SIRO Limited (“SIRO,” “we”, “us” and “our”) is committed to protecting and respecting your privacy.
This privacy notice (the “Privacy Notice”) sets out the basis on which SIRO uses, processes and protects any information that you give while using www.siro.ie (the “Website”) or which you give to us. The data controller in respect of information which we collect through the Website is SIRO Limited, Two Gateway, East Wall Road, Dublin 3.
We will handle your Personal Data in accordance with Data Protection Legislation. “Data Protection Legislation” means the General Data Protection Regulation (EU) 2016/679 (“GDPR”) (and laws implementing or supplementing the GDPR), Data Protection Acts 1988 and 2003 and Directive 95/46/EC, any other applicable law or regulation relating to the processing of Personal Data and to privacy (including the E-Privacy Directive and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (“E-Privacy Regulations”), as such legislation shall be amended, revised or replaced from time to time.
In this Privacy Notice, the term “Personal Data” means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, our possession, and includes Personal Data as described in Data Protection Legislation (as defined below).
Submitting Personal Data to the Website and/or accepting the terms of this Privacy Notice indicates that you have reviewed this Privacy Notice and have agreed to be bound by it. You will be required to accept this Privacy Notice before submitting Personal Data to the Website. If you do not agree to these terms you must leave our Website immediately. If you choose to accept this Privacy Notice, we will keep a record of your acceptance in this regard.
COLLECTION OF PERSONAL DATA
We fully respect your right to privacy in relation to your interactions with the Website and we endeavour to be transparent in our dealings with you as to what information we will collect and how we will use your information. Also, we only collect and use individual’s information where we are legally entitled to do so. Information in relation to your rights in respect of Personal Data collected by Irish entities is available on www.dataprotection.ie, the website of the Irish Data Protection Commissioner (“DPC”).
Information provided by you: You provide us with information by filling in forms on our Website, emailing us about our Website, searching for information on our Website, interacting with maps and other interactive features on our Website, using social media functions on our Website (such as entering a competition, promotion or survey) and when you report a problem with our Website. The information you give us may sometimes include your name, address, email address and phone number.
Information gathered by us: We may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Targeting cookies which recognise your website visit and allow serve targeted SIRO advertising/content to you.
We are also working closely with third parties (for example technical and analytics providers, search information providers, and business partners) and may receive information about you from them.
HOW WE USE YOUR INFORMATION
Information provided by you: If you register your details with us, we may contact you by electronic means (e.g. e-newsletters), by SMS, or post to provide information about our rollout and SIRO services. You will be given the opportunity to ‘unsubscribe’ from electronic communications on every electronic communication that we send to you.
From time to time, we will use this information to advertise (online) to you about SIRO. Online advertising would include advertising through social networks and platforms such as Twitter, Facebook and Google.
Information gathered by us: We will use this information gathered on our Website to:
(a) administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
(b) to improve our Website to ensure that content is presented in the most effective manner for you and for your computer;
(c) to allow you to participate in interactive features of our service, when you choose to do so;
(d) to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
(e) to target you or similar audiences to advertise SIRO online on third party advertising networks such as Facebook, Twitter, YouTube, Google and other advertising networks across publishing websites.
Where we wish to use your Personal Data in any other way, we will ensure that we notify you and get your consent first. You will be given the opportunity to withhold or withdraw your consent for the use of your Personal Data for purposes other than those listed in this Privacy Notice.
DISCLOSURE OF YOUR INFORMATION
We may share your Personal Data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. We may also use your information and share your information with selected third parties such as analytics and search engine providers that assist us in the improvement and optimisation of our Website.
We may disclose your Personal Data to third parties:
- in the event that we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets;
- if SIRO or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets; and
HOW LONG WE KEEP YOUR INFORMATION
Your Personal Data will be retained in accordance with our data retention policy which categorises all of the information held by us and specifies the appropriate retention period for each category of data. Those periods are based on the requirements of Data Protection Legislation and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and SIRO business purposes.
What rights do you have
As a data subject, you have the following rights under Data Protection Legislation and we, when acting as data controller in respect of Your Personal Data, will comply with such rights:
- the right of access to Personal Data relating to you;
- the right to correct any mistakes in your Personal Data;
- the right to ask us to stop contacting you with direct marketing;
- rights in relation to automated decision taking;
- the right to restrict or prevent your Personal Data being processed;
- the right to have your Personal Data ported to another data controller;
- the right to erasure; and
- the right to complain to the DPC if you believe we have not handled your Personal Data in accordance with Data Protection Legislation.
These rights are explained in more detail below, but if you have any comments, concerns or complaints about our use of your Personal Data, please contact us (email@example.com). We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex or cumbersome, in which case we will respond within three months (we will inform you within the first month if it will take longer than one month for us to respond). Where a response is required from us within a particular time period pursuant to Data Protection Legislation, we will respond within that time period.
To the extent that you are the data controller in respect of Personal Data which you provide to us to process as data processor, you will be responsible for complying with the above rights in respect of relevant data subjects.
RIGHT OF ACCESS TO PERSONAL DATA RELATING TO YOU
You may ask to see what Personal Data we hold about you and be provided with such of the following information as you may request:
- a summary of such Personal Data and the categories of Personal Data held (see above “Collection of Personal Data”);
- details of the purpose for which it is being or is to be processed (see above “How we use your data”);
- details of the period for which it is held or the criteria we use to determine how long it is held (see above “How long we keep your information”);
- details of your rights, including the rights to rectification, erasure, restriction or objection to the processing (set out in this Section); and
- any information available about the source of that data (see above “Collection of Personal Data”).
Requests for your Personal Data must be made to us at firstname.lastname@example.org. To help us find the information easily, please give us as much information as possible about the type of information you would like to see. If, to comply with your request, we would have to disclose information relating to or identifying another person, we may need to obtain the consent of that person, if possible. If we cannot obtain consent, we may need to withhold that information or edit the data to remove the identity of that person, if possible.
There are certain types of data which we are not obliged to disclose to you, which include Personal Data which records our intentions in relation to any negotiations with you where disclosure would be likely to prejudice those negotiations. We are also entitled to refuse a data access request from you where (i) such request is manifestly unfounded or excessive, in particular because of its repetitive character (in this case, if we decide to provide you with the Personal Data requested, we may charge you a reasonable fee to account for administrative costs of doing so), or (ii) we are entitled to do so pursuant to Data Protection Legislation.
RIGHT TO UPDATE OR CORRECT ANY MISTAKES IN YOUR PERSONAL DATA
You can require us to correct any mistakes in your Personal Data which we hold free of charge. If you would like to do this, please:
- email us (email@example.com);
- let us have enough information to identify you (e.g. name, registration details); and
- let us know the information that is incorrect and what it should be replaced with.
If we are required to update your Personal Data, we will inform recipients to whom that Personal Data have been disclosed (if any), unless this proves impossible or has a disproportionate effort.
It is your responsibility that all of the Personal Data provided to us is accurate and complete. If any information you have given us changes, please let us know as soon as possible (firstname.lastname@example.org).
RIGHT TO ASK US TO STOP CONTACTING YOU WITH DIRECT MARKETING
We have may have a legitimate interest to send you electronic communications/direct marketing in connection with our business and related matters (which may include but shall not be limited to newsletters, announcement of new features etc.). We will obtain consent from you to send you electronic communications where this is required by Data Protection Legislation. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please email or write to us (see ‘contact us). You can also click on the ‘unsubscribe’ button at the bottom of the electronic communication. It may take up to 15 days for this to take place; and
We will provide you with information on action taken on a request to stop direct marketing – this may be in the form of a response email confirming that you have ‘unsubscribed’.
RIGHT TO ERASURE
Please note our data retention periods, as set out above.
In accordance with Data Protection Legislation, you can ask us (please see ‘Contact Us’ below) to erase your Personal Data where:
- you do not believe that we need your Personal Data in order to process it for the purposes set out in this Privacy Notice;
- if you had given us consent to process your Personal Data, you withdraw that consent and we cannot otherwise legally process your Personal Data;
- you object to our processing and we do not have any legal basis for continuing to process your Personal Data;
- your Personal Data has been processed unlawfully or have not been erased when it should have been; or
- the Personal Data have to be erased to comply with law.
We may continue to process your Personal Data in certain circumstances in accordance with Data Protection Legislation (i.e. where we have a legal justification to continue to hold such Personal Data, such as it being within our legitimate business interest). Where you have requested the erasure of your Personal Data, we will inform recipients to whom that Personal Data have been disclosed, unless this proves impossible or involves disproportionate effort. We will also inform you about those recipients if you request it.
RIGHT TO COMPLAIN TO THE DPC
If you do not think that we have processed your Personal Data in accordance with this Privacy Notice, please contact us in the first instance. If you are not satisfied, you can complain to the DPC or exercise any of your other rights pursuant to Data Protection Legislation. Information about how to do this is available on the DPC website at https://www.dataprotection.ie
Withdrawal of consent
If you no longer consent to our processing of Your Personal Data (in respect of any matter referred to in this Privacy Notice as requiring your consent), you may request that we cease such processing by contacting us via the ‘Contact Us’ facility referred to below.
HOW DO WE PROTECT YOUR PERSONAL INFORMATION
We do our utmost to protect user privacy through the appropriate use of security technology. We restrict access to your Personal Data to employees, contractors and agents who need to know such Your Personal Data in order to operate, develop or improve our services that we provide and the Website. We ensure that we have appropriate physical and technological security measures to protect your information; and we ensure that when we outsource any processes that the service provider has appropriate security measures in place. However, the Website may contain hyperlinks to websites owned and operated by third parties. These third party websites have their own privacy policies, including cookies. We do not accept any responsibility or liability for the privacy practices of such third party websites and your use of such websites is at your own risk.
We will implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks that are presented by the processing of your Personal Data. In particular, we will consider the risks presented by accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data transmitted, stored or otherwise processed.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of any data transmitted us and any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. To the extent permitted by law, we are not responsible for any delays, delivery failures, or any other loss or damage resulting from (i) the transfer of data over communications networks and facilities, including the internet, or (ii) any delay or delivery failure on the part of any other service provider not contracted by us, and you acknowledge that the Website may be subject to limitations, delays and other problems inherent in the use of such communications facilities. You will appreciate that we cannot guarantee the absolute prevention of cyber-attacks such as hacking, spyware and viruses. Accordingly, you will not hold us liable for any unauthorized disclosure, loss or destruction of your Personal Data arising from such risks.
Amendments to Privacy Notice
We may change this Privacy Notice from time to time and at our sole discretion. The date of the most recent revisions will appear on this notice. If you do not agree to these changes, please do not continue to submit your Personal Data through the Website. If material changes are made to the Privacy Notice, we will notify you by placing a prominent notice on our Website or by sending you a notification in relation to this. We will not process your Personal Data in a manner not contemplated by this Privacy Notice without your consent.
HOW TO CONTACT US
If you need to contact us with regard to any of your rights as set out in this Privacy Notice, all such requests should be made in writing to The General Counsel, SIRO Limited, 80 The Herbert Building, Carrickmines, Dublin 18 or by email: email@example.com or firstname.lastname@example.org Unsubscribing from electronic communications can be achieved by pressing the ‘unsubscribe’ (or similar button on the electronic communication received.