Data Privacy Notice

---

Your personal data – what is it?

Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”).

Who are we?

Saint Patrick’s Cathedral is the data controller (contact details below). This means it decides how your personal data is processed and for what purposes.

How do we process your personal data?

Saint Patrick’s Cathedral complies with its obligations under the GDPR  by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining unnecessary data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data. We use your personal data for the following purposes:

• To provide pastoral care to the Cathedral Congregation;
• To administer records of Vestrymen;
• To raise funds and to promote the interests of the Saint Patrick’s Cathedral registered charity;
• To manage our employees and volunteers;
• To comply with Safeguarding Trust (Child Protection) requirements;
• To maintain our own accounts and records;
• To operate the Saint Patrick’s Cathedral website and deliver the services that individuals have requested;
• To inform individuals of news, events, activities or services running at Saint Patrick’s Cathedral.
• To use CCTV systems for the prevention of crime.

What is the legal basis for processing your personal data?

• Explicit consent of the data subjects so that we can keep them informed about news, events, activities and services, process charitable donations and keep them informed about Cathedral events.
• Processing is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement.
• Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract.
• Processing is carried out by a not-for-profit body with a political, philosophical, religious or trade union aim provided, (a)the processing relates only to members or former members (or those who have regular contact with it in connection with those purposes); and (b) there is no disclosure to a third party without consent.

Sharing your personal data

Your personal data will be treated as strictly confidential. In some cases we work with a third party to provide a service. All the third parties with whom we work are GDPR compliant and cannot use your data for other than the purpose instructed. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

How long do we keep your personal data?

We keep data in accordance with the guidance set out within Irish Data Protection Legislation.

Specifically, we retain; historical records of Cathedral Board and committee members; charity declarations and associated paperwork for up to 6 years after the calendar year to which they relate. Registers of baptisms, marriages, burials are kept permanently.

 Your rights and your personal data

Unless subject to an exemption under the GDPR you have the following rights with respect to your personal data:

• The right to request a copy of your personal data held by Saint Patrick’s Cathedral.
• The right to request that the Saint Patrick’s Cathedral corrects any personal data if it is found to be inaccurate or out of date.
• The right to request your personal data is erased where it is no longer necessary for Saint Patrick’s Cathedral to retain such data.
• The right to withdraw your consent to the processing at any time.
• The right to request that the data controller provide the data subject with his/her personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability).
• The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction to be placed on further processing.
• The right to lodge a complaint with the Information Commissioner’s Office.

Changes to the Statement

Saint Patrick’s Cathedral will occasionally update this Privacy Statement to reflect company and customer feedback.

Contact Details

To exercise all relevant rights, queries, or complaints please contact in the first instance, the Cathedral Office Manager by email at officemanager@stpatrickscathedral.ie, by phone at 01 4539472 or in writing to Saint Patrick’s Cathedral, Saint Patrick’s Close, Dublin 8, D08 H6X3