection Commission. Please see www.data protection.ie for further information.

Last updated: Thursday 7 April 20