WEBSITE PRIVACY STATEMENT
This is the Website Privacy Statement of Activate Capital Limited (“Activate”, “us” or “We”), which describes how we collect, process and retain Personal Data when you visit our Website, www.activatecapital.ie (the “Website”). Activate acts as a Data Controller in relation to such data. Capitalised terms used in this Statement are defined in the Glossary in Annex I to this statement.
Activate as a Data Controller
Activate will act as a Data Controller in respect of Personal Data provided to us by Website visitors in connection with the operation and administration of the Website. Activate processes Personal Data in connection with our Website as follows:
Purpose of Processing
|Lawful Basis under GDPR|
Processing of personal data for Website purposes such as technical information including the browser type and operating system and information about your visit to our Website, including the pages viewed and download errors and cookies.
Such Processing is necessary for the legitimate interests pursued by Activate including for troubleshooting, data analysis, testing, research, statistical and survey purposes pursuant to Article 6(1)(f) GDPR.
|If you contact us using any Activate email addresses displayed on our Website.||
Such Processing will depend on the nature of the communication from you, which may include consent, Activate’s legitimate interests and/or contractual necessity as appropriate.
Individual Data Subject Rights
- Data Protection Law provides certain rights in favour of data subjects. The rights in question are as follows (the “Data Subject Rights”):
- The right of a data subject to receive detailed information on the Processing (by virtue of the transparency obligations on the Controller);
- The right of access to Personal Data;
- The right to rectify or erase Personal Data (right to be forgotten);
- The right to restrict Processing;
- The right of data portability; and
- The right to object to automated decision making, including profiling, and to Processing based on Activate’s legitimate interests.
- These Data Subject Rights will be exercisable by you subject to limitations as provided for under Data Protection Law. You may make a request to Activate to exercise any of the Data Subject Rights by emailing Activate at email@example.com. Your request will be dealt with in accordance with Data Protection Law.
Data Security and Data Breach
We have technical and organisational measures in place to protect Personal Data from unlawful or unauthorised destruction, loss, change, disclosure, acquisition or access. Personal Data is held securely using a range of security measures including IT measures such as encryption, and restricted access through approvals and passwords. Activate stores all Personal Data on cloud based servers operated by one of the main providers of such services globally and such may be stored outside the EEA but in accordance with Data Protection Law.
Disclosing Personal Data
From time to time, we may disclose Personal Data to third parties such as our subsidiaries, our ultimate holding company and its subsidiaries. We may also allow third parties to access Personal Data which we Process (for example where a law enforcement agency or regulatory authority submits a valid request for access to Personal Data). We may share with or disclose your Personal Data with selected third parties including analytics and search engine providers that assist us in the improvement and optimisation of our Website.
We will keep Personal Data only for as long as the retention of such Personal Data is deemed necessary for the purposes for which that Personal Data is processed.
Data Transfers outside the EEA
From time to time, Activate may transfer Personal Data to countries outside the EEA. It may also be processed by staff operating outside the EEA who work for us. If such transfer occurs, Activate will ensure that such Processing of your Personal Data is in compliance with Data Protection Law and, in particular, that appropriate measures are in place such as entering into Model Contractual Clauses (as published by the European Commission).
- Using the settings of your Internet browser, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. Consult your browser Help menu to learn the correct way to modify your cookies. If you choose to turn off cookies, you may not have access to certain features of our Website. You may at any time delete any cookies set by using the relevant option of your Internet browser or by deleting the cookies on your hard drive.
- We use the following cookies: Google Analytics – 1st Party – 12 months.
- The Website may, from time to time, contain links to and from websites of our partner networks, advertisers, affiliates and third parties. If you follow a link to any of these external websites, please note that these websites have their own privacy policies and that We do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
Further Information/Complaints Procedure
- For further information about this Statement please email Activate at firstname.lastname@example.org. While you may make a complaint in respect of our compliance with Data Protection Law to the Irish Data Protection Commission, we request that you email Activate at email@example.com in the first instance to give us the opportunity to address any concerns that you may have.
Date: May 2018
In this Statement, the terms below have the following meaning:
“Data Controller” means the entity which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
“Data Processor” means the party that Processes Personal Data on behalf of the Data Controller.
“Data Protection Law” means the General Data Protection Regulation (No 2016/679) (“GDPR”) and the Data Protection Act 2018 and any other laws which apply to Activate in relation to the Processing of Personal Data.
“European Economic Area” or “EEA” means Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the UK, Iceland, Liechtenstein, and Norway.
“Personal Data” is any information relating to a living individual which allows the identification of that individual. Personal Data can include:
- a name, an identification number;
- details about an individual’s location; or
- any other information that is specific to that individual.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Process” is interpreted accordingly.