1. Purpose
This document is a statement of Policy of Nitram Networks Ltd T/A “Ok Who’s Next?” hereafter referred to as “OK Who’s next?” commitment to protect the rights and privacy of individuals in accordance with the Data Protection Act 1988 and the Data Protection (Amendment) Act 2003 and the provisions of GDPR 2018. The Acts also impose responsibilities on those persons within “Ok Who’s Next?” that process personal data.
2. Scope
This policy applies to all staff of within “Ok Who’s Next?”, particularly those who collect and / or control the contents and use of personal data.
3.1. Personal Data:
Any Data relating to a living identifiable individual.
For example: A living person’s name and address or email address.
3.2. Data:
Automated data or structured manual data.
For example: Any paper form or an Excel file containing a person’s name and address.
3.3. Manual Data:
Structured by reference to individuals in a way that makes data readily accessible.
For example: Any form that contains a Service Provider or Customers details stored in hard copy or softcopy form.
3.4. Data Controller:
A person who controls the contents and use of personal data.
For example: “Ok Who’s Next?” is a data controller for any personal data it processes about its employees or customers.
3.5. Data Processor:
A person who processes personal data on behalf of a data controller.
For example: “Ok Who’s Next?” outsources its payment transaction function to a third party, that third party is a data processor.
3.6. Data Subject:
An individual who is the subject of personal data.
For Example: Personal data that “Ok Who’s Next?” holds about Service Providers and/or End Users, makes each of these a data subject under the terms of the Act.
3.7. Processing:
Anything done with personal data, from collection to disposal.
4. Data Protection Principles
“Ok Who’s Next?” acknowledges its responsibilities and undertakes to implement the legislation in accordance with the eight stated Data Protection principles outlined in the Acts as follows:
4.1. Obtain and process information fairly
“Ok Who’s Next?” obtains and processes personal data fairly and in accordance with its statutory and other legal obligations.
4.2. Keep it only for one or more specified, explicit and lawful purposes
“Ok Who’s Next?” keeps personal data for purposes that are specific, lawful and clearly stated. Personal data will only be processed in a manner compatible with these purposes.
4.3. Use and disclosure only in ways compatible with these purposes
“Ok Who’s Next?” only uses and discloses personal data in circumstances that are necessary for the purposes for which it collects and keeps the data.
4.4. Keep it safe and secure
“Ok Who’s Next?” takes appropriate security measures against unauthorized access to, or alteration, disclosure or destruction of data and against accidental loss or destruction.
4.5. Keep it accurate, complete and up-to-date
“Ok Who’s Next?” operates procedures that ensure high levels of data accuracy, completeness and consistency.
4.6. Ensure it is adequate, relevant and not excessive
Personal data held by “Ok Who’s Next?” is adequate, relevant and not excessive in data retention terms.
4.7. Retain for no longer than is necessary
“Ok Who’s Next?” has a policy on retention periods for personal data.
4.8. Give a copy of his/ her personal data to any individual, on request.
“Ok Who’s Next?” has procedures in place to ensure that data subjects can exercise their rights under the Data Protection legislation.
“Ok Who’s Next?” is registered as a Data Controller under the Data Protection Acts 1988 and 2003. Consequently, “Ok Who’s Next?” maintains overall responsibility for ensuring compliance with Data Protection legislation as it is the Data Controller of personal data. However, all employees of “Ok Who’s Next?” who separately collect and/or control the content and use of personal data are individually responsible for compliance with the legislation.
“Ok Who’s Next?” is committed to ensuring the protection of the privacy of personal data. To facilitate compliance with the Data Protection legislation it will provide best practice guidelines and procedures in relation to all aspects of data protection to it employees.
Secondary or future uses, which might not be obvious to individuals, will be brought to their attention at the time of obtaining personal data. Individuals will be given the option of saying whether they wish their information to be used in other ways.
“Ok Who’s Next?” observes in full, the conditions regarding the fair collection and use of information:
In meeting its legal obligations to specify the purposes for which information is used
collected and processed to the extent that it is needed to fulfil operational needs or to comply with any legal requirements. “Ok Who’s Next?” uses the data obtained only in ways consistent with the purpose/s for which it is kept and discloses the data only in ways consistent with that purpose/s.
“Ok Who’s Next?” has established appropriate security provisions to ensure that: -
Access to its computers is restricted to authorized staff only.
Access to information is restricted to appropriate personnel and that it’s systems are password protected. Procedures are in place to deal with a breach or accidental disclosure of personal information “Ok Who’s Next?” acknowledges its’ intention to comply with the guidance proffered by the Data Protection Commissioner on their web site in relation to accidental disclosure of personal information.
In the event that personal data for which “Ok Who’s Next?” is responsible has been compromised – for example, through loss of a portable device, misaddressing of mailings, a “leak” from the organization – “Ok Who’s Next?” will respond as follows:
-Notify the Data Protection Commissioner office by phone (1890 252 231) or email and Inform those persons directly affected by the loss.
-Provide a detailed report of the incident to the Data Protection Commissioner, including:
-The amount and nature of the data that has been compromised;
-What action (if any) has been taken to inform those affected;
-A chronology of the events leading up to the disclosure; and
-A description of measures being undertaken to prevent a repetition of the incident.
For right of access/delete data held, requests should be made in writing to Attn of the “Data Protection Officer”, detailing the information required and emailing your request to support@okwhosnext.com Requests are logged by “OK Who’s Next?” and the information is supplied/deleted for the requester within 21 days of receiving the request.
The information will be provided in a form which will be clear to the requester (e.g. codes etc will be explained).
“OK Who’s Next?” will require photo identification before personal information will be released. In the event that you make an Access Request, we reserve the right to charge a fee of six euro and thirty-five cents (€6.35) to meet our costs in providing you with details of the information we hold about you.
“OK Who’s Next?” is not obliged to refund any fee that it charges for dealing with access requests if it is determined that no data is kept. Fees will be refunded if “OK Who’s Next?” does not comply with the request, or if the personal data concerned must be rectified, supplemented or erased.
This Data Privacy Policy will be reviewed regularly considering any legislative or other relevant developments.
5. Cookies Use
The Website uses cookies, so a cookie may be placed in your computer browser. Cookies are small text files which provide us with information about how often someone visits the Website, and what they do during those visits. Cookies do not themselves contain any personally identifying information but if you provide information to us, it may be linked to the data stored in the cookie. We use the following cookies: Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website. Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. You can find more information about the individual cookies we use and the purposes for which we use them in the table below. Our cookies do not capture any personal identifying information.
|
Cookie |
Name |
Purpose |
Personal Data Captured |
Expiry |
|
Browser Session |
Email and password |
This cookie is essential for the operation of our site. It allows Service Provider to use the site and to navigate around the site. SP(Service Provider) login ( if SP clicked on "Remember Me" ) |
None |
1 Month |
|
Third-party cookie |
Facebook Pixel |
Tracks the number of users who click on facebook link to OK Who’s next? |
None |
n/a |
|
Third-party cookie |
Google Analytics |
Google Analytics records your navigation through the website. All information collected is anonymous. |
None |
n/a |
If you do not want your browser to accept cookies, you can turn off the cookie acceptance option in your browser settings. Further information on disabling or deleting cookies can be found on www.aboutcookies.org Disabling cookie support may prevent the Website from functioning properly and you may not be able to utilise fully all of its features and information. The third-party Google Analytics cookies allow us to measure the traffic to the website, how long users spend on the website and how many pages are viewed. This information is only used for statistical purposes and all information collected by these cookies is anonymous. You can also view your facebook ad settings by going to following (https://www.facebook.com/help/568137493302217?helpref=faq_content#) and updating your preferences.
6. Use of your Information
Your information will enable us to provide you with access to the relevant parts of the Website and to supply the services you have requested. It will also enable us to bill you and to contact you where necessary concerning our services. We will also use and analyse the information we collect so that we can administer, support, improve and develop our business, for any other purpose whether statistical or analytical and to help us prevent fraud. Where appropriate, now and in the future you may have the ability to express your preferences around the use of your data as set out in this privacy policy and this may be exercised though your chosen method of using our services, for example mobile, mobile applications or any representation of our Website.
We may use your information to contact you for your views on our services and to notify you occasionally about important changes or developments to the Website or our services.
Where you have indicated accordingly, you agree that we may use your information to let you know about our other products and services that may be of interest to you including services that may be the subject of direct marketing and we may contact you to do so by post, telephone, mobile messaging (e.g. SMS, MMS etc) as well as by e-mail.
Where you have indicated accordingly, you agree that we may also share information with third parties to use your information in order to let you know about goods and services which may be of interest to you (by post, telephone, mobile messaging (e.g. SMS, MMS etc) and/or e-mail) and to help us analyse the information we collect so that we can administer, support, improve and develop our business and services to you.
If you do not want us to use your data in this way or change your mind about being contacted in the future, please let us know by using the contact details set out in section 4 above and/or amending your profile accordingly.
Please note that by submitting comments and feedback regarding the Website and the services, you consent to us to use such comments and feedback on the Website and in any marketing or advertising materials. We will only identify you for this purpose by your first name and the city in which you reside.
8. Disclosure of Your Information
The information you provide to us will be transferred to and stored on our servers which may be in or outside the European Economic Area, and may be accessed by or given to our staff working outside Ireland and third parties including companies within Nitram Networks Ltd (which means our subsidiaries, our ultimate holding company and its subsidiaries) who act for us for the purposes set out in this policy or for other purposes notified to you from time to time in this policy. Countries outside the European Economic Area do not always have strong data protection laws. However, we will always take steps to ensure that your information is treated in accordance with this policy.
In addition, we may need to provide your information to those third parties that process credit card payments over a secure payment gateway and other information for us, and/or provide support services for us. This includes STRIPE, who is our partner and provides payment Gateway facilities. By submitting your personal data, you agree to this transfer, storing or processing. Ok Who’s Next? will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.
If you have consented we may allow carefully selected third parties, including marketing and advertising companies, our affiliates and associates, to contact you occasionally about services that may be of interest to you. They may contact you by telephone, SMS as well as by e-mail. If you change your mind about being contacted by these companies in the future, please let us know by using the contact details set out in section 4 above and/or by amending your profile accordingly.
If our business enters into a joint venture with, purchases or is sold to or merged with another business entity, your information may be disclosed or transferred to the target company, our new business partners or owners or their advisors.
We may use the information that you provide to us if we are under a duty to disclose or share your information in order to comply with (and/or where we believe we are under a duty to comply with) any legal obligation; or in order to enforce our Website Terms and any other agreement; or to protect the rights of OK Who’s Next? This includes exchanging information with other companies and other organisations including Police Forces for the purposes of fraud protection and prevention.
9. Security and Data Retention
We take steps to protect your information from unauthorised access and against unlawful processing, accidental loss, destruction and damage. We will keep your information for a reasonable period or as long as relevant laws requires.
Where you have chosen a password, which allows you to access certain parts of the Website, you are responsible for keeping this password confidential. We advise you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will take steps to protect your information, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
10. Other Disclosures
We reserve the right to access and disclose the personal information we have collected on you to comply with applicable laws and lawful government or law enforcement requests, to operate our systems properly or to protect us and/or the other users of the Website. We also reserve the right to disclose your identity to any third party who is claiming that any content posted or uploaded by you to our site constitutes a violation of their intellectual property rights, or of their right to privacy. The Website/App contains links to other websites, which may be of interest. However, if you use the links to view another website, you should note that we do not have any control over those websites. Therefore, we cannot be responsible for the protection and privacy of any information which you may provide while visiting such websites and such websites are not governed by this Privacy Policy. You should exercise caution and look at the cookies policy applicable to the website(s) in question.
This Data Privacy Policy will be reviewed regularly considering any legislative or other relevant developments.