Privacy & Cookies Policy

Effective October 2020

This is the website of Galway Hospice Foundation (‘we’, ‘us, ‘our’). We take our responsibility to protect your data seriously.

This policy discloses our information gathering and dissemination practices relating to this website. In order to fully understand your rights, we encourage you to read this policy in full. We are not responsible for the content or privacy practices of other websites even if their link appears on our site. We reserve the right to modify this privacy policy at any time. Each time you use this website you shall be bound by the then current privacy policy and accordingly you should review the privacy policy each time you use this website.

This policy governs the online processing activities of this website. For offline processing of personal data, please request a copy of our Data Protection Policy from our Data Protection Officer (contact details below).

Who we are

Galway Hospice Foundation is the controller of the personal data it processes. We are registered in Ireland with company number 136155 and with the Charities Regulator RCN 20022150 and with Revenue under Charitable status number CHY8837. 

DPO Contact Details

Galway Hospice Foundation has appointed a Data Protection Officer.  If you wish to contact our Data Protection Officer in relation to our processing of your personal data, you can do so by e-mailing galwayDPO@ambitcompliance.ie

Data Protection

We will not collect any personal information about you on this website without your clear knowledge and permission. Any personal information which you volunteer to us will be treated strictly in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Acts 1988-2018. Where data is submitted it will be used for the stated purpose and any reasonably incidental purposes only.

We do not sell or distribute your personal information to third parties for purposes of allowing them to market products and services to you.

Communicating via the internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third-parties.

The information we collect

    • For general web-browsing certain statistical information is available to us via our internet service provider. This information may include the IP and logical address of the server you are using, the top level domain name from which you access the internet (for example .ie, .com, etc.), the type of browser you are using, the date and time you access our site and the internet address linking to our site. We may also use temporary “session” cookies which enable a visitor’s web browser to remember which pages on this website have already been visited. 
  • If you choose to donate money through our ‘Donate Now’ page, we will require your name, phone number, address, email and card details. If you choose to make an ‘In Memory’ donation you also have the option of providing the name of your loved one. If you wish for us to send a memory card we will require the name and address of the recipient.
  • If you choose to donate money, we will require your name, phone number, address (if you wish to receive a receipt) and card details if applicable.
    • When you make a donation to us you are given the option to sign up to receive information from us in the future, about our work, upcoming events or campaigns. We will not send this information to you unless you opt in to receive it. If you change your mind you can always opt out by using the unsubscribe on any correspondence (mail, phone, email).
    • If you make a purchase through our online shop, we will require your name, billing address, delivery address and card details. Our online shop payments are processed through Stripe and we do not have access to your card details once the payment is processed. 
    • If you select to enter our weekly draw or car raffle you will be offered a number of payment options; standing order, paypal, postal form, payroll deduction, gift voucher. To process your entry we will require your name, address, billing details, voucher beneficiary name and address (in the case of gifts), email, phone number and payment details (payments are processed via Stripe or Paypal).
  • You have an opportunity to send us information via this website, such as through the “Have Your Say” section or any other area where you may send e-mails, request brochures/proposals or provide feedback. You may also choose to provide us with personal data (e.g. name, e-mail, postal address or other contact details) in an e-mail message to the address listed on our site. Our feedback form collects your name, email, and message content. We use all of these details solely for the purpose for which you provided them.
  • Our volunteer application form capture job application information including personal details, experience, education, employment history and references.
  • For ease we make garda vetting forms available on our website for our prospective employees. The information captured in these forms is prescribed by An Garda Siochana and contains detailed personal information.  
  • Information contained within a job application (CV) where that is sent via email.
  • Completing Transaction Forms – Memory Tree, Weekly Draw, Shop Order Form, Tree Lights and Event Sign Up Forms.

 

The purpose of collecting information

  • Website functionality – we analyse website users’ pattern of use to help us to improve, administer and diagnose problems with our server and website.
  • Complaint handling – we may use the data you provide to us via our feedback form or email address.
  • To share your experience or feedback on the ‘Have your say’ section on our website.
  • Processing your donation – if you kindly make a donation to us we will use the information you provide to process your payment and/or contacting you for the purposes of the governments Charitable Donation Scheme if you have donated over €250 in a tax year.
  • To process your purchase from our online shop.
  • To process your draw or raffle entry.
  • Responding to your query – you may provide us with personal data through our feedback form or email address while seeking information about volunteering, fundraising or our services.
  • Sending newsletters & keeping your informed of fundraising opportunities – we will only send information or fundraising updates to you if you have provided your consent to receive them. 
  • Job applications – from time to time jobs may be advertised on our website and potential candidates will submit their personal data (e.g. CV’s) via email for consideration.
  • Volunteer applications –.  Applicants also have the opportunity to register their interest via email in working as a Volunteer at the Galway Hospice Foundation.
  • For Garda Vetting purposes.
  • Entering competitions and raffles, for example a car raffle.

 

Legal basis for processing

We process the personal data we gather through our website under one of the following lawful bases:

  1. Consent: We will only process your data for marketing purposes with your consent. For processing activities for which we rely on consent as a basis for processing, you have the right to withdraw that consent at any time.
  2. Contract: We may process the data you provide while fulfilling our obligations under a contract e.g. during the provision of products or services to you or under an employment contract.
  3. Statutory: Some processing activities are required by law e.g. Revenue reporting.
  4. Legitimate interest: We will only process your data under this legal basis in such a way that you would expect us to based on our relationship with you, e.g. to monitor and improve our service. Where we rely on legitimate interest we carefully balance your rights and expectations to ensure the processing is fair.

For processing activities that are based on a statutory or contractual requirement, you may request your data not be processed for that purpose. However, this is not an absolute right and may be over-ridden by our statutory obligations. In other cases, requesting that data should not be processed for a particular purpose may prevent us from executing a contract or delivering a service to you.

Your rights

Under data protection law, data subjects have certain rights. Subject to certain restrictions, which are set out below, you can exercise these rights in relation to your personal data we process.

  1. The right to be informed about the processing of your personal data 
  2. The right to access your personal data
  3. The right to rectification of your personal data 
  4. The right to erasure of your personal data
  5. The right to data portability
  6. The right to object to processing of your personal data
  7. The right to restrict processing of your personal data
  8. Rights in relation to automated decision making, including profiling. 
  9. You have the right to complain to the Irish Data Protection Commission (www.dataprotection.ie) and to seek compensation through the courts

We reserve the right to request you to provide additional information in order to enable us to identify your personal data and/or to verify your identity.

Restriction of data subject rights in certain circumstances

Article 23 of the GDPR allows for data subject rights to be restricted in certain circumstances. In addition, the 2018 Act contains certain provisions dealing with the restriction of rights of data subjects, in particular Sections 59, 60 and 61, which give further effect to the provisions of Article 23. Further information can be found here.

Who we share your information with

We do not share your information with third parties other than those set out in this policy. We may share your information in the following circumstances:

  • Service providers: We may need to share personal information with our service providers, such as where necessary to provide our services to you. If there has been a breach of our terms of use, we may also share personal information with our legal advisors. All of our service providers will be obliged to keep your personal information safe and secure. Our website service providers include: PayPal and Stripe (a third party provider specialising in processing payments), our website hosting company (Proactive Design and Marketing, Printing services, ).  The Donation Form (Tree of Light, Croagh Patrick Climb, Memorial Walk) paid through Stripe is transferred into Champ our CRM system which also generates an email.
  • Business Transfer: Where some or all of our charity and/or its assets may potentially be or have been acquired, we may need to transfer your personal information to the new or prospective owners.
  • Legal and safety: In certain instances, we may share information where we reasonably believe that it is necessary for legal reasons, to defend our legal rights, to enforce our terms of use or to protect our rights, property, users, customers or the safety of any person. For example, we may provide personal information where ordered by a court to do so.
  • Revenue: where you fill out a CHY form to enable us to claim tax back.
  • Other: We will not share your information with a third party other than a service provider where you have given your consent for us to do so.

Where we store personal information

We generally store personal information on servers located inside the European Economic Area. However, in certain cases it may be necessary for us to transfer certain information to servers located outside of the EU. It is important to be aware that the privacy protections in certain jurisdictions may not be equivalent to those in Europe but we will only transfer your information outside the EEA where permitted by law and ensuring that it is subject to appropriate protections.

 

Data Retention

Galway Hospice Foundation retains personal data for a range of periods as set out in our Data Retention Policy. 

Security

We take our security responsibilities seriously, employing the most appropriate physical and technical measures. We review our security policy regularly. 

Governing Law and Jurisdiction

This legal policy and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.

General

Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Policy is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.

Contacting us 

If you wish to exercise your data protection rights or have any questions about this policy or our practices relating to the website you can email our Data Protection Officer at galwayDPO@ambitcompliance.ie

Changes to this policy

We may revise this policy on occasion. This privacy policy was last updated October 2020. 

 

Cookies policy

Cookies

Cookies are small files containing specific information that may be placed on your device when you use a website. Cookies help us to remember your preferences and to tailor our digital content according to your interests. Below is some terminology used to explain cookies.

First Party Cookies

These are cookies that are set and read by our own website. They store information such as your preferences, usage, login credentials and items in your shopping cart. 

Third Party Cookies

Cookies set by another domain which are read by the code on our website. These cookies track your internet use across a number of sites and can be used to profile you for advertising networks.

Session Cookies

These are cookies which are only related to a single session (a single visit to our website) and are automatically deleted when you close your web browser – these are typically considered as necessary for our website to function. 

Persistent Cookies

These cookies remain on your device after you’ve finished your session.

Other cookies (such as tracking cookies or authentication cookies) are often saved for an extended period of time from days to years, known as persistent cookies. 

Necessary Cookies

Cookies which are required for our website to work e.g. cookies for load balancers, cookies acceptance etc.

Marketing/Advertising Cookies

Advertising cookies are used to monitor your internet usage and target ads which are more relevant to you.  These are mainly third-party cookies from advertiser networks.

Analytic/Performance Cookies

These cookies are set by our analytics providers and allow us to record certain information about you, such as the pages you visit on our website, how many times you visit our website, and links you might click on. These cookies may also capture your geographical location; your IP address; what type of device you are using and various information about the device. This information can be used to create a unique fingerprint to help further identify you on other websites you might visit and can be used to create a profile of your online activities and interests.

Cookies on our site

We use a range of technologies on our website www.galwayhospice.ie, some of which are controlled by us (first party) and some are controlled by other organisations (third party). 

These technologies include (but are not limited to) cookies, scripts, fonts and images; some of which are considered as necessary for us to be able to deliver the web site to you and others which we use to enhance our understanding of how you use our web site; to assist in our marketing activities and other purposes explained below. 

Under European law we are required to obtain your consent for any use of these technologies which are not considered as necessary, as well as provide you with clear information as to what these technologies do; and the third parties we work with.

The cookies we use

Analytic Technologies

Name of the Cookie Host Purpose First/Third Party Persistent/Session
_gid galwayhospice.ie Google Analytics – Track what pages you visit, how long you are on the site, how you got here and what you click on. First Party Persistent
_ga galwayhospice.ie First Party Persistent
_gat galwayhospice.ie First Party Persistent

Functional Cookies

Name of Cookie Host Purpose First/ Third Party Persistent/ Session
PHPSESSID
galwayhospice.ie Store serialized data, establish a useer session e.g. items in shopping cart First Party Session
__stripe_mid Third party cookie. Used by the Stripe payment gateway, it stores an ID needed to make the payment. First Party Persistent
__stripe_sid Third party cookie. Used by the Stripe payment gateway, it stores a session ID needed to make the payment. First Party Persistent
woocommerce_cart_hash galwayhospice.ie Helps WooCommerce determine when cart contents/data changes. First Party Session
woocommerce_items_in_cart galwayhospice.ie Helps WooCommerce determine when cart contents/data changes. First Party Session
wp_woocommerce_session_ galwayhospice.ie Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. First Party Persistent
wfwaf-authcookie- First Party This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded. First Party Persistent
wordpress_ First Party WordPress cookie for a logged in user. First Party Persistent
wordpress_logged_in_ First Party WordPress cookie for a logged in user. First Party Persistent
wordpress_test_cookie First Party WordPress test cookie. First Party Session
wp-settings- First Party The cookie is used to check whether your web browser is set to allow, or reject cookies First Party Persistent
wp-settings-time First Party WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface. First Party Persistent

Marketing/Advertising Technologies

Name of the Cookie Host Purpose First/Third Party Persistent/Session
IDE Doubleclick Helps show relevant advertising  Third Party Persistent
GPS Youtube.com Collects data through videos embedded on our website in order to target advertising Third Party Persistent
YSC Youtube.com Track views of embedded videos. Third Party Persistent
Visitor_Info1_Live Youtube.com Unique identifier to track video views Third Party Persistent

Do I have to agree to the websites use of cookies?  

No. If you do not consent to our use of cookies, you can set your browser settings to reject cookies. These settings are usually found in the “options” or “preferences” menu of your web browser. You can find more details about how to control cookies here Alternatively, you can use the “Help” option in your web browser get more details. Some of the features of our website may not work or will be curtailed from working effectively without cookies. As a result, changing your browser settings to reject cookies may have a negative impact on your ability to use our website. 

If you use our website with your web browser set to accept cookies, you consent to our use of cookies as described in this cookies policy. If you do not accept our use of cookies, you should either (a) immediately stop using our services or (b) use the settings described above to reject cookies. To withdraw your consent to our use of cookies, you should either (a) cease using our website or (b) delete our cookies using your web browser’s settings and set your browser to reject future cookies. You can find out more about deleting and blocking cookies here and using your web browser’s “Help” option. 

Security

We take our security responsibilities seriously, employing the most appropriate physical and technical measures. We review our security policy regularly. 

Governing Law and Jurisdiction

This legal policy and all issues regarding this website are governed exclusively by Irish law and are subject to the exclusive jurisdiction of the Irish courts.

General

Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Policy is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.

Contacting us 

If you wish to exercise your data protection rights or have any questions about this policy or our practices relating to the website you can email our Data Protection Officer at galwayDPO@ambitcompliance.ie

Changes to this policy

We may revise this policy on occasion. This privacy policy was last updated October 2020. 

.