Effective as of 23/02/2023
“Data controllers” are the people or organisations that determine the purposes for which, and the manner in which, any personal data is processed, and make independent decisions in relation to the personal data and/or who/which otherwise control that personal data.
Virtue Integrated Care operates and manages nursing homes and homecare services in Ireland.
This Privacy Notice applies to our business practices, and our website, which is accessible from ferndeanstepaside.ie.
As Virtue Integrated Care is established in Ireland, this document is written in the vein of the GDPR and Irish Data Protection Law, and VIEC falls under the jurisdiction of the Data Protection Commission Ireland. This Privacy Notice sets out what personal data we collect and process about you in connection with the services and functions of Virtue Integrated Care.
We are not responsible for the content or the privacy notices for any websites to which we may provide external links.
Data protection and privacy laws provide rights to individuals with regard to the use of their Personal Data by organisations, including our organisation. EU laws on data protection govern all activities we engage in with regard to our collection, storage, handling, disclosure and other uses of personal data.
We must comply with data protection and privacy laws because the law requires us to, but we also would like you to have confidence in dealing with us, and compliance with data protection law helps us to maintain a positive reputation in relation to how we handle personal data.
We are required to demonstrate accountability for our data protection obligations. This means that we must be able to show how we comply with the applicable data protection and privacy laws, and that we have in fact complied with the laws.
We do this, among other ways, by our written policies and procedures, by building data protection and privacy compliance into our systems and business rules, by internally monitoring our data protection and privacy compliance and keeping it under review, and by acting if our representatives, including employees or contractors, fail to follow the rules.
We also have certain obligations in relation to keeping records about our data processing.
We aim to comply with the following principles found in Data Protection Law:
Personal data is any data that identifies you, or could be used to identify you, which is submitted and/or collected by the Childhood Development Initiative. It does not include anonymised data where your identity has been removed.
Any personal data that you share with us is treated with the highest standards of security and confidentiality, strictly in accordance with the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR).
We obtain information from you:
We may collect the following categories of personal data:
We may collect sensitive data – or ‘Special Category Data’ – about you in order to assist you and to provide our services.
Our services are not directed to or intended for use by children.
Virtue Integrated Care does not collect any information about criminal convictions and offences in a general sense however, we are required under Irish law to complete Garda Vetting for staff that deliver care in a home or residential setting.
As with most websites, we gather statistical data and other analytical information (for example, demographic information, usage data etc.) collected on an aggregated basis of all visitors to our website. This data is not considered personal data in law as it does not directly or indirectly reveal your identity. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.
We use your personal data for the purposes outlined above. In doing so we rely on a number of separate and overlapping legal bases to lawfully process your personal data. These may include:
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
We have a Retention Policy and Retention Schedule in place, and we ensure data is destroyed confidentially when it is required to do so.
In some circumstances you can ask us to delete your data: see below for further information. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
If you have any queries about our retention periods you can contact us at firstname.lastname@example.org
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
When you consent to providing us with your personal data, we will also ask you for your consent to share your personal data with the third parties set out below.
Virtue Integrated Care has contracts in place and carry out due diligence in regard to our suppliers and relevant third parties.
If Virtue Integrated Care has received your information, we will use strict procedures and security features to try to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.
Virtue Integrated Care utilises encryption, access controls and other features to ensure the security of your data.
Virtue Integrated Care’s data is stored in the EU. Should VIEC engage a data processor or controller outside of the EU (subject to adequacy findings) standard contractual clauses and a transfer impact assessment would be carried out.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator when we are legally required to do so.
Virtue Integrated Care limits access to your personal data to those employees, contractors and other third parties on a need-to-know basis and under contract. We will only process your personal data for the purposes for which it was collected, and third parties are only permitted to process your data on our instructions.
You may withdraw consent at any time by providing an unambiguous indication of your wishes by which you, by a statement or by a clear affirmative action, signify withdrawal of consent to the processing of personal data relating to you. If you have any queries relating to withdrawing your consent, please contact our Data Protection Officer using the contact details set out below.
Withdrawal of consent shall be without effect to the lawfulness of processing based on consent before its withdrawal.
Under certain circumstances, and dependent on legal basis under which your personal data is processed, by law you have the right to:
We have appointed a Data Protection Officer to monitor compliance with our data protection obligations and with this policy and our related policies. If you have any questions about this policy or about our data protection compliance, please contact the Data Protection Officer.
If you wish to exercise your rights please contact our Data Protection Officer who will respond to the request within one calendar month.
Virtue Integrated Care take the privacy of our users and our obligations as a data controller extremely seriously. We have appointed a Data Protection Officer who can be contacted as follows:
20 Harcourt Street,
Republic of Ireland
Phone: 01 678 8997
You as the data subject have the right to complain at any time to a supervisory authority in relation to any issues related to our processing of your personal data. We would like to hear from you first if you have a complaint about how we use your data so that we may rectify the issue.
As our organisation is located in Ireland, and since we conduct our data processing here, we are regulated for data protection purposes by the Data Protection Commission.
You can contact the Data Protection Commission:
Phone: +353 57 8684800 or +353 1 7650100 / 1800437 737
Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square Dublin 2. D02 RD28 Ireland