We are Enable Ireland Disability Services, a Company Limited by Guarantee registered under company number 13909 with a registered address at 32F Rosemount Park Drive, Rosemount Business Park, Ballycoolin Road, Dublin 11, Ireland.
We are a partly state funded charitable organisation which provides services to children and adults with physical, sensory and intellectual disabilities in 15 counties across Ireland. We process personal data and special category personal data about people to carry out this core work. We are also engaged in training, research, fundraising, direct marketing, office administration, finance and HR administration including payroll and recruitment. We manage relationships with volunteers, contractors and authorities such as the HSE.
For the purpose of the GDPR, the data controller is Enable Ireland Disability Services, Limited by Guarantee (“Enable Ireland”).
Enable Ireland processes personal data about service user/owners and their carers/family members/representatives, prospective volunteers, donors, advocates, supporters, contractors, suppliers and individuals in sponsor companies or partner organisations job applicants or former employees/colleagues and users of Enable Ireland's Assistive Technology e-learning site (https://enableirelandat.ie).
Enable Ireland does not engage in profiling or automated decision making. However, if you are a member of the Friends of Enable Ireland Network, a fundraiser, volunteer or donor of Enable Ireland, we may analyse the outcomes of our fundraising campaigns, your preferences and engagements with you to tell you about fundraising events, activities or volunteer opportunities that may be of specific interest to you. You may opt-out of your personal data being used for this type of analysis by contacting friends@enableireland.ie, or by contacting the Data Protection and Compliance Officer (details are below).
Enable Ireland processes different types of personal data and special category personal data depending on how and why you are interacting with us.
| Purpose | Categories of data processed |
| Health & Social care services when attending our service centres located across Ireland | Health data (referral letter from a third party, medical records and assessments, diagnosis, medical/physical history and medication details, hospital details, physician/healthcare professionals details, vaccination status), contact names and initials, addresses, telephone numbers, email, date of birth, country of birth, gender, next of kin contact details and relationship to service user/owner, photographs, videos received from service users/owners and voice recording, face image and IP addresses while in virtual consultations with service users/owners, attendance records, healthcare professional reports and update reports for carers/guardians, medical card numbers, social preferences, dietary, social, sleep and spiritual needs, assistive technology needs and personal care needs, funding applications. |
| Communications | Contact names, addresses, telephone numbers, email, social media identifiers such as Facebook®, twitter®, Instagram®, photographs, videos, stories and health data, completing forms on www.enableireland.ie (our site) such as the 'Contact Us' form or when subscribing to receive our Newsletter or other such websites that are within our control. |
| Training & research | Contact names, addresses, telephone numbers, email, assignments, training records, health data. |
| Office Administration & Finance Management | Contact names, contact details, tax identifiers (e.g. VAT number for service providers), bank details, legal claims, timesheets and payment data, data associated with accounts receivable or accounts payable. |
| Direct Marketing & Fundraising | Contact names, contact details, PPSN for donors, bank details, health data, photographs, stories, video or audio footage, donor, volunteer and supporter preferences and interests, service region and additional contact names and addresses. |
| Donations | Contact name and address; email address; credit/debit card details; PayPal details; bank account details/direct debit mandate form; age group; tax payer status and PPSN number (where you wish to avail of tax relief in respect of your donation) |
| Human Resources Recruitment | Application form, references, CVs (employment history and education), Garda/Police vetting declarations, professional qualifications and other recruitment documents and if we conduct interviews using a virtual platform, then we will process your face image, voice recording and IP address. |
| Wellbeing, Safety & Security | Occupational health data, accident & incident reports, safeguarding/ risk assessment information, location data and CCTV recordings. |
| Website management | Google Analytics data including IP addresses (see cookie policy). |
| Assistive Technology e-learning site |
When you create an account on https://enableirelandat.ie we require the following data: Name, age (for verification purposes), country of residence (for verification purposes) and email address.
Optional personal data we collect if you choose to provide additional profile information: Profile photo, residence (town/county), any interests, professional background information or other personal details you choose to add to your account profile. Engaging in one of the courses on this site we may also collect the following data: Assignments, training records, logs (activity on the course), video and/or still image you upload, forum posts (this could include special category personal data that you have shared such as health, race and ethnicity, religious or philosophical beliefs), quiz results, survey and feedback answers. |
We obtain personal data about you if:
- you apply for a job in Enable Ireland;
- you or your parent/guardian/ carer contact us to request you become a service user/owner. If someone gives us information about you, we may add it to any personal information we already hold and use it in the ways described in this Notice. Before you disclose information to us about another person, you should be sure that you have their consent to do so. You should also show them this Notice. You need to ensure that they confirm that they know you are sharing their personal information with us for the purposes described in this Data Protection Notice;
- a health or social care professional shares data with us by way of a referral;
- you contact us to become a volunteer, donor, course participant or advocate or subscriber to fundraising campaign or website;
- we complete a business transaction with you as a supplier of products / services, or as a customer of our shops;
- you engage with Enable Ireland's Assistive Technology e-learning site.
We may have your personal data because your company or organisation has entered into a partnership with Enable Ireland. In limited circumstances data is publicly available and there would be a reasonable expectation that an organisation such as Enable Ireland would process it, for example, you are a journalist, medical expert, academic, politician, business leader or celebrity.
We collect the information in order to provide you with our services, to market our services, to fundraise, to improve our organisation and to recruit staff and volunteers. We will use this information to:
- carry out our obligations arising from any agreements entered into between you and us e.g. to provide you with our disability services where you are a service user;
- communicate with you as part of our relationship with you or in accordance with our agreement with you;
- carry out fundraising and marketing activities which include to market you according to your preferences, process your donation, process volunteer opportunities and process your subscriptions.
- set you or your company up as a supplier on our systems and to pay you for products/services provided to us;
- liaise with you about projects that we are undertaking with you;
- create a candidate profile for you if you are a job applicant;
- administer and improve our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- deliver information about our services and our organisation, where you have subscribed to receive same;
- As part of our efforts to keep our organisation safe and secure;
- Operations of the Assistive Technology e-learning site.
The legal bases for the processing of your data are:
- Processing necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract;
- Processing necessary for compliance with a legal obligation to which we are subject, for example, providing information to Health Information Quality Authority (HIQA) or Health Service Executive (HSE);
- Processing necessary in order to protect the vital interests of you or of another natural person;
- That you have provided consent for the processing for one or more specified purposes such as marketing, for example, when you subscribe to our newsletter or opt to receive information from us in respect of our organisation;
- Processing necessary for the purposes of the legitimate interests which we pursue for example administer and record your donation, providing you with information about fundraising campaigns you have agreed to take part in, provide you with information necessary for any training event, workshop or event you sign up for, follow up on your queries, assess our fundraising activities or efficiently and effectively providing suitable e-learning training via Assistive Technology e-learning site.
The legal basis for the processing of your Special Category Personal Data (i.e. your medical/health data) are:
- That the processing is necessary for the provision of health care, treatment or social care and for the purposes of medical diagnosis;
- That the processing is necessary in order to protect your vital interests or that of another person where you are physically or legally incapable of giving consent.
We may share your personal data and where necessary, Special Categories of Personal Data, with selected third parties as listed below* including suppliers and contractors in order to provide you with our services. For example, these suppliers may include our web hosting provider and our IT service providers.
In addition, we may disclose your personal information (including Special Categories of Personal Data) to third parties:
- Which are part of the Progressing Disability Services (‘PDS’) framework. As part of this arrangement Enable Ireland has formed partnerships with a number of other service providers with the aim of improving access to disability services across Ireland;
- If we are under a duty to disclose or share your information in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect our rights, property, or safety, our service user/owner/customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
- As part of projects with other companies in the Enable Ireland group of companies if applicable.
- Where solicitors or your elected power of attorney have your written authorisation to be provided with the personal data we hold about you
- When you are under age of eighteen, we will share your personal data with your legal guardians.
*Note:
|
|
PDS Partner Organisations; - St. Michael’s House; - Stewarts Care Limited; - Central Remedial Clinic; - Muiriosa Foundation; - Daughters of Charity; - Brothers of Charity; - CoAction; - St. Gabriel’s School and Centre; - Western Care Association; - Ability West; - Cope - St. Joseph’s foundation |
Provision of health care and services to service user/owners under the PDS Partnership arrangement. | |
| HIQA | Legal obligation to disclose certain information | |
| TUSLA/HSE safeguarding | Legal obligation to disclose certain information | |
| Health Service Executive | Provision of health care and services to service user/owners | |
| HSE/Health Research Board | Information collected on National Ability Supports System (NASS) is critical to the management of disability services nationally. | |
| Irish Wheelchair association | Provision of health care and services to service user/owners | |
| DeafHear | Provision of health care and services to service user/owners | |
| National Council for the Blind Ireland (NCBI) | Provision of health care and services to service user/owners | |
| Child and Adolescent Mental Health Services (CAMHS) | Provision of health care and services to service user/owners | |
| St. John of God | Provision of health care and services to service user/owners | |
| St. Lawrence Cheshire Home | Provision of health care and services to service user/owners | |
| KARE |
|
|
| COPE | Provision of health care and services to service user/owners | |
| Nursing agencies | Provision of health care and services to service user/owners | |
| An Cuan Regional Support Service: Cope Foundation | Provision of health care and services to service user/owners | |
| Technological University Dublin | Foundations in AT Course - Accreditation Provided by Technological University Dublin | |
| IT/software Providers | ||
| Microsoft office 365 | Cloud service providers | |
| Microsoft TEAMS | Web-based video consultation platform | |
| Attend Anywhere or other video consultation provider | Web-based video consultation platform | |
| InterXion | IT data centre provider | |
| Evros Technology | IT service provider | |
| Cisco Meraki | IT Software | |
| Monread CRM | Goldmine CRM Software Provider | |
| Private Health Insurers | Payment for service user/owner claims | |
| Progress CRM and Salesforce CRM | Fundraising management software provider | |
| Enclude | Salesforce configuration support | |
| Poppulo | Email marketing service provider | |
| Trinity Marketing | Regular Donor Acquisition | |
| Monsoon Consulting | Communications Software Tool | |
| C3 Marketing | Marketing Services | |
| DEFT Payment Systems | Software for processing donation payments | |
| Realex Payments | Software for processing online credit/debit card donation payments | |
| Stripe | Software for processing donation payments | |
| Paypal | Software for processing donation payments | |
| CookieBot | Software for obtaining cookie consent on external website | |
| Other | ||
| CCTV providers | Provision of CCTV equipment and services | |
| Aviva | Pension scheme providers | |
| Law firms | Legal services | |
| AIB | Banking services | |
| Lane Clark Peacock (LCP) | Pension Administrator | |
| Zurich | Pension trustee service | |
| Friends First | Income continuance and insurance services | |
| RSM Ireland | Audit and accounting services | |
| Revenue Commissioners | Legal obligation to disclose certain information | |
| Cognate Healthcare or other provider | Pre-employment medicals/ occupational health assessments | |
| An Gardaí Siochána | Law enforcement | |
| Miscellaneous photographers, venues corporate partners, fundraising campaign providers, trade unions, fundraising campaign providers, professional bodies | For operational purposes in connection with fundraising events, payment of subscription fees | |
| Enovation Solutions Ltd | Hosting provider of Enable Ireland AT Training online learning portal (Moodle) | |
| Iron Mountain Ireland Limited | Storage Hardcopy files | |
| DCG Shredding | Shredding Company | |
| Pulp Recycling Limited | Shredding Company | |
| Gwen Malone Stenography Services Unlimited Company | Provision of Stenography | |
| DataPac Unlimited Company | Supplying ICT Products and Services |
Enable Ireland in accordance with our obligations, keeps personal data and special category personal data for a range of periods. Our current retention periods are based on:
- Statutory obligations for example, we are required to keep records created under Childcare legislation indefinitely;
- Contractual obligations, for example, we are required to keep records for a certain period as provided for in contracts with service providers like IT service providers;
- Quality assurance / best practice obligations set by state entities or regulatory bodies in particular the HSE Policy 2013 on Retention of Records available at: https://www.hse.ie/eng/services/list/3/acutehospitals/hospitals/ulh/staff/resources/pppgs/rm/recret2013.pdf
- Our view that retention is necessary for the original purpose or a compatible purpose
- On a case by case basis, records may be retained for longer where they are required for actual or potential legal actions or the management or mitigation of operational or strategic risks to Enable Ireland. Where records are subject to this kind of review the ongoing retention will be assessed annually.
Your information is stored on secure systems within Enable Ireland premises and with providers of secure information storage. We may transfer or allow the transfer of information about you and your services with us to our service providers located outside the European Economic Area (EEA), but only if they agree to act solely on our instructions and protect your information to the same standard that applies in the EEA.
You have the following rights:
- The right to access the personal data we hold about you. Under the GDPR, we are obliged to respond to your access request without undue delay. In most instances, we will respond within 30 Days. If we are unable to deal with your request fully within 30 Days (due to the complexity or number of requests), we may extend this period by a further two calendar months. Should this be necessary, we will explain the reasons why. If you make your request electronically, we will, where possible, provide the relevant information electronically unless you ask us otherwise. Please complete the access request form available at: https://www.enableireland.ie/external-data-subject-access-request-form or by requesting it from the Data Protection Officer. We reserve the right not to have to respond to access requests that are excessive or manifestly unfound.
- The right to require us to rectify any inaccurate personal data about you without undue delay.
- The right to have us erase any personal data we hold about you in circumstances such as where it is no longer necessary for us to hold the personal data or, in some circumstances, if you have withdrawn your consent to the processing.
- The right to object to us processing personal data about you such as processing for profiling or direct marketing.
- The right to ask us to provide your personal data to you in a portable format or, where technically feasible, for us to port that personal data to another provider provided it does not result in a disclosure of personal data relating to other people.
- The right to request a restriction of the processing of your personal data.
- Where our processing of your personal data is based on your consent to that processing and where there is no other legal basis for processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.
- You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commissioner. The website is www.dataprotection.ie. A form called “raise a concern” is available on their website in this regard.
You may exercise any of the above rights by contacting the Data Protection & Compliance Officer of Enable Ireland at dpo@enableireland.ie or writing to Data Protection & Compliance Officer, Enable Ireland, Lavanagh Centre, Curraheen, Carrigrohane, Cork, T12 D768
Sharing personal Information with us is in both your interest and ours. We need information in order to:
- Provide our services.
- Manage our business for our legitimate interests.
- Comply with our legal obligations.
You can choose not to share information, but by doing so may limit the services we are able to provide to you because:
- We may not be able to assess your suitability for a service, or, where relevant, give you a recommendation to provide you with a service, renew an existing service or continue to provide services to you if we do not have the ability to process your information.
If you have any questions about how your personal data is gathered, stored, shared or used, or if you wish to exercise any of your data rights, please contact our Data Protection Officer at:
By Email: dpo@enableireland.ie
By phone:085 1068100
By postal Address:
Data Protection & Compliance Officer, Enable Ireland, Lavanagh Centre, Curraheen, Carrigrohane, Cork, T12 D768
What are cookies?
This website uses cookies. Cookies are small files that a site or its service provider transfers to your computers hard drive through your Web browser (if you allow) that enables the sites or service providers’ systems to recognize your browser and capture and remember certain information. Further information on cookies can be found at https://wikis.ec.europa.eu/display/WEBGUIDE/04.+Cookies+and+similar+tech...
How do we use cookies?
We use cookies to compile anonymous data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
The Enable Ireland website uses Google Analytics to gather anonymous statistics about visitors to the site and which pages are visited.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly.
Managing cookies
Cookies help us to ensure that our website is as good as it can be for our users. Cookies pose little threat to your privacy, but some people may want to turn them off anyway.
We will make changes to this notice from time to time. You will always find an up-to-date version of this notice on our website at https://www.enableireland.ie/privacy-policy and you can also ask the Data Protection & Compliance Officer for a copy of the most up-to-date notice. This notice was last updated on 30 November 2022.