Data Protection & Privacy Policy
Welcome to the Newry Chamber of Commerce & Trade privacy notice.
Overview
At Newry Chamber we take your privacy seriously and as an organisation we are committed to protecting your personal data.
We have outlined below:
- How we use your personal data
- How we look after your personal data
- What personal data we process and for what purpose
- Requirements of the General Data Protection Regulation.
- How this regulation applies both when you visit our website (regardless of where you visit it from) and when you use our services.
This privacy notice aims to be clear and concise in demonstrating the safeguarding measures taken to uphold the privacy of your personal information. We have also included a Glossary to help explain various terms used within this privacy notice.
Important Information
This privacy notice provides you with information on how Newry Chamber collects and processes your personal data through your interactions with us, including your use of this website or when you use our services.
The Newry Chamber website and services are intended for businesses and business representatives, which include both private and public sector organisations. We do not knowingly collect information relating to children unless for a specific purpose and this information is deleted on an annual basis.
It is important that you refer to this privacy notice alongside any additional privacy or fair processing notices which we provide for specific events when collecting or processing personal data about you. We want to ensure that you are fully informed of how and why we are using your data.
Data Controller
Newry Chamber of Commerce & Trade (referred to as “Newry Chamber”, “we”, “us” or “our” in this privacy notice) located at Granite Exchange, 5-6 Kildare Street, Newry, BT34 1DQ is the data controller responsible for your personal data. We will comply with our obligations to uphold your privacy under the forthcoming General Data Protection Regulation which comes into effect on 25th May 2018.
Third-party links
This website may include links to third-party plug-ins, applications or websites. By clicking on those links or enabling those connections, you may allow third parties to collect or share data about you. As we do not control these third-party websites, we are not responsible for their privacy statements or how they use your personal data. It is important that you refer to the privacy notice of every website you visit to be aware of how they will use your personal data.
Changes to This Data Protection Notice
Please note that this notice, while intended to be as complete and accurate as reasonably possible, is not exhaustive and may be updated from time to time.
We predict that our business will change over time, as will the way we use and protect your personal data. Therefore, we may need to make changes to this General Data Protection Notice. Any changes to this notice will not reduce your rights or the level of protection we apply to your personal information. We will publish the most up to date information on our website relating to General Data Protection. We will clearly identify any changes or updates to this Privacy notice and notify you of these changes via email.
Where to contact us
Newry Chamber has appointed a data privacy supervisor responsible for overseeing questions in relation to this privacy notice. If you have any questions about how your personal data is processed by us you can contact us anytime.
Please forward any questions about this privacy notice, including any requests to exercise your legal rights, to the data privacy supervisor Jessica Kane via https://newrychamber.com/contact-us/ or telephone 028302 50303 ext 2 or email admin@tng1.arrowhitech.net
Who we are
Newry Chamber of Commerce & Trade is registered in Northern Ireland as a company limited by guarantee but not having a capital share. We are a voluntary organisation, the largest business-to-business organisation in the Greater Newry Area and one of the largest Chambers in Northern Ireland.
We provide networking opportunities to our members and we are a key stakeholder in promoting and lobbying for the economic and social development of the region.
Newry Chamber will collect, represent and promote the interests, views and opinions of its Members and of the wider business community. We are the leading regional voice for business in the Greater Newry Area, promoting the area as a premier destination for tourism, investment, entrepreneurship, employment and as a happy, healthy place to live and work.
Through the use of revenue generation programmes, we provide our members with business support programmes to help them drive business growth. As a central body, we provide representation to key government and civil partners, lobbying on behalf of our members and local business issues.
What types of personal data we process and how we obtain that personal data
Personal data or information refers to any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The different types of personal data we may need to collect, use, store and transfer about you can be categorized in the following:
- Identity Data: includes first name, last name, username or similar identifier, title, date of birth and gender.
- Contact Data: includes billing address, email address and telephone numbers.
- Financial Data includes payment details.
Please note: this information is only stored for as long as is required to process the payment and complete the banking reconciliation. This information is then deleted/ shredded as appropriate.
- Transaction Data: includes details about payments to and from you and other details of services you have purchased from us.
- Technical Data: including internet protocol (IP) address and other technology on the devices you use to access this website.
- Marketing and Communications Data: includes your preferences when receiving marketing from us.
Newry Chamber often collect, store and share Aggregated Data which refers to statistical data for any purpose. Although Aggregated Data may be derived from your personal data, the law does not consider this as personal data because it does not directly or indirectly reveal your identity.
However, it is possible to combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you. This combination of data would only be made available to third parties with your prior consent.
Newry Chamber do not collect any Special Categories of Personal Data about you (including details of your ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health, genetic and biometric data) unless we have your explicit consent to do so. We do not collect information about criminal convictions and offences unless required to do so (e.g for the purposes for Recruitment) and with your consent.
Newry Chamber, in the delivery of its membership contract, member services and services to non-members, will correspond primarily via email and telephone.
If you do not make this information available, have not updated this information or request that we remove this information from our possession, we will be unable to provide the current level of service to you. This may result in us cancelling a service you have with us but we will notify you prior to cancelling the service.
Please note: If you fail to provide additional personal data as detailed, we may unable to perform the current contract we have or are trying to enter into with you (eg to provide you with our services).
How your personal data is collected
Information given to us by you through direct interaction.
You may give us information about you:
- By filling in forms on our site newrychamber.com (“our site”) or by corresponding with us by e-mail, post, phone, or otherwise.
- This includes information you provide when you register to use our site, make an enquiry about our services, join membership, subscribe to our service, email us, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey, request information or a newsletter, enquire about our events, sponsorship or membership benefits, enquire or book onto events and when you report a problem with our site.
- The information you give us may include: your name, address, e-mail address and phone number, financial and credit card information, personal description and photograph, interests and preferences, professional information (such as, but not limited to, your job title and details of your employer) and any other information relevant to your enquiry or request for information or services which we may request and you may choose to provide to us from time to time.
- Information we extract from your correspondence to us via post, telephone, website and/ or social media platforms. We may extract available information from your which may not be publically available: full name, job role, company, email address, phone number, direct line and mobile phone number.
Information collected by us about you.
With regard to each of your visits to our site we may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); information you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Publically available information we extract from your company via post, telephone, website and/ or social media platforms and use this to contact you, including: full name, job role, company, email address, phone number, direct line and mobile phone number.
Information received from other sources about you via automated technologies or interactions.
- As you interact with our website, we may automatically collect Technical Data about your browsing actions through the use of cookies.
- In this case we will have informed you when using the site that we collect data which may be shared internally and combined with data collected on this site. We also work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers) and may receive information about you from them.
- We may receive information about you if you use any other websites we operate.
Other websites we operate are:
www.nismallbusinessconference.com
Information we receive from your colleagues.
We may also receive information about you from your colleagues. Such information will only be provided to us where your colleagues have confirmed that you have consented to your information being collected and processed by us.
How we use your personal data
We will only use your personal data in a strictly lawful manner.
Often, we will use your personal data in the following circumstances where:
- We need to perform the service derived from the contract we are about to enter into or have entered into with you
- It is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- We need to comply with a legal or regulatory obligation.
Cookies
Using your browser settings, you can change your preferences to refuse all/ some browser cookies and to alert you when websites set or access cookies.
Please note: To disable or refuse cookies may cause sections of this website to not function properly or become inaccessible. You can view further details of our about the cookies we use by following the link:
https://newrychamber.com/cookies-policy/
Change of Purpose
Newry Chamber will only use your personal data for the purposes for which we collected it. This will only change if we reasonably consider that we need to use that data for another reason and that this reason is compatible with the original purpose for which the data was collected.
Please note: We can provide a detailed explanation as to how the processing for the new purpose is compatible with the original purpose, to do so email: admin@tng1.arrowhitech.net
In the case that we require the use of your personal data for a purpose unrelated to the original purpose for which it was collected, Newry Chamber will notify you and we will explain the legal basis which allows us to do so.
In cases where this is required or permitted by law, Newry Chamber may process your personal data without your knowledge or consent in compliance with the above rules.
Why we use your personal data and our legal basis for doing so
Newry Chamber relies on legitimate interests as the legal basis for processing your personal data. These legitimate interests are to develop our products/services and grow our business by helping local businesses to grow, develop, network and lobby.
Please see the table below for a detailed description of the ways which we currently use your personal data. We have identified the legal bases we rely on to do so and have included our lawful basis and legitimate interests where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
If you require further details about the specific legal ground we are relying on to process your personal data please contact us via admin@tng1.arrowhitech.net
Purpose for the use of personal data | Type of data | Lawful basis for processing including basis of legitimate interest |
To register you as a new customer, process payment of membership fees and/or to administer requests or procedures requested by you (e.g. event bookings) | – Identity
– Contact – Financial |
– Performance of a contract with you
– Necessary to comply with a legal obligation – Consent |
For members only:
– To add you as a Member to the Membership Directory – To update your contact details on the Membership Directory as necessary; -To assist in facilitating meetings and introductions through Membership |
– Identity
– Contact – Financial – Marketing & Communications |
– Performance of a contract with you
– Necessary to comply with a legal obligation – Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) – Consent |
To manage our relationship with you which will include:
|
– Identity
– Contact – Marketing & Communications |
– Performance of a contract with you
– Necessary to comply with a legal obligation – Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) – Consent |
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | – Identity
– Contact – Technical |
– Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
– Necessary to comply with a legal obligation |
To make suggestions and recommendations to you about services that may be of interest to you | – Identity
– Contact – Technical – Usage |
– Necessary for our legitimate interests (to develop our products/services and grow our business) |
For Suppliers only:
|
– Identity
– Contact – Financial – Marketing and Communications |
– Performance of a contract with you
– Necessary to comply with a legal obligation – Consent |
Marketing & Communications
Newry Chamber strives to provide you with choices regarding certain personal data uses related to marketing and advertising. We have established the following personal data control mechanisms:
- We may use your Identity and Contact data to consider what services we think you may want or need, or which of our initiatives may be of interest to you. We provide a tailored marketing service by looking at your business information and deciding which of our products, services and offers may be relevant for you.
You will receive marketing communications from us if you have requested information from us, attended our events or purchased services from us and, in each case, you have not opted out of receiving that marketing.
Third-party Marketing
We will get your express opt-in consent before we share your personal data with any company outside Newry Chamber for marketing purposes.
Opting out
At any time you may ask us to stop sending you marketing messages by clicking the opt-out or ‘unsubscribe’ links at the bottom of any marketing message sent to you, or by contacting us at any time via admin@tng1.arrowhitech.net
If you opt out of receiving marketing messages from us, this will not automatically apply to personal data provided to us via purchase of a product/service, product/service experience or other any other transaction.
Who we disclose your personal data to and why
Newry Chamber may have to share your personal data with the parties stated below for the purposes set out in the table in paragraph 5 above.
- Internal Third Parties, please refer to Glossary.
- External Third Parties please refer to Glossary.
- Third parties and/or stakeholders to whom we collaborate with to run events or may choose to sell, transfer, or merge parts of our business or our assets.
If we seek to acquire other businesses or merge with them, or in cases where change happens to our business, the new owners/ directors may use your personal data in the same way as set out in this privacy notice.
Newry Chamber requires all third parties to respect the privacy and security of your personal data and to treat it in a lawful manner. We only collaborate with third parties who implement their own data protection mechanisms as per the General Data Protection Regulation which will come in to effect on 25th May. We only allow the third parties we work with to process your personal data personal data for specified purposes as determined by us and in accordance with our instructions. We do not allow third parties to process your personal data for their own purposes.
Whether we transfer any of your data internationally
We do not currently have reason to transfer your data internationally, However, if Newry Chamber were to transfer your personal data out of the EEA, we will ensure a similar degree of protection is afforded to it by using only specific contracts which have been approved by the European Commission ensuring personal data the same protection it has in within Europe.
How we store your data securely
Newry Chamber restricts access to your personal data to only include our employees, agents, contractors and other third parties who have a business and require your data to carry out a service on our behalf or collaborate with us. Our third parties will only process your personal data under our specific instructions and are subject to the same duty of confidentiality.
Newry Chamber has implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
Newry Chamber has established procedures to deal with any suspected personal data breach which requires us to notify you along with any applicable regulator of a breach where it is a legal requirement to do so.
How long we hold your personal data for
- Newry Chamber will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- In determining the appropriate retention period for personal data, we take in to consideration the quantity, type, and sensitivity of the personal data, we assess the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, if we can achieve these purposes by other means, and the applicable legal requirements.
- We have made details of retention periods for your personal data available in our retention policy. You may request this information by contacting admin@tng1.arrowhitech.net
- You may request that we delete your data: see Request erasure below for further information.
- Please note: In circumstances where are have requested that we delete your data; we may not be equipped to provide you with the same standard of service.
- In circumstances where we anonymise your personal data for research or statistical purposes, you will not be identifiable and therefore we may use this information indefinitely without further notice to you.
Your rights in relation to your personal data and how to exercise them
You have rights under data protection laws which can be exercised under certain circumstances that relate to your personal data,
The UK’s supervisory authority for data protection issues and information rights in the public interest is the:
Information Commissioner’s Office (ICO), Information Commissioner’s Office 3rd Floor, 14 Cromac Place, Belfast, BT7 2JB
Tel: 028 9027 8757 or 0303 123 1114 Email: ni@ico.org.uk
You have the right to make a complaint at any time to ICO by visiting (www.ico.org.uk) or via the contact details above.
Newry Chamber would appreciate the chance to address your concerns before you approach the ICO so please contact us in the first instance and we will initiate our procedures to deal with the issue. On receiving a complaint from a person, Newry Chamber employees are trained to create a file to include all the details of the complaint. This file would contain information regarding the identity of the complainant along with any other individuals involved. This personal information collected will only be used to process the complaint and to monitor the type of service we provide. In most cases, we usually have to disclose the complainant’s identity to the person which the complaint relates to.
Where possible we will refrain from disclosing the complainant’s identity when handling a complaint, however this is not always possible particularly in cases where the accuracy of a person’s record is in dispute. All personal information collected for the purposes of complaint files will be kept for two years from closure of the complaint, as per our retention policy. This complaint file be kept securely and with restricted access, with authorisation to view such files granted on a strictly ‘need to know’ basis. In cases where we receive enquiries, we will refer only to the information provided to us in handling the enquiry along with any subsequent issues and in assessing the level of service provided by us.
As a data subject, you have the right to:
- Request a data subject access request which is a request for access to your personal data, enabling you to receive a copy of all personal data we hold about you and to check that we are lawfully processing it.
- Request a correctionof the personal data which enables you to have any incomplete or inaccurate data we hold about you and to correct the data as required. Any correction of personal data will require verification of the accuracy of the new data you provided to us by you.
- Request erasureof your personal data which enables you to request that we delete or remove personal data where we cannot provide a good reason for continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below). In cases where we may have processed your information unlawfully or where we are required to erase your personal data in order to comply with local law.
- Please note: in cases where we cannot comply with your request of erasure for specific legal reasons, you will be notified if applicable, at the time of your request.
- Object to processing of your personal data if you feel it impacts on your fundamental rights and freedoms. We rely on a legitimate interest (or those of a third party) to process your data but you may want to object to us processing this data in a particular situation.
- Object to the processing of personal data for direct marketing purposes. If we demonstrate compelling legitimate grounds to process your data, this can in some cases override your rights and freedoms.
- Request restriction of processing of your personal data.
You may request us to suspend the processing of your personal data in such cases where:
(a) You want us to establish the data’s accuracy;
(b) Our use of the data is unlawful but you do not want us to erase it;
(c) You need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
(d) You have objected to our use of your data but we need to verify if we have overriding legitimate grounds to use it.
- Request the transfer of your personal data to you or to a third party. We can provide your personal data in a structured commonly used, machine-readable format to you or a third party you have chosen.
- Please note: This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with or provide a service to you.
- Withdraw consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
Please contact us via admin@tng1.arrowhitech.net if you wish to exercise any of the rights set out above.
There is no fee payable to access your personal data (or to exercise any of the other rights stated above). However, if your request is clearly unfounded, repetitive or excessive then we may charge a reasonable fee or we may refuse to comply with your request.
What we may require from you
To help us to confirm your identity and comply with your rights as stated above we may need to request specific information from you. This request for specific information is a security measure which will ensure that personal data is not disclosed to any other person who is not authorised to access it. We may also contact you for further information in relation to your request to speed up our response.
Time limit to respond
We endeavour to respond to all legitimate requests within one month as required by the relevant provision in the GDPR. However, if you have made more than one request or if your request is particularly complex, it may take us longer than one month to settle your request. In this case, we will notify you of our efforts and keep you updated throughout the process.
Glossary
LAWFUL BASIS
‘Comply with a legal or regulatory obligation’ means processing your personal data in situations where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
‘Legitimate Interest’ means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We ensure that we consider and balance any potential positive or negative impact on you the client and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us via admin@newry chamber.com.
‘Performance of Contract’ means processing your data in situations where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
THIRD PARTIES
Internal Third Parties
Other companies in the Newry Chamber group acting as joint controllers or processors and who are based in the EEA and who may provide IT and system administration services and undertakes leadership reporting.
External Third Parties
Service providers acting as processors based in the EEA who provide services including IT, and system administration services.
Professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom.
Social Media
We may use third party provided tools to manage our social media interactions. If you send us a private or direct message via social media the message may be stored on such a tool, but like other personal data, these direct messages will not be shared with any other organisations.
This Privacy Notice was last modified on 23rd May 2018.