Abortions Right Campaign (ARC) maintains a database of supporters to stay in touch with our community and keep you updated about news and events.
This privacy statement concerns the processing of personal data collected on ARC website by the Abortion Rights Campaign, Outhouse, 105 Capel Street, Dublin 1.
Our database comprises of those who choose to join our online community by registering on the ARC website either by donating, signing up to our newsletter or by getting involved in our organised events. In all instances we collect and store personal information (or “data”) about you. We are committed to protecting and respecting your privacy and this Policy sets out what information we collect about you, where and how we use (“process”) it.
We may update this Policy occasionally. If significant changes are made, we will advertise this on the ARC website.
If you have any questions about this Policy or concerning your personal information, please contact our data protection officer, Grainne Mooney at [email protected]
What type of personal information do we collect?
We only collect personal data. No special data is collected by ARC. We collect:
- First name
- Last name
- Phone Number
A record of payments made via the ARC Shop, (but we do not store your credit/ debit card details as these are processed securely, externally by a third-party payment provider – Paypal) which could include shop purchases and online donations.
We collect personal information when you:
- Visit the ARC website
- Sign up for updates
- Take part in an event
- Sign up to volunteer
- If signing a petition
How we use your information:
We will use your personal information in a number of ways, always with a legal basis for processing your data. These may include:
- Providing you with the information or updates that you have asked for.
- Sending you communications (with your consent if required) that may be of interest, including invites to events, newsletters etc.
What Third-Party processors do ARC use?
In the role as Data Controller, ARC uses a number of Data Processors to process Personal Data on its behalf. In each case, a formal, written contract is in place with the Processor, outlining their obligations in relation to the Personal Data, the specific purpose or purposes for which they are engaged, and the understanding that they will process the data in compliance with the Irish Data Protection legislation.
These Data Processors include:
Google – GSuite
Blacknight Internet Services
Microsoft Office 365
Who has access to your information?
Web hosting, email hosting, analytics, marketing platform and event platform providers that enable us to run our community database and improve our website and its use.
Third parties in connection with restructuring or reorganisation of ARC operations, for example, marketing specialists or business support. In such event, we will take steps to ensure your privacy rights will be protected by the third party. In specified cases, personal data will be disclosed to third parties if this is required for the purpose for which the data has been collected. For example, if signing up as an ARC volunteer at an event organised by an affiliate or partner organisation of ARC, personal data collected on the volunteer form may be disclosed to that affiliate or partner organisation as specified on the volunteer form.
Other than this, we will not share your information with other organisations without your consent.
Automated Decision Making
Our legal basis for processing your information:
The use of your information for the purposes set out above is lawful because one or more of the following applies:
- You have given us your consent for the information to be used. General Data Protection Regulation (GDPR) Art.6. Lawfulness of processing
Updating your consent preferences:
- If we are using consent as our legal basis for processing your data, we must have an explicit “opt-in” from you for this specific type of processing.
- If we are using legitimate interests as our legal basis for processing your data, we will process your data responsibly in a way that you would reasonably expect, and you can opt out at any stage.
- If you click ‘unsubscribe’ at the bottom of one of our emails sent you will be automatically opted-out of these types of email communications in the future.
If you want to contact us about your consent preferences please contact data protection officer, Grainne Mooney at [email protected]
How we keep your information safe:
We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.
Your data is stored on a dedicated, secure cloud servers with industry-standard anti-virus, strong password implementation, and 2-step verification is enabled in all cases, well as strict data handling protocols.
We always ensure only authorised persons have access to your information, which means only approved conveyors of ARC, and that everyone who has access is appropriately trained in data management.
No data transmission over the internet can be guaranteed to be completely secure. So, whilst we strive to safeguard your information, we cannot guarantee the security of any information you provide online, and you do this at your own risk.
You have the right to request details of how we use your personal information through making a subject access request. Such requests have to be made in writing by contacting Grainne Mooney at [email protected]. Please complete the Subject Access Request form available here.
You also have the following rights:
- to request rectification of information that is inaccurate or out of date.
- to the erasure of your information (the “right to be forgotten”).
- to restrict the way in which we are dealing with and using your information.
- to request that your information be provided to you in a format that is secure and suitable for re-use (the “right to portability”);
All of these rights are subject to certain safeguards and limits or exemptions. To exercise any of these rights, you should contact Grainne Mooney at [email protected]
How long we keep your information for:
We will hold your personal information for as long as it is necessary for the relevant activity.
Where we rely on your consent to contact you for direct email marketing/ fundraising purposes, we will treat your consent as lasting only for as long as it is reasonable to do so.
If you ask us to stop contacting you, we will keep a record of your contact details and the limited information needed to ensure we comply with your request. If you ask us to remove your personal data from our database, we will delete all the information we hold out apart from your name and the dates that you attended [organisation] and archive your record in our database.
Keeping your information up to date:
Please would you let us know if your contact details change. You can also update your details by contacting us at [email protected]
Further information on your data privacy rights is also available on the website of the Data Protection Commissioner.
This Policy was last updated in September 2022.