Corporate Wellness Ireland, GDPR and You
What is this all about?
You’ve probably been bombarded with privacy notices for the last while, so we’ll try to keep this as simple and engaging as possible.
In a nutshell, over the last 15 years the way we use data has dramatically changed and there has been no new legislation since 2003 in response to this. The new General Data Protection Regulation (GDPR) will come into effect on Friday May 25th 2018. This will give you more insight and control in respect to your personal information – hooray!
A little bit about us...
Corporate Wellness Ireland provides wellbeing services and packages to companies and businesses around Ireland. We provide a complete range of services with the aim of creating healthy, happy and productive workforces.
At Corporate Wellness Ireland we welcome the opportunity to be transparent about how we use, store and delete all sensitive information that you share with us. Here’s how we are working behind the scenes to keep your personal data safe and secure.
What data do we collect and how do we use it?
1) Your work contact details such as your name, email and phone numbers
- This is how we connect with you when you enquire about and/or use our services.
- After initial contact or further communication we would like to keep you informed of updates regarding our special offers, new services, upcoming events and general information about us that we feel would be of benefit to you and your colleagues. We send this information via a monthly newsletter. You can “opt out” from receiving these mails at any time. We will not contact you without your permission.
2) Your business address
- This is the location where our services will be offered.
3) The numbers of employees that work at that location
- This helps us to give you informed recommendations ensuring that all employees are benefitting from your chosen services.
4) Your industry
- We tailor all our services to suit the company’s industry.
- Some companies like their employees to fill in a staff survey to get a better idea of what services they need and want. Under no circumstances will any staff information be shared with third parties and all information is regarded as highly confidential.
6) Consultation forms
- It is important for us that we are always working safely; therefore some of our services may require a consented form. This can include medical conditions that we take into consideration to ensure the best possible outcome of the service.
7) Feedback forms
- Your feedback is evidence of what’s working and gives us ideas of how we can improve our services.
8) Cookies & Google Analytics
- To help us understand and improve your website experience.
Who has access to your information?
Corporate Wellness Ireland consists of 8 Co-Founders, all of whom have access to general information such as contact names, emails, phone numbers and general company information.
If we are providing a service for you then we will share your contact and some company details with the therapist, instructor or facilitator who will provide the service.
Surveys may be shared with all Co-Founders. We like to bounce ideas off each other to offer a well thought out and varied service/package.
Feedback forms may be shared with all Co-Founders to continue improving all services.
Consultation forms will only be viewed by the therapist, instructor or facilitator that you work with.
We do not share information about you, your colleagues or your company with anyone else.
All your data is stored in the Republic of Ireland and we do not share your information outside of the EU.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to our customers needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer but this may prevent you from taking full advantage of our website.
How is your data stored and protected?
- Personal laptops
Each Co-Founder has a personal laptop that only he/she has access to. Each laptop is password protected. Passwords are updated once a month. All sensitive files are also password protected and encrypted if deemed essential. In the case of a laptop needing repairs, all sensitive information will be transferred to an USB stick which will be stored in a locked filing cabinet. Each Co-Founder will have access to their own filing cabinet only.
- Personal mobiles
All Co-Founders have access to email on their work mobiles. Passwords are changed once a month on both the phone and email. In the case of a phone needing repairs, all sensitive information will be deleted.
- Filing Cabinet
Each Co-Founder that keeps paper files such as consultation forms, will do so in their locked filing cabinet and only they have a key for this cabinet.
How is your data deleted?
Sensitive information is safely removed from our laptops and email once it is no longer required. Paper files are shredded. You can ask us to remove or destroy your personal information at any time.
Our legal basis is explicit consent. Sounds serious but essentially this means that you have given us permission to process your personal data so that we can contact and continue to communicate with you about our services.
Legally we may be obliged to keep some data such as consultation forms and record sheets for up to 7 years. We like to keep our inbox as uncluttered as possible so as soon as your information is no longer required, we will delete it but certainly within 1 year of communication.
What are your rights?
Under GDPR individuals have the following rights:
- The right of access; you can ask to see the personal data we hold on you at any time. We will provide this information within one month and free of charge. ● The right to rectification; upon viewing your information, if you want us to update or change anything, then it’s absolutely no problem; we like things to be accurate. We are obliged to make these changes within one month.
- The right to erasure; want us to erase your personal date completely? Consider it done.
- The right to restricted processing; so you don’t mind us having your email address but you don’t want to receive marketing from us, that’s fine. Your preferences are noted and implemented.
- The right to data portability; if you decide to use a different service provider then we are obliged to share information pertaining to you and your company with them if you request it.
- The right to object; simply don’t want us to contact you any more under any circumstances? We understand and won’t communicate with you again unless you start the conversation.
- The right not to be subject to automated decision-making including profiling; we would prefer to connect with you personally and make recommendation based on that heartfelt connection.
Who do you contact if you want to get in touch about your personal data?
The easiest thing to do is to get in touch with your contact here at Corporate Wellness Ireland and we can go from there. All 8 Co-Founders are responsible for protecting your data; here are their contact details.
Adrienne Smith – email@example.com or 0858307741
Emma O’Toole – firstname.lastname@example.org or 0871816605
Karen Bowers – email@example.com or 0863691940
Treacy O’Connor – firstname.lastname@example.org or 0851970566
James Parnell – email@example.com or 0838532119
Maureen Simon – firstname.lastname@example.org or 0838105306
Keane Harley – email@example.com or 0872516777
Damien Wade – Damien@corporatewellness.ie or 0860206447
You can also write to us at Corporate Wellness Ireland, 17 Glin Road, Coolock, Dublin 17 or through our main email firstname.lastname@example.org
What if I have a complaint?
If you are not 100% satisfied with the way we are handling your personal data then you can let us know. If we do not respond within 30 days you can get in touch with the Data Protection Office.
To wrap up...