Data Protection and Privacy
The Green Party has been advocating for improved data protection rights for many years and the European Greens played a significant role in negotiating the GDPR. This statement explains how we handle and use your personal data and your rights in relation to that data.
Data Protection Statement
The Green Party has been advocating for improved data protection rights for many years and the European Greens played a significant role in negotiating the General Data Protection Regulation (GDPR). This statement explains how we handle and use your personal data and your rights in relation to that data. Under the GDPR of May 2018 and Irish Data Protection Acts, 1988-2018, The Green Party is the data controller of this data.
The Green Party (“The Party”, “we”, “our” or “us”) is committed to protecting and respecting your privacy.
This Privacy Statement explains why and how we will use the personal information that we have obtained directly from you or through others, with whom we share it and the rights you have in connection with same. Please read the following carefully.
This statement describes the way we handle and use the personal information that we obtain from all the different interactions you may have with us as a political party, including when you engage with our local branches, social media pages, website currently located at www.greenparty.ie or when you contact us in any way.
Under the GDPR of May 2018 and Irish Data Protection Acts, 1988-2018, The Green Party is the data controller in relation to the processing activities described below. This means that the Party decides why and how your personal information is processed. Please see the section 10 of this statement for our contact information.
Personal Information We Collect About You
As a registered political party in Ireland, the Green Party collects personal data in order to achieve its social, environmental and economic objectives. We collect data from members, subscribers, supporters, donors, volunteers, staff, and constituents. This data is generated and received from forms, email communications, letters, telephone conversations, social media and other platforms.
Further to the above, The Green Party is permitted, throughout the course of our legitimate activities, to handle and process sensitive categories of information such as the political opinions of our members, former members and other individuals who engage with the Party on a regular basis.
We only collect personal information which we need and that is relevant for the purposes for which we intend to use it.
Examples of information that we collect about you – At local branch, online, by phone, social media, and email:
- Your name, title and contact details (email address, telephone number, postal address);
- Your interests and proficiencies
- Any information you include in correspondence you send to us or in forms you submit to us or when using our Site or social media pages;
- Your communication preferences;
- Your identification information when exercising the rights that you have in relation to our processing of your personal information (see further ‘Your rights in relation to your personal information’);
- Details of any transactions between you and us;
- Your payment card details and, in relation to certain refunds, your bank account details;
When you visit our Site we may also collect the following information:
- The date and time you used our Site;
- The pages you visited on our Site and how long you visited us for;
- The website address from which you accessed our website;
- If we have asked for it, details regarding when and how you consented to receive marketing communications from us (including the time and date you provided your consent);
Data obtained from Third Parties:
From time to time, the Party may purchase copies of the local election and general election Marked Register of Electors from respective local authorities and the Bills Office. The data contained therein may include your name, postal address, Eircode and indication as to whether or not you may have voted during the election in question. It should be noted that the aforementioned registers do not indicate or provide further details regarding your individual vote, merely whether or not you did, in fact, vote during the given election. This information may be processed by the Party in order to support our legitimate political interests for the purpose of canvassing during future local or national elections.
Use Of Your Personal Information
We use your personal information for a variety of reasons. We rely on different legal grounds to process your personal information, depending on the purposes of our use and the risks to your data.
We use your personal information in the following ways:
Where You Have Provided Consent
We may use and process your personal information for the following purposes where you have consented for us to do so:
- To contact you via email, online or by post (as you have indicated) with marketing information.
- To analyse, evaluate and improve our services so that your visit and use of our Site and social media pages are more useful and enjoyable (we will generally use data amalgamated from many people so that it does not identify you personally);
- To record certain webinars and events that you may attend, in order to further disseminate or make available the content of same.
- To include your image within publications on our website or elsewhere.
You may withdraw your consent for us to use your information in any of these ways at any time. However, withdrawal of consent will only affect the continued processing of your data and is not retrospective.
Please see the ‘Your Rights in Relation To Your Personal Information’ section below for further details.
Where Necessary to Comply with Our Legal Obligations
We will use your personal information to comply with our legal obligations:
- To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- To take any actions in relation to health and safety incidents required by law.
- To record details of donors to the Party in accordance with the Standards in Public Office (SIPO)
Where Necessary for Us to Pursue a Legitimate Interest
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a Political Party for the following purposes:
- Processing necessary for us to promote the party and measure the reach and effectiveness of our campaigns;
- To tailor and personalise our marketing communications based on your attributes;
- To fulfil and complete your Membership transactions entered into with us;
- To send you information pertaining to your membership after you have subscribed, made a purchasing enquiry or requested information of interest.
- To respond to correspondence you send to us and fulfil the requests you make to us;
- To undertake analysis and research (including contacting you with surveys) so that we can better understand our Membership/Supporter base;
- Processing necessary for us to operate the administrative and technical aspects of the Party efficiently and effectively;
- To administer our Site, and our social media pages and for internal operations, including troubleshooting, testing, statistical purposes;
- For the prevention of fraud and other criminal activities;
- To verify the accuracy of data that we hold about you and create a better understanding of you as a member/supporter or visitor;
- For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- For efficiency, accuracy or other improvements of our databases and systems, for example, by combining systems or consolidating records we hold about you;
- To enforce or protect our contractual or other legal rights or to bring or defend legal proceedings;
- To inform you of updates to our terms and conditions and policies;
- For other general administration including managing your queries, or complaints.
Where Necessary for Us to Fulfil a Contract
We will use your personal information where this is necessary for us to perform our contract with you or to carry out any pre-contract steps you’ve asked us to so that you can enter into that contract, for the following purposes:
- To process your payment card or bank details when taking payment for your Membership or when providing a refund
Where Processing is in Your Vital Interests
We may need to use your personal data in certain limited, emergency situations to ensure your wellbeing.
Disclosure of Your Personal Information by Us
We only disclose your personal information outside the Party in limited circumstances. If we do, and where relevant, we will put in place a contract that requires recipients to protect your personal information, unless we are legally required to share that information. Any contractors or recipients that work for or with us will be obliged to follow our instructions. We do not sell your personal information to third parties.
We may disclose your information to our third-party service providers and agents for the purposes of providing services to us or directly to you on our behalf, including the operation and maintenance of our Site.
When we use third-party service providers, we only disclose to them any personal information that is necessary for them to provide their services and only where we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions as a Data Controller.
We will also share your personal data with officers of the Party including Elected Representatives, Candidates for Elections, Returning Officers and Spokespersons. Data is shared with these officers for the sole purpose of executing the work of the Green Party and for no purposes other than the legitimate, political interests of the party.
The Green Party will not share personal data with any other entity or organisation without prior consent from the data subject. At some point in time we may request your permission to share personal data with another related organisation, such as the European Green Party.
Transfers of Your Personal Information Outside of Europe
Typically, we do not transfer your personal information outside of Europe. However, we may rely on adequacy decisions by the European Commission for data transfers to countries outside the EEA such as to the UK.
All information you provide to us is stored on our secure servers which are located within the European Economic Area (EEA).
If at any time we transfer your personal information to, or store it in, countries located outside of the EEA (for example, if our hosting services provider changes) that are not subject to an adequacy decision, we will amend this statement and notify you of the changes. We will also ensure that appropriate safeguards are in place for that transfer and storage as required by applicable law. This is because some countries outside of the EEA do not have adequate data protection laws equivalent to those in the EEA.
Security And Links to Other Websites
We take the security of your personal information seriously and use a variety of measures based on good industry practice to keep it secure. Nonetheless, transmissions over the internet and to our Site, and our social media pages may not be completely secure, so please exercise caution. When accessing links to other websites, their privacy policies, not ours, will apply to your personal information.
We employ security measures to protect the personal information you provide to us, to prevent access by unauthorised persons and unlawful processing, accidental loss, destruction and damage.
The transmission of information via the internet is not completely secure. Although we will do everything possible to protect your personal information, we cannot guarantee the security of any personal information during its transmission to us online. You accept the inherent security implications of using the internet and will not hold us responsible for any breach of security unless we are at fault.
The Periods for Which We Retain Your Personal Information
We are obliged to retain certain information to ensure accuracy, to help maintain quality of service and for legal, regulatory, fraud prevention purposes.
Other information will be retained for no longer than is necessary for the purpose for which it was obtained by us or as required or permitted for legal, regulatory, fraud prevention and legitimate purposes.
We will not hold your personal information in an identifiable format for any longer than is necessary for the purposes for which we collected it. For certain purposes we retain your personal information indefinitely (e.g. to supress marketing messages).
In the case of members, the party will retain personal data for five and a half years following the end of the membership period where the data subject has not engaged with the party in a specified way. After an ordinary Green Party membership lapses there is a period of one year in which a member can renew their membership without losing their voting rights, known as the grace period. After this period elapses former members may become party supporters and continue to receive communications from the party in line with their communications preferences, which they can change at any time. They can also choose to independently end their support of the party by unsubscribing.
While supporters continue to engage with the party through specified activities, we will maintain their personal data on file so that the we can contact them about our work. If after 4.5 years a supporter has not undertaken any specified activities, we shall seek consent to continue contacting the data subject as a party supporter. If there is no response, or the data subject replies negatively their personal data will be anonymised. If the data subject replies positively their records will be kept on file.
Financial Record Retention
The financial records of all data subjects must be kept on file for the purposes of audit, however it will not be possible to identify the benefactor from this data. In some cases the party will be prohibited from anonymising a data subject’s identifiable records. Personal data, including names and addresses must be kept on record where specified by the SIPO guidelines, such as where larger donations are concerned. Similarly, personal data must be retained by the party where there are active or potential legal proceedings.
Where donors are not party members, and there is no legal requirement to keep their personal data on file, non-financial data will be anonymised after a period of five and a half years.
Your Rights in Relation To Your Personal Information
You have certain rights in respect of your personal data and we have processes to enable you to exercise these rights.
Right of Access
This is known as a Data Subject Access Request or a SAR in short. If you want to know if we are processing personal data relating to you and to have access to any such personal data you can contact us using the details below. In order to furnish you with a copy of your personal data that we hold we will need to verify your identify.
You have the right to access any personal information that the Party processes about you and to request information about:
- What personal data we hold about you
- The purposes of the processing
- The categories of personal data concerned
- The recipients to whom the personal data has/will be disclosed
- How long we intend to store your personal data for
- If we did not collect the data directly from you, information about the source
Right To Rectification
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the data and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
If you believe that we hold inaccurate personal data about you, please contact us using the details below. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate, we will make the necessary changes.
Right To Erasure
You also have the right to request erasure of your personal data or to restrict processing (where applicable).
However, this right does not apply where we have to comply with a legal obligation or where we need personal data for the establishment, exercise or defence of legal claims. In addition, if you opt out of marketing communications or have previously opted out of marketing communications, we have to keep a record of such opt out to ensure that we don’t contact you again in the future.
Right To Restriction
You have a right to request that processing of personal data is restricted in certain circumstances. However, we shall still continue to process the personal data for storage purposes, for the establishment, exercise or defence of legal claims.
Right To Object
Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation.
Right To Portability
In certain circumstances, you can request that we provide to you your personal data in a commonly used format.
Right To Complain to The Supervisory Authority
You have the right to lodge a complaint with the Data Protection Commission and more details can be found on their website – www.dataprotection.ie
For Data Subject Rights
To exercise your data subject rights, contact us at email@example.com. If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
For Further Information
Should you require additional information then you can contact our Data Protection Officer at the following email address: firstname.lastname@example.org
You may also contact our Data Protection Officer by writing in to:
Data Protection Officer
16/17 Suffolk Street,