This privacy statement was last updated: 22 February 2018
The Competition and Consumer Protection Commission (‘CCPC’) (‘us’, ‘we’ or ‘our’) is committed to protecting and respecting your privacy.
Please read this Privacy Statement carefully to understand our treatment and use of Data.
For the purposes of the Data Protection Acts 1988 and 2003, and any subsequent amendment (the ‘Acts’), the data controller is the CCPC.
We will use your personal data only for the purposes and in the manner set out below. Below we set out the steps we take to ensure that we process your personal data in compliance with the Acts.
Acceptance of this Privacy Statement
By using this website and by disclosing your Data to us, you consent to the collection, storage, processing, use and disclosure of your Data by us as described in this Privacy Statement. If you do not agree with or are not comfortable with any aspect of this Privacy Statement, your only remedy is to discontinue using our website. We reserve the right to modify this Privacy Statement at any time. By continuing to use our website following such changes being made you will be deemed to have accepted those changes.
In the event you have any concerns about this Privacy Statement, please contact us by email addressed to firstname.lastname@example.org and/or by post to Cormac Keating, Data Protection Officer, Competition and Consumer Protection Commission, Bloom House, Railway Street, Dublin 1, D01 C576.
Information we may collect from you
When you visit or use our website in any way, we may collect and process different types of information about you.
We may collect and process the following Data about you:
- Your personal information such as your name, email address and telephone number (if you have provided this information to us), the time, date and details of your visit to our website, service usage data, device number, source and destination of IP addresses, location based data and the resources you access on our website and information that you may provide by filling in forms on our website.
- Information provided voluntarily by using the subscription form on our website to subscribe to our consumer newsletter. Please note that we use Campaign Monitor to send our consumer newsletters. Campaign Monitor, which is based in the United States of America, is an online email marketing application that enables us to create, send, manage and track the performance of our newsletter. If you subscribe (i.e. consent to receiving such communications) to the newsletter, your email address is automatically added to the subscriber database on Campaign Monitor. Through Campaign Monitor we gather aggregated data (via transparent pixels) about newsletter activity, including percentage open rates and percentage clicks on links. We do this in order to monitor the performance of our newsletter and to ascertain whether the information that we provide in our newsletter is relevant and useful for consumers. If you unsubscribe from our consumer newsletter, your email address will be retained by Campaign Monitor for a maximum period of three months solely in order to ensure you are not contacted again and will be permanently removed from Campaign Monitor’s database after this period.
- Information provided voluntarily by signing up to receive email alerts about CCPC news and the latest information about mergers. Please note that we use an email automation service known as Mailgun to send these email alerts. Mailgun is an online email marketing application that enables us to issue an alert in the form of an email to subscribers (i.e. people who have consented to receiving such communications) when a relevant update is made to our website. Mailgun is based in the United States of America. If you subscribe, your email address is automatically added to the CCPC subscriber database on Mailgun. If you unsubscribe from our news or merger alerts, your email address is deleted from the database immediately.
- Information provided voluntarily by completing the ‘Contact Us‘ form on the Consumers section of our website.
- Information provided voluntarily by completing the ‘Contact Us‘ form on the Business section of our website.
Your Data may be stored and transferred within the European Economic Area (EEA) and there may be instances in which your Data is transferred to, processed and stored in, countries outside the EEA and those countries may not have an adequate level of protection in relation to processing your Data. For example, if you subscribe to our consumer newsletter your email address will held by Campaign Monitor on a server that is located in the United States of America. We have appropriate standard contractual clauses in place with Campaign Monitor to ensure the security of your Data and the safeguarding of your data protection rights. If you subscribe to receive our email alerts, your email address will be held by Mailgun on servers located in the United States of America. If you do not agree with or are not comfortable with your email address being held by Mailgun on servers located in the United States of America, your only remedy is to unsubscribe from our email alerts.
Your Data may also be processed by staff operating outside the EEA who work for one of our suppliers. By submitting your Data, you agree to this transfer, storing and processing. Please be assured, however, that we will take all steps necessary to ensure that your Data is treated securely and in accordance with this Privacy Statement.
We are committed to protecting the security of your Data. We use a variety of security technologies and procedures to help protect your Data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. The transmission of information via the internet is not completely secure. Although we will do our best to protect your Data, we cannot guarantee the security of your Data transmitted to our website. Any transmission of Data is at your own risk. Once we receive your Data, we will use appropriate security measures to seek to prevent unauthorised access. We will continue to revise policies and implement additional security features as new technologies become available.
Use made of your data
We may use your Data that we hold to:
- Send our consumer newsletter (if you have subscribed to receive this newsletter)
- Issue email alerts about CCPC news and the latest information about mergers (if you have signed up to receive these alerts)
- Ensure that content from our website is presented in the most effective, responsive and compatible manner for you and for your computer or device
- Respond to your requests for information and other communication or correspondence you may submit to us
- Improve the services that we provide to you
- Provide you with information or services that you request from us
- Carry out statistical analysis
- Allow you to participate in interactive features of our website, when you choose to do so
- Investigate any improper use of our services or the network
- Carry out activities necessary to the running of the CCPC, including systems testing, network monitoring, staff training and quality control
- Notify you about changes to our website, services or policies
Disclosure of your information
We consider your Data to be private and confidential. We may sometimes disclose your Data to agents or service providers appointed by us who work for us in connection with the provision of our services For example, the CCPC uses a Customer Relationship Management tool licensed to the CCPC by Microsoft to track and record all consumer contacts and certain other public contacts with the CCPC. Any personal information that the CCPC records on its Customer Relationship Management database is stored at a destination within the EEA and we can confirm that all Data is stored on secure restricted access servers.
As far as possible, we will not disclose your Data without consent. However, when we investigate a complaint we may need to share personal information (including personal data) with the other parties concerned. We will consider any request for anonymity in respect of a case, but we cannot guarantee that it will be possible to accede to that request. We will not disclose your Data to third parties except in instances where an individual has consented to the disclosure, or where we are obliged or permitted by law to disclose the Data. Third parties to whom we may disclose information (including personal data) include the bodies set out in section 24(1) of the Competition and Consumer Protection Act 2014 and include An Garda Síochána, the Director of Corporate Enforcement, the Revenue Commissioners, the Central Bank of Ireland and the Commission for Communications Regulation.
We may also access and/or disclose your Data if such action is necessary to: (a) conform with the law or comply with legal process served on us; (b) protect and defend our rights or property including, without limitation, the security and integrity of our network and systems; or (c) act under exigent circumstances to protect the personal safety of users of our services or members of the public. We may also disclose your Data to complete or answer a request or query that you have submitted to the CCPC.
Links to other sites
Our website may, from time to time, contain links to and from other websites and web platforms. In addition, third parties’ websites may also provide links to our website. If you follow a link to any of those websites or web platforms, please note that those websites and web platforms have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.
We do not accept, and we disclaim, any responsibility for the privacy statements and information protection practices of any third party website (whether or not such website is linked on or to our website). These links are provided to you for convenience purposes only, and you access them at your own risk. It is your responsibility to check the third party website’s privacy statements before you submit any personal data to their websites.
Access to information and correction
You have a right to ask us not to process your Data for marketing purposes. We will inform you (before collecting your Data) if we intend to use your Data for such purposes or if we intend to disclose your Data to any third party for such purposes. You can also exercise the right to prevent such processing at any time by contacting us by email addressed to email@example.com and/or by post to Cormac Keating, Data Protection Officer, Competition and Consumer Protection Commission, Bloom House, Railway Street, Dublin 1, D01 C576.
You may request in writing copies of your Data held by us as data controller. We will provide you with a copy of the Data held by us as soon as practicable and in any event not more than forty (40) days after the request in writing is received by us. There may be a charge to access your Data but it will not exceed €6.35. We may also request proof of identification to verify your access request. All access requests should be addressed to firstname.lastname@example.org.
We endeavour to keep your Data accurate, complete and up to date. If your Data that we hold is inaccurate, you can let us know and we will make the necessary amendments, erase or block the relevant Data as you request and notify you within forty (40) days of your request that relevant action has been taken. All requests should be addressed to email@example.com.
We will only hold onto your Data for as long as necessary for the purposes of providing services to you, informing you of services offered by us in the future or as may be required by law.
At any time, you may object to the processing of your Data by us, except when otherwise provided by applicable law, and may block specific uses of your Data by contacting us using the contact details below.
The security and confidentiality of your Data is extremely important to us. As no data transmission over the Internet can be guaranteed as 100% secure, we cannot ensure or warrant the security of any information that you transmit to us and you transfer your Data at your own risk. We endeavour to use and keep under review appropriate technical and organisational measures (including staff training and awareness) in order to protect against unauthorised or unlawful processing of your Data, including unauthorised destruction, alteration or disclosure or access. We shall only hold personal data for as long as is necessary or as required by law.
Changes to our Privacy Statement
We reserve the right to change this Privacy Statement at any time at our sole discretion. If we make changes, we will post these changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our website after we post any such changes, you accept and agree to this Privacy Statement as modified.
Questions, comments and requests regarding this Privacy Statement and the information we hold are welcome and should be addressed to Cormac Keating at firstname.lastname@example.org or alternatively you can write to us at Cormac Keating, Data Protection Officer, Competition and Consumer Protection Commission, Bloom House, Railway Street, Dublin 1, D01 C576.