GlycoSeLect must comply with the Data Protection principles set out in the relevant legislation. This Policy applies to all Personal Data collected, processed and stored by GlycoSeLect in relation to its staff, service providers and clients in the course of its activities. GlycoSeLect makes no distinction between the rights of Data Subjects who are employees and those who are not. All are treated equally under this Policy.
The policy covers both personal and sensitive personal data held in relation to data subjects by GlycoSeLect. The policy applies equally to personal data held in manual and automated form. All Personal and Sensitive Personal Data will be treated with equal care by GlycoSeLect. Both categories will be equally referred to as Personal Data in this Policy unless specifically stated otherwise.
GlycoSeLect as a data controller
In the course of its daily organisational activities, GlycoSeLect acquires, processes and stores personal data in relation to:
• Employees of GlycoSeLect
• Customers of GlycoSeLect
• Third-party service providers engaged by GlycoSeLect
In accordance with the Irish Data Protection legislation, this data must be acquired and managed fairly. Not all staff members will be expected to be experts in Data Protection legislation. However, GlycoSeLect is committed to ensuring that its staff have sufficient awareness of the legislation in order to be able to anticipate and identify a Data Protection issue, should one arise. In such circumstances, staff must ensure that GlycoSeLect is informed in order that appropriate corrective action is taken.
In order to provide services, GlycoSeLect collects some Customer Personal Data, which may include customer name, email address and phone number. These data are provided voluntarily by the user through GlycoSeLect’s website form.
Due to the nature of the services provided by GlycoSeLect, there is a regular and active exchange of personal data between GlycoSeLect and its Data Subjects. In addition, GlycoSeLect exchanges personal data with Data Processors on the Data Subjects’ behalf. This is consistent with GlycoSeLect’s obligations under the terms of its contract with its Data Processors.
This policy provides the guidelines for this exchange of information, as well as the procedure to follow in the event that a GlycoSeLect staff member is unsure whether such data can be disclosed.
Subject access requests
Any formal, written request by a Data Subject for a copy of their personal data (a Subject Access Request) will be referred, as soon as possible, to GlycoSeLect, and will be processed as soon as possible.
Website users that would like to request access or modifications to their personal data can submit a written request by email to email@example.com or by postal mail to the address below.
It is intended that by complying with these guidelines, GlycoSeLect will adhere to best practice regarding the applicable Data Protection legislation.
In the course of its role as Data Controller, GlycoSeLect engages a number of Data Processors to process Personal Data on its behalf. In each case, a formal, written contract is in place with the Processor, outlining their obligations in relation to the Personal Data, the specific purpose or purposes for which they are engaged, and the understanding that they will process the data in compliance with the Irish Data Protection legislation.
These Data Processors include:
• HR Department
• Marketing Department