Privacy Statement

Privacy Statement for Fís Éireann/Screen Ireland (Screen Ireland)

At Screen Ireland (including Screen Skills Ireland) we are committed to protecting and respecting your privacy.

This Privacy Statement will let you know how we look after your personal data with regard to your use of this website and in the context of receiving marketing communications from us. It also informs you as to our obligations and your rights under data protection law.

Click on the headings below to find out more about how we collect and process your personal data in connection with your use of this website and for marketing purposes:

1.        Who is responsible for your personal data?

For the purposes of the EU General Data Protection Regulation (EU Regulation 679/2016) (the “GDPR”), Screen Ireland is the data controller with regard to the personal data described in this Privacy Statement.

Data controllers” are the people who, or organisations which, determine the purposes for which, and the manner in which, any personal data is processed.

In particular, we have appointed a Data Protection Officer (“DPO”) within Screen Ireland to monitor compliance with our data protection obligations and with this Privacy Statement and related policies. If you have any questions about this policy or about our data protection compliance please contact us.

2.        What personal data do we collect?

Personal data” means any information relating to an identified or identifiable natural person.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity Data includes first name, last name, tax identity number and
  • Contact Data includes correspondence address and any billing address, email address and telephone
  • Financial Data includes bank account and tax clearance details
  • Career Data includes relevant education and past work experience
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this
  • Profile Data includes your username and password
  • Usage Data includes information about how you use our website and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and your communication
  • Image Data includes your image captured by

3.        How do we collect your personal data?

We collect your personal data as follows:

  • Direct interactions. You may give us your Identity and Contact data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • make an enquiry with regard to our services
    • register on our on-line application system or our website;
    • make an application, either on-line or on hard copy;
    • enter into a contract with us;
    • request payment for services provided;
    • leave a message with a member of our staff;
    • submit an FOI or Data Access Request application;
    • request marketing to be sent to you; or
    • sign up to our
  • Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and We collect this personal data by using cookies and other similar technologies. Please see our cookie policy here for further details.
  • Third parties or publicly available sources. We may receive personal data about you, (your IP Address only) from analytics providers such as Google based outside the EU;
  • Identity and Contact Data from publicly availably

4.        For what purposes do we process your personal data and what is our legal basis?

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so.

Purpose/Activity Type of data Lawful basis for processing
To enter you onto our mailing lists where you have requested to be added (a)   Identity

(b)   Contact

(c)   Marketing and Communications

Consent
To process your applications, contracts and payments (a)   Identity

(b)   Contact

(c)   Financial

Consent

Processing is necessary for the performance of a contract

To manage our relationship with you which will include:

(a)   Notifying you about changes to our terms or privacy policy

(b)   Asking you to provide feedback or take a survey

(a)   Identity

(b)   Contact

(c)   Profile

(d)   Marketing and Communications

Consent
To administer and protect our business and this

website (including

(a)   Identity

(b)   Contact

Consent
troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (c) Technical  
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (a)   Identity

(b)   Contact

(c)   Profile

(d)   Usage

(e)   Marketing and Communications

Consent
  (f) Technical  
To use data analytics to improve our website, services, marketing, customer relationships and experiences (a)   Technical

(b)   Usage

Consent
 

To invite you to events relating to the agency and the Irish screen industries

 

(a)   Identity

(b)   Contact

 

Legitimate Interest

  (c) Marketing and Communications  
 

To protect and secure property, employees and visitors from theft or harm in the form of CCTV

 

(a) Image

 

Legitimate Interest

 

Where we rely on consent as a legal basis, you may withdraw consent at any time by contacting us.

Withdrawal of consent shall be without effect to the lawfulness of processing based on consent before its withdrawal.

We use cookies to facilitate the use of our website. For detailed information on the cookies we use and the purposes for which we use them, see our cookie policy here.

5.        Do we share your personal data with anyone else?

We may share your personal data with the following parties in connection with our processing of your personal data:

Third party Reason for sharing data
Email service provider – Mail chimp The service provider allows us to send you email communications and alerts us if you request to be removed from our mailing lists as well as allowing users to update and control their preferences.
On-line application service provider We collect your personal data and retain backups on a third party provider’s server. Your personal data will be stored on their secure storage system which is then transferred to our secure server.
Backup Provider We store our document management system on a local server. The encrypted backups are held off site.
External Readers & Assessors The service providers are necessary to facilitate, where required, the assessment of projects.
External Coordinators & Trainers The service providers are necessary to facilitate day to day coordination and training on courses.
Competent Authorities, including authorities regulating us To comply with legal or regulatory obligations or requests
Service providers handling your information on our behalf To provide essential services and to fulfil contractual   arrangements    in   providing   our services.

 

We require all third parties to enter into a data processing agreement with us which complies with our obligations under the GDPR. This agreement requires third parties to have appropriate security systems in place and only to use your personal data on our instructions and in accordance with data protection law.

6.        Keeping your personal data secure

We take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. We limit access to your personal data to those employees, agents and other third parties who are required to have access to your personal data and where they have agreed that they are subject to a duty of confidentiality.

We have put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. We have procedures in place to deal with actual and suspected data breaches which include an obligation on us to notify the supervisory authority and/or you, the data subject, where legally required to do so.

We may transfer your personal data outside of the European Economic Area but will always ensure that appropriate safeguards are in place such as:

  • the European Commission has issued a decision confirming that the country to which we transfer the personal data ensures an adequate level of protection for the data subjects’ rights and freedoms;
  • appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism, a copy of which can be obtained from the DPO;
  • the data subject has provided explicit consent to the proposed transfer after being informed of any potential risks; or
  • the personal data is being transferred to a company in the US which has self-certified its compliance with the EU-US Privacy Shield which has been found by the European Commission to provide an adequate level of protection to the personal data of EU

7.        For how long do we keep your personal data?

Your personal data will be deleted when it is no longer reasonably required for the purposes described above or you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data.

Where you ask to be unsubscribed from marketing communications we may keep a record of your email address and the fact that you have unsubscribed to ensure that you are not sent any further emails in the future.

Further details on how long we retain your personal data are contained in our retention policy which you can request from us by contacting us using the details below.

8.        Your data protection rights

Under certain circumstances, by law you have the right to:

  • Request information about whether we hold your personal data, and, if so, what that personal data is and why we are holding/using
  • Request access to your personal data (commonly known as a “data subject access request“). This enables you to receive a copy of your personal data that we hold and to check that we are lawfully processing
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate personal data that we hold about you
  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Object to automated decision-making including profiling, that is not to be the subject of any automated decision-making by us using your personal data or profiling of
  • Request the restriction of processing of your personal This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request transfer of your personal data in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format. 

In the event that you wish to make a complaint about how your personal data is being processed by Screen Ireland, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority who can be contacted as follows:

Contact Data Protection Commissioner
Telephone +353 57 8684800/+353 761 104 800
Email info@dataprotection.ie
Post Office of the Data Protection Commissioner

Canal House, Station Road

Portarlington

R32 AP23 Co. Laois

 

9.        Contact us

You can contact us with any queries, complaints or requests to exercise your data protection rights using the details below:

Contact: Data Protection Officer Screen Ireland: Grace Gannon

Data Protection Officer Screen Skills Ireland: Elizabeth Fraser

Telephone 091 561 398
Email dataprotection@screenireland.ie
Post Data Protection Officer Screen Ireland

Queensgate,

23 Dock Road, Galway

 

10.        Updates to this Privacy Statement

Our Privacy Statement may change from time to time, and any changes to this Privacy Statement will be posted on the website and will be effective when posted. As your use of Screen Ireland website is subject to your acceptance of this Privacy Statement, and any amendments thereto, please check back regularly.