Contacts Management System Privacy Policy
Contacts and Events Management System Privacy Policy
Information specific to the personal data being collected.
The following data is specific information in relation to the personal data processed under the Department of Foreign Affairs internal Contacts and Events Management System.
1. Specified purpose:
The personal data is being collected/processed for the purpose of allowing the Department of Foreign Affairs ("The Department") to carry out the administration and business of public services in connection with communications and transactions between the Government and the Government of any other state or nation, diplomatic representation of the State in any country or place, international amenities and all powers, duties and functions connected with the same. The Contact and Events Management System does not collect information on individuals relating to Passport, Consular or Visa services.
2. Lawful basis:
The Department's basis for processing the personal data of contacts is provided by Section 1 (xi) of the Ministers and Secretaries Act 1924-2013[1].
3. Recipients:
Codec – third party software provider.
The Department uses an Eventbrite account to organise events.
Personal data may be also provided by the Department to trusted third parties, including but not limited to Government Departments, state agencies and state bodies, for the purpose and basis outlined in this notice. Personal information may also be provided to authorised third party service providers who facilitate official events. Your acceptance to attend these events is deemed as acceptance that your data may be provided to third parties in order to facilitate your attendance. Only the data necessary for the management of such events may be shared. The Department will put appropriate controls in place to ensure that data provided for this purpose will be held by the third party only as long as there is a business need to do so in line with the purpose(s) for which it was provided. You have the option to 'opt out' of future event invitations if you wish.
4. Transferred outside the EU:
The data contained in the Department's Contact and Events Management System is held on servers within the EU. The international remit of the Department's work may involve sharing personal data with service providers based outside of the EU to facilitate official events and for the purpose outlined in this notice. Your acceptance to attend such events is deemed as acceptance that your data may be provided to third parties to facilitate your attendance. Only the data necessary for the management and security of such events may be shared. The Department will put appropriate controls in place to ensure that data provided for this purpose will be held by the third party only as long as there is a business need to do so in line with the purpose(s) for which it was provided. You have the option to 'opt out' of future event invitations if you wish.
5. Retention Period:
The data collected for this purpose will be held by the Department only as long as there is a business need to do so in line with the purpose(s) for which it was collected. After this time it will be marked for destruction and will be destroyed in line with internal guidelines or guidelines for destruction received from the National Archives Office or associated permissions received from them. After this time it will no longer be retained. Individuals whose data may be held on the system can view their rights on the DFAT website. Individuals can request access to their data through a data subject access request (DSAR). This process will follow DFAT's central data privacy notice.
6. Data provision being statutory or contractual obligation:
Not applicable.
7. Automated Decision Making:
No automated decision making is carried out during the process.
8. Information from Third Party:
Personal data may be provided to the Department by trusted third parties, including but not limited to Government Departments, state agencies/bodies and third countries, for official business purposes. Such data will only be received with appropriate controls agreement in place. The data received for this purpose will be held by the Department only as long as there is a business need to do so in line with the purpose(s) for which it was collected. After this time it will be marked for destruction and will be destroyed in line with internal guidelines or guidelines for destruction received from the National Archives Office or associated permissions received from them. After this time it will no longer be retained.
[1]1(xi) The Department of External Affairs which shall comprise the administration and business generally of public services in connection with communications and transactions between the Government of Saorstát Eireann and the Government of any other state or nation, diplomatic and consular representation of Saorstát Eireann in any country or place, international amenities, the granting of passports and of visés to passports, and all powers, duties and functions connected with the same, and of which Department the head shall be, and shall be styled, an t-Aire Gnóthaí Coigríche or (in English) the Minister for External Affairs.