WellFest (“we”, “us” or “our”) are committed to protecting and the privacy of all visitors to our website www.wellfest.ie (and all pages attaching to and including this domain name) and all visitors who access our website or services (together, the “Site”). WellFest (WF) Limited is the data controller and responsible for your personal data.
This Privacy Statement (and any other documents referred to in it) sets out the basis on which we process and collect personal data from individuals who subscribe to our blog and mailing lists and those who purchase tickets online for our events (both are referred to as “you” or “yours”, as appropriate).
Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
- Information we may collect
- Information you give us. You may give us information about you by filling in forms on our Site or by corresponding with us by e-mail or otherwise. The information you give us may include your name, age, date of birth, postal address, e-mail address, phone number and payment information. We do not use or collect your precise geographic location.
- We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
- We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
- Children under 13. We do not knowingly contact or collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us so we can promptly obtain parental consent or remove the information.
- Uses made of the information
- Lawful basis of processing. Our processing of your personal data is necessary for the most part in order to perform the services that you have requested of us. We may also, from time to time, process your data in order to further our own legitimate interests, as set out in more detail below. Where we process your personal data in order to further our own legitimate interests, we will ensure that your data protection rights are respected at all times. You have a right to object to our use of your personal data where it is based on our legitimate interests, and if you do so, we will cease to use and process your personal data for that purpose, unless we can show there are compelling legitimate reasons for us to continue or we need to use the Personal Data for the purposes of legal claims.
- Where you agree to certain uses: We may use the information you provide, and the information we collect, where you have consented to our use for a particular purpose, such as to allow us to make suggestions and recommendations to you about goods or services that may interest you.
- If you do give your consent for us to use your personal data for a particular purpose, you have the right at any time to withdraw your consent to our future use of your personal data for some or all of those purposes by writing to [email protected]
- Information you give to us. We will use this information:
- to carry out our obligations arising from any contracts entered into between us or any services that we offer
- to respond to any queries or other communications you submit to us;
- to notify you about changes to our services; and / or
- to ensure that content from our Site is presented in the most effective manner for you and for your computer.
- Disclosure of your information
- We take reasonable steps to secure your personal data against unauthorized access or disclosure. The transmission of data is encrypted in all circumstances where you provide payment information.
- We may share your personal data with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in sections 7 and 8 of the Companies Act 2014 (as may be amended, superseded or replaced from time to time).
- We may share your information with selected third parties including our business partners, product and services suppliers and sub-contractors; and / or analytics and search engine providers that assist us in the improvement and optimisation of our Site.
- We may also disclose your personal information to third parties:
- if we are acquired or we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, to comply with the rules of any stock exchange or other trading exchange to which we are subject, in order to enforce or apply this Privacy Statement, or other agreements; and / or
- to protect our (or our customers or other relevant parties’) rights, property or safety.
- Where we store your personal data
- Personal data that we collect from you may be transferred to, stored and processed at, any country where we do business, which may include a destination outside the European Economic Area (“EEA“). The laws of jurisdictions outside the EEA may not have the same level of protection for personal data as apply in Ireland. In such circumstances we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Statement.
- Where the recipient is based in the United States, we will ensure that the recipient adheres to the principles of the US-EU Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use and retention of personal information from EEA member countries or an alternate legitimising mechanism.
- Where the recipient is located in any other jurisdiction outside of the EEA, we will put in place an appropriate legitimising mechanism under applicable data protection laws. For further information on data transfers, please contact [email protected]
- Please be aware that the transmission of information via the Internet is not completely secure. Although we will do our best to protect your data, we cannot guarantee the security of your data transmitted to our Site which you transmit at your own risk. Once we have received your information, we will apply procedures and use security features to try to prevent unauthorised access.
- Retention of your personal data
- We retain your personal data for as long as is necessary for the purpose for which it was collected, or as required or permitted for legal and regulatory purposes and legitimate business purposes. In general, we hold this information for a period of seven years, unless we are obliged to hold it for a longer period under law or applicable regulations.
- Your rights
- You have the right to request a copy of your personal data currently held by your data controller. Where we act as your data controller, we will provide you with a copy of your personal data as soon as practicable (subject to applicable data protection laws). We may also request proof of identification to verify your access request.
- You may also have the right to rectify, block or erase your personal data in certain circumstances.
- We will not be required to erase your personal data from our records where to do so would prevent us from meeting our contractual obligations, or where we are required to process (including retaining) your personal data in order to comply with a legal obligation, or if the personal data is necessary to establish, exercise or defend our legal rights or for the purpose of legal proceedings.
- Subject to applicable data protection laws, you may have the right to receive your personal data, which you have provided to a data controller, in a machine-readable format and / or where technically possible, to have that personal data sent to another data controller.
- You also have the right to lodge a complaint with the Irish Data Protection Commissioner (“DPC”) about the processing of your personal data at [email protected]. We would, however, appreciate the chance to deal with your concerns before you approach the DPC so please contact us in the first instance.
- If you choose to receive a newsletter or other information from us, you can unsubscribe at any time. You will be given the opportunity to unsubscribe in each notification or you can exercise the right by contacting us at [email protected]
- Linked websites
- Our Site may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for those websites or policies. Please check the applicable policies before you submit any personal data to those websites.
- Changes to this Privacy Statement
- We may from time to time revise this Privacy Statement by amending this page. You will be bound by such revised terms when you use the Site and you should therefore periodically check this page for any amendments we make. If we make any material changes to our policies, we will place a prominent notice on our website or application. If the change materially affects registered users, we will send a notice to you by email, push notification or text.
Questions, comments and requests regarding this Privacy Statement are welcomed and should be addressed to [email protected]
Last updated 6 June 2018