WEBSITE PRIVACY STATEMENT
This is the Website Privacy Statement of Activate Capital Limited (“Activate”, “us” or “We”), which describes how we collect, process and retain Personal Data when you visit our Website, www.activatecapital.ie (the “Website”). Activate acts as a Data Controller in relation to such data. Capitalised terms used in this Statement are defined in the Glossary in Annex I to this statement.
Activate as a Data Controller
Activate will act as a Data Controller in respect of Personal Data provided to us by Website visitors in connection with the operation and administration of the Website. Activate processes Personal Data in connection with our Website as follows:
|Purpose of Processing||Lawful Basis under GDPR|
|Processing of personal data for Website purposes such as technical information including the browser type and operating system and information about your visit to our Website, including the pages viewed and download errors and cookies.||Such Processing is necessary for the legitimate interests pursued by Activate including for troubleshooting, data analysis, testing, research, statistical and survey purposes pursuant to Article 6(1)(f) GDPR.|
|If you contact us using any Activate email addresses displayed on our Website.||Such Processing will depend on the nature of the communication from you, which may include consent, Activate’s legitimate interests and/or contractual necessity as appropriate.|
Individual Data Subject Rights
Data Security and Data Breach
We have technical and organisational measures in place to protect Personal Data from unlawful or unauthorised destruction, loss, change, disclosure, acquisition or access. Personal Data is held securely using a range of security measures including IT measures such as encryption, and restricted access through approvals and passwords. Activate stores all Personal Data on cloud based servers operated by one of the main providers of such services globally and such may be stored outside the EEA but in accordance with Data Protection Law.
Disclosing Personal Data
From time to time, we may disclose Personal Data to third parties such as our subsidiaries, our ultimate holding company and its subsidiaries. We may also allow third parties to access Personal Data which we Process (for example where a law enforcement agency or regulatory authority submits a valid request for access to Personal Data). We may share with or disclose your Personal Data with selected third parties including analytics and search engine providers that assist us in the improvement and optimisation of our Website.
We will keep Personal Data only for as long as the retention of such Personal Data is deemed necessary for the purposes for which that Personal Data is processed.
Data Transfers outside the EEA
From time to time, Activate may transfer Personal Data to countries outside the EEA. It may also be processed by staff operating outside the EEA who work for us. If such transfer occurs, Activate will ensure that such Processing of your Personal Data is in compliance with Data Protection Law and, in particular, that appropriate measures are in place such as entering into Model Contractual Clauses (as published by the European Commission).
Further Information/Complaints Procedure
Date: May 2018
In this Statement, the terms below have the following meaning:
“Data Controller” means the entity which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
“Data Processor” means the party that Processes Personal Data on behalf of the Data Controller.
“Data Protection Law” means the General Data Protection Regulation (No 2016/679) (“GDPR”) and the Data Protection Act 2018 and any other laws which apply to Activate in relation to the Processing of Personal Data.
“European Economic Area” or “EEA” means Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the UK, Iceland, Liechtenstein, and Norway.
“Personal Data” is any information relating to a living individual which allows the identification of that individual. Personal Data can include:
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Process” is interpreted accordingly.