This DIFC privacy statement explains the kinds of information we may obtain from or about you as a visitor to our website or as a user of our educational services; how we may use that information (together with information provided offline or via other means); and who we may share that information with.
Each time you access, browse and/or use our website you agree to the following terms. If you do not agree you must cease to use our website. We are not responsible for the content or privacy practices of other websites.
DIFC respects your right to privacy and we are committed to complying with applicable data protection and privacy law.
We will only collect personal information about you with your awareness and as described in this policy. Any personal information which you provide to us and/or which we obtain about you, will be kept secure and confidential using appropriate technical measures. We may combine personal information that we collect via one method (for example, our website) with personal information that we collect via another method (for example, your offline interactions with us).
Collection and Use of Your Personal Information
We may collect and process the following data through our website (and combine this with data provided offline through your interactions with us):
- Any information provided by or about you through our website including comment boxes, forms, links, website usage or any other means.
- If any person contacts us via phone, email, post, surveys, through our website or otherwise, we may keep a record of that correspondence.
- Where you purchase any products or services from us, we collect your data in relation to that product or service as set out in this policy and our contract with you for that product or service.
You can opt out at any time by visiting http://www.youronlinechoices.com/ie/your-ad-choices and following the online instructions.
You agree that any data you provide to us will be true, complete and accurate in all respects and you agree to notify us immediately of any changes to it.
We will only collect personal information from or about you which is necessary to: –
- Provide this website to you
- Provide outsourced educational services & related products
- Set up and administer your account as a customer with us
- Contact you for direct marketing purposes, subject to restrictions under the relevant laws, including the right to opt out of such marketing
- Provide you with information relating to our services and to educational services & related Products generally
Retention of data
We keep your personal data only for as long as necessary for the purposes for which it was collected and to provide you with services, to conduct our legitimate business interests or where otherwise required by law.
Disclosure of data
Your personal information may also be processed by other organisations on our behalf for the purposes outlined above. We may disclose your information to partners, associates, agents or subcontractors and to possible successors to our business. Some of these parties may reside outside the European Economic Area (which currently comprises the Member states of the European Union plus Norway, Iceland and Liechtenstein). If we do this, your information will be treated to the same standards adopted in Ireland. We may also disclose your information for the prevention and detection of crime and to protect the interests of DIFC or others, or if required to do so by law or other binding request.
User Rights and access to your personal information
Under Data Protection Law you have the right to access, erase or correct information held about you in certain circumstances, and to have some of that data (if held by DIFC) provided to you in a portable form. You have the right to request a copy of any personal information we hold about you.
We will endeavour to comply with such requests within one month, but where any such request is unusually onerous, we may extend that time by a further two months. In fulfilling such a request, we may request a copy of ID to confirm your identity. To make such a request, please write by sending an email to email@example.com
Where you, as a Data Controller, engage the services of DIFC, we will act as Data Processors on your behalf. In doing so, we will: –
- Only process personal data under the Contract in accordance with your reasonable written instructions and in accordance with applicable Data Protection Legislation
- Adopt appropriate technical and organisational measures against accidental disclosure, loss or destruction of personal data
- Inform you promptly in the event of unauthorised disclosure, loss or destruction of any personal data processed on your behalf
- Refer to you any requests, notices or other communication from data subjects, the Office of the Data Protection Commissioner or any other law enforcement agency relating to personal data processed on your behalf
- Ensure that all DIFC personnel processing personal data are under an obligation of confidentiality
- Make available reasonable information necessary to demonstrate compliance with our Data Protection Obligations
- Make available such information and assistance as is reasonably necessary for you to comply with your obligations to respond to requests for exercising the data subject’s rights, to report personal data breaches and to conduct Data Protection Impact Assessments and Prior Consultation with Data Protection Authorities
- Comply with our obligations to you in respect of sub-processing and Third Country Transfers.
- Delete or return all personal data processed on your behalf, upon the termination of any services provided by us to you
For further information in relation to this please contact our Data Protection Leader firstname.lastname@example.org