Skip links

GDPR Policy

Privacy Notice 

Bia Beatha Creations Limited t/a Circle of Light will be what’s known as the ‘Controller’ of the personal data you provide to us. We collect data from the following types of people: 

General Users 

We do not collect personal information from general users. We use Google Analytics on our website to track visit information for analysis of traffic and this does not include personal information, see our cookie policy for more information. Further information on Google GDPR compliance is available to read here https://privacy.google.com/businesses/compliance/.  

Competition Entries 

From time to time, Bia Beatha Creations Limited t/a Circle of Light runs projects in which persons and businesses may be nominated for an award or competition. Only the information necessary for the competition to be awarded or judged is entered through the website. This information is stored in our encrypted database, accessed only by the project manager and deleted when no longer necessary to the project. Each project contains its own DIPA document detailing the use of personal data during the project. 

Email Marketing 

Bia Beatha Creations Limited t/a Circle of Light conducts email marketing to inform you of upcoming events & projects and Bia Beatha Creations Limited t/a Circle of Light past activity using the Mailchimp system. Signing up to receive emails from Bia Beatha Creations Limited t/a Circle of Light is only available through an opt in form on the Bia Beatha Creations Limited t/a Circle of Light website. The Mailchimp GDPR policy is available here https://mailchimp.com/legal/privacy/. Your email address will be kept with Mailchimp until you unsubscribe from the mailing list using the unsubscribe link provided in all Mailchimp emails. 

What Is Sensitive Data? 

Sensitive data is any data that can be used to identify a person and includes but is not limited to your: 

  • Name 
  • Phone number 
  • Email address 
  • Date of birth 
  • Photograph 
  • Video 
  • Personal biography 
  • Passport 
  • Driver’s License or other ID card 
  • IP address 
  • Biometric data 
  • Information on a person’s physical or mental health 

Why we need your data 

We need to know your basic personal data in order to provide you with ongoing organisational updates and funding information. We will not collect any personal data from you that we do not need to do this.  

How We Store Data in Bia Beatha Creations Limited t/a Circle of Light  

Website 

Our member data is encrypted and stored on servers located within Amsterdam, provided by Cloudways.com. Further information on the Cloudways.com GDPR policy may be found here https://www.cloudways.com/blog/gdpr/. No 3rd parties have access to your personal data unless the law allows them to do so. Any data submitted through the website is done on an opt-in basis, provided at the time of data submission. Users and members may opt-in to receive marketing information from Circle of Light via email. 

Google Drive 

All Bia Beatha Creations Limited t/a Circle of Light data, including Information gathered during Circle of Light projects is stored on Google Drive. Google Drive is fully GDPR compliant and is part of Google’s cloud platform, which is covered by Google GDPR compliance. (https://privacy.google.com/businesses/compliance/) 

Only Bia Beatha Creations Limited t/a Circle of Light members responsible for projects and membership have access to your data and all access is protected using 2-step verification. 

Mailchimp 

If you have opted in to receive information from Bia Beatha Creations Limited t/a Circle of Light via email, your email addresses will be stored on Mailchimp. The Mailchimp GDPR policy is available here https://mailchimp.com/legal/privacy/. 

Event Brite 

Bia Beatha Creations Limited t/a Circle of Light uses Event Brite to manage its events and payments. If you are attending a Bia Beatha Creations Limited t/a Circle of Light Event, you will need to enter your personal information into Event Brite. This information is never shared and is protected by the Event Brite GDPR policy and is available here https://www.eventbrite.ie/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy?lg=en_IE 

How long do we keep your data? 

Bia Beatha Creations Limited t/a Circle of Light does not keep your personal data longer than necessary for projects, events or your Bia Beatha Creations Limited t/a Circle of Light membership. 

All personal data on members who choose not to renew their Bia Beatha Creations Limited t/a Circle of Light membership is removed automatically from our database three months after their membership lapses. 

All personal data collected during the course of a Bia Beatha Creations Limited t/a Circle of Light project is deleted after it is no longer necessary to the project. This date will be made available as part of the project DIPA, which is provided before the data is collected. 

If you have opted in to receive information emails from Bia Beatha Creations Limited t/a Circle of Light, your email address will be kept with Mailchimp until you unsubscribe from the mailing list using the unsubscribe link provided in all Mailchimp emails. 

Security & Authentication 

All personal data stored in our website database is encrypted to protect against unauthorized access. 

All personal data stored on Google Drive and Mailchimp is protected by secure login and 2-step verification, which greatly reduces the risk of unauthorized access by asking users for additional proof of identity when logging in. 

Procedures For Data Requests 

Under GDPR, you have the right to: 

  • confirm that your data is being held; 
  • request a copy of any personal data we have retained on you; 
  • request that your personal information be deleted. 

Authentication 

To authenticate the identity of the requester, we will check the email address against the email address we have on file. In the case that the name of the requester matches the information we have, but the email address does not match, we may ask that the request be resent from the email address we have on file. 

Repeat requests 

In the case that requests are unfounded or excessive, in particular in the case of repeat requests, we will charge a €6.35 administration fee for each repeat request for the same data. This is to cover the administration costs of multiple requests, as provided for in Article 15 of the EU GDPR policy https://gdpr-info.eu/art-15-gdpr/ 

Personal information required for projects 

If your personal data is deleted at your request, but is necessary for participation in a project or competition, this may disqualify you from being involved further in the project or competition. 

Procedures For Data Breach 

If a data breach occurs which poses a risk to individuals then the Data Commissioners  (https://www.dataprotection.ie/docs/Home/4.htm) will be notified within 72 hours of the organisation becoming aware of the breach. In certain circumstances the individuals themselves must also be notified. 

Bia Beatha Creations Limited t/a Circle of Light will comply with all directions from the Office of the Data Commissioner in relation to the breach. Every attempt will be made to retrieve and / or delete the data that was breached and all security logins and access controls will be updated with new passwords. 

In addition an investigation will be conducted into how the breach occurred, with the goal of preventing a similar reoccurrence. 

Communication Guidelines Within Bia Beatha Creations Limited t/a Circle of Light 

For non- Bia Beatha Creations Limited t/a Circle of Light members, your personal data is never sent through any communication channels within Bia Beatha Creations Limited t/a Circle of Light, apart from Gmail, which is part of Google’s cloud platform and covered by Google GDPR compliance (https://privacy.google.com/businesses/compliance/). It is sometimes necessary to mention your name in our communications, in order for us to confirm who we are referring to when discussing an event or project. 

For Bia Beatha Creations Limited t/a Circle of Light members, only the personal data which you have provided to Bia Beatha Creations Limited t/a Circle of Light during sign up or through your membership area, or that which you have provided to other members as a contact method may be shared internally on communication channels. 

Gmail 

All official Bia Beatha Creations Limited t/a Circle of Light Ireland communication takes place within Gmail, which is part of the Google cloud platform and conforms to Google’s GDPR compliance policy https://privacy.google.com/businesses/compliance/. 

Facebook 

Bia Beatha Creations Limited t/a Circle of Light uses Facebook as a communication method internally between members and also to promote our events. Facebook is GDPR compliant and further information is available here https://www.facebook.com/policy.php 

Whatsapp 

Bia Beatha Creations Limited t/a Circle of Light uses Whatsapp as a communication method internally between members and your personal data is never shared over Whatsapp. 

Website 

The member database system on the Bia Beatha Creations Limited t/a Circle of Light website is used to communicate with Bia Beatha Creations Limited t/a Circle of Light members, solely to send notifications regarding their membership payments and renewals. Members may opt out of receiving these notification in their members area and also upon signup. 

Google Drive 

Bia Beatha Creations Limited t/a Circle of Light uses Google Drive to store and share internal access to your personal information only to those members that are authorized and require access to it to carry out projects. Google Drive is part of the Google cloud platform and conforms to Google’s GDPR compliance policy https://privacy.google.com/businesses/compliance/. 

Photos & Videos 

Bia Beatha Creations Limited t/a Circle of Light takes and shares photos & videos of its events and projects on its website and on Facebook. These are for promotional purposes only in order to promote the activities of the organization. At all events, an announcement is made to state that photos and videos will be taken and used in this manner. 

Payment Processing 

All payment processing on the Bia Beatha Creations Limited t/a Circle of Light website is carried out securely by Stripe Payments who are fully GDPR compliant https://stripe.com/ie/privacy. Payment card details are never stored by JCI Ireland. 

Events 

Bia Beatha Creations Limited t/a Circle of Light takes and shares photos & videos of its events and projects on its website and on Facebook. These are for promotional purposes only in order to promote the activities of the organization. At all events, an announcement is made to state that photos and videos will be taken and used in this manner. 

Upon entering the event, for Fire & Safety reasons, guests and members are asked to sign in and provide their name only on a physical sign in sheet. This sheet is then destroyed after the event. If you wish to opt in for Bia Beatha Creations Limited t/a Circle of Light promotional and information emails, you may do so on the Bia Beatha Creations Limited t/a Circle of Light website. If the event is related to a Bia Beatha Creations Limited t/a Circle of Light project in which personal data has been obtained, the project DIPA policy will be displayed at the event. 

Projects 

All Bia Beatha Creations Limited t/a Circle of Light projects will have a DIPA document, detailing what personal data will be requested, why it is needed, what will be done with it, where it will be stored, who will have access to it and when it will be deleted. If the project involves a public event, this DIPA document will be displayed at the event. 

Timelines & Dates 

All personal data collected during the course of a Bia Beatha Creations Limited t/a Circle of Light project is deleted when no longer necessary to the project. This date will be made available as part of the project DIPA, which is provided before the data is collected. 

All personal data on members who choose not to renew their Bia Beatha Creations Limited t/a Circle of Light membership is removed automatically from our database 3 months after their membership lapses.