CAICI Members Area 

PRIVACY NOTICE 

This Privacy Notice sets out how CAICI (referred to as “we”, “us” or “our” in this privacy notice), collect, store and use  information about you when you use our members section on our website) where we  obtain or collect information about you. This Privacy Notice is effective from 30th May  2021. 

Identity of the Data Controller and Contact Details 

We are committed to the highest degree of respect for the privacy of our members. A data controller dictates how and why the data is going to be used by the organisation. Under GDPR, CAICI is the data controller with regard to the Personal Data described in this Privacy Notice For any queries regarding  data protection we can be contacted by sending an email to secawareirl@gmail.com

Our full details are: 

Full name of legal entity: Cyber Awareness Inter. Consortium Ireland

Email address: secawareirl@gmail.com

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your  personal information changes by emailing us at secawareirl@gmail.com

HOW DO WE COLLECT YOUR INFORMATION? 

We collect Your Data in the following basic ways: 

● You provide personal information when you register as a Member  

 WHAT INFORMATION DO WE COLLECT? 

To join our members area we ask for certain Personal Data, for the purpose of registering to become a Member, renewing your  membership, participating in working groups, submitting enquiries and comments, signing up to our mailing list, or  registering for a webinar or our conferences or events. This may include name, title, company/organisation name, postal  address, email address, work, home and mobile phone numbers. 

We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary.  

Registrations is either your consent or our  legitimate interests (namely to grow our organisation). 

By joining CAICI, Members may opt-in to the inclusion of their email contact information in our Member email  communication and Member newsletter lists. Members can manage their email preferences including opting in and out of  working groups, committees and special interest group communications by choosing the unsubscribing option at the bottom  of an email or replying to the email with instructions to unsubscribe from further communications. 

Members may receive periodic email or postal mailings from us with information about us, upcoming events, or issues  related to Cybersecurity including but not limited to news, public policy and emerging best practices and standards. We offer  you the opportunity to select which, if any, of these communications you would like to receive. 

Sensitive Data. We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about  your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union  membership, information about your health and genetic and biometric data. We do not collect any information about criminal  convictions and offences. 

We do not carry out automated decision making or any type of automated profiling. 

We may process your personal data without your knowledge or consent where this is required or permitted by law. 

HOW DO WE USE YOUR DATA? 

We may use your Personal Data to provide you with important information about your CAICI membership. 

Who do you share my personal information with? 

We'll never sell or share  your personal information with anyone. 

HOW LONG WILL YOU KEEP MY PERSONAL INFORMATION FOR? 

We only hold your information while you are part of our members are. If you request to be unenrolled as a member we will delete all information we hold on you.

DATA SECURITY 

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed,  or accessed without authorisation. We also allow access to your personal data only to the CAICI board members.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable  regulator of a breach if we are legally required to. 

Under certain circumstances, by law you have the right to: 

● Request information about whether we hold personal information about you, and, if so, what that information is and  why we are holding/using it.  

● Request access to your personal information (commonly known as a “Data Subject access request”). This enables  you to receive a copy of the personal information we hold about you and to check that we are lawfully processing  it.  

● Request correction of the personal information that we hold about you. This enables you to have any incomplete or  inaccurate information we hold about you corrected.  

● Request erasure of your personal information. This enables you to ask us to delete or remove personal information  where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove  your personal information where you have exercised your right to object to processing (see below).  

● Object to processing of your personal information where we are relying on a legitimate interest (or those of a third  party) and there is something about your particular situation which makes you want to object to processing on this  ground. You also have the right to object where we are processing your personal information for direct marketing  purposes.  

● Object to automated decision-making including profiling, that is not to be subject of any automated decision making by us using your personal information or profiling of you.  

● Request the restriction of processing of your personal information. This enables you to ask us to suspend the  processing of personal information about you, for example if you want us to establish its accuracy or the reason for  processing it.  

● Request transfer of your personal information in an electronic and structured form to you or to another party  (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically  useable format and to be able to transfer your data to another party in an electronically useable format. 

How do you exercise your rights? 

If you have any questions about this policy or about our data protection compliance, please contact us via email at  secawareirl@gmail.com

If you wish to exercise your rights please contact us and we will respond to the request within 30 days. 

Your Right to Lodge a Complaint  

You as the Data Subject have the right to complain at any time to a data protection supervisory authority in relation to any  issues related to our processing of your Personal Data. As our organisation is located in Ireland and we conduct our data  processing here, we are regulated for data protection purposes by the Irish Data Protection Commissioner.  

You can contact the Data Protection Commissioner as follows:  

Website: www.dataprotection.ie  

Phone: +353 57 8684800 or +353 (0)761 104 800  

Email: info@dataprotection.ie  

Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square  Dublin 2. D02 RD28 Ireland