Data Privacy Notice – Member Summary
The IMO takes your privacy and confidentiality seriously. You provide us with personal and financial information and we want you to understand why we collect your data, what we do with it, who we share it with, why we share data and help you understand our legal obligations as well as your rights.
This document is being provided to you in line with our obligations under the General Data Protection Regulation (GDPR), which came into force on 25th May 2018. From that date, the GDPR, together with applicable Irish requirements, will amend existing data protection law and place enhanced accountability and transparency obligations on organisations when using your information. The GDPR will also introduce changes which will give you greater control over your personal information, including a right to object to processing of your personal.
This summary explains the most important aspects of how we use your information and what rights you have in relation to your personal information.
Please take time to read this notice carefully. If you would like clarification on any points in this summary document, please contact us.
1. Who we are
The IMO is the only Trade Union which represents Doctors of all types in Ireland. The role of the IMO is to represent doctors and to provide them with such services as:
- Individual representation
- Group representation
- Access to IMO Group Schemes
- Access to the Irish Medical Journal (IMJ)
2. The information we collect about you
We collect the following personal data (‘Data’) from you:
- Contact and identifying information such as title, name, address, medical council number, email, telephone number, date of birth, education. – to include work location, grade & speciality and GMS number.
- If you are a member of an IMO Group Scheme.
- Financial information/details for membership payment purposes such as, bank account details, GMS and/or credit card details.
- The IMO also uses publically published information to maintain accurate details of members (e.g. Medical Directory, Medical Council, hospital websites) and for the purposes of maintaining an up to date profile of the profession.
3. When we collect your information
We collect information when you join the IMO as a member, and we update this on an annual basis as part of our membership renewal/update process.
4. How and why we use your information
We collate, use and share information only where there is a legal basis for doing so. This includes where you have given us information in order to provide you with a service.
Typically, the legal basis for using your data is to provide a service for you. The IMO primarily uses your information for the purposes of providing individual and group representation and advice to our members.
The legal basis will also include complying with our legal and regulatory obligations, e.g. the Data Protection Commissioner and the Registry of Friendly Societies.
Where you have agreed or explicitly consented to the using of your data in a specific way, you may withdraw your consent at any time.
We also wish to ensure that your information is up-to-date and accurate and we would ask that you advise the IMO Membership Department of any changes to your status.
5. Who we share your information with
When providing our services to you, we may share your information as set out below:
Your local elected committee members or local representative in order to assist them in providing local representation.
The IMO will share member information with IMO Financial Services only in instances where a member has explicitly confirmed that they are happy for this information to be shared, or in instances where they have taken out a product with IMO Financial Services through the IMO and such sharing is necessary for the provision of that contract. We shall inform members where such sharing is taking place.
IMO Members will receive the Irish Medical Journal (IMJ) as part of their membership.
All members are entitled to request that they no longer receive any specified communication from us (being a weekly email, member offers or the IMJ) by indicating that they no longer wish to receive that category of email from the IMO.
The IMO will not share your information with any third party without your consent, unless specifically required by law.
The IMO shall also retain a register of members in line with our obligations under the Trade Union Acts.
6. Security Measures and Technology
The IMO has a secure and backed up information system to protect your information and prevent inappropriate access.
Your information will only be accessed by authorised IMO Staff members and be used for the purposes of your membership.
The IMO sometimes shares your personal information with trusted third parties who perform important functions for us based on our instructions and apply approve confidentiality and security measures.
- For the purposes of communication the IMO use Poppulo/Newsweaver for the purposes of some group member email communications.
- We use Neon SMS for the purposes of using text communications.
- We use Web Factory for the purposes of our website.
- The IMO has successfully validated the compliance with the Payment Card Industry Data Security Standard ("PCI DSS") in relation to credit card payment security. Which is reviewed on an annual basis.
7. How long we hold your data
As an IMO member we hold your data for the length of your membership. Upon ceasing of membership your data is retained as required under legislative and regulatory rules, as set by authorities such as the Registry of Friendly Societies, the Revenue Commissioners and the Office of the Data Protection Commission. The timescales may also depend on the type of information we hold. Our aim is to hold your data for no longer that is necessary and subject then to the timescales imposed by our legal obligations.
8. Data Subject Rights - How to exercise your rights
Under the GDPR you will have additional rights in relation to how your data is used, including the rights to:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have certain data we hold about you transferred to you or to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that we refuse you request under rights of access, we will provide you with a reason.
If you wish to avail of these rights, a request must be submitted in writing to us on the below address. In order to protect your privacy, you may be asked to provide suitable proof of identification before we can process your request.
If we are unable to deal with your requests fully within a calendar month we may extend this period by a further two calendar months and explain the reason why. If you make your request electronically, we will try to provide you with the relevant information electronically.
IMO, 10 Fitzwilliam Place, Dublin 2 Email address: firstname.lastname@example.org
If you are dissatisfied with our services or how we use your data, you have the right to complain to the Data Protection Commission, contact details as follows:
Address: Office of the Data Protection Commission, Canal House, Station House, Portlaoise, R32, AP23, Co.Laois.
Telephone: 076 1104800 or Lo Call Number 1890 252 231
10. IMO Website
IP Addresses - Each time you use the internet, an IP address is assigned to your computer via your Internet Service Provider. This number may either be the same or different each time. Each time your computer requests information from our website, we log your IP address on our server. We may use this information in order to gather information about website traffic. There will not be any personal data transfers outside the EEA.
We will update our Data Privacy Notice – Member Summary and Website Privacy Notice from time to time. You may request a copy of our current Notices at any time or refer to our website which is www.imo.ie.
12. Our Contact Details
10 Fitzwilliam Place
Telephone no: 01/6767273
Email address: email@example.com
Effective Date: 25 May 2018