Who are we?
The Catholic Archdiocese of Dublin is a registered charity (charity no. CHY1333) with its offices at Holy Cross College and Diocesan Centre, Clonliffe Road, Dublin 3. We have published this Privacy Statement to demonstrate our commitment to protecting and respecting your personal data.
The Catholic Archdiocese of Dublin fully respects your right to privacy and actively seeks to preserve the privacy rights of those who share information with the Archdiocese. Any personal information you provide to the Archdiocese will be treated with the highest standards of security and confidentiality, in accordance with the Data Protection Acts 1988 and 2003 and the General Data Protection Regulation (GDPR) 2018. For the purpose of the GDPR, the Data Controller for the diocesan offices and Archbishop’s House is the Archbishop of Dublin with an address at Archbishop’s House, Drumcondra, Dublin 9, D09 P2E7. For information held in parishes the Parish Priest/Moderator/Administrator is the Data Controller.
This Privacy Statement explains how we process information, in particular the personal data that we receive from you. Please read the following carefully to understand our views and practices regarding your personal data and how we treat it.
The policy includes the websites hosted under the dublindiocese.ie domain only. Within the Archdiocese domain you may find websites over which the Diocese does not maintain editorial responsibility or direct control. Such sites can include the websites of other Catholic groups, bishops, Holy See etc. While the Archdiocese encourages compliance with this web privacy statement at such sites, please consult the privacy statements of individual sites, or contact the persons responsible for those sites, in order to understand the policies and practices under which they operate. This also includes links to Facebook, Twitter and Instagram. By visiting www.dublindiocese.ie you are accepting and consenting to the practices described in this statement.
What information do we collect about you?
The Archdiocese receives personal data about you in various ways including directly from the individual and sometimes from a parish. For example, some information is collected for certain Sacraments, such as the Sacraments of Baptism, Confirmation and/or Marriage. In addition, if you make a donation to a parish, certain information about you will be shared with the Diocese. This enables the parishes and the Diocese to meet its requirements under the Charities Act. It also enables parishes to claim tax back on donations where appropriate. To ensure this data is managed properly a Data Processing Agreement has been signed by both the Archbishop and the Parish Priest/Moderator/Administrator of each parish. In this instance the Parish Priest/Moderator/Administrator is the Data Controller and the Archbishop is a data processor as the diocesan offices are providing a service to the parishes.
Depending on the particular circumstances, outlined above, we may collect and hold a range of different information about you. This can include your name, address, telephone number, gender, age, date of birth, email address, mobile phone number, family status, PPS number (where authorised by law), financial information (such as bank details), employment details and work history, information about your current involvement with the diocese, information on volunteers, CCTV recordings and photographs. Special category data such as that which reveals your religious beliefs may also be collected and processed. This list is not exhaustive.
Processing of personal information
The Catholic Archdiocese of Dublin collects and processes information about you in a number of ways including face to face meetings, email, phone conversations, and through forms sent by the diocesan offices.
We must have a lawful basis for processing your information. This will vary according to the circumstances of how and why we have your information but typical examples include:
• The activities are within our legitimate interests in advancing and maintaining the Roman Catholic religion, in providing information about the activities of the Diocese or any Diocesan Parish, and to raise charitable funds
• You have given consent for us to process your information which can be withdrawn at any time by contacting us using the details below
• We are carrying out necessary steps in relation to a contract to which you are party to or prior to you entering a contract
• The processing is necessary for compliance with a legal obligation
• The processing is necessary for carrying out a task in the public interest or
• To protect your vital interest
If we process any Special Categories of Personal Data we must have a further lawful basis for the processing. This may include:
• Where you have given explicit consent e.g. special dietary requirement at an event
• Where the processing is necessary to protect your vital interest or someone else’s vital interests e.g. passing information to An Garda Siochána
• Where the processing is carried out in the course of our legitimate interests as a Roman Catholic diocese working with and supporting our current and former members and the information is not shared outside the Diocese with anyone else without your consent
• You have made the information public
• Where the processing is necessary for the establishment, exercise or defense of legal claims
• Where the processing is necessary for carrying out the Diocese’s employment and social security obligations or
• The processing is necessary for reasons of substantial public interest (e.g. where steps are taken to prevent fraud)
The Archdiocese may be legally authorised to share your information, for example, when we need to undertake background checks as part of a job recruitment application. If you decide not to share certain information with us, it may impact our ability to respond to your needs.
When you visit our website, we do not collect any personal data about you apart from information you volunteer by contacting the Archdiocese by the e-mail address listed on this site.
What do we use your information for?
We use your information for a range of different purposes including:
• To carry out activities from weddings and funerals to general pastoral and spiritual care
• Administering certain Sacraments
• To provide you with information you request from us
• To process various application forms
• For Tax on Donations requests
• If you are a job applicant, to assess your suitability for the position you have applied for
• Communicating with you about diocesan events
• Dealing with complaints and enquiries
• To administer, support, improve and develop the administration of the Diocese’s work and operations and to keep the Diocese’s accounts and records up to date
• For auditing and statistical purposes
• As authorised or required by any law applicable to us or arising from your interaction with us
• Technical details in connection with visits to this website may be logged on the Diocesan server for accounting and auditing purposes (e.g. Computer IP number)
• In the case of CCTV recordings, to prevent or detect a crime and to help create a safer environment for our staff, members of the faithful, clergy, volunteers and visitors
The Catholic Diocese of Dublin does not use automatic decision making software and does not engage in profiling.
How who do we share your information?
The information you give us is used by the Archdiocese only in accordance with the purpose for which you provided the information and with your consent. This information will only be retained for as long as required for the purpose for which it was gathered.
We may share your information with government bodies for tax relief purposes or law enforcement agencies for the prevention and detection of crime.
Information will only be made available to third parties who assist us with our work. We may share information with service providers but only when an appropriate Service Provider Agreement/contract is in place outlining exactly what they are permitted to do. Any data processed in the course of such services is processed in compliance with the GDPR.
It is the policy of the Diocese not to disclose technical details in connection with visits to this website in respect of individual website visitors to any third party unless obliged to disclose such information by a rule of law. The technical information will be used only for statistical purposes. You should note that technical details, which the Diocese cannot associate with any identifiable individual, do not constitute “personal data” for the purposes of the Data Protection Acts 1988 and 2003 and GDPR 2018.
Where permitted by law and where appropriate, in order to comply with our legal obligations, we reserve the right to release personal data without your consent and/or without consulting you.
Where do we store your information?
We may store your information in hard copy or in electronic format, in storage facilities we own and operate ourselves, or that are owned and operated by our service providers. We may also transfer your personal data outside of Ireland and the European Economic Area, including to jurisdictions whose data protection laws are not equivalent to Irish laws, but we will only do this with your explicit consent.
How long do we retain your information?
We retain your personal information for as long as necessary with regard to the purposes for which it was collected or lawfully further processed, or for so long as may be necessary in light of our legal obligations. All information held is in accordance with the diocesan retention policy which is currently being amended to ensure its compliance with GDPR.
How do we keep your information safe and accurate?
The Diocese is committed to ensuring your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your information. The Diocese uses technical and organisational security measures to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorised persons. Our security measures are continuously adapted in line with technological developments.
We seek to ensure that we keep your personal data accurate and up to date. However, you are responsible for informing us of any changes to your personal data and other information.
No personally identifiable information is collected on this website from visitors, staff, clergy and volunteers that browse the website for information on our activities. We review these measures regularly.
Unfortunately the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, any transmission via our website is ultimately at your own risk. Once we have received your information we will use strict procedures and security features to try and prevent unauthorised access to, or unlawful processing or disclosure of, such data.
On written request we will inform you about the data stored about you. Requests for access, rectification, erasure or blocking of personal data will be processed on the basis of applicable legal provisions. Please contact the Data Protection Leader, Holy Cross Diocesan Centre, Clonliffe Road, Dublin 3, D09 P2E7 or email dataprotection@dublindiocese.ie
What are your rights?
You have many rights under Irish Data Protection legislation with regard to the processing of your data.
You have the right to be informed about any personal data that we hold which relates to you, including how we acquired this data and the purpose for which it is used. The right requires that you will be given a copy of all personal data we hold on you when requested. This is known as a Subject Access Request.
To make a Subject Access Request you must complete a Subject Access Request form. No fee is required. The request will be processed as soon as the Subject Access Request form is returned and we will respond to you within one calendar month. Further information and a copy of the form is available from dataprotection@dublindiocese.ie, by phoning (01) 808 7509 or writing to the Data Protection Leader, Holy Cross College & Diocesan Centre, Clonliffe Road, Dublin 3, D09 P2E7.
Under the Data Protection Acts 1988 and 2003 and the GDPR 2018 you have a right to have any inaccurate data held by us rectified free of charge. If you become aware of any inaccuracy in the personal data you have supplied to us please let us know in writing providing evidence of the correct information. We will then update our records accordingly. You can do this by contacting us at dataprotection@dublindiocese.ie
In certain circumstances you have the ‘Right to be Forgotten.’ This means you can request that the Diocese removes any and all references to you from our electronic records and systems. We will comply with such requests in a timely manner, as required by the GDPR, unless other operational or legal obligations require us to retain such data for a particular purpose or period of time.
You have the right at all times to object to the processing of your personal data which you find intrusive, excessive or unwarranted. The Archdiocese will respect your right to do so but may need to continue such processing where required to do so by law or within the terms of an existing contractual agreement.
Cookies and web analytics
We use Google Analytics to track user engagement and usage on our website. The cookies allow us to understand general traffic to our website for example number of visitors and length of time on site. This process does collect data, but in an anonymous form, to help us make improvements, develop the website and enhance the user experience. For further information on Google’s Privacy Policy please visit the link www.google.com/policies/privacy and support.google.com/analytics/answer/6004245?hl=en
The password used by parishes to access the secure area of the diocesan website is generic and therefore cannot be linked back to any one parish or individual.
Review
This Privacy Statement explains the privacy policy that the Diocese of Dublin has adopted for its websites. However, in legal terms it shall not be construed as a contractual undertaking. The Diocese reserves the right to review and amend this Statement at any time without notice and you should check this page regularly to view the most up to date Privacy Statement.
Further Information and Contact Details
Further information on your data privacy rights is available on the website of the Data Protection Commissioner www.dataprotection.ie
If you have any questions relating to the processing of personal data on this website please email dataprotection@dublindiocese.ie or contact the Data Protection Leader, Holy Cross Diocesan Centre, Clonliffe Road, Dublin 3, D09 P2E7.