Event privacy notice

1. Who we are

   The Institute of Chartered Accountants Ireland (“Institute”, "we", or "us") is a controller of your personal data. We would like to provide you with details of the extent to which we process your personal information as an attendee of events organised by the Institute.

2. How is your personal data collected?

   We collect personal information about event attendees when we interact directly with you about our events. We may also obtain personal information directly from you through our website when you (i) fill out an event application form or (ii) sign up to our mailing list. We may from time to time collect additional personal information from your employer or during a particular event.

3. The purpose and legal basis for processing your personal data

   Personal data, or personal information, means any information about an individual from which that person can be identified. We have detailed in the table below, your personal data which we may from time to time collect, the purpose or purposes for which we process this personal data, as well as the legal basis for such processing:

4. Recipients of your personal data

   We will, from time to time, send some of your personal data to certain recipients as detailed below.

   1. Other event attendees: for District Society events, in order to encourage networking, the Institute may circulate event attendee lists to other attendees of the same event prior to, during or after that event. You can ask for further information in relation to these attendance lists through the ‘Contact us’ details below.
   2. Publication in print and online: the Institute may use photographs or videos from events on its website or social media channels.
   3. Transfers to service providers: the Institute may transfer your personal details to third parties involved in the hosting or organising of events, such as sponsors, catering companies, exhibitors, stationery providers or hospitality staff at event locations. Such transfers are made for the legitimate interests pursued by the Institute in order to ensure the effective operation of our events. You can ask for further information in relation to these third party service providers though the ‘Contact us’ details below.
   4. Lecturers and presenters: the name and firm details for attendees on CPD courses will be shared with lecturers in order for them to tailor the course content appropriately. The name and firm details of attendees at other events may be shared with presenters/speakers at events who are part of the Institute governance structure. This is based on the legitimate interests of representatives of the Institute in facilitating an improved member experience.

5. Annual General Meeting (“AGM”) held in May

   The AGM is recorded for the purposes of preparing the minutes of the meeting and is retained by the Institute for so long as is necessary to draft and adopt the minutes. Big Top are the name of the third party who provided the recording service to the Institute this year (2023) and Civica provided the voting platform.

6. Data security

   We have put in place appropriate security measures to protect your personal data, including measures preventing your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  In addition, we limit access to your personal information to only those employees, agents and contractors who are authorised to access your data.

7. How long we retain your personal data

   We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for your personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

   When you have not participated, attended or registered to participate or attend in one of our events for 12 months, we will delete your personal data unless we are obliged to hold it for a longer period under law or applicable regulations (credit card details are deleted immediately). If you consent to stay in touch with us, information to communicate with you will be kept until you withdraw your consent or unsubscribe to receiving communications.

8. Your rights

   You have certain rights under data protection legislation as summarised below:

   1. Right of access: you have the right to obtain confirmation as to whether personal data concerning you is being processed, and, where that is the case, to request access to the personal data, as well as certain information on how we are processing such data.
   2. Right to rectification: you have the right to obtain from us the rectification of inaccurate personal data concerning you. Considering the purpose of the processing, you may also, in some cases, be entitled to supplemental information regarding incomplete personal data.
   3. Right to erasure (right to be forgotten): you may, in certain circumstances, have your personal data deleted, for example if your personal information is no longer necessary in relation to the purpose for which it was collected, if you have objected to the processing of personal data and we do not have a legitimate interest which outweighs your interest, if the personal data has been processed unlawfully, or if the personal data must be deleted to comply with a legal obligation.
   4. Right to restriction of processing: you may require that we restrict the processing of your personal data in certain cases, e.g., where we no longer need your personal data, but you need it to determine, enforce or defend legal claims or you have objected to processing based on our legitimate interest in order to enable us to check if our interest overrides your interest.
   5. Right to data portability: in some circumstances, you may be entitled to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller.
   6. Right to object: you have the right to object to the processing of your personal data in certain circumstances, for example where the processing is based on our legitimate interest. If so, in order to continue processing, we must be able to show compelling legitimate grounds that override your interests, rights and freedoms.

   Your rights will in each case be subject to the restrictions set out in applicable data protection laws.  For further information on these rights, and the circumstances in which they may arise, please contact us using the details in the ‘Contact us’ section.

9. CCTV

   The Institute has a number of CCTV cameras throughout the building in Pearse Street. The purpose of processing this data is for security reasons. All cameras are signposted. For further details please contact our Privacy Manager for a copy of our CCTV policy.

10. Right of complaint

    f you have any grievance, issue or problem in respect of our handling or processing of your personal data in any way, you have the right to lodge a complaint to the Office of the Data Protection Commission www.dataprotection.ie but we ask that you would contact us in the first instance so that we can try to resolve the issue.

11. Additions and changes

    We will keep this Event Privacy Notice updated with any relevant changes to how personal data is processed by the Institute over time.

12. Contact us

In order to make a query, raise a concern, avail of your data protection rights or for any other reason related to this privacy notice, please contact us using the below contact details:

Name: Privacy Manager

Email: privacy@charteredaccountants.ie

Address: Chartered Accountants House, 47 Pearse Street, Dublin 2, Ireland