Data Policy

2.0 Definitions

3.0 Personal Data Collected by SafetySolutions

4.0 Legal Basis for Processing Personal Data

5.0 Finding Out What Personal Data Is Held

6.0 Contacting a Cardholder or Registered User

7.0 Sharing of Personal Data

8.0 Length of Storage and Otherwise Processing of Personal Data

9.0 Rectifying or Erasing Personal Data

10.0 Automated Decision Making

11.0 Lost or Stolen SafetySolutions Cards

12.0 Security of Personal Data

13.0 Making a Complaint or Objecting to the Processing of Personal Data

14.0 Changes to the SafetySolutions Data Protection Policy

15.0 General Data Protection Regulation (GDPR) EU 2016/679

 

1.0 Introduction & General Terms

Safe Track Solutions Limited is committed to protecting personal data for those using and engaging with SafetySolutions and want the service to be a safe and positive experience for all.  In order to provide the SafetySolutions service, it is necessary to collect and otherwise process certain personal data. This Data Protection Policy relates to the processing of any such personal data by Safe Track Solutions Limited through the provision of the SafetySolutions service. The policy was updated on 20th May 2018. 

 

If you have any questions about this policy or wish to contact Safe Track Solutions Limited in relation to privacy or data protection, please email info@SafetySolutions.ie or write to: 

Safe Track Solutions Limited
Unit 2 Lyncon Court 
Blanchardstown Industrial Park 
Blanchardstown 
Dublin D15 FP20
Ireland

2.0 Definitions

For the purposes of this Policy:

2.1 ‘SafetySolutions’ means Safe Track Solutions Limited, a company incorporated under Irish law, company number 593628, with registered offices at Unit 2 Lyncon Court, Blanchardstown Industrial Park, Blanchardstown, Dublin 15, Ireland.

2.2 ‘SafetySolutions service’ means the service offered by Safe Track Solutions Limited, designed to consolidate the cardholder’s qualifications and competences in a central database to be accessed by web-based platforms. It will, with the express consent of the cardholder, relay the status of the cardholder’s recorded qualifications and competences to a third party.

2.3 ‘cardholder’ means any natural person registered with SafetySolutions for the purposes of availing of the SafetySolutions service outlined in Section 2.1 of this Policy, whether in possession of a SafetySolutions card or not;

2.4 ‘registered user’ means any natural or legal person, public authority, agency or another body registered with SafetySolutions to use the SafetySolutions service for any reason other than that of a cardholder;

2.5 ‘public user’ means any means any natural or legal person, public authority, agency or another body not registered with SafetySolutions, that uses the SafetySolutions service for any reason;

2.6 ‘personal data’ means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2.7 ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

2.8 ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

2.9 ‘third party’ means a natural or legal person, public authority, agency or body other than the cardholder, the registered user, SafetySolutions and persons who, under the direct authority of SafetySolutions, are authorised to process personal data;

2.10 ‘consent’ means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

2.11 ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

 

3.0  Personal Data Collected by SafetySolutions

SafetySolutions will collect and otherwise process some or all of the following personal data in the provision of the SafetySolutions service:

3.1 cardholder full name, SafetySolutions number, date of registration, contact address, email address, photograph, date of birth, telephone number, mobile telephone number, PPS number, company associated with (including department, section or division), certifications (held, pending & expired), account status, account notes and data concerning health.

3.2 registered user full name, contact address, email address, photograph, telephone number, mobile telephone number, organisation, access level, date added and date updated.

3.3 public user
No personal data will be collected or otherwise processed from a public user.

4.0 Legal Basis for Processing Personal Data

SafetySolutions collects and otherwise processes personal data with the consent of the cardholder or registered user, in accordance with Article 7 of the General Data Protection Regulation (GDPR) EU 2016/679. This will be obtained through a written statement, including by electronic means. The cardholder or registered user shall have the right to withdraw consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

 

5.0 Finding Out What Personal Data Is Held

In accordance with Article 15 of the GDPR EU 2016/679, a cardholder or registered user may request a copy of personal data undergoing processing. This can be obtained by writing to SafetySolutions using the contact details in Section 1.0 of this policy. Cardholders or registered users will be required to prove their identity with either a SafetySolutions Card, Driving Licence or Passport before such requests are fulfilled.

 

6.0 Contacting a Cardholder or Registered User

6.1 SafetySolutions may contact a cardholder or a registered user:

i. In relation to any service or activity in the provision of the SafetySolutions service;

ii. In relation to any correspondence SafetySolutions receives from that cardholder or registered user or to any comment or complaint made about SafetySolutions;

iii. To invite the cardholder or registered user to participate in surveys about SafetySolutions services and

iv. To update the cardholder or registered user on any changes to SafetySolutions policies or practices.

6.2 SafetySolutions will never contact a cardholder or registered user to request an account password or other login details. Cardholders and registered users are advised to be cautious about receiving e-mails or telephone calls claiming to be from SafetySolutions.

6.3 SafetySolutions will only send marketing e-mails or materials where the cardholder or registered user has agreed to this. This consent will be separate to that given to store and otherwise process personal data. 

7.0 Sharing of Personal Data

7.1 Personal data will only be shared with a third party with the consent of the cardholder or registered user or where otherwise provided for by Article 6 of the GDPR EU 2016/679. Consent will be obtained from the cardholder:

i. by a written statement, including by electronic means;

ii. by the cardholder supplying their SafetySolutions ID to the third party or

iii. by the cardholder allowing the third party to scan the QR code on or the NFC chip in the cardholder’s SafetySolutions card.

7.2 Cardholders and registered users should be aware that by giving consent to share personal data with a third party, that such data may be stored or otherwise processed by that third party and may result in that personal data travelling outside the European Union.

7.3 Cardholders should guard their SafetySolutions ID and SafetySolutions card carefully. Where a cardholder suspects that their SafetySolutions ID is compromised or being fraudulently used they should contact SafetySolutions immediately through the contact details in Section 1.0 of this Policy or by telephoning 1850 202181.

8.0 Length of Storage and Otherwise Processing of Personal Data

Personal data will be stored and otherwise processed for a period of 5 years from the date of registration or date added. After this period the cardholder or registered user will be given the opportunity to renew consent to store and otherwise process their personal date for a further 5 years. Should the cardholder or registered user not wish to or fail to renew consent their personal data will be deleted immediately. Any remaining data is anonymised for analytical purposes. 

9.0 Rectifying or Erasing Personal Data

9.1 Cardholders and registered users can rectify inaccurate or incomplete data by writing to SafetySolutions through the contact details in Section 1.0 of this policy. 

9.2 Cardholders and registered users can delete their SafetySolutions account at any time. Cardholders or registered users wishing to delete their account can do so by writing to SafetySolutions through the contact details in Section 1.0 of this Policy. Personal data will be deleted immediately with any remaining data anonymised for analytical purposes. Where a SafetySolutions account is deleted the cardholder or registered user will no longer access to SafetySolutions services or benefits, other than those available to a public user. 

10.0 Automated Decision Making

SafetySolutions does not use any form of automatic decision making or profiling in relation to the SafetySolutions service. 

11.0 Lost or Stolen SafetySolutions Cards

Lost, stolen or mislaid SafetySolutions cards should be notified to SafetySolutions immediately through the contact details in Section 1.0 of this Policy or by telephoning 1850 202181.

12.0 Security of Personal Data

12.1 SafetySolutions makes every effort, including appropriate technical and organisational measures, to safeguard personal data and are legally obliged to use such data in line with all applicable laws concerning the protection of personal data, including the GDPR EU 2016/679. No web-based activity can be completely secure; if a cardholder or registered user has any concerns that their account could have been compromised they should contact SafetySolutions immediately.

12.2 Where a personal data breach occurs SafetySolutions shall, in accordance with Article 34 of the GDPR EU 2016/679, communicate the personal data breach to the cardholder or registered user and, in accordance with Article 33 of the same regulation, communicate the personal data breach to the Office of the Data Protection Commissioner.

13.0 Making a Complaint or Objecting to Processing of Personal Data

If a cardholder or registered user has a concern about an infringement or wishes to make a complaint or objection in relation to the processing of their personal data, they should contact SafetySolutions through the contact details in Section 1.0 of this Policy. If the cardholder or registered user is not satisfied with the response from SafetySolutions on the matter, they may lodge a complaint with the Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland. Full details on the modalities for the exercise of the rights of the user may be found in Article 12 of the GDPR EU 2016/679.

 

14.0 Changes to the SafetySolutions Data Protection Policy

The SafetySolutions Data Protection Policy may be updated from time to time. If material changes affect how personal data is processed, then such changes will be outlined to the cardholder or registered user and renewed consent will be sought. 

 

15.0 General Data Protection Regulation (GDPR) EU 2016/679

For the full text of the GDPR EU 2016/679, including all rights and restrictions contained within it, contact Directorate-General for Justice and Consumers, European Commission, 1049 Bruxelles/Brussel, Belgium or the Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland.