A new legislative framework relating to the protection of personal information, the General Data Protection Regulation (GDPR), came into force throughout the EU on 25 May 2018.
The following information ensures compliance with the new regulations to protect the personal information of our supporters and beneficiaries.
Implementation of GDPR Policy
The GDPR policy is implemented by the NLT co-ordinator with oversight from, and under the auspices of, a nominated member of the Board of Directors.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
- The following personal information is stored digitally and used for electronic newsletter mailing:
Name and email address
- The following personal information is stored digitally and used for postal newsletter mailing:
Name, postal address and postcode and in a small number of cases we store a telephone number
Digital storage of personal information
All digitally stored personal data is stored with a secure GDPR compliant cloud service provider.
- Deletion of all redundant digital information is recorded. Only the contact person’s name is retained, along with the date that the deletion of the corresponding digital information took place.
Storage of personal information on paper
- All paper copies of personal information are stored in a locked cabinet in a locked building. The following information is stored: name and email address. In a small number of cases (where a supporter/contact person does not have an email address) we store a postal address and a telephone number
- Paper forms containing information for claiming tax on donations are stored for the maximum period required by Revenue.
- All redundant hard copies of information are shredded immediately
- A register of all people who have given consent for their data to be stored is maintained electronically. This register contains the following information: name, email address, postal address and phone number
- Consent for storage of new contact information must be approved by email or signature of the contact person. The contact person must be fully informed about why and how their information will be used at the consent stage.
- Information on withdrawal of consent is made available in any electronic communication via a link to information on the company website and an unsubscribe link.
Requests for personal information
We will not share your personal information with any other third parties without your permission unless we have a legal obligation to do so.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A log of all information access requests is maintained. Requests are responded to within 30 days of the request. If you would like a copy of the information held on you, please email us this request using our Contact Us information.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Images and Messages
NLT Ireland is a signatory of the Dochas Code of Conduct on Images and Messages (see more on https://dochas.ie/images-and-messages). All images and messages related to case stories on the company website or newsletters use first names or village name and not both.