Privacy Notice for Tobar Archaeological Services
Who we are and why do we require your information?
Tobar Archaeological Services provide archaeological consultancy services to the public and private sector within the island of Ireland.
The delivery of high quality services, tailored to meet the needs of our clients remains one of our core objectives. These services include not only the level and quality of service given to our customers, but also the quality of our decision-making processes, the efficiency and effectiveness of our business operations, standard of our facilities and our ability to adapt in an ever-changing environment.
In order to provide the most effective and targeted range of services to meet the needs of our clients we will be required to collect, process and use certain types of information about people and organisations. Depending on the service being sought or provided the information sought may include ‘personal data’ as defined by the EU General Data Protection Regulation (‘GDPR’) and may relate to current, past and future service users; past, current and prospective employees; suppliers; and members of the public who may engage in communications with us. In addition, Tobar Archaeological Services may need, from time to time, to collect, process and use certain types of personal data to comply with regulatory or legislative requirements or as otherwise reasonably required for the performance of our functions.
Why do we have a privacy notice?
Tobar Archaeological Services has created this privacy statement in order to demonstrate our commitment to privacy and to assure you that in all your dealings with us that we will endeavour to ensure the security of the data you provide to us.
Tobar Archaeological Services creates, collects and processes some personal data in various formats on a daily basis. This data may be submitted by you through application forms or our website or through correspondence with you. We may also obtain information about you from other sources such as government departments or other statutory bodies and also from other third parties (including members of the public) and from public sources where required. Tobar Archaeological Services commitment is that the personal data you may be required to supply to us is:
- Obtained lawfully, fairly and in a transparent manner
- Obtained for only specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary for purpose for which it was obtained
- Recorded, stored accurately and securely and where necessary kept up to date
- Kept only for as long as is necessary for the purposes for which it was obtained
- Kept in a form which permits identification of the data subject
- Processed only in a manner that ensures the appropriate security of the personal data including protection against unauthorised or unlawful processing.
Occasionally we may be required to contact you. When you provide personal data to us, it may be shared internally where sharing is relevant, proportionate and reasonably necessary for the performance of our business.
Tobar Archaeological Services may also share your information with other organisations (for example accountants, revenue etc) where necessary and permitted or required by applicable law. Personal data may also be shared with third party data processors responsible for supporting our operations (Microsoft 365 cloud storage).
The main legal basis for processing your personal data is that such processing is (i) necessary for us to comply with our legal obligations and/or (ii) necessary for us to carry out our tasks. Additionally we may process data to the extent it is necessary in the performance of a contract with you. In limited circumstances we may process personal data based on your consent.
We will retain your personal data only for as long as we require it for the performance of our functions, after which time it will be deleted by appropriate and secure methods. In the unlikely event that we are required to transfer your data outside of the European Economic Area (“EEA”) we will only do so where we can secure the transfer with appropriate safeguards and where we have a legal right to do so.
For further details of the specific purposes for which we collect and process personal information and our legal basis for such collection and processing, please contact the management at Tobar Archaeological Services – contact details are provided at the bottom of this Privacy Statement.
Data Protection Policy
Tobar Archaeological Services has a Data Protection Policy which outlines in greater detail how we as a service provider are committed to ensuring that we comply in full with our data protection obligations in respect of our processing of any personal data which we receive and that we only use such data to the extent reasonably required for the performance of our functions.
What personal data do we need?
The types of personal data you may be asked to supply to us can be categorised as follows:
- Your contact details to allow for efficient communication;
- Details of your personal circumstances which you may need to provide to us as part of for example a job application
- Your own financial details which you may need to provide to us as part of your employment.
- We may collect the following information if you submit it through our ‘contact us’ form or other occasional forms: Name, Phone number, Email address and Any message or questions you submit through our contact form
In order to communicate with you, you will be asked for contact details. You do not have to provide all contact details but providing more, such as email, phone, address, makes it easier to communicate.
Details of Personal Circumstances
You may in certain circumstances be asked to provide personal details specific to you and your family, in order to support your application for a job.
If you wish to apply for a job, for example, and are employed, you may be asked for a varying amount of personal financial details specific to you and your family, in order to support your application.
For further details of the specific retention periods of the personal data we collect please contact our Management – Contact details are provided at the bottom of this Privacy Statement.
How We Keep Your Information Safe
To protect your information we use appropriate security measures which include computer safeguards and secure files. We have established a range of cyber security and data privacy controls and our staff our provided with training in data protection. All of the third parties with who we share personal data are expected to adhere to the same standards that we hold ourselves to. We will use our reasonable endeavours to ensure that personal information is kept as secure as possible.
You have the following rights, in certain circumstances and subject to applicable exemptions, in relation to your personal data:
- the right to access the personal data that we hold about you, together with other information about our processing of that personal data:
- the right to require us to rectify any inaccuracies in your personal data;
- the right to require us to erase your personal data;
- the right to request that we no longer process your personal data for particular purposes;
- the right to object to our use of your personal data or the way in which we process it; and
- the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller.
Please note that to help protect your privacy, we take steps to verify your identity before granting access to personal data.
If you would like to exercise any of these rights, please submit a request to our management outlining the specific details of the request:
Email: firstname.lastname@example.org or email@example.com
All valid requests will be processed without undue delay and in any event within one month of receipt of the request. This period may be extended by up to two further months where necessary, taking into account the complexity of the request or the number of other requests we may have received at the same time. If this is the case, we will inform you of any time extensions.
In circumstances where a request appears to be manifestly unfounded or excessive, we will inform you of this in which case we will either decide not to fulfil the request and the reasons why or we will propose administrative fees in accordance with the GDPR if you wish to progress the request.
Right of Complaint to the Data Protection Commission
If you are not satisfied with the outcome of the response you received from Tobar Archaeological Services in relation to your request, then you are entitled to make a complaint to the Data Protection Commission which may investigate the matter for you.
The Data Protection Commission’s website is www.dataprotection.ie or you can contact their Office at:
Data Protection Commission
21 Fitzwilliam Square South
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
Our website contains links to other websites. This privacy statement only applies to this website and the services operated by Tobar. When you link to other websites you should read their own privacy policies.