The Irish Holstein Friesian Association (IHFA) is committed to protecting your Personal Data. This Privacy Notice (“Notice”) applies to your membership and sets out how we collect, use and protect your personal data.
This Notice has been developed to inform our members about the privacy and security of Personal Data and to meet our obligations under the Data Protection Acts, 1988 – 2018 and the General Data Protection Regulation (together “Data Protection Law”). Under Data Protection Law, personal data is information that identifies you as an individual or is capable of doing so (“Personal Data”). We comply with Data Protection Law and this Notice applies to the personal data collected, processed and stored by us through your membership.
For the purposes of Data Protection Law, we are the data controller of your Personal Data. You will find our contact details in the “Contact Us” section below.
Who We Are
The IHFA is a member owned organisation directed by an IHFA board which is directly elected from its members in 15 club areas. The Association is approved by the Department of Agriculture to issue ancestry and pedigree registration certificates. The IHFA is responsible for the validity and upkeep of the herdbook of Holstein Friesian cattle and for giving direction to the development and promotion of the breed in Ireland through its many events and services.
The IHFA’s registered office is at Ballymacowen, Clonakilty, Co. Cork and is a company Limited by Guarantee, company number 281268 with Charity Status, Registered Charity Number 20040307. Our designated Data Protection Appointed Person may be contacted at email@example.com.
Information That We Collect
The IHFA processes Personal Data in connection with your membership and in order to meet our legal, statutory and contractual obligations and to provide you with our services. We will never collect any unnecessary Personal Data from you, and do not process your information in any way, other than as specified in this notice.
The Personal Data that we collect is: –
- Personal Email
- Home Telephone Number
- Mobile Telephone Number
- Bank Details IBAN & BIC
- YMA – Date of birth
How we gather Personal Data
We collect Personal Data in the following ways: –
IHFA Membership forms
YMA Membership forms
Trade Stand Forms
Web enquiry forms
Why we collect and process Personal Data
Except as disclosed in this Notice, we will not, without your consent, disclose Personal Data that we collect to any parties other than those with whom we partner or are affiliated with. The purposes and reasons for processing Personal Data are detailed below: –
- We collect Personal Data to enable us to open an account with the Association to provide a service for registering, classifying, Genomic/DNA testing your animals, creating catalogues, updating you of promotional events happening locally and nationally, updating you with changes in rules of the organization through our texting system (you have the option to opt out at any stage). The IHFA journal is published biannually and posted to members.
- Where we have received consent your Name and Mobile number will be forwarded to your local club secretary. They will contact you once to inform you of details of your local club, if you wish to join, you will need to issue consent to your club to allow them to include you in club mailings.
- We collect and store Personal Data as part of our legal obligation for business accounting purposes.
- Where we have received consent to inform you of promotional events for Trade stands, Journal advertising, sponsorship you have the option to opt out at any time.
- Consent will be sought at each event for publishing photographs.
We must have lawful bases to collect and use Personal Data. We rely on the following legal bases under Data Protection Law when processing your Personal Data:
- Performance of a contract – We will process your Personal Data to the extent required to deliver the service requested.
- Compliance with legal obligations – We may need to disclose Personal Data to comply with a request from law enforcement, or other Government agencies or Court Order. • Legitimate interests – To provide updates to you.
- With your consent – For certain of our uses, we rely on your consent to collect and use your Personal Data. You are given the choice to provide consent or not. When we collect your consent, we explain what we need it for and how you can change your mind in the future.
Your Rights in relation to your personal data
We shall vindicate all your rights under Data Protection Law. These rights are as follows:
- Your right to withdraw your consent to the processing of Personal Data at any time;
- Your right to request from us access to personal data and have any incorrect personal data rectified;
- Your right to the restriction of processing concerning you or to object to processing;
- Your right to have your Personal Data transferred to another service provider;
- Your right to have your Personal Data erased (where appropriate);
- Information on the existence of automated decision making, if any, as well as meaningful information about the logic involved, its significant and its envisaged consequences.
Vindication of your rights shall not affect any rights which we may have under Data Protection Law.
You have the right to access any personal information that the IHFA processes about you and to request information about: –
- What personal data we hold about you
- The purposes of the processing
- The categories of personal data concerned
- The recipients to whom the personal data will be disclosed
- How long we intend to store your personal data for
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us.
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
Do we disclose Personal Data to anyone else?
We disclose Personal Data to third parties only when it is necessary as part of business practices or when there is a legal or statutory obligation to do so. Whenever we disclose Personal Data to third parties, we only disclose that amount of information necessary to meet such business need or legal requirement. Third parties that receive Personal Data from us must satisfy us as to the measures taken to protect the Personal Data such parties receive, in accordance with Data Protection Law, and as stated in this Privacy Notice. Appropriate measures will be taken to ensure that all such disclosures or transfers of Personal Data to third parties will be completed in a secure manner and pursuant to contractual safeguards.
Third parties we work with
We use Accounting LTD to audit the books of account annually. They have access to the sage accounting system to complete their audit.
We use Capita to print and post the Pedigree Certificates.
We may provide information, when obliged to do so under Data Protection Law, and in response to properly made requests, for example, for the purpose of the prevention and detection of crime, and the apprehension or prosecution of offenders. We may also provide information for the purpose of safeguarding national security. In the case of any such disclosure, we will do so only in accordance with Data Protection Law.
We may also provide information when required to do so by law, for example, under a Court Order, and may transfer data to legal counsel where same is necessary for the defense of legal claims.
We may also disclose Personal Data in connection with any complaint regarding your interaction with the IHFA.
The IHFA employs reasonable appropriate administrative, technical, personnel procedural and physical measures to safeguard Personal Data against loss, theft and unauthorized users’ access, uses or modifications. We have several layers of security measures in place, including: –
Locked Filing Cabinets for manual files, Regular changing of Passwords, Encryptions on laptops, restricted access, firewalls, anti-virus/malware.
Whilst we try our best to safeguard your personal data, once we receive it, no transmission of data over the internet or any other public network can be guaranteed to be 100% secure. It is important for you to protect against unauthorized access to your password and to your computer.
Transfers Outside the EEA
The IHFA utilises some services that may be hosted/stored in non-EEA countries, which means that we may transfer some information (name and email address) which is submitted by you outside the European Economic Area (“EEA”) for the below purposes: (marketing database (i.e., MailChimp,)
We use this service to inform you (once you have given consent) of Promotional events where you may wish to have a trade stand or to advertise in our journal. Where this is the case, we will take steps to ensure that those providers use the necessary level of protection to protect your data and comply with the Data Protection Law.
How Long We Keep Your Data
The IHFA only ever retains Personal Data for as long as is necessary and we have review and retention policies in place to meet these obligations. The period for which we retain personal data varies according to the use of that Personal Data. In some cases, there are legal requirements to keep data for a minimum period of time. Unless specific legal requirements dictate otherwise, we will retain information for no longer than is necessary for the purposes for which the data were collected and processed (which is described above). We are required by Revenue to keep accounting records for a minimum of 6 years.
Lifetime of consent: We will retain your personal data until consent is explicitly withdrawn (notification to the office in writing to cancel membership)
Intended Purpose: We will retain your personal data for the time required to complete the purpose for which it was originally collected.
Legal or Business requirements: We will retain your personal data for the time required to fulfill legal obligations and business contractual requirements.
Where you have consented to us using your details for direct marketing, we will keep such data until you notify us otherwise and/or withdraw your consent through opting out.
Subject Access Requests
Any formal, written request by a Data Subject for a copy of their personal data (a Subject Access Request) will be referred, as soon as possible, to the Data Protection Appointed Person, and will be processed as soon as possible.
It is intended that by complying with these guidelines, the IHFA will adhere to best practice regarding the applicable Data Protection legislation.
Lodging A Complaint
The IHFA only processes your personal information in compliance with this Notice and in accordance with Data Protection Laws. If, however you wish to raise a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint by contacting the Data Protection Commission a) via email firstname.lastname@example.org or b) post Data Protection Commission, Canal House, Station Rd, Portarlington, Co. Laois R32 AP23.
This Notice will be reviewed and updated from time to time to consider changes in the law and the experience of the Notice in practice. Any and all changes will be advised to members and, if necessary, we will obtain your consent prior to applying any changes to any Personal Data collected from you prior to the date the change becomes effective. Your continued use of our site and engagement with the IHFA will be subject to the then current policy. We encourage you to periodically review this Notice to stay informed about how we collect, use and disclose personal information.
For the avoidance of doubt, and for consistency in terminology, the following definitions will apply within this Policy.
Data This includes both automated and manual data.
Automated data means data held on computer, or stored with the intention that it is processed on computer.
Manual data means data that is processed as part of a relevant filing system, or which is stored with the intention that it forms part of a relevant filing system.
Personal Data Information relating to an identified or identifiable natural person (“Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Data Controller A person or entity who, either alone or with others, controls the content and use of Personal Data by determining the purposes and means by which that Personal Data is processed.
Data Subject A living individual who is the subject of the Personal Data, i.e., to whom the data relates either directly or indirectly.
Data Processor A person or entity who processes Personal Data on behalf of a Data Controller on the basis of a formal, written contract, but who is not an employee of the Data Controller, processing such Data in the course of his/her employment.
Data Protection Officer A person appointed by The Irish Holstein Friesian Association to monitor compliance with the appropriate Data Protection legislation, to deal with Subject Access Requests, and to respond to Data Protection queries from staff members and service recipients
Relevant Filing System Any set of information in relation to living individuals which is not processed by means of equipment operating automatically (computers), and that is structured, either by reference to individuals, or by reference to criteria relating to individuals, in such a manner that specific information relating to an individual is readily retrievable.