Privacy Statement

NIS Privacy Policy

This Privacy Statement covers how we process Personal Data where we are controllers for the purposes of the GDPR. Please contact us if you have any questions about this Privacy Statement or the Personal Data, we hold about you: 

by email at: sales@nis.ie

 

N I S ESSENTIALS 

“Personal Data” means data which identifies a person or could identify a person, such as their name, contact details, purchase history or web browsing history. It applies to Personal Data that we collect, use, and otherwise process in connection with your relationship with us as a customer, supplier, partner, investor, visitor to our website or prospective employee. 

 

Every individual has a right to understand how their Personal Data is being used and to exercise control over it using data protection rights which are set out in the General Data Protection Regulation (“GDPR”). As data protection practitioners it is our business to ensure that: 

 

  • you know what Personal Data we collect from you. 
  • you know what we are doing with your Personal Data. 
  • you know that we will only use your Personal Data for the purposes set out in our Privacy Statement. 
  • you understand your rights and can exercise control over your Personal Data. 
  • we will not send you marketing emails if you do not want to receive them. 
  • we will always ensure that we only share your Personal Data with third parties where necessary and only after thorough third-party due diligence. 
  • we will ensure appropriate technical and organisational measure are in place to protect your Personal Data and keep it secure. 

You can access our full Privacy Statement here. In it we provide further information about what Personal Data we collect, what we use it for, why we collect your Personal Data and what our legal basis is, who we share it with and how long we retain it. We also provide detailed information about your rights in relation to your Personal Data. If you have further questions, please get in touch with us at info@nis.ie 

If you wish to make a complaint in relation to the use of your Personal Data, you may contact the Irish Data Protection Commission at info@dataprotection.ie. 

You will be notified of any material changes to our Privacy Statement. 

 ABOUT US 

We are Network and Infrastructure Support Ltd an IT Solutions Company based in Ireland. We specialise in enabling organisations comply with the GDPR. 

This Privacy Statement covers how we process personal data where we are controllers for the purposes of the GDPR. 

Please contact us if you have any questions about this Privacy Statement or the Personal Data, we hold about you: 

by email at: sales@nis.ie 

 

WHO WE ARE? 

Network and Infrastructure Support Ltd is a business-centric data protection service company, focused on developing various services and products to assist in compliance with the General Data Protection Regulation (“GDPR”) and applicable domestic data protection legislation. 

 

CONTROLLER / PROCESSOR 

Under the GDPR, Network and Infrastructure Support Ltd acts as both a “controller” and a “processor” of Personal Data. 

 

SCOPE OF THIS STATEMENT 

This Privacy Statement covers the processing activities of Network and Infrastructure Support Ltd as a controller of Personal Data. 

 

OUR COMMITMENT 

We treat the handling of your Personal Data seriously and sensitively. 

 

This Privacy Statement is a statement of our commitment to protect your data protection rights and sets out the legal basis on which any Personal Data we process will be used. It also lists your rights as a data subject. 

 

ABOUT YOU 

This Privacy Statement applies to individuals whose personal data we process in order to operate our business. 

 

CATEGORIES OF INDIVIDUALS 

This Privacy Statement applies to the following individuals: 

visitors to our website. 

business contact details of our partners, investors, customers, and suppliers. 

those applying for jobs at NIS; and 

attendees at our webinars/events/conferences. 

 

EMPLOYEES 

Personal Data of employees of Network and Infrastructure Support Ltd is dealt with in a separate internal Employee Privacy Notice. 

 

CATEGORIES OF PERSONAL DATA 

This section explains the categories of Personal Data that we process. 

The Personal Data we process falls into 5 main headings: 

Contact & Identity Data 

Communications Data 

Financial Data 

Recruitment Data 

Web Data 

 

TYPES OF PERSONAL DATA 

We require certain Personal Data in order to provide our services to you and to operate our business. 

Personal Data Type Description 

Contact & Identity Data Name, Address, Email, Phone Number profession, company, and department. 

Communications Data Personal Data included in communications with us over email, phone, or letter. 

Financial Data Payment details 

Recruitment Data Identity data, CV data, References, and application data 

Web Data Data on the type of device you are using, the device IP address, operating system, referral source, length of your visit, page views and website navigation paths, as well as information about the timing, frequency, and pattern of your service use. This information is collected at an aggregate level and your identity data is not stored as part of this technical data. 

 

OUR PURPOSES FOR PROCESSING 

All processing of Personal Data must have an identified purpose. Here we explain our purpose for processing your Personal Data. 

 

PURPOSES 

We process your Personal Data for the following purposes: 

Type of Personal Data Purpose 

Contact & Identity Data  

to contact you in connection with our services. 

to contact you re payments to and from you. 

to contact you in connection with any job position we may have advertised. 

to notify you of any updates to this Privacy Statement. 

to send you data protection related information as part of our newsletter or similar communications (where you have subscribed) 

for customer relationship management and support. 

to fulfil our legal and contractual obligations to you. 

to provide you with information about our events and webinars; and 

to deliver and organise our conferences, seminars, events, and training. 

 

Communications Data  

for communications between us in connection with our products/services or for our conferences, seminars, events, and training. 

 

Financial Data  

to process payments to and from our business. 

 

Recruitment Data  

to contact you in connection with any job position we may have open. 

to fulfil the recruitment needs of the business. 

to arrange interviews and follow up communications with you; and 

to check your suitability for any positions we may have. 

 

Web Data  

to provide our products and services. 

to ensure the safety and security of users of our website and our products and services. 

 

LAWFULNESS OF PROCESSING 

All processing of Personal Data under the GDPR must be lawful. Processing will only be lawful if we have a legal basis for processing. 

Here we provide further information about the legal grounds we have for processing Personal Data. 

Processing is lawful if it Is necessary for the performance of a contract. 

We undertake the following processing under this heading: 

to contact you in connection with our products/services under the contract. 

to contact you regarding payments to and from you. 

to manage the service, we provide to you; and 

to process payments to and from our business 

 

CONSENT 

Where we process Personal Data with your consent, we will ensure that consent is specific, informed, and unambiguous. You may withdraw consent for processing by sending an email to info@nis.ie 

We sometimes process Personal Data based on consent where we send you data protection related information as part of our newsletters or similar communications and for certain conferences, training, and events that we organise. 

 

LEGITIMATE INTERESTS 

We will only process Personal Data under this legal ground where we have assessed and verified that the legitimate interest pursued does not override your rights to privacy.  Our legitimate interests include: 

 

our interest in providing the best service we can to our customers and growing our business. 

our interest in conducting research and analytics on our products and services so that we can understand which services are most popular on our website. 

our interest in obtaining payment for products and services provided. 

our interest in protecting our intellectual property rights. 

our interest in promoting and developing our business. 

our interest in recruiting the best possible talent for our business. 

our interest in ensuring the safety and security of users of our website and our products and services. 

 

COMPLIANCE WITH LEGAL OBLIGATIONS 

We will process Personal Data where we have a legal obligation to do so. 

 

SHARING OF PERSONAL DATA 

In order to provide our products and services we will need to share your Personal Data with third parties. Any transfer of Personal Data will only be undertaken in compliance with the GDPR. In this section we provide information on the categories of recipients of the Personal Data we process. 

 

BUSINESS PARTNERS, INVESTORS, CUSTOMERS & SERVICE PROVIDERS 

Will receive your Personal Data if: 

 

you have requested us to refer your details on; 

if we are collaborating on an event, training, conference or similar activity; 

in connection with, or during the negotiation of any investment, merger, or sale of the business; 

we engage with marketing partners to market our products/services; 

we engage data analytics providers to develop our website; 

we need to engage with consultants, lawyers, accountants, insurers, and other professional service providers; and 

if we require help to deliver our services to you including for example: 

CRM application suppliers; 

payment processors and facilitators; and 

IT and Cloud solution providers including back up and hosting of Personal Data. 

LAW ENFORCEMENT OFFICERS, DATA PROTECTION COMMISSION, GOVERNMENT OFFICIALS OR SIMILAR PARTIES 

Will receive your Personal Data: 

if required by applicable law, regulation, operating agreement, legal process, or governmental request, or where the disclosure is otherwise appropriate due to safety or similar concerns. 

if this is necessary for the purpose of enforcing the terms of any contract that we have entered with you. 

in connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company. 

to protect our rights, property, or safety, or that of you or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection. 

 

COOKIES 

Cookies help us improve the products and services that we offer you. Cookies are optional and you do not have to accept them. 

You can change your cookie preferences at any time by clicking on the ‘C’ icon in the bottom corner of the website. You can then adjust the available sliders to ‘On’ or ‘Off’ and click ‘Save and close’. You may need to refresh your page for your settings to take effect. 

 

 WHY WE USE COOKIES 

Our website at www.nis.ie uses cookies to distinguish you from other users of the website. This helps us to provide you with a good experience when you browse the website and also allows us to improve the website. If you register with us or if you continue to use the Website, you agree to our use of cookies.  Please go to the cookie management tool available on the website at www.nis.ieto understand the cookies that we collect and manage your preferences around them. 

Cookies enable us to store information about your preferences and therefore customise the website according to your individual interests. They are also used to monitor which parts of the website are the most popular to its visitors. 

Please be aware that if you do disable cookies however, certain services on the website will not be available to you and your use and enjoyment of them will be impaired. 

 

SECURITY MEASURES 

We are committed to protecting the security of your Personal Data. We have implemented appropriate physical, technical, and organisational safeguards to deliver on that commitment. 

STEPS WE TAKE 

We will take all steps reasonably necessary to ensure that Personal Data is treated securely in accordance with this Privacy Statement and the relevant law. 

In particular, we have put in place appropriate physical, technical, and organisational procedures to safeguard and secure the Personal Data we process. 

To protect the privacy and security of the Personal Data, we will also take reasonable steps to verify your identity before granting access to information as appropriate. 

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

 

We also use secure connections to protect Personal Data during its transmission using SSL (Secure Socket Layer) technology. 

 

In the event that we use a third-party processor (see Sharing of Personal Data) your Personal Data may be transferred outside of the European Union or EFTA States. We ensure that any such transfer is undertaken using legally compliant transfer mechanisms in compliance with the GDPR. 

 

RETENTION 

We only keep your data if it is necessary for the purposes of processing it or to comply with legal or regulatory requirements. 

 

RETENTION PERIODS 

We retain certain transaction information for a period of 7 years for the purposes of regulatory, tax, insurance, or other requirements. 

You can request to have your Personal Data deleted. Network and Infrastructure Support Ltd will then delete Personal Data that is it not required to retain. We will restrict internal access to Personal Data that we are required to retain. 

 

YOUR RIGHTS 

You have several rights to control your Personal Data that we collect and how we use it. 

There are certain exemptions to these rights. We will always communicate with you and let you know if you seek to exercise of your rights and a legal exemption applies. 

If we act as a processor and you exercise your rights, we will notify the controller and follow their instructions in providing a response. 

 

RIGHT OF ACCESS 

You have the right to ask for all the information we have about you and the services you receive from us. When we receive a request from you in writing, we must give you access to everything we have recorded about you as well as details of the processing, the categories of Personal Data concerned and the recipients of the Personal Data. 

We will provide the first copy of your Personal Data free of charge, but we may charge you a reasonable fee for any additional copies. 

We cannot give you access to a copy of your Personal Data if this would adversely affect the rights and freedoms of others. 

 

 

RIGHT OF CORRECTION 

If we have Personal Data about you that you believe to be inaccurate, you have the right to request correction of your Personal Data. 

 

RIGHT TO BE FORGOTTEN 

In some circumstances you can ask for your Personal Data to be deleted, for example, where: your Personal Data is no longer needed for the purpose that it was collected in the first place; you have removed your consent for us to use your Personal Data (where there is no other legal reason us to use it) there is no legal reason for the use of your Personal Data; deleting the Personal Data is a legal requirement. 

 Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure. 

 

RIGHT OF RESTRICTION 

When Personal Data is restricted it cannot be used other than to securely store the data and with your consent to handle legal claims and protect others, or where it is for important public interests. 

 

RIGHT TO DATA PORTABILITY 

You have the right to ask for your Personal Data to be given back to you or another service provider of your choice in a commonly used format. This is called data portability. 

 

This right only applies if we are using your personal information under the lawful grounds of consent or pursuant to a contract and the processing is automated and not manual. It does not apply where it would adversely affect the rights and freedoms of others. 

 

RIGHT TO OBJECT 

You have the right to object to the processing of your Personal Data where processing is: 

on the grounds of public interest or legitimate interest including profiling based on these grounds. 

for direct marketing purposes. 

 

RIGHTS REGARDING AUTOMATED DECISION MAKING 

You have the right not to be subject to a decision based solely on automated processing, including profiling which has legal effects on you.  This right shall not apply where the processingis necessary for a contract you have entered into; is undertaken with your consent; or is authorised by law. 

 

RIGHT TO MAKE A COMPLAINT 

You have the right to lodge a complaint with a supervisory authority, in particular in the country where you reside, place of work or place of the alleged infringement if you consider that the processing of Personal Data infringes the GDPR. 

 

 The contact details for the Data Commission in Ireland are: 

Email: info@dataprotection.ie 

Address:  Canal House, Station Road, Portarlington, R32 AP23, County Laois 

Tel Lo-Call: 1890 252 231 

 

CHANGES TO THIS STATEMENT 

We will post any changes on the Website and when doing so will change the updated date at the top of this Privacy Statement. 

In some cases, we may provide you with additional notice of changes to this Privacy Statement, such as via email. 

We will always provide you with such additional notice well in advance of the changes taking effect where we consider the changes to be material. 

 

Copyright © Network and Infrastructure Support Ltd. 2021 

Call Us