MGMS Training Limited Privacy Policy

General

This Privacy Policy sets out how MGMS Training Limited will store and use information relating to you, and applies to the entire website www.mgmstraining.ie  Our Privacy policy will outline our approach to privacy and security; what information we collect; our use of cookies; how we collect your personal information; how your information is stored; what we do with your information; your rights; links to other websites; change of purpose; data security and record keeping/data retention. Contact details are supplied at the end of this document if you need to contact us regarding our privacy policy. 

Contents

1.     Our Approach to Privacy and Security

2.     What Information We Collect

3.     Our Use of Cookies

4.     How We Collect Your Personal Information

5.     How Your Personal Information is Stored

6.     What We Do with Your Personal Information

7.     Change of Purpose

8.     How we Protect your Personal Information

9.     Your Rights

10.   Time Limit to Respond 

11.  Links to other Websites and Services

12.  Record Keeping/Data Retention

13.  Contact Us

1.     Our Approach to Privacy and Security

MGMS Training Limited is committed to protecting your privacy. Where you provide us with any information by which you can be identified, then we will only use it in accordance with this Privacy Policy.  

While no service is completely secure, we have taken a number of measures to ensure your personal information is safe.

Our website www.mgmstraining.ie includes SSL certificates for encryption, meaning that it encrypts all information you input before you send it to us. With SSL enabled automatically, you as a visitor to our website, can access a constant, secure connection on every page of www.mgmstraining.ie  

SSL provides three important security benefits: (Privacy: Encrypts the connection between the browser and web server and securely transmits information; Data integrity: Prevents unauthorized parties from altering data during transmission (like during a Form Block submission); Authentication: Protects against impersonation by requiring web server proof of identity). Through SSL, you as a visitor can see a lock icon next to our URL in the browser, showing that your information is safe.

In line with the General Data Protection Regulation (GDPR), we also follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access. Two factor authentication is enabled on our website www.mgmstraining.ie and all emails accounts associated with it. All devices used to access MGMS Training Limited email accounts are Apple products and use encryption software. For more information on Apple’s Privacy Policy see here For information on our network providers (Three) privacy policy see here

2.     What Information We Collect:

You control the amount and type of information that you provide to us when contacting us through our form page on our website “Contact us”. The only required personal information when contacting us through this means is a name and email address. Our legal basis for collecting your personal information is based on consent when you complete our “contact us” form; and the necessity of such information to arrange delivery of service/s to you.

The information we collect from you includes:

Information provided to ensure the delivery of service/s (i.e. workshops/presentations/ training) requested. This may include personal information such as your name, school/organisation name and address, contact number, email address, services required and any other relevant information required to deliver a programme of workshops/presentations/training. 

Information collected when you visit our Website. Our website uses some necessary cookies (‘functional and required cookies’) so as to allow visitors to navigate and use key features on our website. See next section for Our Use of Cookies.

3.     Our Use of Cookies

Our website uses some necessary cookies (‘functional and required cookies’) so as to allow visitors to navigate and use key features on our website. These cookies vary depending on the features of the site and can be used to ensure the functioning of customer accounts, shopping cart and checkout, URL redirects. Our website does not enable customer accounts, shopping carts or checkouts.

A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identifies your computer or mobile device; it may contain other information as well. 

In order to comply with GDPR, we only collect necessary and required information to deliver our services. Therefore, analytics cookies and activity log have been disabled on our website, so we do not collect or see visitors IP addresses or other personal data and we do not place analytics cookies on visitors browsers. Our website is configured to disable Analytics and Performance Cookies even when select “Continue” on our Cookie Notice Banner.

You can find more details on the exact cookies that this Squarespace website uses here and Squarespace Privacy Policy here

Necessary Cookies
These cookies are necessary for proper functioning of the website, such as displaying content, logging in, validating your session, responding to your request for services, and other functions. Most web browsers can be set to disable the use of cookies. However, if you disable these cookies, you may not be able to access features on our website correctly or at all. 

Functional Cookies
These cookies enable the website to remember a user’s choices – such as their language, user name, and other personal choices – while using the website. They can also be used to deliver services, such as letting a user make a blog post, listen to audio, or watch videos on the website.

4.     How We Collect Your Personal Information?

Direct interactions: You may give us your identity, contact details and other data by:

1.     Filling in our “contact us” form on our website or

2.     Corresponding with us directly by email, phone or otherwise.

This includes personal data you provide when you: enquire about our services; request information to be sent to you; provide us with feedback on services delivered or contact us directly for any other reason.

Third Party Data Processing

In line with GDPR guidelines, we have documented below third parties associated with our website.  

GSuite *Google Analytics not activated

Used to run email account for https://www.mgmstraining.ie/  

Data Processing Amendment (DPA) See here 

Accepted on Feb 18, 2018

Squarespace

Used to host website https://www.mgmstraining.ie/

Data Processing Amendment (DPA) See here

Squarespace DPA forms part of, and is subject to the provisions of, the Squarespace Terms of Service

5.     How Is Your Personal Data Stored?

The information you supply to us is stored in two ways:

1.     All email correspondence in stored on our emails server (Gmail). Two factor authentication is enabled on all email accounts associated with MGMS Training Limited and encryption software is used on all devices which access MGMS Training Limited email accounts.

2.     In hard copy (diary). The information stored in hard copy includes: contact name and address, contact phone number and email, location of service delivery, services required and invoice number.

There is no option to register an account on our website and we do not store mailing lists.

6.     What Do We Do with Your Personal Information?

The primary reason we store your personal information is to ensure the effective delivery of a service/s for your school/organization/company etc.

On occasion, feedback may be used to improve and advance our services or included on our websites “testimonials page”. Full consent will be sought for any information supplied, in advance of including this on our website.

The information you supply to us is not sold, traded or transferred to outside parties, unless there is a legal requirement to do so (i.e. Children First Act 2015). The term “outside parties” does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. See ‘Third Party Data Processing’ section above.

7.     Change of Purpose

We will only use your personal data for the purposes for which we collected it (e.g. to respond to a query; organize delivery of services; receive feedback). If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so and/or requirement to do so by Law (i.e. Children First Act 2015).

8.     How We Protect your Personal information

While no service is completely secure, we have taken a number of measures to ensure your personal information is safe. We maintain administrative, technical and physical safeguards that are intended to appropriately protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse and any other unlawful form of processing of, the personal information in our possession. We employ security measures such as using firewalls to protect against intruders, our website employs SSL certificates for encryption, two factor authentication is enabled on our website and all emails accounts associated with it. All devices used to access MGMS Training Limited email accounts are Apple products and use encryption software.

Access to personal information supplied to us is limited to the directors of MGMS Training Limited.

We will only use your personal information for the purposes set out previously and are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9.     Your Rights

When using our website and submitting personal data to us, you may have certain rights under the General Data Protection Regulation (GDPR) and other laws.

Depending on the legal basis for processing your personal data, you may have some or all of the following rights:

The right to be informed
You have the right to be informed about the personal data we collect from you, and how we process it. 

The right of access
You have the right to get confirmation that your personal data is being processed and have the ability to access your personal data.

The right to rectification
You have the right to have your personal data corrected if it is inaccurate or incomplete.

The right to erasure (right to be forgotten)
You have the right to request the removal or deletion of your personal data if there is no compelling reason for us to continue processing it. * See Note under Data Retention regarding right to refuse erasure

The right to restrict processing
You have a right to ‘block’ or restrict the processing of your personal data. When your personal data is restricted, we are permitted to store your data, but not to process it further.

The right to data portability
You have the right to request and get your personal data that you provided to us and use it for your own purposes. We will provide your data to you within 30 days of your request. To request your personal data, please contact us using the information at the top of this privacy policy.

The right to object
You have the right to object to us processing your personal data for the following reasons:

1. Processing was based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
2. Direct marketing (including profiling); and
3. Processing for purposes of scientific/historical research and statistics.
4. Rights in relation to automated decision-making and profiling.

Automated individual decision-making and profiling
You will have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Filing a complaint with authorities
You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the General Data Protection Regulation. If the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.

For details about your rights under GDPR, click here

10.  Time Limit to Respond

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

11.  Links to other Websites and Services

Our website contains links to third party websites under our “resources” and “news” pages.  

Links to external sites are provided as a convenience and for informational purposes only; they do not constitute an endorsement or an approval by MGMS Training Limited of any of the products, services or opinions of the corporation/organisation/individual. MGMS Training Limited bears no responsibility for the accuracy, legality or content of the external site or for that of subsequent links. We have no control over how third party websites and services process your personal information. We are not responsible for such third party websites and services or their privacy practices. Please read the privacy statements of any third party websites or services that you access from our website.

12.  Record Keeping/Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes of our service agreement, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made with respect to an agreement or other matter and other relevant criteria. 

As a condition of our insurance policy, records on services delivered shall be kept for 7 years following the last occasion in which a service was delivered. In the case of minors, records shall be kept for at least 7 years after they reach the age of majority (18).

Note: There are provisions under GDPR, where we have the right to hold client records to comply with our insurance Terms and Conditions, even in cases where you request for them to be deleted under your Right of Erasure. 

In line with above, once it is no longer deemed necessary to store your personal information, it will be destroyed by shredding any had copy data and deleting any personal information stored on email.

13.   Contact Us

If you have any questions about our privacy policy please contact us

Dr. Maureen Griffin

MGMS Training Limited

Drim,

Doora,

Ennis,

Co. Clare

Tel: +353 87 2046598

Email: Maureen@mgmstraining.ie