CMG is committed to ensuring that your privacy is protected. This statement (together with our General Terms and Conditions) sets out the basis on which any personal data we collect from and about you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. This statement is being provided to you in line with our obligations from 25 May 2018 under the General Data Protection Regulation (GDPR).
If you would like to contact us with any queries or comments in relation to your personal data, please:
Send an e-mail to: firstname.lastname@example.org
Write to us at: CMG, Regus House, Harcourt Road, Dublin D02 HW77, Ireland
Call us: +353 1 4174242
Data we collect and process
We will collect and process the following data about you:
Information you give us
This is information about you that you give us by corresponding with us by phone, email or otherwise. It includes the information you supply us with when you engage us to provide services. The information you give us may include, but is not limited to, your name, work or in some cases, home address, employer’s name, job title, work department or location, email addresses, phone numbers, financial information or identification documents. In addition to enable us to provide some services, we may ask you for details relating to your residence, other occupants, vehicles that you use, leisure or social activities, your online activity. We will retain training records for courses you attend that we provide, the results of assessments undertaken as part of training courses, as well as certificate numbers for certifications issued by us.
You are not obliged to provide us with your personal information. However, if you do not, we might not be able to carry out the services you have requested of us.
Information we collect about you
In order to provide certain services we might also obtain personal data about you from open sources such as public registers, websites, social media platforms, government and regulatory authorities, etc.
Why we process your data
We process your data in order to comply with legal obligations to which we are subject, to perform the services you have requested of us or to take steps at your request prior to undertaking to provide services for you. We do this because you have consented to our processing of your data or for the purposes of our legitimate interests, such as to inform you of changes to our services, or to provide you with information about other services we offer.
How we use your data
We gather and use your information to:
- Allow us to provide you with the services you request from us
- Comply with legal obligations we might be subject to (such as being audited by regulatory or government bodies)
- Provide you with information about other services we offer that are similar to those you have already requested of us or enquired about
- To notify you of changes to our services
- To monitor and improve the quality of our services
- To allow you to participate in events organised by us
Who we share your data with
We may share your information with agents, contractors or advisors to CMG in connection with services that these individuals or entities perform for or with CMG. These include but are not limited to providers of accountant, financial and legal advisors, or external quality auditors. We may disclose or share your data in order to comply with any legal obligation or in order to enforce or apply our General Terms and Conditions.
Unless absolutely necessary in order to provide a service, or comply with a legal requirement your data will be anonymised if we share it.
Our agents, contractors or advisors are restricted from using your data in any way other than to provide services to CMG, or services for the collaboration in which they and CMG are engaged. CMG requires that all such agents, contractors or partners enter into contractual guarantees to observe security and privacy obligations as least as stringent as those set forth in this privacy statement.
We take our data security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We operate a certified ISO 9001:2015 quality management system. Data and information security is a core constituent of our quality management system and we review our data security measures and procedures regularly.
Unfortunately, the transmission of information by means of the internet, including through e-mail, is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or from us by means of email and any such transmission is at your own risk.
It is our aim to only hold your data for as long as this is necessary. Unless otherwise required under applicable law, we store your data for as long as we provide services to you and for a period of no less than six years beginning on the date we archive your file.
We may contact you by mail, email and telephone about our services and other events involving or relating to CMG which may be of interest to you. You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, please send us an email to email@example.com with a header that says “Unsubscribe”.
Where we store your information
We might store your information in different places. We do not store any personal data in hard copy format. Where the services we provide to you require us to complete hard copy forms or documents in order to initially obtain personal data, these forms or documents are shredded beyond recovery once the personal data is transferred to an electronic format. Electronic files are stored on our secure servers in the cloud. We will not transfer your data to, and store it at, destinations outside of the European Economic Area. You may contact us via e-mail, letter or telephone in case you wish to find out more.
You have the right to request that we:
- Inform you whether we process your data, provide you with details relating to our processing, and with a copy of your data
- Rectify any inaccurate data we might have about you without undue delay
- Complete any incomplete information about you
- Erase your personal data without undue delay
- Are restricted from processing your data
- Furnish you with the personal data which you provided to us in a structured, commonly used and machine readable form
Where we process your data solely on the basis of your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of our processing before the withdrawal.
You also have the right to lodge a complaint with the Data Protection Commissioner at any time.
The exercise of your rights might be subject to certain conditions prescribed by law and we might require further information from you before we can respond to your request.
You may exercise your rights by contacting us at the addresses or e-mail address provided above.
Changes to statement
We may update this privacy statement from time to time and will publish such updated version on our website, as appropriate.