Cyclone Privacy Statement
Welcome to our Privacy Statement. Here we have outlined our responsibilities and your rights under General Data Protection Regulations (GDPR).

1. INTRODUCTION & PURPOSE
2. RIGHT TO ERASURE
3. RIGHT TO DATA PORTABILITY
4. RIGHT FOR AUTOMATED INDIVIDUAL DECISION MAKING INCLUDING PROFILING
5. RIGHT TO OBJECT
6. RIGHT TO RESTRICTION OF PROCESSING
7. RIGHT OF RECTIFICATION POLICY
8. RIGHT TO WITHDRAW CONSENT
9. RIGHT TO LODGE A COMPLAINT
10. RIGHT OF ACCESS POLICY
11. COOKIE POLICY
1. Introduction & Purpose

What is the Purpose of this Privacy Statement?
This Privacy statement refers to our commitment to treat the information of job candidates, employees, clients, contractors, suppliers and other interested parties with the utmost care and confidentiality.
With this statement, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights in accordance with the applicable data protection legislation including the Irish Data Protection Acts and the EU General Data Protection Regulation.

Who does this Privacy Statement refer to?
This statement refers to all parties (job candidates, employees, clients, contractors, suppliers and other interested parties etc.) whose personal data is processed by us.

Who must follow this Privacy Statement?
Our employees must follow this policy. Contractors, consultants, partners and any other external entity are also required to comply. Generally, this Statement applies to anyone we collaborate with or who acts on our behalf and may need occasional access to data.

What data is included?
As part of our services, we need to obtain and process data. This data includes any offline physical data or online data that makes a person identifiable such as names, addresses, phone numbers, usernames and passwords, IP addresses, any online identifier, CCTV, bio-metrics, digital footprints, photographs, social security numbers, financial data etc. It also may include one or more factors specific to the physical, physiological, genetic, mental, cultural or social identity of that person.
When ordering online or by phone, registering on our websites, using Live Chat, submitting forms or providing us with feedback on our products or services you may be asked for your name, email address, phone number, credit card information or other details to help you with your experience.

How do we use your information?
We may use the information we collect from you in the following ways:
To personalise your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
To improve our website in order to enhance your experience.
To allow us to better service you in responding to your customer service requests.
To quickly process your transactions.
To ask for ratings and reviews of services or products.
To follow up after correspondence (live chat, email or phone inquiries)
To protect against any unauthorised or illegal processing by internal or external parties
The technical data may be used for administrative and statistical purposes and may be shared with our internet service provider. We may use this information to help us to improve our website. This technical data does not provide us with the personal data of visitors to our website.

Web browsing
By simply visiting our website you do not disclose, nor do we collect, personal data on you. All that we may know about your visit may be limited to technical data such as:
· The logical address (or IP address) of the server you used to access this website
· The top level domain name from which you access the internet (for example .ie, .com, .org, .net)
· The previous website address from which you reached us
· The type of web-browser you used
· Web traffic data.

Data retention
We retain personal data for no longer than is allowed under data protection law and, in any case, no longer than such personal data is necessary for the purpose for which it was processed. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
As a registered user of our websites we will retain your Identity, Contact, Profile, Technical, Usage, Marketing and Communications Data for as long as your user account is live. We retain the personal data you provide while your account is in existence or as needed to provide you access to our websites. Even if you only use the Website or any other Cyclone service occasionally, we will retain your Identity, Contact, Profile, Technical, Usage, Marketing and Communications Data until you decide to close your user account. We retain personal data for longer if required by applicable law or regulation or justified under applicable statutory limitation periods.

Security of data
Cyclone takes seriously its security obligations in respect of your personal data under the Data Protection Acts to prevent unauthorised access to, or alteration or destruction of personal data in our possession. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.

Disclosure of data
Your personal information may also be processed by other organisations on our behalf for the purposes outlined above. We may disclose your information to partners, associates, agents or subcontractors and to possible successors to our business. Some of these parties may reside outside the European Economic Area (which currently comprises the Member states of the European Union plus Norway, Iceland and Liechtenstein). If we do this, your information will be treated to the same standards adopted in Ireland. We may also disclose your information for the prevention and detection of crime and to protect the interests of Cyclone or others, or if required to do so by law or other binding request.

Clients
Where you, as a Data Controller, engage the services of Cyclone, we will act as Data Processors on your behalf. In doing so, we will: –
· Only process personal data under the Contract in accordance with your reasonable written instructions and in accordance with applicable Data Protection Legislation
· Adopt appropriate technical and organisational measures against accidental disclosure, loss or destruction of personal data
· Inform you promptly in the event of unauthorised disclosure, loss or destruction of any personal data processed on your behalf
· Refer to you any requests, notices or other communication from data subjects, the Office of the Data Protection Commissioner or any other law enforcement agency relating to personal data processed on your behalf
· Ensure that all Cyclone personnel processing personal data are under an obligation of confidentiality
· Make available reasonable information necessary to demonstrate compliance with our Data Protection Obligations
· Make available such information and assistance as is reasonably necessary for you to comply with your obligations to respond to requests for exercising the data subject’s rights, to report personal data breaches and to conduct Data Protection Impact Assessments and Prior Consultation with Data Protection Authorities
· Comply with our obligations to you in respect of sub-processing and Third Country Transfers.
· Delete or return all personal data processed on your behalf, upon the termination of any services provided by us to you
For further information in relation to this please contact:
Data Protection Officer,
Cyclone,
Pleasant’s House,
Pleasant’s Street,
Dublin 8

How we protect your data
Restrict and monitor access to sensitive data;
Develop transparent data collection procedures;
Train employees in data protection and security measures;
Build secure networks to protect online data from cyber attacks;
Establish clear procedures for reporting privacy breaches or data misuse;
Include contract clauses or communicate statements on how we handle data;
Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorisation etc.).

Third-party disclosure
We do not sell, trade, or otherwise transfer to outside parties your personal information. This does not include website hosting partners and other parties who assist us in conducting our business, or serving our users. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights or property.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third-party links
Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
We collect this data in a transparent way and only with the full knowledge of interested parties. Once this information is available to us, the following rules apply. Our data will be:
Accurate and kept up-to-date
Collected fairly and for lawful purposes only
Processed by us on the basis of either a valid contract, consent, legal compliance or legitimate interest
Protected against any unauthorised or illegal processing by internal or external parties

Our data will not be:
Communicated to any unauthorised internal or external parties;
Stored for more than a specified amount of time required for the purpose it was obtain
Transferred to organisations, states or countries outside the European Economic area without adequate safeguards being put in place as required under Data Protection law.
Where consent is relied upon as a basis for processing of any personal data, you will be presented with an option to agree or disagree with the collection, use or disclosure of personal data.
Explicit consent will be required for the processing of any special category of personal data.

2. Right of rectification or erasure

If we hold incorrect information about you which was originally submitted by you through our websites, you have the right to have the data amended. Further, you have the right to have any information you have sent to us via this website erased. To request your right to rectification and/or erasure please send your request to us in writing to:
Data Protection Officer,
Cyclone,
Pleasant’s House,
Pleasant’s Street,
Dublin 8
together with:
· Your name and address.
· A description of the specific personal data you wish rectified.
· If you request an erasure of your personal data all your data will be erased subject to the following important notice.
We are not required to rectify or erase your data where to do so would prevent you from meeting your contractual obligations to us or where we are required to process (including retaining) your personal data for a lawful purpose in accordance with the Data Protection Acts.

Right of Access
You have a right to be given a copy of any of your personal data held by us, in accordance with section 4 of the Data Protection Acts subject to certain exceptions. To request a copy of your personal data please send a written request to:
Data Protection Officer
Cyclone
Pleasant’s House
Pleasant’s Street
Dublin 8
Ireland
Please note: We do not accept access requests via telephone, email or text message.

Right to Erasure

When have I the right to all my personal data being deleted by Cyclone?
You have the right to have your personal data deleted without undue delay if:
The personal data is no longer necessary in relation to the purpose(s) for which it was collected/processed;
You are withdrawing consent and where there is no other legal ground for the processing;
You object to the processing and there are no overriding legitimate grounds for the processing;
The personal data has been unlawfully processed;
The personal data has to be erased so that we are in compliance with legal obligation;
The personal data has been collected in relation to the offer of information society services with a child.
What happens if Cyclone has made my personal data public?
If we have made your personal data public, we, taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform those who are processing your personal data that you have requested the erasure.

What happens if Cyclone has disclosed my personal to third parties?
Where we have disclosed your personal data in question to third parties, we will inform them of your request for erasure where possible. We will also confirm to you details of relevant third parties to whom the data has been disclosed where appropriate.

3. When can I receive my personal data in machine readable format from Cyclone?

You will receive your personal data concerning you in a structured, commonly used and machine-readable format if:
processing is based on consent;
processing is carried out by automated means.
Would Cyclone transfer the personal data to another service provider if I requested this?
We can transfer this data to another company selected by you on your written instruction where it is technically feasible taking account of the available technology and the feasible cost of transfer proportionate to the service we provide to you.

Under what circumstances can Cyclone refuse?
You will not be able to obtain, or have transferred in machine-readable format, your personal data if we are processing this data in the public interest or in the exercise of official authority vested in us.

Will Cyclone provide me with my personal data if the file contains the personal data of others?
We will only provide you with your personal data, ensuring we protect the rights and freedoms of others. Where personal data of another person may be on the same files as yours, we will redact the full details of the other person.
Contact us at:
Data Protection Officer
Cyclone
Pleasant’s House
Pleasant’s Street
Dublin 8
Ireland

4. What are my rights in respect of Automated Decision making?

Cyclone does not have any automated decision-making processes. Where any such processes are introduced, we will provide you with the relevant information required under the “General Data Protection Regulation”.

5. Have I already been informed about my right to object?

We have informed you of your right to object prior to us collecting any of your personal data as stated in our privacy notice.
When can I object to Cyclone processing my personal data?
You can object on grounds relating to your particular situation.
Cyclone will stop processing your personal data unless:
we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms; or
the processing is for the establishment, exercise or defence of legal claims.

What are my rights to object for direct marketing purposes?
Where your personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
Where you object to processing for direct marketing purposes, we will no longer process this data for such purposes.

What are my rights to object in the use of information society services?
In the context of the use of information society services, you may exercise your right to object by automated means using technical specifications.

6. When can I restrict processing?

You may have processing of your personal data restricted:
While we are verifying the accuracy of your personal data which you have contested;
If you choose restricted processing over erasure where processing is unlawful;
If we no longer need the personal data for its original purpose but are required to hold the personal data for defence of legal claims;
Where you have objected to the processing (where it was necessary for the performance of a public interest task or purpose of legitimate interests), and we are considering whether our legitimate grounds override.

What if Cyclone has provided my personal data to third parties?
Where we have disclosed your personal data in question to third parties, we will inform them about the restriction on the processing, unless it is impossible or involves disproportionate effort to do so.

How will I know if the restriction is lifted by Cyclone and/or relevant third parties?
We will inform on an individual basis when a restriction on processing has been lifted.
Contact us at:
Data Protection Officer
Cyclone
Pleasant’s House
Pleasant’s Street
Dublin 8
Ireland

7. What can I do if Cyclone is holding incorrect personal data about me?

Where you suspect that data we hold about you is inaccurate, we will on demand rectify any inaccuracies without undue delay and provide confirmation of same.

What happens if Cyclone has disclosed my personal to third parties?
Where we have disclosed inaccurate personal data to third parties, we will inform them and request confirmation that rectification has occurred. We will also provide you with details of the third parties to whom your personal data has been disclosed.

8. Under what circumstances could I withdraw consent?

You can withdraw consent if we are processing your personal data based on your consent.

When can I withdraw consent?
You can withdraw consent at any time.

If I withdraw consent what happens to my current data?
Any processing based on your consent will cease upon the withdrawal of that consent. Your withdrawal will not affect any processing of personal data prior to your withdrawal of consent, or any processing which is not based on your consent.
Contact us at:
Data Protection Officer
Cyclone
Pleasant’s House
Pleasant’s Street
Dublin 8
Ireland

9. Can I lodge a complaint with the Data Protection Commissioner?

You can lodge a complaint with the Data Protection Commissioner in respect of any processing by or on behalf of Cyclone of personal data relating to you.

How do I lodge a complaint?
Making a complaint is simple and free. All you need to do is write to the Data Protection Commissioner giving details about the matter. You should clearly identify the organisation or individual you are complaining about. You should also outline the steps you have taken to have your concerns dealt with by the organisation, and what sort of response you received from them. Please also provide copies of any letters between you and the organisation, as well as supporting evidence/material.

What happens after I make the complaint?
The Data Protection Commissioner will then take the matter up with Cyclone for you

When do I have the right to access my personal data from Cyclone?
Where Cyclone process any personal data relating to you, you have the right to obtain confirmation of same from us, and to have access to your data.

What information will Cyclone provide to me?
If we are processing your personal data you are entitled to access a copy of all such personal data processed by us. We will also provide the following information including your full rights under Data Protection:
why we are processing your personal data;
the types of personal data concerned;
the third parties or categories of third parties to whom the personal data have been or will be disclosed. We will information you if any of the third parties are outside the European Economic Area (EEA)or international organisations;
how your personal data is safeguarded where we provide your personal data outside the European Economic Area or to an international organisation;
the length of time we will hold your data or if not possible, the criteria used to determine that period;
your rights to:
request any changes to inaccurate personal data held by us;
have your personal data deleted on all our systems;
restriction of processing of personal data concerning you;
to object to such processing;
data portability;
your right to lodge a complaint with the Data Protection Commission
info@dataprotection.ie
where we have collected your personal data from a third party, we will provide you with the information as to our source of your personal data;
any automated decision-making, including profiling which includes your personal data. We will provide you with meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

How long will it take to receive my personal data from Cyclone?
We will provide you with a copy of the personal data we are currently processing within 30 days of request. In rare situations if we are unable to provide you with the data within 30 days we will notify you within 10 days of your request explaining the reason for the delay and will commit to delivery within 60 days.

How much will it cost me to receive my personal data?
We will not charge for providing your personal data unless we believe the request is excessive and the cost of providing your data is disproportionate to your services provided.

Can I request additional copies of my personal data?
If you require additional copies we will charge €20 to cover our administrative costs.

Can I receive my personal data electronically?
You can request your personal data by electronic means and we will provide your personal data in a commonly used electronic form if technically feasible.

What will Cyclone do if another person’s personal data is shared with my personal data?
We will only provide you with your personal data, ensuring we protect the rights and freedoms of others. Where personal data of another person may be on the same files as yours, we will redact the full details of the other person.
Contact Us at:
Data Protection Officer
Cyclone
Pleasant’s House
Pleasant’s Street
Dublin 8
Ireland

10. Cyclone Cookie Policy – how we use cookies on our websites

We use cookies across our websites to improve performance and enhance your user experience. The information below explains how that is done.

What are cookies?
Cookies are small text files which a website may put on your computer or mobile device when you first visit a site or page. The cookie will help the website, or another website, to recognise your device the next time you visit. Web beacons or other similar files can also do the same thing. We use the term “cookies” in this policy to refer to all files that collect information in this way. There are many functions cookies serve. For example, they can help us to remember your username & preferences and analyse how well our website is performing, or even allow us to recommend content we believe will be most relevant to you.
Certain cookies contain personal information – for example, if you click to “remember me” when logging in, a cookie will store your username. Most cookies won’t collect information that identifies you, and will instead collect more general information such as how users arrive at and use our websites, or a user’s general location.

What sort of cookies does Cyclone use?
Generally, our cookies perform up to four different functions:
1. Essential cookies
Some cookies are essential for the operation of our website. For example, some cookies allow us to identify members and ensure they can access the member only pages. If a member opts to disable these cookies, the user will not be able to access all of the content available.
2. Performance Cookies
We utilise other cookies to analyse how our visitors use our websites and to monitor website performance. This allows us to provide a high quality experience by customising our offering and quickly identifying and fixing any issues that arise. For example, we might use performance cookies to keep track of which pages are most popular, which method of linking between pages is most effective, and to determine why some pages are receiving error messages. We might also use these cookies to highlight articles or site services that we think will be of interest to you based on your usage of the website.
3. Functionality Cookies
We use functionality cookies to allow us to remember your preferences. For example, cookies save you the trouble of typing in your username every time you access a site, and recall your customisation preferences, such as the latest version of a product or service that you saw.
We also use functionality cookies to provide you with enhanced services such as allowing you to watch a video online.
4. Behaviourally Targeted Advertising Cookies
Cyclone uses cookies to serve you with advertisements that we believe are relevant to you and your interests. For example, if you read a number of articles on office products on other sites, we might infer you are interested in this topic and serve you with advertisements. You might see these advertisements on other sites that you visit. We do not tell our advertisers who you are.

Does anyone else use cookies on Cyclone websites?
Advertisers sometimes use their own cookies to provide you with targeted advertising. For example, advertisers may use a profile they have built on sites that you have previously visited to present you with more relevant advertisements during your visit to a Cyclone website.
We believe that it is useful to our users to see advertisements that are more relevant to their interests. If you are based in the European Union and would like to learn more about how advertisers use these types of cookies or to choose not to receive them, please visit www.youronlinechoices.eu . If you are based in the United States and would like to learn more, please visit http://www.aboutads.info/choices/.
We also use or allow third parties to serve cookies that fall into the four categories above. For example, like many companies, we use Google Analytics to help us monitor our website traffic. We may also use third party cookies to help us with market research, revenue tracking, improving site functionality and monitoring compliance with our terms and conditions and copyright policy.

Can a website user block cookies?
Yes, although cookies help you to get the most out of our websites.
The first time you accessed our website you may have seen an overlay which explained that by continuing to access our site, you are consenting to our use of cookies. However, if you do wish to disable our cookies then please follow the instructions on our “How to Manage Cookies” page.
Please remember that if you do choose to disable cookies, you may find that certain sections of our website do not work properly

Do we track whether users open our emails?
Our emails may contain a single, campaign-unique “web beacon pixel” to tell us whether our emails are opened and verify any clicks through to links or advertisements within the email. We may use this information for purposes including determining which of our emails are more interesting to users, to query whether users who do not open our emails wish to continue receiving them and to inform our advertisers in aggregate how many users have clicked on their advertisements. The pixel will be deleted when you delete the email. If you do not wish the pixel to be downloaded to your device, you should select to receive emails from us in plain text rather than HTML.

More Information
More detail on how businesses use cookies is available at www.allaboutcookies.org.

How to manage cookies
As we explain in our Cookie Policy, cookies help you to get the most out of our websites.
If you do disable our cookies you may find that certain sections of our website do not work. For example, you may have difficulties logging in or viewing articles.

How to disable behaviourally targeted advertising cookies
If you are concerned about behaviourally targeted advertising cookies, users based in the European Union can visit www.youronlinechoices.eu and users based in the US can visit http://www.aboutads.info/choices/ to opt out of these third party cookies. The above websites are not Cyclone websites and we are not responsible for their content.

How to enable and disable cookies using your browser:

Google Chrome
Click the wrench icon on the browser toolbar
Select Settings
Click ‘Show advanced settings’
In the “Privacy” section, click the ‘Content settings’ button
To enable cookies in the “Cookies” section, pick ‘Allow local data to be set’, this will enable both first-party and third-party cookies. To allow only first-party cookies pick ‘Block all third-party cookies without exception’
To disable cookies, in the “Cookies” section, pick ‘Block sites from setting any data’
Note there are various levels of cookie enablement and disablement in Chrome. For more information on other cookie settings offered in Chrome, refer to the following page from Google: http://support.google.com/chrome/bin/answer.py?hl=en&answer=95647
Microsoft Internet Explorer 6.0, 7.0, 8.0
Click on ‘Tools’ at the top of your browser window and select ‘Internet Options’
In the options window navigate to the ‘Privacy’ tab
To enable cookies: Set the slider to ‘Medium’ or below
To disable cookies: Move the slider to the top to block all cookies
Note there are various levels of cookie enablement and disablement in Explorer. For more information on other cookie settings offered in Internet Explorer, refer to the following page from Microsoft: http://windows.Microsoft.com/en-GB/windows-vista/Block-or-allow-cookies
Mozilla Firefox
Click on ‘Tools’ at the browser menu and select ‘Options’
Select the Privacy panel
To enable cookies: Check ‘Accept cookies for sites’
To disable cookies: Uncheck ‘Accept cookies for sites’
Note there are various levels of cookie enablement and disablement in Firefox. For more information, refer to the following page from Mozilla: http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies
Opera
Click on ‘Setting’ at the browser menu and select ‘Settings’
Select ‘Quick Preferences’
To enable cookies: check “Enable Cookies”
To disable cookies: uncheck “Enable Cookies”
Note there are various levels of cookie enablement and disablement in Opera. For more information on other cookie settings offered in Opera, refer to the following page from Opera SoRACware: www.opera.com/browser/tutorials/security/privacy/.
Safari on OSX
Click on ‘Safari’ at the menu bar and select the ‘Preferences’ option
Click on ‘Security’
To enable cookies: In the ‘Accept cookies’ section select ‘Only from site you navigate to’
To disable cookies: In the ‘Accept cookies’ section select ‘Never’
Note there are various levels of cookie enablement and disablement in Safari. For more information on other cookie settings offered in Safari, refer to the following page from Apple: http://docs.info.apple.com/article.html?path=Safari/3.0/en/9277.html
All other browsers
Please look for a “help” function in the browser or contact the browser provider.

Copyright Cyclone Group 2018
​ Terms and Conditions
Privacy Statement
Website by Chevron Studio