1. 1 GENERAL INFORMATION
WCC owns and is responsible for the content of this website. Unless stated otherwise, this Privacy Statement applies only to WCC
1.2 WCC PRIVACY STATEMENT
WCC use any personal information collected from this website in accordance with applicable Irish and European Data Protection legislation. WCC has taken appropriate measures to keep secure personal information given by users of this site.
1.3 WHAT INFORMATION DO WE COLLECT AND WHY?
The information collected on this site includes:
1.3.1 A USER'S IP ADDRESS
A users IP address, which is automatically logged by our web server. IP addresses are used to observe users' interests in this website (number of visits, etc.).
Cookies are very small text files saved to your computer used to track user navigation around a website. At WCC , cookies may be used to store information on which advertisements have been seen by a user. They are not cross-referenced with any other information such that an individual person could be identified.
1.3.3 E-MAIL ADDRESSES
Email addresses and/or other contact details which users voluntarily provide in order to:
receive information from WCC and/or our partners
register for competitions
WCC will not disclose voluntarily provided details to third parties or use the information in any other way without prior consent, except on GARDA and Emergency Personnel use. On all pages where personal data is collected, specific details on the use of this information will be provided.
1.4 YOUR RIGHTS
You have the right to access your information held by WCC and where necessary, to have it amended. You can also request not to receive marketing information from WWC
1.5 LINKS TO OTHER WEBSITES
This website contains links to other sites that are completely unrelated to WCC . This privacy statement does not apply to these sites nor are we responsible for the content and practices of these websites.
We will always comply with General Data Protection Regulation (GDPR) when dealing with your personal data. You can find further details on the GDPR at http://gdprandyou.ie
All personal data is processed in accordance with the requirements of Irish and European data protection legislation, including the:
General Data Protection Regulation (GDPR), or Regulation (EU) 2016/679 –
Data Protection Act 2018
The Office of the Data Protection Commissioner is the independent national authority in Ireland for upholding the right of individuals to data privacy through the enforcement and monitoring of compliance with data protection legislation.
WCC (also known ‘we’, ‘our’ or ‘us’) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of licence holders and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
WCC is the data controller and data processor as defined. A Data Protection Officer (DPO) does not need to be appointed.
Registered Company Address: WCC
Type of Data Collected & Usage
We may collect some or all of the following personal data; this may vary according to your type of relationship with us:
WCC complies with its obligation under GDPR by keeping personal data up-to-date, by storing or destroying it securely, by not collecting or retaining excessive amounts of data, by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate measures are in place to protect personal data.
We use your personal data for the following purposes, to
enable us to provide our services of motorsport licencing
administer membership and training records
fundraise and promote the interests of the sport
manage our instructors, members, licence holders and volunteers
maintain our own financial accounts, event records and invoicing
supply you with information by telephone, e-mail or post
facilitate communication between club and members to inform you of news, events and regulatory changes relevant to club activities to enhance the operation of the sport
ensure we are complying with the requirements of our insurers
comply with EU and FIA regulatory requirement
Lawful Basis of Processing
We acknowledge that processing may be only carried out where a lawful basis for that processing exists and we have assigned a lawful basis against each processing activity, which can be viewed in the above table.
Where no other lawful basis applies, we may seek to rely on the member’s consent in order to process data.
Storage of Personal Data
WCC complies with The Governance Code for the Community, Voluntary and Charitable Sector in Ireland.
All of our administrators are aware that hard copy personal information should be kept in a locked filing cabinet, drawer or safe. They are aware of their roles and responsibilities when their role involves the handling and processing of personal data, and are instructed to store files or written information of a confidential nature in a secure manner so that are one accessed by people who have a need and a right to access them and to ensure that screen locks and enabled on all desktops and laptops etc. when unattended. No files or written information of a confidential nature are to be left where they can be read by unauthorised people.
Where data is computerised, it should be encrypted or password protected, either on a local hard drive or on a network drive that is regularly backed up. If a copy is kept on removable storage media, that media must itself by kept in a locked filing cabinet, drawer or safe. Personal data relating to licence holders will not be kept or transported on laptops, USB sticks, or similar devices, unless prior permission has been received. Where personal data is recorded on any such device it should be protected by: -
ensuring that data is recorded on such devices only where absolutely necessary
using an encrypted system
a folder should be created to store the files that need extra protection and all files created or moved to this folder should be automatically encrypted
ensuring that laptops or USB drives etc. are not left where they can be stolen, and in the in case of such an event occurring to report the incident to the relative authorities without delay
Data Protection Principles
Under GDPR, all personal data obtained and held by us must be processed according to a set of principles. In accordance with these principles, we will ensure that:
processing will be fair, lawful and transparent - data be collected for specific, explicit and legitimate purposes - data be collected will be adequate, relevant and limited to what is necessary for the purposes of processing
Data will be kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
data is not kept for longer than is necessary for its given purpose
data will be processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate measures
we will comply with the relevant GDPR procedures for transferring of personal data
You have the following rights under GDPR:
to be informed about the data we hold on you and what we do with it
to access the data we hold on you - for any inaccuracies in the data we hold on you to be corrected
to have data deleted in certain circumstances
to restrict the processing of the data
to transfer the data we hold on you to another party - to object to the inclusion of any information
to regulate any automated decision-making and profiling of personal data
Access to Data
As stated above, all licence holders have a right to access the personal data that we hold on them. To exercise this right, licence holders should make a Subject Access Request. We will comply with the request without delay, and within one month unless, in accordance with legislation, we decide that an extension is required. Those who make a request will be kept fully informed of any decision to extend the time limit
No charge will be made for complying with a request unless the request is manifestly unfounded, excessive or repetitive, or unless a request is made for duplicate copies to be provided to parties other than the member making the request. In these circumstances, a reasonable charge may be applied.
To submit a Subject Access Request please send a request to the Secretary in writing either by e-mail or at our registered address.
WCC may be required to disclose certain data to any person or third party. The circumstances leading to such disclosures include, but are not limited to:
when required by or permitted by law or lawfully necessary to protect WWC and its legitimate interests
requests from authorities, law enforcement agencies, court orders, legal procedures, obligations related to the reporting and filing of information with authorities or insurers
Requests from motorsport authorities
These kinds of disclosures will only be made when strictly necessary such as the above purposes or if we have received your explicit consent for such transfer of your personal data.
WCC does not transfer personal data to any recipients outside the EEA.
To exercise all relevant rights, queries or complaints please in the first instance contact: Secretary of WCC
You can contact the Data Protection Commission via e-mail firstname.lastname@example.org, or by telephone +353 (0)57 8684800 or at Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland.