Privacy Statement for Fís Éireann/Screen Ireland (Screen Ireland)
At Screen Ireland (including Screen Skills Ireland) we are committed to protecting and respecting your privacy.
This Privacy Statement will let you know how we look after your personal data with regard to your use of this website and in the context of receiving marketing communications from us. It also informs you as to our obligations and your rights under data protection law.
Click on the headings below to find out more about how we collect and process your personal data in connection with your use of this website and for marketing purposes:
- Who is responsible for your personal data?
- What personal data do we collect?
- How do we collect your personal data?
- For what purposes do we process your personal data and what is our legal basis?
- Do we share your personal data with anyone else?
- Keeping your personal data secure
- For how long do we keep your personal data?
- Your data protection rights
- Contact us
- Updates to this Privacy Statement
- Cookie List
1. Who is responsible for your personal data?
For the purposes of the EU General Data Protection Regulation (EU Regulation 679/2016) (the “GDPR”), Screen Ireland is the data controller with regard to the personal data described in this Privacy Statement.
“Data controllers” are the people who, or organisations which, determine the purposes for which, and the manner in which, any personal data is processed.
In particular, we have appointed a Data Protection Officer (“DPO”) within Screen Ireland to monitor compliance with our data protection obligations and with this Privacy Statement and related policies. If you have any questions about this policy or about our data protection compliance please contact us.
2. What personal data do we collect?
“Personal data” means any information relating to an identified or identifiable natural person.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, last name, tax identity number and
- Contact Data includes correspondence address and any billing address, email address and telephone
- Financial Data includes bank account and tax clearance details
- Career Data includes relevant education and past work experience
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this
- Profile Data includes your username and password
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and your communication
- Image Data includes your image captured by
3. How do we collect your personal data?
We collect your personal data as follows:
- Direct interactions. You may give us your Identity and Contact data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- make an enquiry with regard to our services
- register on our on-line application system or our website;
- make an application, either on-line or on hard copy;
- enter into a contract with us;
- request payment for services provided;
- leave a message with a member of our staff;
- submit an FOI or Data Access Request application;
- request marketing to be sent to you; or
- sign up to our
- Third parties or publicly available sources. We may receive personal data about you, (your IP Address only) from analytics providers such as Google based outside the EU;
- Identity and Contact Data from publicly availably
4. For what purposes do we process your personal data and what is our legal basis?
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To enter you onto our mailing lists where you have requested to be added||(a) Identity
(c) Marketing and Communications
|To process your applications, contracts and payments||(a) Identity
Processing is necessary for the performance of a contract
|To manage our relationship with you which will include:
(b) Asking you to provide feedback or take a survey
(d) Marketing and Communications
|To administer and protect our business and this
|troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(c) Technical|
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||(a) Identity
(e) Marketing and Communications
|To use data analytics to improve our website, services, marketing, customer relationships and experiences||(a) Technical
To invite you to events relating to the agency and the Irish screen industries
|(c) Marketing and Communications|
To protect and secure property, employees and visitors from theft or harm in the form of CCTV
Where we rely on consent as a legal basis, you may withdraw consent at any time by contacting us.
Withdrawal of consent shall be without effect to the lawfulness of processing based on consent before its withdrawal.
5. Do we share your personal data with anyone else?
We may share your personal data with the following parties in connection with our processing of your personal data:
|Third party||Reason for sharing data|
|Email service provider – Mail chimp||The service provider allows us to send you email communications and alerts us if you request to be removed from our mailing lists as well as allowing users to update and control their preferences.|
|On-line application service provider||We collect your personal data and retain backups on a third party provider’s server. Your personal data will be stored on their secure storage system which is then transferred to our secure server.|
|Backup Provider||We store our document management system on a local server. The encrypted backups are held off site.|
|External Readers & Assessors||The service providers are necessary to facilitate, where required, the assessment of projects.|
|External Coordinators & Trainers||The service providers are necessary to facilitate day to day coordination and training on courses.|
|Competent Authorities, including authorities regulating us||To comply with legal or regulatory obligations or requests|
|Service providers handling your information on our behalf||To provide essential services and to fulfil contractual arrangements in providing our services.|
We require all third parties to enter into a data processing agreement with us which complies with our obligations under the GDPR. This agreement requires third parties to have appropriate security systems in place and only to use your personal data on our instructions and in accordance with data protection law.
6. Keeping your personal data secure
We take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. We limit access to your personal data to those employees, agents and other third parties who are required to have access to your personal data and where they have agreed that they are subject to a duty of confidentiality.
We have put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We have procedures in place to deal with actual and suspected data breaches which include an obligation on us to notify the supervisory authority and/or you, the data subject, where legally required to do so.
We may transfer your personal data outside of the European Economic Area but will always ensure that appropriate safeguards are in place such as:
- the European Commission has issued a decision confirming that the country to which we transfer the personal data ensures an adequate level of protection for the data subjects’ rights and freedoms;
- appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism, a copy of which can be obtained from the DPO;
- the data subject has provided explicit consent to the proposed transfer after being informed of any potential risks; or
- the personal data is being transferred to a company in the US which has self-certified its compliance with the EU-US Privacy Shield which has been found by the European Commission to provide an adequate level of protection to the personal data of EU
7. For how long do we keep your personal data?
Your personal data will be deleted when it is no longer reasonably required for the purposes described above or you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data.
Where you ask to be unsubscribed from marketing communications we may keep a record of your email address and the fact that you have unsubscribed to ensure that you are not sent any further emails in the future.
Further details on how long we retain your personal data are contained in our retention policy which you can request from us by contacting us using the details below.
8. Your data protection rights
Under certain circumstances, by law you have the right to:
- Request information about whether we hold your personal data, and, if so, what that personal data is and why we are holding/using
- Request access to your personal data (commonly known as a “data subject access request“). This enables you to receive a copy of your personal data that we hold and to check that we are lawfully processing
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate personal data that we hold about you
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this You also have the right to object where we are processing your personal data for direct marketing purposes.
- Object to automated decision-making including profiling, that is not to be the subject of any automated decision-making by us using your personal data or profiling of
- Request the restriction of processing of your personal This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal data in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
In the event that you wish to make a complaint about how your personal data is being processed by Screen Ireland, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority who can be contacted as follows:
|Contact||Data Protection Commissioner|
|Telephone||+353 57 8684800/+353 761 104 800|
|Post||Office of the Data Protection Commissioner
Canal House, Station Road
R32 AP23 Co. Laois
9. Contact us
You can contact us with any queries, complaints or requests to exercise your data protection rights using the details below:
|Contact:||Data Protection Officer Screen Ireland: Grace Gannon
Data Protection Officer Screen Skills Ireland: Elizabeth Fraser
|Telephone||091 561 398|
|Post||Data Protection Officer Screen Ireland
23 Dock Road, Galway
10. Updates to this Privacy Statement
Our Privacy Statement may change from time to time, and any changes to this Privacy Statement will be posted on the website and will be effective when posted. As your use of Screen Ireland website is subject to your acceptance of this Privacy Statement, and any amendments thereto, please check back regularly.