1) Privacy Statement
This outlines the Irish Management Institute (IMI) Privacy Statement for Participants undertaking Executive Development programmes leading to IMI Electronic Certification.
Irish Management Institute (IMI) is a not-for-profit company incorporated in Ireland and having its registered office at Sandyford, Dublin 16. IMI is a wholly owned subsidiary of University College Cork.
IMI “IMI” or “we” or “us” or “our” and is inclusive of any member company within our group, which means any subsidiary or holding company with the meaning of section 7 and 8 of the Companies Act 2014.
2) Our Commitment
IMI is committed to protecting and respecting your privacy and we take our responsibilities seriously in relation to the processing of personal data. This Privacy Statement (the “Statement”) (together with our Terms and Conditions of Website Use and any other documents referred to) sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read this Statement carefully as it sets out important information about how we process your personal data and protect your rights.
IMI is committed to protecting the security of your personal information. We follow best practice guidelines to help protect your information from unauthorised access, use or disclosure.
For the purpose of the General Data Protection Regulation EU 2016/679 (the “GDPR”) and the Data Protection Act 2018, and unless we have entered into a different arrangement or agreement with you, IMI is the processor of your data.
3) What is Personal Data?
Under the EU’s General Data Protection Regulation Personal Data is defined as follows: Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
3.1 Special Categories of Personal Data – known as ‘sensitive data’
Certain data are classified under the Regulation as “special categories”:
- Racial
- Ethnic origin
- Political Opinions
- Religious Beliefs
- Trade-union membership
- Genetic Data
- Biometric Data
- Health Data
- Data concerning a natural person’s sex life
- Sexual orientation
- Other
Consent is required for IMI to process both types of personal data, and it must be explicitly given. Where we are asking you for sensitive personal data we will always tell you why and how the information will be used.
4) Fair Processing Notice: Why we need to Collect and Store Personal Data
For some of the services which we offer, we require information from you. The personal information we collect from you may include:
- Name
- Address
- Telephone number
- Email address
- Job title
- PPS number
- Date of birth
- Credit card details
- Awards and qualifications and assessment grades from previous education
- Employer name and details
- Disability and or health information to enable the provision of reasonable accommodations.
The personal data we collect from you will only be used for the following purposes:
- The provision of training and education, membership, alumni and consultancy services including reasonable accommodations and other associated services
- The organisation of application, enrolment, registration, assessment, accreditation and quality assurance
- Normal communication in relation to the above services
- Correspondence in relation to Billing and Accounts Receivable in respect of the above services
- Programme and event notifications, new service offerings and service updates
- Event booking and management
- Room hire and residence bookings
By consenting to this Privacy Statement, you are giving us permission to perform those actions. You may withdraw consent at any time by sending an email to: gdpr@imi.ie
5) How IMI Manages your Data
IMI (IMI) will process – that means collect, store and use – the information you provide in a manner that is compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. In some instances, the law sets the length of time information has to be kept, but in most cases the IMI will use its discretion to ensure that we do not keep records outside of our normal business requirements.
6) Additional Information Provision
The IMI, and/or UCC, may wish to send you marketing information about its services from time to time. You do not have to agree to this. If you change your mind to the use of your personal data for marketing use, please email gdpr@imi.ie and ask for removal of your details. All our electronic marketing material carries an unsubscribe option, so you can also unsubscribe at any time.
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
7) Details of Other Third Parties with Whom We Share Personal Data
The IMI may also share relevant personal data with the following categories of third parties where necessary, for purposes of fair processing, and where there is a legal basis to do so.
- State or regulatory bodies where we are required to do so by law.
- IT or Cloud service providers that provide essential services to the IMI; e.g. Microsoft, Canvas, Moodle, Turnitin, etc..
- Firms that provide professional services to the IMI such as legal firms and auditors.
- Firms that provide archiving and storage and disposal of confidential waste.
- Research and academic partners.
- Organisations including employers to whom you have given explicit consent for IMI to share data
- An Garda Síochána when we are required to do so by law.
When we share your data with the third parties outlined here the IMI will endeavour only to share the data that is needed, that the data is only processed according to our specific instructions and that the same standards of confidentiality and security are maintained. Our contractors are obliged to keep your details securely and use them only to fulfil the service they provide you on our behalf. Once the processing of the data is complete any third parties with whom data was shared, they will be required to return the data to the IMI save where they are required by law to retain it.
8) Access to your Personal Information
You have the right to be given a copy of information held by us about you. We may charge a fee for this which will not exceed €5.00 euros. We will provide the requested information to you within 30 calendar days of the receipt of a valid request in writing or by email. Applications must be sent with proof of identity such as a passport copy or driving license. We will also require applications to include any personal data, which relates to our company, such as your username or password.
You have the right to have any inaccuracies in the information held by us about you corrected, if inaccurate, or erased if we do not have a legitimate reason for retaining that information. We will accede to any such valid requests within 30 calendar days of the receipt of a valid request by email to gdpr@imi.ie.
We reserve the right to request you to provide additional information in order to enable us to identify your personal data and/or to verify your identity.
9) Protection of Children’s Personal Information
IMI does not knowingly collect any personal information from children.
10) Disclosure
No personal information will be retained for longer than is necessary.
Communicating via the Internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third parties.
11) Governing Law and Jurisdiction
This legal notice and all issues regarding use of your data are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.
12) Your Right to Complain
If you have a complaint about our use of your information, you can contact the Data Protection Commission via their website www.dataprotection.ie or write to them at:
Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
13) Enforcement of this Privacy Statement
If you have any questions regarding the above statement, please contact us at gdpr@imi.ie.