Data Privacy Notice - ROI
The Irish National Teachers’ Organisation (herein INTO) is committed to processing all personal data in accordance with the General Data Protection Regulation (EU) (2016/679) (herein GDPR), Data Protection Acts 1988 to 2018 and any other relevant data protection laws and codes of conduct (herein collectively referred to as ‘the data protection laws’).
WHO WE ARE
The INTO, founded in 1868, is the oldest and largest teachers’ trade union operating in both the Republic of Ireland and Northern Ireland. The INTO is a data controller under the data protection laws.
WHAT IS A DATA PRIVACY NOTICE & WHY IS IT IMPORTANT?
Respecting your data’s privacy is essential to us. Therefore, we have set out in this Data Privacy Notice how the INTO treats members’ and users’ personal data; personal data of connected individuals (such as where a complaint is made against a member); and how third-party organisations linked with the INTO through its website(s), membership database, devices, mobile applications, and newsletters treat this personal data.
Please read this statement carefully to understand the views and practices of the INTO regarding personal data.
When you share personal data with us or when we collect personal data about you, we will use it in line with this Privacy Notice. If you have any questions or concerns about this Privacy Notice, please contact us at firstname.lastname@example.org.
This notice is under regular review. Please check this page for any notice updates.
Should we need to process your data in a new way, we will only do so after conducting a Data Privacy Impact Assessment.
WHAT PERSONAL DATA DO WE COLLECT FROM YOU AND HOW DO WE USE IT?
The collection of personal data and processing special categories of data are a fundamental part of providing the service offered by INTO and we therefore have specific measures and controls in place to ensure that we comply with the conditions outlined in the data protection laws.
The INTO must have a lawful basis to collect and use personal data. The purposes and legal basis for processing personal data collected by the INTO are explained below:
INTO’s legitimate activities and legitimate interests
We use your personal data for our legitimate activities and legitimate interests as outlined below. You have a right to object to this processing at any time:
- To carry out the normal activities of a Trade Union as set out in INTO’s objects at Rule 3 of our Rules and Constitution, and which include provision of advice and assistance for members, to administer a benevolent fund to assist members in accordance with our Rules, and to provide or provide for representation of members in industrials relations and legal processes such as hearings before the WRC, the Labour Courts or courts of law;
- To improve our products and services – to ensure they match your needs;
- To prevent fraud – so nobody may take your virtual personality and to prevent fraudulent activity on our websites;
- To secure our tools – to keep our tools (websites/apps/devices) safe and secure and working properly without security breaches;
- To represent members’ interests where a complaint has been made against them by providing advice and assistance in defending the member’s rights.
Necessary for the performance of a contract
We need to collect and use your personal data in order for you to:
- Become a member of the INTO;
- Pay your membership subscription to INTO e.g. through your fortnightly salary or direct debit;
- Attend training and receive certifications (e.g. INTO Learning Summer Programme).
Required by law
We use your personal data to comply with all relevant laws and regulations including:
- Reporting to Registry of Friendly Societies (ROI) and the Northern Ireland Certification Officer (NI);
- Keeping proper books and records;
- To manage and investigate any complaints;
- To hold a ballot in relation to any proposed industrial action.
We carry out internal reporting, quality checking, compliance controls and audits to help meet our legal obligations.
To protect your vital interests or another individuals
To protect you (or someone else) when there is evidence of danger to your (or someone else’s) health and/or safety.
With your consent
We require your consent for us to collect and use some of your personal data for certain purposes.
You are given the choice to provide consent, or not, when we collect your data. We will explain what we need it for and how you can change your mind in the future.
- Department of Education and Skills:
- With your consent we will furnish your details to the Department of Education and Skills (herein DES) so that your subscription can be deducted from your salary and paid by DES directly to INTO;
- With your consent we will request your school identifier number from the DES in order for us to contact you on issues including important union updates, for the distribution of publications through your staff representative and for national ballots and elections; and
- With your consent liaise with DES to complete your membership with the INTO including requesting confirmation from the DES whether you are paid as a substitute or a temporary/permanent teacher.
- With your consent we will furnish your name, address and bank details to your Bank to arrange monthly payment of your membership subscription by direct debit.
- Direct Marketing:
- We would like to be able to contact you by email and text about INTO member services and offers. We will only send you email and text content where we have your consent.
- Your data will never be passed on to third parties for the purposes of direct marketing.
What personal data do we collect?
Third party individuals:
Where a complaint is made against an INTO member, the complainant may be a pupil, parent or guardian, or colleague. The INTO will receive this data directly from the member concerned. The complaint may also refer to other third-party individuals involved in the matters complained of.
We may hold personal data of third party individuals only as necessary in order to represent our members. Insofar as we require to hold or process any personal data, this is done in accordance with the INTO’s Data Privacy Notice.
At all times the INTO will have regard to the fundamental rights and freedoms and the legitimate interests of the complainant and other individuals, particularly where such personal data relates to a child. The personal data varies on a case by case basis but may include:
- Age; and
The personal data collected from you when you become a member of the INTO includes:
- Payroll number;
- Teaching Council number;
- Date of birth;
- Home address;
- Contact details:
- College attended & Qualification details;
- School details;
- Date of first appointment with DES;
- Out of service details;
- Teaching role;
- Branch details;
- Previous INTO membership details;
We may also collect the following data in appropriate circumstances:
- Your bank account details if you are paying your member subscription by direct debit;
- Contact history – queries, emails;
- Details required for course/conference attendance – trade union training, INTO learning, INTO conferences;
- INTO offices held along with your contact details – national committees, branch and district offices, staff representatives;
- Personal data provided for applications for the Bursary Scheme;
- Personal data provided for grant applications (e.g. Grants available from Solidarity Fund, Benevolent Fund, Political Fund);
- Personal data provided on SubSearch:
- As a principal; or
- As a substitute teacher;
- Personal data provided when you are in the Members’ Area on the website;
- Your Email to send you our regular newsletter;
- Your name, email address, district (if required), branch (if required), school (when required) when you attend INTO training, seminars, etc.
- Online browsing cookies – for further information please read our Cookies Policy;
- Social Media – commenting on INTO social media platforms:
- Name or alias;
- Social media profile;
- Photo or avatar;
- Any other data attached to your social media accounts;
- CCTV footage at or in the environs of INTO Offices – for further information please request our CCTV Policy using the contact details below;
- Details provided by you, in order for you to enter INTO competitions and draws;
- Details provided by you, when you complete INTO surveys.
How we use your personal data
The purposes for processing the personal data the INTO collect, are outlined below:
Third party individuals:
- Representing member’s interests where a complaint has been made;
- Representing members during investigations, before the Teaching Council or at a disciplinary hearing;
- Representing members on employment and contractual issues;
- Representing members as part of parental complaints procedures;
- Representing members in the context of staff relations, bullying/harassment and grievances;
- Representing members who are subject to disciplinary procedures;
- Representing members who are being investigated in the context of child protection allegations;
- Representing members who are complained about to the Teaching Council.
- Administer your membership of INTO;
- With your explicit consent process payments of your membership subscription;
- With your explicit consent request your school identifier from the DES;
- With your explicit consent request confirmation from the DES whether you are paid as a substitute or a temporary/permanent teacher;
- With your explicit consent furnish your name, address and bank account details to your Bank to arrange monthly payment of your membership subscription by direct debit;
- Provide you with ballot paper/papers at your school address in the event of an election or a ballot on issues of importance or on industrial action;
- Correspond with you in relation to membership of INTO, including corresponding with you at your school address and by text and email;
- Answer and manage your enquiries;
- Add your questions, observations or concerns to your profile so we can understand your interests and preferences;
- Provide your details to our solicitors and other legal advisors in the event of any legal action or legal advice which at your request we may support on your behalf;
- With your explicit consent provide you with INTO updates by text and email;
- Send you the InTouch/Printout magazine;
- With your explicit consent send you our newsletter (for further information please read Data Privacy Information: Newsletters) and marketing communications;
- Keep an up to date suppression list if you have asked not to be contacted;
- Carry out statistical analysis of our membership or to instruct a third party to perform this on our behalf;
- Provide your personal details to third party processors and contractors who act on behalf of INTO;
- To consider the make-up of our membership (e.g. age profile, geographical spread), in light of our trade union aims and objectives and to ensure that the interests of our members are being served by INTO;
- All activities that the INTO may undertake on your behalf as a member pursuant to our Rules and Constitution;
- INTO Learning may use your data as follows:
- To determine whether you have successfully completed online tasks related to INTO courses undertaken;
- Use your email or your mobile phone number to contact you with information regarding the course you are undertaking;
- De-personalise your data to use it for educational research purposes to inform INTO Learning how courses can be provided and improved in the future.
- Allow you to apply for access to the Bursary Scheme while securing the process of selection and protecting you against fraud;
- Allow you to apply for access to the Solidarity Fund, Benevolent Fund and Political Fund grants while securing the process of selection and protecting you against fraud;
- SubSearch may use your data to:
- Manage your search for substitutes;
- Manage your availabilities;
- Allow you to manage your preferences;
- Secure our website and protect you against fraud.
- Contact you, where appropriate, in relation to INTO competitions and draws you have entered; and/or
- Contact you, if required, when you complete INTO surveys.
- To make this Site easier to use;
- To support the provision of information and functionality to you;
- To provide us with information about how this Site is used so that we can make sure it is as up to date, relevant and error free as we can;
- To enable the User to save their password for the Members’ Area in their browser
- To allow our websites/apps to function properly;
- To ensure our websites/apps are secure and safe, and to protect you against fraud or misuse of our websites/apps or services, for example through performing troubleshooting;
- To run statistics, that is to:
- avoid visitors being recorded twice;
- know users’ reaction to our advertising campaigns.
- To allow sharing of our content on social media;
- Use the content you have created and/or shared in accordance with the specific terms and conditions accepted by you e.g. to post your review/content;
- To provide you with the service(s) you requested (e.g. information about INTO annual Congress or information on different kinds of leaves);
- To monitor and improve our apps and devices; and/or
- To run analytics and statistics.
None of this information is associated with the user as an individual. Please read our Cookies Policy for further details.
CONSENT AND HOW TO WITHDRAW CONSENT
Where we rely on your consent as a legal basis for processing your personal data, you have the right to withdraw that consent at any time.
An initial opt-out option is available when you join the INTO.
If you wish to withdraw consent given at any other stage (for Direct Marketing please ensure to specify what communication channels you want to be opted out from), contact us as follows:
- By writing to: Data Protection Officer, INTO, 35 Parnell Square, Dublin 1 - D01 ET35
- By emailing: email@example.com
- By telephoning: 01 804 7732
Or use the unsubscribe link at the end of each newsletter email.
AUTOMATED DECISION MAKING INCLUDING PROFILING
Currently we do not employ Automated Decision Making including Profiling.
- One of the security measures we do employ is to filter our email and internet traffic through Firewall systems;
- The security systems do not give us data on individuals who email us and the only automatic decision it makes is whether to block or allow an email to pass into the system. This is in line with industry standards.
- We do not use the data to deny anyone access to our services.
HOW AND WHERE DO WE GET YOUR PERSONAL DATA FROM?
For members we get your personal data directly from you when you complete our membership forms, other INTO forms (e.g. delegates to congress, bursary, grant applications etc), email us, ring our query line, visit our website, interact on our social media accounts or use the INTO app.
We do not record the audio of telephone calls, but may have a log on when you called, call length, to whom you spoke, and what the subject of that call was.
For third party individuals, we get your personal data directly from our member, in the course of our legitimate purposes. Any personal data is treated with the utmost confidentiality and certain safeguards and mechanisms are in place to protect this personal data. The INTO has conducted a Data Protection Impact Assessment in respect of the personal data it processes belonging to third party individuals.
WHO MAY ACCESS YOUR PERSONAL DATA?
As set out above, INTO is committed to respecting the privacy of your personal data, and to processing such data in accordance with the data protection laws. It is important to know we do not sell your personal data.
Your personal data may also be processed on our behalf by our trusted third-party suppliers
We rely on trusted third parties to perform a range of business operations on our behalf. We only provide them with the data they need to perform the service, and we require that they do not use your personal data for any other purpose. We will always use our best efforts to make sure that all third parties we work with will keep your personal data secure. Examples include:
- Third parties that assist and help us in providing digital and e-commerce services such as membership database, web analytics and search engine;
- Third parties required to deliver a product to you e.g. An Post/delivery services;
- Third parties that assist and help us in providing IT services, such as platform providers, hosting services, maintenance and support on our databases as well as on our software and applications;
- Payment service providers e.g. Realex;
The legal basis for this sharing is our legitimate activities and legitimate interests:
- To carry out the normal activities of a trade union as set out in INTO’s objects at Rule 3 of our Rules and Constitution, and which include provision of advice and assistance for members, to administer a benevolent fund to assist members in accordance with our Rules, and to provide or provide for representation of members in industrials relations and legal processes such as hearings before the WRC, the Labour Courts or courts of law;
- Improve our products and services – to ensure they match your needs;
- To prevent fraud – so nobody may take your virtual personality and to prevent fraudulent activity on our websites;
- To secure our tools – to keep our tools (websites/apps/devices) safe and secure and working properly without security breaches.
National elections and election to CEC and National Committees
The INTO will provide the following data to candidates for National elections, CEC District elections and for other national committee elections who are validly nominated under the terms of Rule 44:
- A printout of the members' data (teachers' name and school address) and of staff representatives in the electoral area and an offer of a set of labels for staff representatives in the electoral area at no cost;
- An electronic version of the printout of the members’ data and of staff representatives in the District if requested – names and school addresses only.
At the time of an election in a particular District, the relevant Branch Secretaries may be requested to contact Staff Representatives regarding their willingness to allow their telephone number and/or email address to be passed to the candidates should they be requested.
We may also disclose your personal data to third parties
The INTO may disclose data when legally compelled to do so; in other words, when, in good faith, it is believed that the law requires it or for the protection of the INTO's legal rights.
In other circumstances we may disclose if we have your consent or we are permitted to do so by law.
DO WE TRANSFER YOUR PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA (EEA)?
In general, the personal data that we collect from you is not transferred to, accessed in, nor stored at a destination outside the European Economic Area (EEA). However, in certain cases it may be necessary for us to transfer data to servers located outside of the EEA. The privacy protections in these jurisdictions may not be equivalent to those in Europe. We will only transfer personal data outside of the EEA where permitted to do so by European law and we will take steps to ensure that the personal data continues to enjoy appropriate protections.
HOW LONG DO WE KEEP YOUR PERSONAL DATA?
This will vary dependent on the nature of the data. When we make a decision on what data to retain, and for how long, we analyse several criteria to ensure data are not kept longer than necessary or appropriate. These criteria are to ensure we provide you with the best service as an INTO member and to make sure we meet our statutory obligations. These criteria include:
- The purpose for which we hold your personal data;
- Our legal and regulatory obligations in relation to that personal data; and
- Any specific requests from you in relation to the deletion of your personal data.
When we no longer need to retain your personal data, it will be destroyed to best standards.
IS YOUR DATA SECURE?
INTO takes data privacy seriously. We are committed to keeping your personal data secure and taking all reasonable precautions to do so. We deploy appropriate organisational and technical security measures to keep personal data secure and we contractually require that trusted third parties who handle your personal data for us do the same.
We always do our best to protect your personal data and once we have received your personal data, we use strict procedures and security to try to prevent unauthorised access.
Unfortunately, no data transmission over the Internet can be guaranteed to be 100% secure. As a result, while the INTO strives to protect all Users’ personal data, the INTO cannot ensure or warrant the security of any data transmitted to the INTO via the Internet, Users do so at their own risk. Once the INTO receives Users’ transmissions, we take all practicable steps, in accordance with high standards of security, to ensure its security on the INTO’s system.
WHAT ARE YOUR RIGHTS?
You have the following rights with regards to the personal data we hold on you:
- The right to access the personal data we hold about you;
- The right to access details about how your data are processed;
- The right to have incorrect and incomplete personal data we hold about you updated;
- The right to request that we erase the data we hold about you;
- The right to withdraw consent at any time for personal data processing that is based on consent;
- The right to ask us to stop contacting you with direct marketing;
- The right to restrict the processing of your personal data;
- The right to data portability by receiving your personal data in a structured, commonly used format;
- The right to object to automated decision making/profiling where this is utilised;
- The right to lodge a complaint with a supervisory authority.
To exercise these rights please contact INTO at the contact details outlined below. Please include details to assist us to locate your personal data e.g. your name, school roll number and INTO membership number.
HOW DO YOU EXERCISE YOUR RIGHTS?
If you have any questions or concerns about how we treat and use your personal data, or would like to exercise any of your rights as outlined above, please contact our Data Protection Officer at firstname.lastname@example.org or by writing to us at:
Irish National Teachers’ Organization
Data Protection Officer
35, Parnell Square
Dublin 1 - D01 ET35
INTO will endeavour to address any data related concerns or complaints that you may have, however, if you would like to direct your complaint/concerns to the Data Protection Commissioner (for Republic of Ireland) or Information Commissioner’s Office (for Northern Ireland), the contact details are:
- Data Protection Commisioner – Republic of Ireland
- Canal House – Station Road
R32 AP23 Co Laois
- Canal House – Station Road
- The Information Commisioner's Office – Northern Ireland
14 Cromac Place
Belfast - BT7 2JB
Telephone: 028 9027 8757/0303 123 1114
CHANGES TO OUR PRIVACY NOTICE
We may change this Privacy Notice at any time. Please, note the version number and date legend at the end of this page to see when this Privacy Notice was last revised. Any changes to this Privacy Notice will become effective when we make the revised Privacy Notice available on or through the Site.
Any changes we may make to our Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Notice.
Version 2.0 07.12.18