An Post GeoDirectory DAC (“APG”) is committed to complying with our obligations in respect of the processing of Personal Data under data protection laws. The purpose of this Data Protection Statement (“Statement”) is to ensure that we meet our transparency obligations pursuant to the General Data Protection Regulation (EU 2016/679) (“GDPR”) and the Data Protection Acts 1988 – 2018 (“DPA”), together “Data Protection Law”. The Statement sets out information about our duties and responsibilities regarding the protection of Personal Data.
APG (“we” or “us”) will collect and process your Personal Data, and other information in relation to your dealings with us, in connection with using the AddressFix service. This statement explains how we will manage your Personal Data connected with the AddressFix service, why we use it, and how you may contact us.
This Statement also outlines our duties and responsibilities regarding the protection of your Personal Data and the rights of data subjects in that respect.
A database of addresses is non-personal data when it is uploaded by customers to the AddressFix engine. This is an automatic process and can only deal with non-personal data. If personal data is inadvertently uploaded by customers, then the AddressFix engine will operate incorrectly. APG does not provide any facilities for the processing of personal data when it is uploaded to the AddressFix engine by customers.
2. Who we are
AddressFix is a service which primarily relates to you submitting addresses to us via the Site, and us ‘fixing’ those addresses by checking them against our database of addresses, and then us making the ‘fixed’ address information available to you (the Service).
3. Types of information we collect
Personal Data means any information that APG has or obtains or which you provide to us, such as your name, email address, IP addresses, online identifiers and telephone number(s) from which you can be directly or indirectly personally identified.
4. How we obtain your Information
We will obtain your Personal Data directly from you, such as when you register an account on the Site.
5. Why we hold and how we use your Information
We will use your Personal Data, but only to the extent necessary:
- for the purposes of performing the contract you have entered into with us where you have purchased APG services:
- for the purposes of providing services to you, and setting up and administering your APG service;
- to contact you if required in connection with, or to deal with queries, complaints or suggestions in relation to your APG service or transactions.
- for the purposes of performing any contracts you have entered into with APG (for example, the Terms);
- to provide and improve our Site and Service, including auditing and monitoring its use;
- to manage and administer our relationship with you;
- to send you updates, publications and details of events;
- to process information contained in or relating to any communication that you send to us. The correspondence data may include the communication content and metadata associated with the communication. Our Site will generate the metadata associated with communications made using the Site contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping;
- for such purposes as you have consented, such as for when marketing is undertaken (see Marketing Preferences below);
- for such other purposes as were notified to you at the time you provide the information to us.
- for compliance with our legal obligations, including:
- where we are ordered to disclose information by a court or other competent authority with appropriate jurisdiction.
- where necessary to establish, exercise or defend APG legal rights or for the purpose of legal proceedings.
6. When we disclose your Information
We will not disclose any of your Personal Data to any third party, except as outlined above and / or as follows:
- where the disclosure is necessary to enable us to carry out our obligations under our agreement with you;
- where we need to provide the Personal Data to counterparties to transactions entered into by you, for example if you choose to pay by credit card;
- to anyone providing a service to us or acting as our agents, which may include third party service providers (including IT service providers)
- where we enter into agreements with third parties to process Personal Data on our behalf, we will ensure that the appropriate contractual protections are in place to safeguard such Personal Data;
- where we need to share your Personal Data with our auditors and legal and other advisors;
- to any (or any proposed) assignee, transferee, or successor in title to the whole or any relevant part of our business, and their respective officers, employees, agents and advisers; and
We do not transfer your Personal Data outside of the European Economic Area (“EEA”). If, for some reason in the future, we have to transfer your personal data outside of the EEA then we will ensure that appropriate measures such as EU-approved standard contract clauses, transfer impacts assessments, as appropriate, and effective technical and organisational measures are in place to protect it.
7.Retention of Personal Data
We are obliged to retain certain customer information to ensure accuracy, to help maintain quality of service and for compliance with legal obligations, fraud prevention, to resolve disputes, to enforce our agreements, to support business operations and legitimate business purposes.
Personal Data will be kept and stored for the shortest time period necessary to meet the purpose for which it was collected. In general, Account related Personal Data will be kept for seven years after the end of the relationship with the account-holder. The data is held to deal with potential contractual claims. Non-Account related Personal Data will be routinely deleted after two years.
8. Your rights in relation to your Personal Data
Information of Processing, Updating and Correcting your Personal Data
You have the right to receive detailed information on the processing of your Personal Data.
Please notify us without delay if your details change and we will update our records. If we hold incorrect Personal Data about you, you have the right to have the data amended.
You can update your Data by submitting the details using this link: [https://www.geodirectory.ie/get-in-touch
]. You can also use this link to specify the Personal Data you wish to have corrected and why you believe it is incorrect.
Right of erasure
You have the right in some circumstances to have your Personal Data, which we hold, erased. If you request an erasure of your Personal Data, all your data will be erased subject to the following notice:
We will not be required to erase your data where to do so would prevent us from meeting our respective contractual obligations, or where we are required to process (including retaining) your Personal Data in order to comply with a legal obligation, or if the Personal Data is necessary to establish, exercise or defend APG legal rights or for the purpose of legal proceedings.
Right of Access
You have a right to be given a copy of your Personal Data on request, subject to certain exceptions. To request a copy of Your Data, please contact us via the following link [https://www.geodirectory.ie/get-in-touch
Right to Withdraw Consent
In any case where we rely on your consent to process your Personal Data, you have the right to change your mind and withdraw consent via the following link [https://www.geodirectory.ie/get-in-touch
Right to Data Portability
You may also have the right to data portability in respect of certain of your Personal Data, which means you can request that we provide it to you or your nominee in electronic format where this is technically feasible. Some APG services do not have equivalents to which personal data can be ported.
You also have the right, in certain circumstances, to request a restriction on the use of your Personal Data and to object to certain uses of your Personal Data, in each case subject to the restrictions set out in data protection laws. Requests can be submitted by the following link: [https://www.geodirectory.ie/get-in-touch
APG does not perform automated decision-making.
We may require that you identify yourself before we respond to any rights request to ensure Personal Data is only supplied to the data subject or their agent.
9. Data Security and Data Breach
APG has appropriate technical and organisational measures in place to protect information. These measures protect Personal Data from unlawful or unauthorised destruction, use, loss, change, disclosure, acquisition or access.
In the event of a Personal Data breach, APG will manage the breach in line with its Personal Data Breach Response Procedure and data protection law.
Where you have agreed to receive marketing from APG, and its affiliated companies and/or select third parties, we will use this information to contact you with news and special offers from APG, and its affiliated companies and select third parties where applicable.
We may use and analyse Your Data, including transaction data on your accounts, in order to make the marketing materials we send to you more relevant to your interests and requirements. We may also use Your Data as part of more general marketing, statistical and product development analyses in relation to our business generally.
You can object to us analysing Your Data in this way by contacting us via the following link [https://www.geodirectory.ie/get-in-touch
]. If you do object to this analysis, the marketing information you receive will not be made more relevant to you.
Your Data will not be given to any third parties for marketing purposes. Where you have opted to receive marketing information, you will always be contacted by APG.
You can change your marketing preferences at any time by contacting us via the following link [https://www.geodirectory.ie/get-in-touch
Each time we send you marketing information, we will give you the option to change your mind about receipt of marketing.
You have the right to lodge a complaint about our processing of your Personal Data with the Data Protection Commission (www.dataprotection.ie ). While you may make such a complaint, we request that you contact APG in the first instance to give us the opportunity to address any concerns that you may have.
12. Contact Us
We will respond to any rights that you exercise within a month of receiving your request, unless the request is particularly complex or cumbersome, in which case we will notify you that this is the case and we will meet the request within a maximum of three months.
Last updated on 11 October 2022.