Data Controllers and Contracting Parties
For the purpose of applicable data protection laws, including the GDPR, the data controller is Swan Consulting. Our Data Protection Officer oversees how we collect, use, share and protect your information to ensure your rights are fulfilled. You can contact our Data Protection Officer at [email protected] or by writing to them at: Manager, Compliance & Information Management, Swan Consulting, 30 Trimleston Gardens, Blackrock, Co. Dublin, Ireland.
1. How We Collect Information About You
We collect personal information from you, for example, when you seek information about products or services. The information we collect includes information you give us, information we collect about you from your website and information we receive from other sources. The sources of information we collect are detailed below:
The types of personal information collected and stored by Swan Consulting might include your name, e-mail address, postal address, telephone number (landline or mobile), and payment processing information including credit/debit card details (to the extent permitted by the GDPR) and information about your employment (including your job title and employer’s details) as well as other personal information. You are not bound by any contractual or statutory obligation to provide personal data to us. However, if you choose to enter into a contract with us, then we will need certain information for the purposes of entering into and performing that contract (which may include personal data) and we may not be able to conclude a contract with you without that information.
Swan Consulting (or any of its sub-contractors) may collect personal information about you in the following ways:
a. any data which you provide when you complete forms on our website(s);
b. any data that you provide via postings to social media accounts of Swan Consulting, forums and blogs and any other posting that you make to a Swan Consulting website (in such circumstances the information posted by you will, of course, also be available to users of the website throughout the world);
c. during any transaction with us; and
d. any other data which you provide to Swan Consulting when you enquire about our activities by email, telephone or when you write to us or otherwise provide us with personal information. Please note your calls to Swan Consulting may be recorded for training and quality control purposes.
Swan Consulting (or any of its sub-contractors) may also receive information about you from third parties, for example a peer who wants to tell you about one of our products or services or website.
We also collect information through our website, social media, and market research.
We may use your IP address to help diagnose problems with our server, or to administer this website. We may conduct analyses of user traffic to measure the use of this website and to improve the content of it and our services. These analyses will be performed through the use of IP addresses and cookies.
2. Cookies & Links to Other Websites
Swan Consulting websites use the following cookies:
– Google Analytics & Adwords: users can find more information on this at this link https://www.google.com/policies/privacy/partners/
– Hotjar: users can find more information on this at this link https://www.hotjar.com/legal/policies/privacy/ under the section "Personal Data Collected from a Visitor of a Hotjar Enabled Site".
3. How We Keep Your Information Safe
We protect your information with security measures. We keep our computers, files and buildings secure.
We use administrative, technical, and physical measures to safeguard personal information against loss, theft and unauthorised uses, access or modifications. Certain areas of this website may be password protected. If you are a user of this website and have a password, you can help to preserve your privacy by ensuring that you do not share your password with anyone else. We recommend you change your password regularly.
We take steps to regularly validate the personal information we hold to ensure that the information is accurate and, where necessary, up to date. Information that is no longer required for any valid business purpose, and that we are not required to keep pursuant to any applicable law, will be routinely destroyed by secure means.
When you contact us about your information we will ask you to identify yourself. This is to protect your information.
Payments made via our websites or processed by us by credit/debit card payments whilst you are on the telephone are processed in a secure environment using software provided by third party providers. All other payments are processed by authorised bank transfer or direct debit.
4. How Long We Use Your Information For
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of the periods for which we retain different aspects of your personal information can be obtained from us on request. In some circumstances you can ask us to delete your data: see the section on ‘Your Rights’ below for further information.
5. Lawful Basis for Processing
To use your information lawfully, we must rely on one or more of the following legal bases:
– Performance of contract
– Legal obligation
– Protecting the vital interests of you or others
– Public interest
– Our legitimate interest, and
– Your consent
To meet our legal obligations, we collect some of your personal information, verify it, keep it up to date with regular checks and delete it once we no longer have to keep it. We may also gather information from third parties to help us meet our obligations. If you do not provide the information we need, or help us to keep it up to date, we may not be able to provide you with our products and services.
We will only collect and process personal data about you where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the Products or Services you have requested)) and “legitimate interests”.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your personal data or you wish to exercise your right to withdraw consent or object to our legitimate interest, please contact us on [email protected]
Sometimes we need your consent to use your personal information. With direct marketing for example, we need your consent to make you aware of products and services which may be of interest to you. We may do this by phone, post, email, text or through other digital media. You can decide how much direct marketing you want to accept when you apply for new products and services. If we ever contact you to get your feedback on ways to improve our products and services, you have the choice to opt out.
7. How We Use Your Information
Swan Consulting may use your personal information (subject in each case to the requirements of the GDPR) for the following purposes:
7.1 Administering your email subscription
– Administering your email subscription and otherwise in connection with any service for which you have provided your information, including any email newsletters and transactions with us. We will need to use your personal information where this is necessary for us to perform our obligations under a contract with you, for example where you have purchased services from us or for the purposes of our legitimate interests in administering our business and managing our relationship with you;
– Process your payments, keep payments safe and secure and protect against fraudulent transactions. We need to process payments for performance of our contract with you. It is also in our legitimate interests to process personal information to keep our customers’ payments secure.
– Responding to any enquiry you make through the website, by email or by phone. We will need to use your contact information (such as your email address, postal address and phone number) to contact you in response to a request you make and to otherwise deal with your enquiry and is necessary for us to perform our contractual obligations to you or to take steps to enter into a contract with you;
– We use data and content about Subscribers for invitations and communications promoting our Products, Services and network growth, engagement and our Services including by sending you newsletters and/or alerts and information regarding Swan Consulting’s or any third party’s future services. We will need to use your personal information (such as your email address and/or telephone number) to send you information about services that you may be interested in. It is in our legitimate interest to study how customers use our products and services and to promote, develop and grow our business. In some instances, we will process information for these purposes with your consent
– We will contact you through email, phone, notices posted on our websites, and other ways through our Services. We will send you messages about the availability of our Services, security, or other service-related issues. You may change your communication preferences any time by contacting [email protected] Please be aware that you cannot opt-out of receiving service messages from us, including security and legal notices.
7.3. Security and Investigations
– We use the data (which can include your communications) to investigate, respond to and resolve complaints and Service issues. We may need to use personal information, such as your IP address, to diagnose server problems or administer our websites where this is necessary for us to perform our obligations under a contract with you and provide services and in our legitimate interests to keep our website functioning;
– Comply with legal requirements and exercise or defend legal claims. We may be legally obligated to process personal data and/or it is in our legitimate interest to process personal data for the purposes of complying with legal requirements to which we are subject.
7.4. Enhancing Services and Research
– We use data, including public feedback, to conduct research and development for the further enhancements of our Products and Services in order to provide you and others with a better, more intuitive and personalised experience. We may need to use personal information, such as your IP address, to diagnose server problems or administer our websites. We may sometimes use your personal information (e.g. your IP address) to measure use of our websites and assess the effectiveness of our site pages. We may also use this personal information to improve the content of our websites and services. It is in our legitimate interest to look at user traffic via Google Analytics so that we can improve our websites and better meet your needs as a user.
– For generating and sharing aggregated insights that do not identify you. For example, we may use your data to generate statistics about our Visitors and Subscribers. We may generate aggregated statistics about users, traffic patterns etc. of Swan Consulting website(s) and other services and developing Swan Consulting’s marketing plans. We may sometimes use your personal information (e.g. your IP address) to measure use of our websites to improve the content of our websites and services and assess the effectiveness of our site pages. It is in our legitimate interest to look at user traffic publicly available on Google Analytics so that we can improve our websites and better meet your needs as a user;
7.5. International Transfer of Data
8. Your Information and Third Parties
Sometimes we share your information with third parties. We use other companies, agents or contractors (“Service Providers”) to perform services on our behalf or to assist us with the provision of services to you. For example, we may engage Service Providers to provide market research, marketing, advertising, communications, training, IT, hosting and other infrastructure, payment processing, and data cleansing and processing services. In the course of providing such services, these Service Providers may have access to your personal information. These third parties are contractually bound only to use personal information to perform the services that we hire them to provide. We will always use our best efforts to ensure that all the Service Providers we work with will keep your personal data secure.
9. Your Personal Information Rights
You have the rights set out below with respect to the personal information that we hold about you. To exercise any of these rights, you should contact us by using the contact details set out at the bottom of this policy.
You will not normally have to pay a fee to exercise any of these rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity when you seek to exercise any of your rights. This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to help clarify the scope of your request.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. Occasionally we may not be able to give you access to the personal information we hold about you (for example, we may not be able to give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety).
9.1. Rights to Access and Control Your Personal Data
For personal data that we have about you:
– Delete Data: You can ask us to erase or delete all or some of your personal data (e.g., if it is no longer necessary to provide Services to you). You also have the right to ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal information to comply with local law. Please note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, after you make your request.
– Change or Correct Data: You can also ask us to change, update or fix your data in certain cases through the website or by contacting us on the contact details below, particularly if it’s inaccurate.
– Object to Use of Data: You can ask us to stop using all or some of your personal data (e.g., if we have no legal right to keep using it) or where the processing is based on legitimate interests (including any profiling we undertake to send you personalised offers, product recommendations and similar content) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. We will comply with your right to object in these circumstances, unless: we can demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms; or
the processing is for the establishment, exercise or defence of legal claims; for direct marketing (including any profiling we undertake for the purposes of direct marketing).
Where we contact you by email for direct marketing purposes, you can easily unsubscribe from those marketing communications at any time by following the instructions included in these marketing communications. You can also contact us directly at any time to inform us that you do not wish to be contacted for direct marketing purposes.
– Withdraw your consent: Where we are relying on your consent to process your personal information, you may withdraw consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent, or any processing that we can lawfully undertake without needing your consent.
if you want us to establish the accuracy of the personal information;
where our use of the personal information is unlawful but you do not want us to erase it;
where you need us to hold the personal information even if we no longer require it, as you need it to establish, exercise or defend legal claims; or
you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use it.
– Restrict or Limit Use of Data: You may ask us to suspend the processing of your personal information:
– Right to Access and/or Take Your Data: You can ask whether or not we process your personal information and to request information on the purposes of data processing as well as confirmation on whether we use your personal information for these purposes only. You can ask us for a copy of your personal data and can ask for a copy of personal data you provided in structured, commonly used and machine-readable form. You may contact us using the contact information below, and we will consider your request in accordance with applicable laws.
– Right to Data Portability: Where we process personal information about you which has been provided by you directly to us; and is processed by automated means; and is processed with your consent or for the performance of a contract with you, you have the right to ask us where technically feasible, to transmit that data to another organisation.
– Right to Complain: If you believe that we have not complied with applicable data protection laws you can also contact the Data Protection Commissioner in Ireland at www.dataprotection.ie
If you have questions or complaints regarding this Policy or wish to exercise any of your rights, please first contact Swan Consulting by emailing [email protected] You can also reach us by post at our registered office. Please be reassured that all complaints will be fully investigated. We ask you supply as much information as possible to help our staff resolve your complaint as quickly as possible.