1. WHAT IS A PRIVACY STATEMENT AND WHY IS IT IMPORTANT
We know your personal information is important to you and it is also important to Anxiety Ireland. This Privacy Statement tells you what we use your personal information for and explains your rights around how we use it. Please read this Privacy Statement to understand how and why we use your personal information. If you give us personal information about someone else, please make sure you have their permission and please make them aware of this Privacy Statement as it also applies to them.
2. WHO CONTROLS YOUR INFORMATION
For the purposes of the applicable data protection legislation, Anxiety Ireland is the data controller. You will find our contact details in the “Contact us” section below
3. INFORMATION WE MAY COLLECT AND PROCESS
We may collect and process the following categories of data:
Information you give us
Therapists/ Therapist Supervisors
- Full name;
- Age Bracket;
- Email address;
- Phone numbers;
- Practice name, address, county, postcode;
- Practice email;
- Calendar availability;
- Session pricing information;
- Profile photo;
- Biographical information;
- Treatment areas and therapeutic approach;
- Unique URL;
- Governing body membership information and membership number;
- Proof of ID.
- Full name;
- Age Bracket;
- Email address.
Information we collect about you
Therapists/ Therapist Supervisors
- Governing body membership information;
- Payment and refund transactions between Therapist and Client or Therapist and Supervisor;
- Payment and refund transactions between Therapist and Client;
We may also process other information, which is not personal data within the meaning of data protection law.
4. WHY WE COLLECT AND PROCESS YOUR INFORMATION
Without collecting and using the information you provide to us or we obtain about you, it would not be possible for us to provide you with our services.
We use information held about you in the following ways:
Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us;
- to remind you of your upcoming session;
- to keep you up-to-date on our service and new features;
Information we collect about you. We will use this information:
- to administer our services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our services to ensure that content is presented in the most effective manner for you and for your computer;
- as part of our efforts to keep our services safe and secure.
We must have lawful bases to collect and use your personal information, the below sets these out:
Needed for your contract. Personal information about you is held and used to:
- carry out our obligations arising from any contracts entered into between you and us;
- provide you with information about the service;
- receive payment;
Required by law: We use your personal information to comply with law and regulations. For example:
- keeping proper books and records;
- audit purposes;
- to comply with any other legal obligations to which we are subject;
Our legitimate interest. We use your personal information for our legitimate interests as shown below. We have taken account of any privacy risks and ensured that your data protection rights are not affected. We believe these uses benefit our customers. You can contact us if you have any questions using the contact details below.
- Managing and improving our services;
- Statistical Analysis: we combine and group personal information for analysis to help us understand our customers and develop better products and services;
- Prevention of fraud;
- Provision of customer care and service;
With your consent
From time to time we would like to contact you to:
- invite you to events we are organising;
- provide you with information on products or services which we feel may interest you;
- gauge satisfaction with the products and/ or services you received from us.
5. WHO WE SHARE YOUR PERSONAL INFORMATION WITH
Governmental, Regulatory, etc.
We may disclose your personal information to a governmental or regulatory body (including tax authorities, law enforcement agencies and financial regulators) in order to comply with a legal obligation or to any person pursuant to an order of a court or tribunal.
Professional Advisors and Experts
We may also disclose your information to our solicitors, auditors, insurance advisors and financial services advisors.
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our products or services.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Anxiety Ireland or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation and agreements; or to protect the rights, property, or safety of Anxiety Ireland, its customers, or others.
6. DATA RETENTION PERIODS
The period for which we retain information varies according to the use of that information. In some cases, there are legal requirements to keep data for a minimum period of time. Unless specific legal requirements dictate otherwise, we will retain information no longer than is necessary for the purposes for which the data were collected and processed.
Unless otherwise required under applicable law, we store your information for as long as we provide services to you and for a period of no less than 7 years after their termination or for as long as is necessary and permissible in accordance with statutory limitation periods.
We are committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use.
As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is also not completely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the internet. We will continue to revise policies and implement additional security features as new technologies become available.
Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to us. Any transmission of data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access.
8. TRANSFERS OF YOUR INFORMATION OUTSIDE OF THE EUROPEAN ECONOMIC AREA
We do not transfer any Personal Data outside of the EEA. However, certain third parties providing services to us may transfer data outside of the EEA for example, for storage or IT support purposes.
Any transfer of personal data outside of the EEA would only be made through transfer mechanisms approved or allowed for under Data Protection Law and we take care to ensure that there is adequate protection, as required by Data Protection Law.
As an individual, under EU law you have the right to request that we:
- provide you with information as to whether we process your data and details relating to our processing, and that we provide you with a copy of your data (‘access right’).
- rectify and/ or update any inaccurate data we might have about your without undue delay (‘right to rectification’).;
- the right to object to processing of data relating to you (‘right to object’).
- under certain circumstances, be restricted from processing your data (‘right to restriction’).
- under certain circumstances, erase your personal data without undue delay (i.e. the “right to erasure”). and
- under certain circumstances, furnish you with the personal data which you provided us with in a structured, commonly used and machine readable format (‘right to data portability’).
Where we process your data solely on the basis of your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of our processing before the withdrawal.
You also have the right to lodge a complaint with the Data Protection Commission at any time.
The exercise of your rights might be subject to certain conditions and we might require further information from you before we can respond to your request.
You may exercise your rights by contacting our Data Protection Champion at the address or e-mail address provided below.
9. CHANGES TO THIS STATEMENT
We reserve the right to change this Statement from time to time in our sole discretion. If we make any changes, we will publish those changes on our website. At the bottom of this document you will find the date on which this Statement was last updated.
10. CONTACT US
Questions, comments, requests and complaints regarding this Statement and the information we hold are welcome and should be addressed to us at firstname.lastname@example.org. We endeavour to deal with all requests promptly and efficiently.
Data Protection Champion: Michael Ledden, email@example.com, 087 063 0948
Last updated: 21st September, 2023