At Pobal, we are committed to protecting and respecting your rights under data protection law. We respect your trust in us.
In this notice, we explain how we collect personal information about you, how we use it and how you can interact with us about it.
This document is being provided to you in line with our obligations under the General Data Protection Regulation (GDPR), in force from 25th May 2018. The GDPR, together with applicable Irish data protection law, places enhanced accountability and transparency obligations on organisations when using your information. The GDPR also gives you greater control over your personal information, including a right to access, amend or erasure your personal information.
Please take time to read this notice carefully. If you have any questions about how we use your information, please contact our Data Protection Officer at email@example.com
This summary explains the most important aspects of how we use your information and what rights you have in relation to your personal information. You can get more detailed information by viewing the relevant programme Privacy Notice.
Who we are
Pobal works on behalf of Government to support communities and local agencies toward achieving social inclusion outcomes. Pobal does this by managing funding and providing supports for relevant Government funded programmes.
Information we collect about you
To meet our regulatory and statutory obligations in the administration and delivery of government programmes, we will collect some personal information directly from you (such as data to identify you and your contact information), and information about you from other third parties (such as, for example, the Revenue, Department of Employment Affairs and Social Protection (DEASP).
Further personal and sensitive information is collected depending on the contract or programme you are involved with, such as:
- Your financial details / financial circumstances / economic status
- PPSN numbers
- Information relating to recruitment and appointment, pension, trade union membership and other Industrial Relations / Human Resource processes
- Your gender, date of birth / age band
- Your ethnic/cultural background
- Demographic information such as geographic location
- Personal details of your child(ren)
- Medical and health information
- Information about you provided by others e.g. Revenue and DEASP
- Login and password credentials
- Photographic images (e.g. for publications or staff cards)
How we use your information
As Pobal works on behalf of government, we are legally required to hold information to fulfil regulatory and statutory obligations. We use information about you to:
- Carry out our obligations arising from any contracts or programme services entered by you
- Process a grant or job application
- Comply with our obligations as an employer
- Notify you of any changes relevant to your contract or programme services
- Send you communications which are relevant to your contract or programme services
- Collect and analyse programme data and demographic information to enhance service delivery and support government policy
- Seek your views or comments on the supports we provide
- Create summary statistics, which allow us to assess the number of visitors to our site, identify what pages are accessed most frequently and generally help us to make our site more user friendly
Lawful bases for Processing your data
In order for the use of personal data to be lawful it should be processed on the basis of either the consent of an individual concerned or another legal basis, set out in the General Data Protection Regulation or in the Data Protection Act 2018.
Pobal will ensure that your data is processed fairly and lawfully in keeping with the principles of data protection and will process personal data under various legal bases depending on the purpose for which the data is collected.
We are aware that under the GDPR it is your right to withdraw, at any time, your consent to process your personal data.
Therefore, in case you intend to withdraw your consent, and we cannot rely on another lawful processing bases, we guarantee to promptly interrupt any processing activity concerning your personal data.
How long we retain your information
We will hold your personal information on our systems for as long as is necessary for the relevant activity, or for as long as is set out in any relevant contract you hold with us.
This is subject to legislation and regulatory rules we must follow as set out by our government departments.
Who we share your personal information with
Pobal may pass your information onto government departments, who are the data controllers of the programmes we administer on their behalf, such as the Department of Rural and Community Development, the Department of Children and Youth Affairs, the Department of Employment Affairs and Social Protection, and the Department of Health/HSE.
We may on occasion pass your information to third party service providers, agents, subcontractors and other associated organisations for the purpose of completing tasks and providing services to you. For example, information to banks/financial institutions in order to make payments; information to insurance companies, pension trustees and administrators, legal advisors, trade unions etc). We will only disclose the personal information necessary to the task at hand and where possible will have a contract in place that requires them to keep your information secure.
In any case, we guarantee that we will not sell or rent your personal information to third-parties and neither we will share them for marketing purposes.
How we keep your information safe
Pobal takes our security responsibilities seriously, employing the most appropriate organizational, physical and technical measures to safeguard your personal data, and regularly review these measures. All our webpages are secure using the latest Secure Sockets Layer (SSL) security standards. When you are on a secure page, a lock icon will appear within the address bar.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Like many organisations, we use technology on our websites to collect information that helps us enhance your experience and our services. Cookies are small text files that are placed on your computer by websites that you visit. The cookies we use allow our websites to work, or work more efficiently, as well as help us understand what information is most useful to our visitors.
You can view our cookie notice here.
What are your rights
The General Data Protection Regulation (GDPR) has introduced new rights to individuals in relation to their personal data.
Accordingly, we have implemented efficient procedures that enable you to easily and fully exercise those rights. As available and except as limited under applicable law, the rights afforded to individuals are:
- Right of Access – the right to be informed of and request access to the personal data we process about you;
- Right to Rectification – the right to request that we amend or update your personal data where it is inaccurate or incomplete;
- Right to Erasure – the right to request that we delete your personal data;
- Right to Restrict – the right to request that we temporarily or permanently stop processing all or some of your personal data;
- Right to Object –
- the right, at any time, to object to us processing your personal data on grounds relating to your particular situation;
- the right to object to your personal data being processed for direct marketing purposes.
How to exercise your rights
Where to forward your request
If you want to exercise any of your rights as outlined above, please contact our Data Protection Officer at firstname.lastname@example.org or by writing to us at:
DPO, Pobal, MTEK I Building, Armagh Road, Monaghan Town, Co. Monaghan H18 YH59
When we will answer your request
It is our responsibility to respond to each of the above-mentioned requests within one month from their receipt.
Nevertheless, it may occur, where requests are particularly complex or that we have received a high number of such requests, that we may require additional time to respond you. In this case, we assure to provide you the reasons of such delay and to reply within a maximum of three months.
What are the costs of the request
As prescribed by the law, you will not be charged for any of the actions taken to fulfil your data protection rights.
What information the request should contain
Any requests must meet the following requirements:
- It must be in writing
- It should contain a valid proof of your identity
- It should provide a description of the specific personal data you wish to:
How to Make a Complaint
If you have a complaint about the use of your personal information, please let us know to give us the opportunity to put things right as quickly as possible.
You can make a complaint by emailing us at: email@example.com
Please be assured that all complaints received will be fully investigated. We ask that you supply as much information as possible to help our staff resolve your complaint quickly.
However, if you intend to direct your complaint/concerns to the Office of the Data Protection Commission the contact details are:
Telephone: +353 57 8684800
Lo Call Number: 1890 252 868 4757
Postal address: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28
Updates to this Notice
We will make changes to this notice from time to time, particularly when there is a change to how we use your information, when new programmes come on stream or when there are changes to our technology.
You can always find an up-to-date version of this notice when you log onto our website. This notice was last updated in May 2018.