Last Updated : April 2013
At Post.Trust your privacy and data protection rights are very important to us.
Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic format. The Data Protection Acts 1988 and 2003 (the “Data Protection Acts”) lay down strict rules about the way in which personal data and sensitive personal data are collected, accessed, used and disclosed. The Data Protection Acts also permit individuals to access their personal data on request, and confer on individuals the right to have their personal data amended if found to be incorrect.
This document outlines Post.Trust’s policy to help ensure that we comply with the Data Protection Acts.
Inquiries about this Data Protection Policy should be made to Data Protection Co-Ordinator, Post.Trust, GPO, O'Connell Street, Dublin 1, Ireland
Data Protection Policy
Purpose of this policy.
This policy is a statement of Post.Trust’s commitment to protect the rights and privacy of individuals in accordance with the Data Protection Acts.
Collecting information about you.
We collect and use information to provide the following services:
- to undertake advertising, marketing, direct marketing and public relation exercises in line with Post.Trust’s business.
- to enhance or improve your experience on our website.
- to provide you with online services. Each service has different information requirements. Therefore the information we need, and what it is needed for, can differ. For full details please refer to the terms and conditions for each service.
Data Protection Principles
We shall perform our responsibilities under the Data Protection Acts in accordance with the following eight Data Protection principles:
- Obtain and process information fairly
We shall obtain and process your personal data fairly and in accordance with statutory and other legal obligations.
- Keep it only for one or more specified, explicit and lawful purposes
We shall keep your personal data for purposes that are specific, lawful and clearly stated. Your personal data will only be processed in a manner compatible with these purposes.
- Use and disclose only in ways compatible with these purposes
We shall use and disclose your personal data only in circumstances that are necessary for the purposes for which we collected the data.
- Keep it safe and secure
We shall take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of your personal data and against its accidental loss or destruction.
- Keep it accurate, complete and up-to-date
We adopt procedures that ensure high levels of data accuracy, completeness and that your data is up-to-date.
- Ensure it is adequate, relevant and not excessive
We shall only hold your personal data to the extent that it is adequate, relevant and not excessive.
- Retain for no longer than is necessary
We have a retention policy for your personal data.
- Give a copy of his/ her personal data to that individual, on request
We adopt procedures to ensure that data subjects can exercise their rights under the Data Protection legislation to access their data.
Overall responsibility for ensuring compliance with Data Protection Acts rests with Post.Trust. However our responsibility varies depending upon whether we are acting as either a Data Controller or a Data Processor.
All employees and contractors of Post.Trust who separately collect, control or process the content and use of personal data are individually responsible for compliance with the Data Protection Acts. The Data Protection Co-Ordinator is Post.Trust’s Data Protection Officer, and co-ordinates the provision of support, assistance, advice, and training throughout Post.Trust to ensure that Post.Trust is in a position to comply with the legislation.
Procedures and Guidelines
Post.Trust is firmly committed to ensuring personal privacy and compliance with the Data Protection Acts, including the provision of best practice guidelines and procedures in relation to all aspects of Data Protection.
This Data Protection Policy is supplemented (and may be amended) by specific policies and procedures adopted by Directorates within An Post and subsidiaries of An Post. In the event of a conflict between this Data Protection Policy and those of our Directorates and subsidiaries, then the latter policies and procedures shall prevail.
This Data Protection Policy will be reviewed regularly in light of any legislative or other relevant developments.
For further information about your Data Protection Rights please refer to the Data Protection Commissioners Website : www.dataprotection.ie