Data Privacy matters

Last Updated on 23/05/2015

This is your guide to how personal data is managed by ResourceKraft. Please read it carefully.

Data privacy is taken very seriously at ResourceKraft. It is important that you know exactly what we do with the personal information you and others provide to us, why we gather it and what it means to you. This document outlines our approach to Data Privacy to fulfil our obligations under the General Data Protection Regulation (2018). We also welcome it as an opportunity to reassure you of the importance we place on keeping your personal data secure, and of the strict guidelines we apply to its use. We want you to be clear on:

  1. Who we are
  2. The information we collect about you
  3. When and how we collect information about you
  4. How we use your information
  5. Who we share your information with
  6. How long we hold your information
  7. Implications of not providing information
  8. The legal basis for using your information
  9. Processing your information outside the EEA
  10. How to exercise your information rights (including the right to object)
  11. How to contact us and/or our Data Protection Officer
  12. Changes to this notice

*This notice applies to all our products and services. If you have any questions about how your information is gathered, stored, shared or used, please contact us at gdpr@resourcekraft.com. 

1. WHO ARE WE?

We are ResourceKraft Ltd. Our address is 4th Floor Ivernia Hall, 97 Henry Street, Limerick. You can contact us by post at the above address, by email at gdpr@resourcekraft.com or by telephone on +353 (0)1905 2999.

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.

2. THE INFORMATION WE COLLECT ABOUT YOU 

There are a number of reasons for gathering information about you. For instance, we need to know how to get in touch with you, and we need to understand your business needs, so we can offer you products and services and give you the best possible customer experience. The information we collect falls into various categories.

Identity & contact information:  

  • Name, job title, contact details, email address, work and personal phone numbers

Information which you have consented to us using 

  • Your agreement to allow us to contact you through certain channels to offer you relevant products and services. 
  • Information from online activities including web contact forms and website downloads.
  • Information from face to face interactions at events and trade shows.
  • We collect information about your internet activity using technology known as cookies, which can often be controlled through internet browsers. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy, which is available on our website. 
  • We collect information about your internet browser settings or otherwise Internet Protocol (IP) and other relevant information to help us identify your geographic location when providing you with our services. 

Other personal information 

  • CCTV images at our office (but only for security reasons and to help prevent crime).  
  • Information in relation to data access, correction, restriction, deletion, porting requests and complaints.

3. WHEN AND HOW WE COLLECT INFORMATION ABOUT YOU 

As you use our services, make enquiries and engage with us, information is gathered about you. We may also collect information about you from other parties, for example, from sources where you have chosen to make your information publicly available, such as social media sites. 

When we collect information about you: 

  • When you ask us to provide you with certain products, services, information such as datasheets and brochures.
  • When you use our website and online services provided by us and visit our office. 
  • When you or others give us information verbally or in writing. This information may be on website forms, at events or trade shows in records of your communications with us or if you make a complaint. 
  • When you use our products or services, including logging into the Advisor Energy Analytics site.
  • From information publicly available about you – for example in trade directories, online forums, websites, Twitter, Linkedin or other social media. When you make information about yourself publicly available on your social media accounts or where you choose to make information available to us through your social media account, and where it is appropriate for us to use it, this information can help enable us to do things like, contact you through the social media services. For a description on how social media services and other third-party platforms, plug-ins, integrations or applications use your information, please refer to their respective privacy policies and terms of use, which may permit you to modify your privacy settings. 
  • From your online activities with third parties where you have given us your consent (for example, by consenting to our use of certain cookies or other location tracking technologies). 

4. HOW WE USE YOUR INFORMATION 

Whether we’re using it to help in the execution of a product or service contract or to improve your experiences with us, your information is always handled with care and the principles outlined in this Data Privacy Notice are always applied. 

We use your information: 

To provide our products and services to you and perform our contract with you, we use your information to: 

  • Manage and administer your account, or other products and services that we or our partners may provide you with. 
  • Process your enquiries or support tickets.
  • Contact you by post, phone, text message, email, social media, or other means, but not in a way contrary to your instructions to us or contrary to law. 
  • Recover debts you may owe us. 
  • Manage and respond to a complaint. 

To manage our business for our legitimate interests 

To manage our business, we may use your information to: 

  • Provide service information, to improve our service quality and for training purposes. We may gather information about your interactions with us – for example, when you last logged into our Advisor system. 
  • Conduct marketing activities. For example, running competitions and promotions (provided that you have not objected to us using your details in this way), and research, including customer surveys, analytics and related activities. 

To run our business on a day to day basis including to: 

  • Protect our business, reputation, resources and equipment, manage network and information security (for example, developing, testing and auditing our websites and other systems, dealing with accidental events or unlawful or malicious actions that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data, and the security of the related services) and prevent and detect fraud, dishonesty and other crimes (for example, to prevent someone trying to steal your identity), including using CCTV at our premises. 
  • Enable our employees to share or access your information for internal administrative purposes, payment, statistical or research purposes and for the purposes set out in this Data Privacy Notice (but not for the purposes of direct marketing where you have objected to this). 

Where you have given us permission (which you may withdraw at any time) 

Where you have given us permission (which you can withdraw at any time) we may: 

  • Send electronic messages to you about product and service offers 
  • Use cookies in accordance with our Cookie Policy. 
  • Use information you have made public and combine with this with the activities outlined above. 

When we ask for your consent, we will provide you with more information on how we will use your data in reliance on that consent.

5. WHO WE SHARE YOUR INFORMATION WITH

Except as set out in this Policy, we do not disclose to any third party personal information that you provide to us unless we have your permission, or we believe the law permits or requires it.

If you provide personal information to us, you understand and agree that we may disclose your personal information to third parties expressly mentioned in this Policy and the following third parties:

  • to a third party if we are under a duty to disclose or share your personal data with that third party in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements, or to protect the rights, property, or safety of ResourceKraft Limited, our customers, or others. This includes exchanging information with third parties for the purposes of fraud protection and credit risk reduction.

We will notify you when information about you may be provided to third parties in ways other than explained above, and you will have the option to prevent such information sharing at the time that we notify you.

We do not disclose personal information about you to third parties (including advertisers or marketing companies), but we may provide them with aggregate anonymised information about our customers or website users. For example, we may inform them that 500 men aged under 30 have visited our website, or we might inform third parties regarding the number of unique users who visit a particular page on the website, the demographic breakdown of our registered users of the Website or the activities that visitors to the Website engage in while on the Website. 

We may provide your personal data to third parties for purposes that you agree to elsewhere in this Privacy Policy where those third parties based outside of Ireland or outside the European Economic Area (which may not provide the same protection for such information as offered in Ireland), and you consent to a transfer of your personal information to third parties identified in this Privacy Policy for purposes identified in this Privacy Policy.

6.HOW LONG WE HOLD YOUR INFORMATION

The length of time we hold your data depends on a number of factors including:

  • The regulatory rules contained in laws and regulations 
  • The type of product we have provided to you. For example, some of the hardware purchased via ResourceKraft has a set warranty period so we may keep data relating to these products for a longer period compared to other products or services
  • Whether you and we are in a legal or some other type of dispute with another person or each other.
  • The type of data we hold about you.
  • Whether you or a regulatory authority asks us to keep it for a valid reason.

 As a general rule, we keep your information for a specified period after the date on which you cease to be a customer or in the case where you are not a customer, after the last contact. In most cases this period is five (5) years.

7. IMPLICATIONS OF NOT PROVIDING INFORMATION 

Sharing information with us is in both your interest and ours. 

We need your information in order to: 

  • Provide our products and services to you and fulfil our contract with you. 
  • Manage our business for our legitimate interests. 
  • Comply with our legal obligations. 

Of course, you can choose not to share information, but doing so may limit the services we are able to provide to you. 

  • We may not be able to provide you with certain products and services that you request. 
  • We may not be able to continue to provide you with or renew existing products and services. 
  • We may not be able to assess your suitability for a product or service, or, where relevant, give you a recommendation to provide you with a product or service. 

8. THE LEGAL BASIS FOR USING YOUR INFORMATION

We will use your data and share that data where:

  • Its use is necessary in relation to a service or a contract that you have entered into or because you have asked for something to be done so you can enter into a contract with us.
  • Its use is in accordance with our legitimate interests outlined in this notice.
  • Its use is necessary because of a legal obligation that applies to us (except an obligation
  • imposed by a contract). 
  • You have consented or explicitly consented to the using of your data in a specific way.

9. PROCESSING YOUR INFORMATION OUTSIDE THE EEA

Your information is stored on secure systems ResourceKraft and with providers of secure information storage.

We may transfer or allow the transfer of information about you and your products and services with us to our service providers and other organisations outside the European Economic Area (EEA), but only if they agree to act solely on our instructions and protect your information to the same standard that applies in the EEA. 

For example, we may process payments using third parties (including other financial institutions such as banks and the worldwide payments system operated by the SWIFT organisation) if, for example, you make a CHAPS payment or a foreign payment. Those external organisations may process and store your personal information abroad and may disclose it to foreign authorities to help them in their fight against crime and terrorism.

Using companies to process your information outside the EEA.

Some of our service providers, for example IT, CRM, mailing software, and providers of administration services, are based outside of the EEA. Where we authorise the processing/ transfer of your personal information outside of the EEA, we require your personal information to be protected to at least Irish standards and include the following data protection transfer mechanisms:

  • Adherence to the EU/US Privacy Shield. You can find more information on the EU/US Privacy Shield at www.privacyshield.gov including a list of all organisations that have signed up to the EU/US Privacy Shield framework. Please contact us for further details on any transfers of personal information by the Bank to entities in the US.

10. HOW TO EXERCISE YOUR INFORMATION RIGHTS (INCLUDING THE RIGHT TO OBJECT)

Providing and holding personal information comes with significant rights on your part and

significant obligations on ours. You have several rights in relation to how we use your information. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise:

You have the right to:

  • Find out if we use your information, to access your information and to receive copies of the information we have about you.
  • Request that inaccurate information is corrected, and incomplete information updated.
  • Object to particular uses of your personal data where the legal basis for our use of your data is our legitimate business. However, doing so may have an impact on the services and products we can / are willing to provide.
  • Object to use of your personal data for direct marketing purposes. If you object to this use, we will stop using your data for direct marketing purposes.
  • Have your data deleted or its use restricted – you have a right to this under certain circumstances. For example, where you withdraw consent you gave us previously and there is no other legal basis for us to retain it, or where you object to our use of your personal information for particular legitimate business interests.
  • Obtain a transferable copy of certain data to which can be transferred to another provider, known as “the right to data portability”.
  • This right applies where personal information is being processed based on consent or for performance of a contract and the processing is carried out by automated means. You are not able to obtain through the data portability right all of the personal information that you can obtain through the right of access. The right also permits the transfer of data directly to another provider where technically feasible. Therefore, depending on the technology involved, we may not be able to receive personal data transferred to us and we will not be responsible for the accuracy of same.
  • Withdraw consent at any time, where any processing is based on consent. If you withdraw your consent, it will not affect the lawfulness of processing based on your consent before its withdrawal 

We are obliged to respond without undue delay. In most instances, we will respond within one calendar month. If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests), we may extend this period by a further two calendar months. Should this be necessary, we will explain the reasons why. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise.

You have the right to complain to the Data Protection Commission or another supervisory authority.

You can contact the Office of the Data Protection Commissioner at: https://www.dataprotection.ie/docs/Contact-us/b/11.html

Telephone: +353 (0)761 104 800 or Lo Call Number 1890 252 231

Fax: +353 57 868 4757

E-mail: info@dataprotection.ie

Postal Address: Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23, Co. Laois.

11. HOW TO CONTACT US AND/OR OUR DATA PROTECTION OFFICER

If you have any questions about how your personal data is gathered, stored, shared or used, or if you

wish to exercise any of your data rights, you can contact us by:

E-mail: gdpr@resourcekraft.com

Telephone: +353 (0)1905 2999

Postal Address:4th Floor Ivernia Hall, 97 Henry Street, Limerick 

We are not required to have a data protection officer, so any enquiries about our use of your personal data should be addressed to the contact details above.

12. CHANGES TO THIS NOTICE

We will update this Data Privacy Notice from time to time. Any changes will be made available on this page and, where appropriate, notified to you by SMS, e-mail or when you log onto our websites.