Privacy

Enfer Group (Enfer) Data Privacy Summary

Revision No: /Original
Document No: GDPR001

 

1. General

At ENFER, we take your privacy seriously. It is important that you know exactly what we do with personal information that you and others provide to us, why we gather it and what it means to you. This document is being provided to you in line with our obligations under the General Data Protection Regulation (GDPR) and Data Protection Act 2018.

Enfer is committed to protecting all personal, special, and criminal categories of data held on you

As such, we want you, the ‘data subject’, to understand how we collect, use, store, and share your personal data as Data Controller. We also want you understand what rights you can invoke to help you to protect your privacy. In this regard, it is important that you read this Privacy Notice and understand how we use your personal data. If you are under 16 years of age, please read this summary with a parent or guardian and ensure you understand it. Please note that we reserve the right to update this Privacy Notice as required.

1.1 Enfer Group Information

The Enfer Group is an Irish technology group of companies which provide a range of products and services to the veterinary diagnostic industry. Additionally, in the pandemic emergency due to COVID-19, Enfer Group provides its laboratories to set up a COVID-19 testing facility in order to conduct COVID tests and process COVID samples.

Enfer Group is committed to protecting the rights and privacy of individuals in accordance with European and Irish data protection legislation. Enfer Group shall lawfully and fairly process personal data about employees, patients, clients and other stakeholders to achieve its mission and functions.

If you would like to find out more information on us, you can find this on our website through the following link: https://www.enfergroup.com/about/

Throughout this document, ‘we’, ‘us’, ‘our’ and ‘ours’ refer to Enfer Group (ENFER). Your

information is held by the Company.

1.2 Data Protection Legislation

All personal data processed by Enfer Group is done so in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act (DPA) 2018.

1.3 Queries and Complaints

If you are unhappy with the way we handle your personal data and wish to complain, or if you simply want further information about the way your personal data will be used, please contact us at the below:

Data Protection Officer

Enfer

Unit T, M7 Business Park, Newhall, Naas Co Kildare

Telephone: 045 983800

Email: mailto:GDPR@enfergroup.com

You have the right to lodge a complaint with the Data Protection Commission. To contact the Data Protection Commission, please use the following details:

Data Protection Commission 21 Fitzwilliam Square South Dublin 2

D02 RD28

Ireland

Telephone: +353 (0)761 104 800

Telephone: +353 (0)57 868 4800 Email: info@dataprotection.ie

1.4 Personal Data Breaches

Enfer will take all appropriate technical and organisational steps to safeguard and protect your personal data. In the unlikely event of a data breach, we will contact you in line with our legal obligations.

2.  Personal Data Collected and Processed

We may collect and process the following personal data about you:

  • Full name;
  • Date of birth;
  • Address;
  • Eircode;
  • Phone/Mobile number;
  • Email address;
  • Your financial details;
  • Your marital status;
  • Health data;
  • Your passport/ID information
  • other personal information such as: criminal conviction data; telephone recordings; CCTV images at locations and information provided when exercising your rights under Section 10 below.

We collect information (i) you give us; (ii) information from your use of our services or our website AND; (iii) information provided to us by third parties.

For further details on information collected from our website, please refer to section 7 Cookies.

3. Purpose of Processing and Legal Basis

We may use your personal data where necessary for the following purposes:

  • To provide you a range of products and services to the veterinary diagnostic industry;
  • To conduct COVID-19 tests for personnel who require this service;
  • To process COVID-19 testing samples for and on behalf of Enfer

Under data protection law, Enfer must ensure that it has an appropriate lawful basis for the processing of your personal data and let you know what that basis is.

We will be processing your personal data based on the following lawful basis:

  • you have agreed or explicitly consented to the using of your data in a specific way (you may withdraw your consent at any time);
  • use is necessary in relation to a service or a contract that you have entered into (e.g. to provide you with laboratory services or because you have asked for something to be done so you can enter into a contract with us).
  • use is necessary because we have to comply with a legal obligation, regulatory authorities and law enforcement;
  • use is necessary to protect your “vital interests” in exceptional circumstances; and
  • use for our legitimate interests (which you may object to) such as managing our business including credit risk management, providing service information, conducting marketing activities, training and quality assurance, and strategic planning and the purchase or sale of

Where the personal data includes special category personal data, Enfer may seek to rely on:

  • Explicit consent from the data subject;
  • processing is necessary to protect the vital interests of the data subject or of another natural person where the data subject is physically or legally incapable of giving consent
  • processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of Union or Member State law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy; and
  • processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

4. How we use your personal data

We will only use personal data for the purpose of our processing activities mentioned in the previous paragraph (3. Purpose of Processing and Legal Basis)

Also, in certain circumstances we will process your information on behalf of other Third-Parties and under their instructions in order to provide our services related the to COVID-19 testing laboratory. In these specific situations, third parties act as Data Controller and Enfer as Data Processor. Third parties will provide us your personal data to be enable us to complete the provision of the service that data subjects directly agreed with them initially.

5. Security and where we store your personal data

We will take  all steps reasonably necessary to ensure that personal data is treated securely in accordance with this Privacy Notice and the relevant law.

In particular, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we manage, collect and store.

6. Recipients of Personal Data

When providing our services to you, we may share your information with:

  • your authorised representatives;
  • third parties with whom: (i) we need to share your information to facilitate transactions you have requested, and (ii) you ask us to share your information;
  • ENFER Group companies;
  • service providers who provide us with support services;
  • statutory and regulatory bodies (including central and local government) and law enforcement authorities;
  • third parties in connection with a sale or purchase of assets by us: persons making an enquiry or complaint; debt collection agencies, budgeting and advice agencies, tracing agencies, receivers, liquidators, examiners, Official Assignee for Bankruptcy and equivalent in other jurisdictions;
  • trade associations and professional bodies, non-statutory bodies and members of trade associations;
  • pension fund administrators, trustees of collective investment undertakings and pensions trustees insurers/re-insurers, insurance bureaus;
  • healthcare professionals and medical consultants;
  • business or joint venture partners

When we engage another organisation to perform services for us, we may provide them with information including personal data, in connection with their performance of those functions. We do not allow third parties to use personal data except for the purpose of providing these services.

7. Cookies

Cookies are small text files that are placed on your computer by websites that you visit. Our Website use cookies to help users navigate efficiently and perform certain functions. Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser. You can review your consent to cookie usage at any time by accessing the cookies management tool within the website in the shape of a blue round cookie in the lower left corner of your screen

8. Data Retention

How long we hold your data for is subject to legislation and regulatory rules we must follow, set by authorities such as the HSE, Revenue Commissioners, Irish National Accreditation Board.

9. International Transfers

In some cases, we may transfer information about you and your products and services with us to our service providers and other organisations outside the EEA. We will always take steps to ensure that any transfer of information outside of the EEA is carefully managed to protect your privacy rights.

10. Your Rights

You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your personal data:

  • The right to withdraw your consent to the processing of Personal Data at any time;
  • The right to access your personal data;
  • The right to request the rectification of your personal data;
  • The right to be forgotten (RTBF) or to erasure of your personal data (where appropriate);
  • The right to restrict the use of your personal data;
  • The right to object to the processing of your personal data;
  • The right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller (where applicable); and
  • Information on the existence of automated decision-making, if any, as well as meaningful information about the logic involved, its significance and its envisaged

Vindication of your rights shall not affect any rights which we may have under Data Protection Law. You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law has taken place.

If you wish to exercise any of the rights set out above, please contact us at:

Data Protection Officer

Enfer
Unit T, M7 Business Park, Newhall, Naas Co Kildare
Telephone: 045 983800 Email: mailto:GDPR@enfergroup.com

In certain circumstances we act under instructions given by third parties and we may not be in condition to provide you with your personal data or fulfil your rights request. In these cases, you may need to contact the primary party on this process, or we can support you on redirecting your query to the relevant party in order to ensure the respect of your individual rights and freedoms.

11. Privacy Policy Updates

We will post any changes on the Website and when doing so will change the updated date at the top of this Privacy Notice. Please make sure to check the date when you use our services to see if there have been any changes since you last used those services. If you are not happy with any changes that we have made you should cease using our services.

In some cases, we may provide you with additional notice of changes to this Privacy Notice, such as via email. We will always provide you with such additional notice well in advance of the changes taking effect where we consider the changes

Date of Issue: 05/11/2021

Document Approval
Issued By: M. Redmond
Authorised By: J. Clarke