General Data Protection Regulation

1. Identify the Lawful basis for processing personal data
(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.

Trainees understand we take their name & company name to provide them with work related details. No marketing emails will be sent to customers as no emails will be taken .

(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.

Travelift Ireland requires client information in order to schedule work.

2. Your business has reviewed how you ask for and record consent. Your business has systems to record and manage ongoing consent.
Travelift Ireland collects customer information to schedule work and confirm booking with client.

3. When collecting personal information, we tell people how we will use it
Customers are informed on the phone that their data is only being used for job scheduling. No personal information is collected.

A Privacy Statement is available on request.

4. Right of Access
All staff have been informed to pass onto Dominic McCarthy if a customer requests a copy of their personal information. Dominic McCarthy will provide all information to the enquirer, free of charge within 30 days.

5. Right to rectification and data quality
Any customer can have their data corrected/rectified within the companies records and email address book.

6. Right to erasure including retention and disposal
All customer data stored can be erased at their request. This process entails:

1. Finding and removing the email address and contact information.

7. Right to restrict processing
Your business has procedures to respond to an individual’s request to restrict the processing of their personal data.

Customer data is not shared with third parties as it is not requested. Travelift Ireland does not enter into marketing and data stored is only for work related issues

8. Right to data portability
If a customer requests their personal data (result of training). Travelift Ireland will send it in a simple email or spreadsheet format via email. Allowing them to easily transfer their data to various IT environments.

9. Right to Object
If a customer verbally or written requests to have their personal data removed, Dominic McCarthy will be informed and act upon it.

10. Rights related to automated decision making including profiling
“Your business has identified whether any of your processing operations constitute automated decision making and have procedures in place to deal with the requirements.”
Not applicable to Travelift Ireland

11. Accountability
Travelift Ireland has a data protection policy that is explained to all members of staff and available in the office.

12. Processor contracts
Not applicable to Travelift Ireland

13. Information risks
As reflected in this document. Travelift Ireland management team understand the business impacts of data risks and manage them effectively.

14. Data Protection by Design
Travelift Ireland has implemented measures to protect data. These include:
Passwords are not shared.
When staff leave, passwords are changed.
Only the management team have access to payment detail.

15. Data Protection Impact Assessments (DPIA)
Travelift Ireland will undergo DPIA’s if new tasks that require collecting personal data are undertaken.

16. Management Responsibility
The management team demonstrate support for data protection legislation and promote a positive culture of data protection compliance across the business.

17. Breach notification
If anyone suspects a breach of personal data within Travelift Ireland, the following actions will take place.
1. Dominic McCarthy to be informed immediately.
2. Investigation to begin immediately to determine what data has been breach.
3. Fixes/password changes will be rolled out, and the relevant members informed.

18. International transfers
“Your business ensures an adequate level of protection for any personal data processed by others on your behalf that is transferred outside the European Economic Area.”

Not applicable to Travelift Ireland.