Privacy Statement and GDPR
General Data Protection Regulation (GDPR)
On 25 May 2018, the General Data Protection Regulation (GDPR), a new Europe-wide regulation which covers data protection came into force. This new regulation is intended to strengthen the data protection rights of everybody within the European Union. GDPR strengthens your rights to privacy and the information held about you. Providing transparency and accessibility in relation to customer information is a key element of the new regulation. In line with GDPR, we have updated this Privacy Statement and our Terms and Conditions.
This updated Privacy Statement and our new Terms and Conditions are intended to clarify your rights as a customer of www.rootsireland.ie. Please take some time to read this as well as the new Terms and Conditions and Privacy Statement. If you are not happy with these statements then you have the option of deleting your account with us. If you have any further queries regarding GDPR, please contact us at firstname.lastname@example.org.
The Irish Family History Foundation (IFHF), the operator of this site, recognizes the confidentiality of information that may be disclosed by users in registering or making purchases from our Website and we are firmly committed to protecting your privacy. The following discloses our information gathering and dissemination practices for this site.
What information does the IFHF collect?
Email address and password: Allows unique identification for you to log on to the website. Your email address will also be used to send you confirmation emails when you make a payment, or renewal emails when your subscription is about to expire. The email address is also stored for the purposes of maintaining our mailing list and handling bounced emails. We do not store your actual password. The password is hashed (disguised) and we store the hash, so the actual password cannot be re-constituted from the hashed version.
Name and Address: When you register you must enter your name and address. We require this information for the purposes of improved user experience on the website; for better communication via email; to help with customer enquiries and for VAT purposes. We also want to identify and prevent unwanted registrations. For GDPR compliance some of the address fields are optional.
Country: We use the country field for reporting purposes and it is also required for VAT purposes.
Credit Card Details: When making a payment to the Irish Family History Foundation, you will be asked for your credit card details. These are used as a one-off transaction to communicate with your bank and take payment or to setup automatic-renewal payments. This is done using a 3rd Party Payment Engine (Global Payments – formerly Realex) on a secure server which is compliant with GDPR, Visa and MasterCard Online Payment procedures. The Irish Family History Foundation does not store your credit card information, but for automatic renewals we do store partial credit card details for the purpose of resolving problems only.
(Note that this extra security means that each time you wish to make a payment you will have to key in your credit card details again – we believe that this inconvenience is outweighed by the extra confidence users feel knowing that their credit cards details are secure).
The personal data entered is stored in a secure area on our servers which is password protected. The data is viewed and analysed exclusively by Irish Family History Foundation staff and BRS who provide technical support solely for the purpose of gaining an aggregate view of the use of the system and to invite feedback based on information about its use.
Your personal details will only be used for the purposes stated above and will be treated in confidence. We will not disclose your details to any third parties unless required to by law.
Your IP address (internet address of your computer) is automatically transmitted to us by your browser each time you view a web page. We collect general information on website usage such as average duration of the visit and the number of pages viewed. This information is only used for system administration and to provide statistics which the Irish Family History Foundation uses to evaluate the use of the website.
We may share non-personal aggregate statistical data about our site visitors’ viewing patterns with our partners and other organisations selected by the Irish Family History Foundation – this will not contain any personal information and will be used for system administration and to provide statistics which the Irish Family History Foundation uses to evaluate the use of the website.
General Data Protection Regulation (GDPR)
Personal Data Request
You can request a report on the personal data that we hold for you. To do so please send an email to our support team at email@example.com.
Correct Data Inaccuracies
If the data we store about you is inaccurate or out of date then you can amend the data by logging in and going to the My Account page. There you can amend your email, password and address.
Email / Direct Marketing
Please note that the IFHF does not send spam and will limit the number of emails it sends out which are to inform you of important changes, e.g. new data becoming available online, changes to the site or special offers. In line with GDPR, we will only send emails to you if you choose to opt into the mailing list. You can opt in when you register or by logging into your account and going to the My Account section. You can opt out of the mailing list at any time by logging in and going to My Account, untick the checkbox and click update or you can click the unsubscribe link on one of the marketing emails. The IFHF will not pass on your email address to any third parties.
We do not believe that data portability is applicable to our service but if you need data portability then please contact us at firstname.lastname@example.org.
Deleting Personal Data
You can choose to delete your account at any time and any personal data will be removed. To do this, login and go to My Account, select Delete Account and then press the confirm button.
Removal of Dormant Accounts
In line with GDPR, when you stop using your account, and after an appropriate period of time from when you last logged in, your account and all of your personal data will be removed. The length of time before which your account is removed will depend on whether you made any payment or if you are on the mailing list.
If you have purchased any product from RootsIreland, then your name and address information are required for VAT purposes, and we will store your details for an appropriate period of time.
If you register and do not purchase any products, but you are on the mailing list, then your personal data will be deleted after an appropriate time. This is in line with the General Data Protection Regulations. Similarly, if you register on the site but do not purchase any products and do not join the mailing list then all of your personal data will again be deleted after an appropriate time. So if you do not use your account for a number of years you may find that you need to re-register.