GDPR & Privacy Policy

Junior Chamber International Galway Privacy Statement. Keeping your data protected.

Effective Date: May 17, 2018  

JCI Galway will be what’s known as the ‘Controller’ of the personal data you provide to us. JCI Galway also contains local branches, for the purposes of clarity, references to JCI Ireland below include all branches of JCI Ireland as well as the National Board of Officers. We are committed to the security of your data and have appointed a Data Protection Officer in this role. They may be reached at dpo@jcigalway.org.

We collect data from the following types of people:

General Users

We do not collect personal information from general users. We use Google Analytics on our website to track visit information for analysis of traffic and this does not include personal information, see our cookie policy for more information. Further information on Google GDPR compliance is available to read here https://privacy.google.com/businesses/compliance/

JCI Members

To become a JCI Member you must provide your email address to use as a unique login to your account. Through this account, you may choose to opt in to receive email notifications on your membership. Your email address is never shared nor used for marketing purposes. Our database is encrypted to prevent access to your email address. All personal data on members who choose not to renew their JCI Galway membership is removed automatically from our database 3 months after their membership lapses.

Competition Entries

From time to time, JCI Galway runs projects in which persons and businesses may be nominated for an award or competition. Only the information necessary for the competition to be awarded or judged is entered through the website. This information is stored in our encrypted database, accessed only by the project manager and deleted when no longer necessary to the project. Each project contains its own DIPA document detailing the use of personal data during the project.

Email Marketing

JCI Galway conducts email marketing to inform you of upcoming events & projects and JCI Galway past activity using the Mailchimp system. Signing up to receive emails from JCI Galway is only available through an opt in form on the JCI Galway website. The Mailchimp GDPR policy is available here https://mailchimp.com/legal/privacy/. Your email address will be kept with Mailchimp until you unsubscribe from the mailing list using the unsubscribe link provided in all Mailchimp emails.

What Is Sensitive Data?

Sensitive data is any data that can be used to identify a person and includes but is not limited to your:

  • Name
  • Phone number
  • Email address
  • Date of birth
  • Photograph
  • Video
  • Personal biography
  • Passport
  • Driver’s License or other ID card
  • IP address
  • Biometric data
  • Information on a person’s physical or mental health

Why we need your data

We need to know your basic personal data in order to provide you with ongoing organisational updates and funding information. We will not collect any personal data from you that we do not need to do this. For some competitions and projects the data we collect is required to verify your identity and may be submitted electronically via the jci.cc website to JCI Europe and JCI World, who have their own GDPR policies need data. Each project DIPA document will outline the data collected and if it will be shared with JCI Europe and / or JCI World.

How We Store Data in JCI Galway

Website

Our member data is encrypted and stored on servers located within the UK, provided by VPS.net. Further information on the VPS.net GDPR policy may be found here https://www.vps.net/about-vps-net/legal/gdpr-policy/. No 3rd parties have access to your personal data unless the law allows them to do so. Any data submitted through the website is done on an opt-in basis, provided at the time of data submission. Users and members may opt-in to receive marketing information from JCI Ireland via email.

Google Drive

All JCI Galway data, including Information gathered during JCI projects is stored on Google Drive. Google Drive is fully GDPR compliant and is part of Google’s cloud platform, which is covered by Google GDPR compliance. (https://privacy.google.com/businesses/compliance/)

Only JCI members responsible for projects and membership have access to your data and all access is protected using 2-step verification.

Mailchimp

If you have opted in to receive information from JCI Galway via email, your email addresses will be stored on Mailchimp. The Mailchimp GDPR policy is available here https://mailchimp.com/legal/privacy/.

Event Brite

JCI Galway uses Event Brite to manage its events and payments. If you are attending a JCI Event, you will need to enter your personal information into Event Brite. This information is never shared and is protected by the Event Brite GDPR policy and is available here https://www.eventbrite.ie/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy?lg=en_IE

How long do we keep your data?

JCI Galway does not keep your personal data longer than necessary for projects, events or your JCI membership.

All personal data on members who choose not to renew their JCI Galway membership is removed automatically from our database three months after their membership lapses.

All personal data collected during the course of a JCI Galway project is deleted after it is no longer necessary to the project. This date will be made available as part of the project DIPA, which is provided before the data is collected.

If you have opted in to receive information emails from JCI Ireland, your email address will be kept with Mailchimp until you unsubscribe from the mailing list using the unsubscribe link provided in all Mailchimp emails.

Security & Authentication

All personal data stored in our website database is encrypted to protect against unauthorized access.

All personal data stored on Google Drive and Mailchimp is protected by secure login and 2-step verification, which greatly reduces the risk of unauthorized access by asking users for additional proof of identity when logging in.

Procedures For Data Requests

Under GDPR, you have the right to:

  • confirm that your data is being held
  • request a copy of any personal data we have retained on you
  • request that your personal information be deleted

Non-JCI Members

To confirm your data is being held or request a copy of any personal data we have on you send an email request to dpo@jcigalway.org. We will provide the information by email within 21 days.

To request that your personal data be deleted, send an email request to dpo@jcigalway.org. Your personal data will be deleted from our Google Drive and confirmed by email within 21 days.

To unsubscribe from JCI Galway emails sent through Mailchimp, click the unsubscribe link at the bottom of the email.

Authentication

To authenticate the identity of the requester, we will check the email address against the email address we have on file. In the case that the name of the requester matches the information we have, but the email address does not match, we may ask that the request be resent from the email address we have on file.

Repeat requests

In the case that requests are unfounded or excessive, in particular in the case of repeat requests, we will charge a €6.35 administration fee for each repeat request for the same data. This is to cover the administration costs of multiple requests, as provided for in Article 15 of the EU GDPR policy https://gdpr-info.eu/art-15-gdpr/

Personal information required for projects

If your personal data is deleted at your request, but is necessary for participation in a project or competition, this may disqualify you from being involved further in the project or competition.

JCI Members

In addition to the procedures above, you may login to your members area on the JCI Galway website to edit and delete your personal data. If you cannot remember your password, please use the Forgot Password link on the login page to set a new password.

If you choose to delete your email address from the system, you will no longer be able to access your JCI Member area on the JCI Galway website and will also not receive any notifications regarding your membership or renewal.

Procedures For Data Breach

If a data breach occurs which poses a risk to individuals then the Data Commissioners  (https://www.dataprotection.ie/docs/Home/4.htm) will be notified within 72 hours of the organisation becoming aware of the breach. In certain circumstances the individuals themselves must also be notified.

JCI Galway will comply with all directions from the Office of the Data Commissioner in relation to the breach. Every attempt will be made to retrieve and / or delete the data that was breached and all security logins and access controls will be updated with new passwords.

In addition an investigation will be conducted into how the breach occurred, with the goal of preventing a similar reoccurrence.

Communication Guidelines Within JCI Galway

For non-JCI members, your personal data is never sent through any communication channels within JCI Galway, apart from Gmail, which is part of Google’s cloud platform and covered by Google GDPR compliance (https://privacy.google.com/businesses/compliance/). It is sometimes necessary to mention your name in our communications, in order for us to confirm who we are referring to when discussing an event or project.

For JCI members, only the personal data which you have provided to JCI Galway during sign up or through your membership area, or that which you have provided to other members as a contact method may be shared internally on communication channels.

Gmail

All official JCI Galway communication takes place within Gmail, which is part of the Google cloud platform and conforms to Google’s GDPR compliance policy https://privacy.google.com/businesses/compliance/.

Facebook

JCI Galway uses Facebook as a communication method internally between members and also to promote our events. Facebook is GDPR compliant and further information is available here https://www.facebook.com/policy.php

Whatsapp

JCI Galway uses Whatsapp as a communication method internally between members and your personal data is never shared over Whatsapp.

Website

The member database system on the JCI Galway website is used to communicate with JCI members, solely to send notifications regarding their membership payments and renewals. Members may opt out of receiving these notification in their members area and also upon signup.

Google Drive

JCI Galway uses Google Drive to store and share internal access to your personal information only to those members that are authorized and require access to it to carry out projects. Google Drive is part of the Google cloud platform and conforms to Google’s GDPR compliance policy https://privacy.google.com/businesses/compliance/.

Photos & Videos

JCI Galway takes and shares photos & videos of its events and projects on its website and on Facebook. These are for promotional purposes only in order to promote the activities of the organization. At all events, an announcement is made to state that photos and videos will be taken and used in this manner.

Member Information

For JCI members, as stated above your personal data is stored on the JCI Galway website database. You have access to this data and may edit and delete it should you choose to do so. You may also opt in or out of receiving payment confirmation nd membership renewal notifications through your website members area

Payment Processing

All payment processing on the JCI Galway website is carried out securely by Stripe Payments who are fully GDPR compliant https://stripe.com/ie/privacy. Payment card details are never stored by JCI Galway.

Events

JCI Galway takes and shares photos & videos of its events and projects on its website and on Facebook. These are for promotional purposes only in order to promote the activities of the organization. At all events, an announcement is made to state that photos and videos will be taken and used in this manner.

Upon entering the event, for Fire & Safety reasons, guests and members are asked to sign in and provide their name only on a physical sign in sheet. This sheet is then destroyed after the event. If you wish to opt in for JCI Galway promotional and information emails, you may do so on the JCI Galway website on the appropriate JCI Local Branch page. If the event is related to a JCI Galway project in which personal data has been obtained, the project DIPA policy will be displayed at the event.

Projects

All JCI Galway projects will have a DIPA document, detailing what personal data will be requested, why it is needed, what will be done with it, where it will be stored, who will have access to it and when it will be deleted. If the project involves a public event, this DIPA document will be displayed at the event.

Timelines & Dates

All personal data collected during the course of a JCI Galway project is deleted when no longer necessary to the project. This date will be made available as part of the project DIPA, which is provided before the data is collected.

All personal data on members who choose not to renew their JCI Galway membership is removed automatically from our database 3 months after their membership lapses.

In December of each year, an audit is carried out by all National Officers and Local Presidents, to ensure that the Google Drive account they are responsible from no longer holds any unnecessary personal data.

More Information

For more information and all enquiries email: dpo@jcigalway.org


Cookie Policy for JCI Ireland

This is the Cookie Policy for JCI Galway , accessible from www.galwaytouristguide.ie

What Are Cookies

As is common practice with almost all professional websites this site uses cookies, which are tiny files that are downloaded to your computer, to improve your experience. This page describes what information they gather, how we use it and why we sometimes need to store these cookies. We will also share how you can prevent these cookies from being stored however this may downgrade or 'break' certain elements of the sites functionality.

For more general information on cookies see the Wikipedia article on HTTP Cookies.

How We Use Cookies

We use cookies for a variety of reasons detailed below. Unfortunately in most cases there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave on all cookies if you are not sure whether you need them or not in case they are used to provide a service that you use.

Disabling Cookies

You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of the this site. Therefore it is recommended that you do not disable cookies.

The Cookies We Set

We do not set site preferences cookies

Third Party Cookies

In some special cases we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site.

This site uses Google Analytics which is one of the most widespread and trusted analytics solution on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content.

For more information on Google Analytics cookies, see the official Google Analytics page.

More Information

Hopefully that has clarified things for you and as was previously mentioned if there is something that you aren't sure whether you need or not it's usually safer to leave cookies enabled in case it does interact with one of the features you use on our site.

However if you are still looking for more information then you can contact us through one of our preferred contact methods:

Email: dpo@jcigalway.org