No products in the basket.
1.1 Inishowen Skillnet funds and facilitates training through Network of private sector companies, in a range of sectors and regions. Each Network delivers training that is relevant to specific industry sectors or regions and member company needs.
1.2 Inishowen Skillnet is funded from the National Training Fund through the Department of Further and Higher Education, Research, Innovation and Science. The training programme you attended or are attending has been fully or partially funded by Inishowen Skillnet.
1.3 Inishowen Skillnet is mandated by the Department of Further and Higher Education, Research, Innovation and Science to monitor and evaluate training programmes provided by our Network and to ensure that funds are being used appropriately.
1.4 Inishowen Skillnet is mandated by Enterprise Ireland to share trainee profile data to assess the eligibility of your employer to receive Clear Customs Financial Support. Trainee profile data for our Clear Customs Programme may also be used for the purposes of providing aggregated statistical information to the Department of Public Expenditure and Reform to help inform national policy in relation to skills.
1.5 You are asked to complete the Trainee Profile Form where you are asked to share certain personal details about your background. You are asked to complete the “Reaction to Learning From” when you have completed your training with us.
1.6 You may wish to review this Privacy Statement before completing these forms so that you are aware of how we comply with Data Protection Legislation in relation to your personal data.
1.7 Our Data Protection Officer’s (DPO) contact details are as follows:
|Post||Inishowen Skillnet, St Mary’s Road, Buncrana , Inishowen, Co. Donegal. F93WP61|
About this Privacy Statement
- This Privacy Statement relates to our privacy practices and policies in place for the data we collect in the Trainee Profile Form and Reaction to Learning Form. It sets out what personal data we collect and process about you in connection with the services and functions of Inishowen Skillnet through our training programmes; where we obtain the data from; what we do with that data; how we comply with the data protection rules, who we transfer data to and how we deal with individuals’ rights in relation to their personal data. Links to all of this information may be accessed by clicking on the titles in the table of contents. Any personal data is collected and processed in accordance with Irish and EU data protection laws.
- All our employees and contractors are required to comply with this Privacy Statement when they process personal data on our behalf. Any failure by Inishowen Skillnet employees or parties contracted to Inishowen Skillnet, to comply with the data protection rules (including as they are outlined in this Privacy Statement) may result in disciplinary action or sanction.
- Please note that we may disclose individuals’ information to trusted third parties for the purposes set out and explained in this document. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with Irish and EU laws on data protection.
2. Data Controller
- 2.1 Data protection provides rights to individuals with regard to the use of their personal information (personal data) by organisations, including Inishowen Skillnet. Irish and EU laws on data protection govern all activities we engage in with regard to our collection, storage, handling, disclosure and other uses of personal data.
- 2.2 Compliance with the data protection rules is a legal obligation. In addition, our compliance with the data protection rules helps individuals to have confidence in dealing with us and helps us to maintain a positive reputation in relation to how we handle personal information.
- 2.3 The data protection rules that apply to us are currently contained in the EU General Data Protection Regulation (EU Regulation 679/2016) (the “GDPR”), in the Data Protection Act 2018, in the EPrivacy Regulations 2011 and in related legislation (together the “DPAs”).
- 2.4 “Data controllers” are the people who or organisations which determine the purposes for which, and the manner in which, any personal data is processed, who/which make independent decisions in relation to the personal data and/or who/which otherwise control that personal data.
- 2.5 For the purposes of the GDPR, Inishowen Skillnet is the data controller with regard to the personal data described in this Privacy Statement.
3. What personal data does Inishowen Skillnet collect and why?
- 3.1 “Personal data” means any information relating to an identified or identifiable natural person. Personal data can be factual (for example, a name, address or age range) or it can be an opinion about that person, their actions and behavior.
- 3.2 We set out in the table at Schedule 1 of this policy a description of the personal data that we collect in connection with our services and functions, why we are collecting this data, our legal basis for processing this data and the length of time for which we retain your data. (The table is referred to below as our “Processing Description”.)
- 3.3 We process the personal data for the purposes set out in our Processing Description and for any other purposes specifically permitted by the DPAs (or when applicable, the GDPR) or as required by law.
- 3.4 We collect this information from you through our Trainee Profile Form and Reaction to Learning Form which will be completed in hard copy or electronically.
- 3.5 Inishowen Skillnet is mandated by the Department of Further and Higher Education, Research, Innovation and Science to effectively monitor the performance of the training programmes funded or partially funded by Inishowen Skillnet. Inishowen Skillnet performs compliance reviews, evaluations of the training programmes, as well as quality assurance and attendance at training verifications.
4. Lawful basis for processing personal data
- 4.1 GDPR allows for the use of personal data where its purpose is necessary, legitimate and is not outweighed by the interests, fundamental rights or freedoms of data subjects. This is known as the ‘necessary legitimate interests’ legal basis for processing personal data.
- 4.2 The legal basis for processing trainee personal data for the purpose of delivering training is ‘necessary legitimate interests’.
- 4.3 We have conducted a ‘necessary legitimate interests’ balancing test which involved identifying the ‘necessary legitimate interests’ of us, those attending the courses (data subjects), the Network, the Department of Further and Higher Education, Research, Innovation and Science and the interests of the general public in our being able to process the personal data necessary to provide funding to Network and to ensure that funding is being used appropriately etc. We also identified any potential inconveniences or risks to data subjects and concluded that the many identified legitimate interests outweighed any potential risks to data subjects (which are very low). We have ensured that we collect the minimum amount of personal data necessary to achieve our legitimate purposes.
- 4.4 Our necessary legitimate interests balancing test will be reviewed as necessary.
- 4.5 The legal basis for processing personal data for marketing in Inishowen Skillnet is ‘consent’.
- 4.6 Inishowen Skillnet is fully committed to keeping your personal information safe and ensuring your rights are protected.
- 4.7 You can ‘opt-in’ to receive updates and information from Inishowen Skillnet on both the services and achievements of our Network. The ‘opt-in’ process is explicit and is obtained only through a clear and affirmative action.
- 4.8 When you ‘opt-in’, we record and save the first name and email you input. Your ‘consent’ can be withdrawn at any time using the ‘unsubscribe’ option in the footer of any correspondence received from us.
- 4.9 If you require further information from us regarding our legal basis for processing personal data, please contact the Data Protection Officer (“DPO”) whose details are set out below.
5. What are the data protection principles?
- 5.1 The eight data protection principles apply to our organisation:
- We process personal data fairly, lawfully, and transparently. We have a valid legal basis for our processing of personal data. We are transparent with individuals about our processing of their personal data.
- We only collect personal data for specified, identified and necessary legitimate purposes.
- We only process the personal data that we have collected for the purposes which we have identified or for purposes that are compatible with the purposes that we have identified.
- The personal data that we collect, and process must be adequate, relevant, and limited to what is necessary for the purposes.
- The personal data that we collect, and process must be accurate and (where necessary) kept up to- date.
- We do not keep personal data any longer than is necessary, bearing the purpose for which we collected it. This includes that we keep personal data in a form which permits identification of the data subject for no longer than is necessary.
- We keep personal data safe and secure from unauthorised access, deletion, disclosure or other unauthorised uses. This includes not just keeping data safe and secure from persons outside our organisation, but also from people within our organisation who have no need to access or use the personal data. We are also careful when transferring personal data outside the European Economic Area (“EEA”, being the EU plus Norway, Liechtenstein and Iceland), and make sure that we have a valid legal basis on which to transfer that data. Transfer can include using a cloud server that is located outside the EU or allowing people who are located outside the EEA access to personal data that is stored within the EEA.
- We comply with data subjects’ rights of information about, and (separately) access to, their personal data and with their other data protection rights, including rights to correct or erase their personal data, rights “to be forgotten”, rights to object to processing (including profiling), rights against automated decision-making and (under the GDPR) rights to data portability.
6. Security of your personal data
- 6.1 We take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data.
- 6.2 We have procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. Personal data will only be transferred to a data processor if he agrees to comply with those procedures and policies, or if he puts in place adequate measures himself. In addition, we have appropriate written agreements in place with all our data processors.
- 6.3 Skillnet Ireland operates and manages a bespoke database ‘Sonrai’ to store your personal data. This is a cloud- based solution and information is hosted in a North European Data Centre. ‘Sonraí’ uses the Microsoft Azure platform to securely store our data. The file server is backed up to the cloud and backups are located in a datacentre in Slough, UK. All data uses AES-256-bit encryption.
- Inishowen Skillnet operates and manages its data via a cloud-based solution hosted in Dublin Ireland and the file server is backed up to the cloud and backups are located in a datacenter in Dublin Ireland. All data uses AES-256-bit encryption.
- 6.5 We maintain data security by protecting the confidentiality, integrity, and availability of the personal data, defined as follows:
- Confidentiality means that only people who are authorised to use the data can access it.
- Integrity means that personal data should be accurate and suitable for the purpose for which it is processed.
- Availability means that authorised users should be able to access the data if they need it for authorised purposes. Personal data should therefore be stored on Inishowen Skillnet’s central computer system instead of individual PCs or devices.
- 6.6 We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is transferred to an application which is protected using SSL (Secure Sockets Layer) technology. SSL is the industry standard method of encrypting personal information and credit card details so that they can be securely transferred over the Internet.
7. Transfers outside the EEA
- 7.1 Where we need to share your personal data with any suppliers who are deemed to be outside the EEA, we will do so on the basis of European Commission approved standard contractual clauses and we always ensure there are appropriate safeguards in place to protect your personal data.
8. How long will we keep your personal data?
- 8.1 In Schedule 1 we have set out in the Processing Description the length of time for which we will
9. Will we share your personal data with anyone else?
- 9.1 Your personal data may also be shared with Inishowen Skillnet third parties for the purposes outlined in Schedule
1. We are required by the Department of Further and Higher Education, Research, Innovation and Science to carry out monitoring and compliance activities and we may engage with third parties to carry out these activities on our behalf.
- 9.2 We may pass your details to another agency but only if it is required by law, pursuant to our statutory functions, or if that agency is relevant to your enquiry.
10. Your data protection rights
- 10.1 Under certain circumstances, by law you have the right to:
- Request information about whether we hold personal data about you, and, if so, what that data is and why we are holding/using it.
- Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal data or profiling of you.
- Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal data in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
11. Requests by data subjects to exercise their rights
- 11.1We have appointed a DPO to monitor compliance with our data protection obligations and with this policy and our related policies. If you have any questions about this policy or about our data protection compliance, please contact the DPO.
- 11.2Data subjects must make a formal request for personal data we hold about them or otherwise to exercise their data protections rights whether to make an access request or otherwise by contacting our Data Protection Officer.
- 11.3 Our DPO can be contacted as follows: –
|Telephone||074 93 62218|
|Post||Data Protection Officer Inishowen Skillnet Inishowen Development Partnership, St Mary’s Road, Buncrana, Co Donegal, F93WP61|
- 11.4Note also that data subjects have the right to make a complaint at any time to a data protection supervisory authority in relation to any issues related to our processing of their personal data. As our organisation is located in Ireland and we conduct our data processing here, we are regulated for data protection purposes by the Irish Data Protection Commissioner. You can also contact the Data Protection Commissioner as follows:
- Go to their website www.dataprotection.ie
– Phone on +353 87 103 0813
- Email firstname.lastname@example.org
- Postal address: Data Protection Commission, 21 Fitzwilliam Square Dublin 2, D02 RD28.
12. Changes to the Privacy Statement
Our Privacy Statement may change from time to time and any changes to the Statement will be posted on this page. This Privacy Statement was revised in July 2021.
|What personal data we take||Purposes of processing||Legal basis for processing||Retention period|
|First name and surname Contact details (phone number and email address)||To contact you following completion of your training programme to carry out compliance, monitoring or evaluation activities.Clear customs trainees only: personal data is provided to Enterprise Ireland in relation to the Clear Customs training programme, to assess the eligibility of the related employer to receive Clear Customs Financial Support.||Legitimate interests||Electronically only, no longer than 3 years from the end of the calendar year preceding the completion of your training programme.|
|Gender Age range NQF Level Achieved Employment status and details relating to this||For aggregated evaluation of the quality and impact of training. For aggregated and statistical reporting to the Department of Further and Higher Education, Research, Innovation and Science. For aggregated and statistical reporting in the Inishowen Skillnet Annual Report and other publications.Clear customs trainees only: personal data is provided to Enterprise Ireland in relation to the Clear Customs training programme, to assess the eligibility of the related employer to receive Clear Customs Financial Support.Clear customs trainees only: for providing aggregated statistical information to the Department of Public Expenditure and Reform.||Legitimate interests||Electronically only, no longer than 3 years from the end of the calendar year preceding the completion of your training programme.|
|First name Contact details (Email address)||Marketing: To send you updates and information from Inishowen Skillnet on the services and achievements of Inishowen Skillnet and our Skillnet Network||Consent||You can unsubscribe from our email list at any time using the ‘unsubscribe’ option in the footer of correspondence received from us.|