Workplace Instructor Network (WIN) Data Protection Policy

2.1    ‘WIN’ means Workplace Instructor Network (WIN), a body corporate under Irish law, with registered offices at Unit 2 Lyncon Court, Snugborough Business, Blanchardstown Industrial Park, Blanchardstown, Dublin 15, Ireland;

2.2    ‘WIN service’ means the service offered by Workplace Instructor Network (WIN), designed to provide access to a network of certified instructors for workplace-based training;

2.3    ‘registered user’ means any natural or legal person, public authority, agency or another body registered with WIN to use the WIN service for any reason; 2.4 ‘public user’ means any means any natural or legal person, public authority, agency or another body not registered with WIN, that uses the WIN service for any reason;

2.4    ‘personal data’ means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

2.5    ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

2.6    ‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

2.7    ‘third party’ means a natural or legal person, public authority, agency or body other than the registered user, WIN and persons who, under the direct authority of WIN, are authorised to process personal data;

2.8    ‘consent’ means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

2.9    ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

6.1    WIN may contact a registered user:

6.2    WIN will never contact a registered user to request an account password or other login details. Registered users are advised to be cautious about receiving e-mails or telephone calls claiming to be from WIN.

6.3    WIN will only send marketing e-mails or materials where the registered user has agreed to this. This consent will be separate to that given to store and otherwise process personal data. 

7.1    Personal data will only be shared with a third party with the consent of the registered user or where otherwise provided for by Article 6 of the GDPR EU 2016/679. Consent will be obtained from the registered user by a written statement, including by electronic means. 

7.2    Registered users should be aware that by giving consent to share personal data with a third party, that such data may be stored or otherwise processed by that third party and may result in that personal data travelling outside the European Union.

9.1    Registered users can rectify inaccurate or incomplete data by writing to WIN through the contact details in Section 1.0 of this policy.

9.2    Registered users can delete their WIN account at any time. Registered users wishing to delete their account can do so by writing to WIN through the contact details in Section 1.0 of this Policy. Personal data will be deleted immediately with any remaining data anonymised for analytical purposes. Where a WIN account is deleted the registered user will no longer access to WIN services or benefits, other than those available to a public user. 

11.1          WIN makes every effort, including appropriate technical and organisational measures, to safeguard personal data and are legally obliged to use such data in line with all applicable laws concerning the protection of personal data, including the GDPR EU 2016/679. No web-based activity can be completely secure; if a registered user has any concerns that their account could have been compromised they should contact WIN immediately.

11.2          Where a personal data breach occurs WIN shall, in accordance with Article 34 of the GDPR EU 2016/679, communicate the personal data breach to the registered user and, in accordance with Article 33 of the same regulation, communicate the personal data breach to the Office of the Data Protection Commissioner.