Data Protection Policy for INAR and iReport
Introduction
At INAR, privacy and data protection rights are very important to us. We will not collect any personal information about you on this website without your clear permission. Any personal information which you volunteer to INAR, will be treated with the highest standards of security and confidentiality, and strictly in accordance with the Data Protection Acts, 1988 & 2003.
Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic form. The Data Protection Acts 1988 and 2003 (the “Data Protection Acts”) lay down strict rules about the way in which personal data and sensitive personal data are collected, accessed, used and disclosed. The Data Protection Acts also permit individuals to access their personal data on request, and confer on individuals the right to have their personal data amended if found to be incorrect.
This document outlines INAR’s policy to help ensure that we comply with the Data Protection Acts.
Inquiries about this Data Protection Policy should be made to: Data Protection Officer, INAR
Data Protection Policy
Purpose of this policy
This policy is a statement of INAR’s commitment to protect the rights and privacy of individuals in accordance with the Data Protection Acts (1988) and (2003)
Collecting information.
We collect and use information to provide anonymised human rights report updates to the general public, the media, legislators, the Irish Government and other agents of the state, to local organisations, to Irish and international NGOs, and to bodies like the European Union and the United Nations. The reports are to provide these bodies with up to date information on the experiences that people have of racism in Ireland. Their purpose is to provide evidence to support our case for better laws, policies and practices for combating racism. All of the reports will have any personal information removed before being compiled.
Data Protection Principles
We shall perform our responsibilities under the Data Protection Acts in accordance with the following eight Data Protection principles:
Obtain and process information fairly
We shall obtain and process personal data fairly and in accordance with statutory and other legal obligations.
Keep it only for one or more specified, explicit and lawful purposes
We shall keep personal data for purposes that are specific, lawful and clearly stated. Personal data will only be processed in a manner compatible with these purposes as defined
Use and disclose only in ways compatible with these purposes
We shall use and disclose personal data only in circumstances that are necessary for the purposes for which we collected the data.
Keep it safe and secure
We shall take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of personal data and against its accidental loss or destruction.
Keep it accurate, complete and up-to-date
We adopt procedures that ensure high levels of data accuracy, completeness and that data is up-to-date.
Ensure it is adequate, relevant and not excessive
We shall only hold personal data to the extent that it is adequate, relevant and not excessive.
Retain for no longer than is necessary
We have a retention policy for personal data.
Give a copy of his/ her personal data to that individual, on request
We adopt procedures to ensure that data subjects can exercise their rights under the Data Protection legislation to access their data.
Responsibility
Overall responsibility for ensuring compliance with Data Protection Acts rests with INAR. All employees and contractors of INAR who separately collect, control or process the content and use of personal data are individually responsible for compliance with the Data Protection Acts. INAR’s Data Protection Officer co-ordinates the provision of support, assistance, advice, and training within INAR to ensure that the company is in a position to comply with the legislation.
Procedures and Guidelines
INAR is firmly committed to ensuring personal privacy and compliance with the Data Protection Acts, including the provision of best practice guidelines and procedures in relation to all aspects of Data Protection.
Review
This Data Protection Policy will be reviewed regularly in light of any legislative or other relevant developments.
This Data Protection policy is available on the INAR Website