Data Protection Statement

Overview and General Information

Last Updated: Tuesday, May 19, 2020

CONTACT DETAILS

If you have any questions about this Data Protection Statement or the way in which your Personal Data is being used by us please contact:

Data Protection Officer

King’s Inns, Henrietta Street, Dublin 1, DO1 KF59, Ireland

Email: privacy@kingsinns.ie

Telephone: +353 1 874 4840

References to “we”, “us”, “our” and the “King’s Inns” shall apply to The Honorable Society of King’s Inns.  

When we refer to “Personal Data” in this Data Protection Statement we mean any information relating to an identified or identifiable natural person (‘Data Subject‘); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

1. OUR DATA PROTECTION STATEMENT

Under the General Data Protection Regulation (the “GDPR”), we are required to explain to you why we need your Personal Data, how we intend to use it and whether we will share it with anyone else. We must also explain your rights under the GDPR and related data protection law in relation to our processing of your Personal Data. For your convenience we have divided our Data Protection Statement into sections. This general section is applicable to everyone and covers activities which are applicable to all individuals we interact with. 

The other sections set out specific information relating to the following individuals:

We treat the protection of your personal data very seriously and when we collect and process your Personal Data, we will do so in accordance with the GDPR and the Data Protection Acts 1988 – 2018 in Ireland (the “Data Protection Laws”)

2. ABOUT US

King’s Inns is the oldest institution of legal education in Ireland. Its main objectives are:

  • the promotion and advancement of learning in the law;
  • the education and training of students and members of the King’s Inns;
  • the protection and furtherance of the reputation and standing of the degree of Barrister–at–Law;
  • the preservation of the heritage that is comprised in the King’s Inns, its buildings, library, furnishings and environs; and
  • to ensure the fitness of persons to practice as or to hold themselves out as barristers prior to and, subject to Part 6 of the Legal Services Regulation Act 2015, after their call to the Bar of Ireland.

This Data Protection Statement describes how we process Personal Data in order to fulfil the objectives specified above. It includes detailed information about the types of Personal Data that we process, and how we use, manage and protect that Personal Data. 

In addition to our main activities listed above, the King’s Inns provides a number of products and services including merchandising, newsletters, dining services; cottage rental, venue hire, and parking services. This Data Protection Statements provides further information about the Personal Data we process in connection with these activities.

3. WHO THIS DATA PROTECTION STATEMENT APPLIES TO

We process Personal Data about a wide range of people. This general section includes information relevant to all Data Subjects including:

  • candidates who apply for positions of employment with King’s Inns,
  • users of our website; 
  • individuals identified on our CCTV system; and
  • individuals who receive marketing communications.

We have included further details about our processing activities relating to Students, Members and Business Contacts is specific sections of this Data Protection Statement as follows:

Data Subject

Description

Students

This includes applicants to and students of our courses of education

Members

This includes members, committees, council, members of the judiciary, benchers, alumni and barristers on the roll

Business Contacts

This includes suppliers, partners, tenants of our rental properties, users of our parking facilities and other business contacts of King’s Inns

4. SOURCES OF PERSONAL DATA

We receive Personal Data from a variety of sources, as follows:

  • the Personal Data is often provided as part of the relationship;
  • the Personal Data may be collected from public sources;
  • the Personal Data may be collected through our website;
  • the Personal Data may be collected indirectly from a website or from a third party; or
  • the Personal Data may be collected on our CCTV cameras.

5. CATEGORIES OF PERSONAL DATA

We process the following categories of Personal Data. For each category we have included an example of the type of Personal Data that may be part of that category:

Personal Data Category

Description

Identification Data

may include a person’s name, date of birth, driver’s license and passport information.

Contact Data

may include a person’s email address, phone number, postal address, other communication details (e.g. Skype)

Communication Data

may include phone calls, email correspondence and hard copy correspondence.

CCTV Data

includes information recorded by our CCTV cameras

Marketing Data

may include your Contact Data and any preferences in receiving marketing from us and your communication preferences.

Recruitment Data

may include recruitment related data such as Identification Data, Contact Data, Communication Data, CV and job application data.

When processing CV related data, we may process certain Personal Data including the following: employment history, skills/experience, languages, educational history, qualifications, membership of professional associations, contact details of employer references/character references, licenses held, interests and hobbies, languages, locations, nationality, passport, eligibility to work in certain jurisdictions, salary expectations, interview/screening answers and notes

Financial Data

may include payment related information or bank account details and financial data received as part of our relationship with you.

Special Category Recruitment Data

If we interact with you for the purposes of recruitment, we may collect Recruitment Data that is of a special category per the GDPR definition: this can include diversity data such as gender, religion, racial or ethnic origin, sexual orientation, trade union membership or data relating to health. We will only source this data with the explicit consent of candidates.

Web Data

may include Personal Data provided on any forms on our website, including cookies, and, to the extent that it includes Personal Data, information on the type of device you’re using, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.

6. LAWFULNESS OF PROCESSING

We process all Personal Data lawfully and in accordance with the requirements of the law. The GDPR sets out the legal grounds for processing Personal Data. 

When the King’s Inns processes Personal Data any one of the following legal grounds will generally apply. The lawful basis used for processing activities specifically relating to Students, Members and Business Contacts is set out in the relevant sections of this Data Protection Statement.

In general we will process Personal Data on one of the following legal basis:

Contract

We will process Personal Data where necessary to perform our obligations relating to or in accordance with any contract that we may have with you or to take steps at your request prior to entering into that contract. When you apply or register as a student we have a contract with you for the delivery of our courses;

Consent

For certain processing activities we may rely on your consent. For example, a user may give us consent to receive our newsletter.

Where we are unable to collect consent for a particular processing activity, we will only process the Personal Data if we have another lawful basis for doing so.

You can withdraw consent provided by you at any time by contacting us at privacy@kingsinns.ie.

Legitimate Interest

At times we will need to process your Personal Data to pursue our legitimate interests, for example for administrative purposes, to collect debts owing to us, to provide information to you, to operate, evaluate, maintain, develop and improve our websites and services or to maintain their security and protect intellectual property rights.  

We will not process your Personal Data on a legitimate interest basis where the impact of the processing on your interests or fundamental rights and freedoms outweigh our legitimate interests. 

You may object to any processing we undertake on this basis. If you do not want us to process your Personal Data on the basis of our legitimate interests, contact us at privacy@kingsinns.ie and we will review our processing activities.

Legal Obligation

If we have a legal obligation to process Personal Data we will process Personal Data on this legal ground.

7. OUR PROCESSING ACTIVITIES

We use your Personal Data to provide you with our services and to assist us in the operation of the King’s Inns. Under data protection law, we must ensure that the purpose of processing is clear.

We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing which are relevant to our general processing activities. 

More detailed information about processing Personal Data of Students, Members and Business Contacts is set out in the relevant sections of this Data Protection Statement.

Purpose of processing

Categories of personal data

Lawful Basis

CCTV

  • to manage and administer the CCTV system
  • CCTV Data
  • Legitimate Interest

Marketing & Promotion Activities

  • to respond to any requests from you
  • to send newsletters and other information that maybe of interest
  • to contact you as part of our relationship and general administration
  • to inform you of events or webinars that might be of interest
  • to deliver and organise our conferences, seminars, events
  • Marketing Data
  • Contact Data
  • Web Data

  • Consent
  • Legitimate Interest

Recruitment Activities

  • to manage and administer the CCTV system
  • as part of agency shortlisting
  • to select the right Candidate
  • to interview the Candidate
  • to hire and seek to onboard the Candidate (pre contract)
  • to manage our database of prospective Candidates
  • Identification Data
  • Contact Data
  • Communication Data
  • Recruitment Data
  • Web Data
  • Marketing Data
  • Special Category Recruitment Data

  • Consent
  • Legitimate Interest
  • Contract
  • Legal Obligation

Website Delivery

  • to respond to web forms completed by you;
  • to promote our products and services;
  • to administer the Website;
  • and for internal operations, including support, troubleshooting, data analysis, testing, research, statistical and survey purposes
  • to ensure the safety and security of our website and our services.
  • Web Data

  • Consent
  • Legitimate Interest

8. SECURITY OF YOUR PERSONAL INFORMATION

We will take all steps reasonably necessary to ensure that all Personal Data is treated securely in accordance with this Data Protection Statement and the Data Protection Laws. In particular, we have put in place appropriate technical and organisational procedures to safeguard and secure the Personal Data we process.

We monitor for and do everything we can to prevent security breaches of the Personal Data that we process. Once we have received your Personal Data, we will use strict procedures and security features for the purpose of preventing unauthorised access and ensuring that only those who need to have access to your Personal Data can access it.

We also use secure connections to protect Personal Data during its transmission. Where you have been given (or where you have chosen) a password which enables you to access services, you are responsible for keeping this password confidential. Please do not share your password with anyone.

If you think that there has been any loss or unauthorised access to Personal Data of any individual, please let us know immediately.

9. DISCLOSURE OF PERSONAL DATA

We will need to share your Personal Data in order to provide services to you and in certain circumstances we may disclose your Personal Data as follows:

  • to business partners and sub–contractors for the performance of any contract relating to services provided by the King’s Inns;
  • to tax, audit or other authorities, if we are under a duty to disclose or share Personal Data in order to comply with any legal obligation or in order to enforce or apply any contract that we have;
  • to official authorities to protect our rights, property, or safety, or those of other persons (including you);
  • to payment service partners for the processing of payments to and from King’s Inns, to screen for fraud and carry out other related activities;
  • to our post or courier partners to complete delivery of papers;
  • to the HEA, Dept. of Social Protection and Revenue services;
  • to SUSI, in connection with student grant applications under the Student Grant Schemes.
  • a limited subset of Personal Data may be available publicly once you become a barrister for registration on the roll of qualified Barrister–at–Law;
  • to providers of academic and other services to King’s Inns including markers, examiners, consultants, marketing, legal and finance;
  • to our catering and events management partners;
  • to King’s Inns insurance brokers and providers where required for administering claims;
  • to our email distribution partner and service providers in the case of marketing and newsletters;
  • to the Residential Tenancies Board in the case of our rental properties; and 
  • to our subcontractors involved in the maintenance and repair of the rental property, in advance and with notification to the tenant.

In certain circumstances your Personal Data may be transferred outside the EEA. In each case this is carried out under legally approved mechanisms to lawfully transfer data across borders, including Standard Contractual Clauses approved by the European Commission. 

10. RETENTION OF YOUR PERSONAL DATA

We only keep your Personal Data as long as it is necessary for the purposes of processing it or to comply with legal or regulatory requirements.

Our retention policy for general processing activities: 

Purpose of processing

Retention Period

CCTV

30 Days

Recruitment Activity

18 months for unsuccessful applicants

Website Delivery

Please see our Cookie Notice here

Marketing Activities

12 months in the case where there is no further meaningful engagement or upon unsubscribe

Further information is set out in the relevant sections of this Data Protection Statement.

11. YOUR RIGHTS

You have various rights relating to how your Personal Data is used. 

You can ask for access to the Personal Data we hold on you

You have the right to ask for all the Personal Data we have about you. When we receive a request from you in writing, we must give you access to everything we have recorded about you as well as details of the processing, the categories of Personal Data concerned and the recipients of the Personal Data.

We will provide the first copy of your Personal Data free of charge, but we may charge you a reasonable fee for any additional copies.

We cannot give you access to a copy of your Personal Data in some limited cases including where this might adversely affect the rights and freedoms of others. 

You can ask to change Personal Data you think is inaccurate

You should let us know if you disagree with something included in your Personal Data.

We may not always be able to change or remove that Personal Data, but we will correct factual inaccuracies and may include your comments in the record to show that you disagree with it.  

You can ask to delete Personal Data (right to be forgotten)

In some circumstances you can ask for your Personal Data to be deleted, for example, where: 

  • your Personal Data is no longer needed for the reason that it was collected in the first place
  • you have removed your consent for us to use your Personal Data (where there is no other lawful basis for us to use it)
  • there is no lawful basis for the use of your Personal Data
  • deleting the Personal Data is a legal requirement

Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure.

Please note that we can’t delete your Personal Data where:

  • we are required to have it by law
  • it is used for freedom of expression 
  • it is used for public health purposes
  • it is used for scientific or historical research or statistical purposes where deleting the Personal Data would make it difficult or impossible to achieve the objectives of the processing
  • it is necessary for legal claims. 

You can ask us to limit what we use your Personal Data for

You have the right to ask us to restrict what we use your Personal Data for where:

  • you have identified inaccurate Personal Data, and have told us of it
  • where we have no legal reason to use the Personal Data, but you want us to restrict what we use it for rather than erase the Personal Data altogether

When Personal Data is restricted it can’t be used other than to securely store the Personal Data and with your consent to handle legal claims and protect others, or where it’s for important public interests.

You can ask to have your Personal Data moved to another provider (data portability)

You have the right to ask for your Personal Data to be given back to you or another service provider of your choice in a commonly used format. This is called data portability.

This right only applies if we’re using your Personal Data with consent and if decisions were made by a computer and not a human being. It does not apply where it would adversely affect the rights and freedoms of others.

You can make a complaint

You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place. 

12. USE OF THIRD PARTY WEBSITES

Websites that you access via a link on the King’s Inns website are outside our control and are not covered by this Data Protection Statement. If you access other websites using the links provided, the operators of these websites may collect Personal Data from you, which will be used by them in accordance with their own data protection statements, which may differ from ours. Please check the data protection statements on those websites  before you submit any Personal Data to them. 

13. COOKIES

Please see our separate Cookie Notice available here for further information.

14. AMENDMENTS TO THIS DATA PROTECTION STATEMENT

We will post any changes on the Website and when doing so will change the effective date at the top of this Data Protection Statement.

In some cases, we may provide you with additional notice of changes to this Data Protection Statement, such as via email. We will always provide you with any notice in advance of the changes taking effect where we consider the changes to be material.

15. QUESTIONS OR COMPLAINTS

Thank you for reading our Data Protection Statement. Please Contact Us if you have any questions. If we are unable to resolve your concerns, you have the right to contact the supervisory authority in the country where you live or work, or where you consider that the data protection rules have been breached

The Supervisory Authority in Ireland may be contacted as follows:

Online Form:    forms.dataprotection.ie/contact

Address:           21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

Tel:                   +353 578 684 800 or +353 761 104 800

Students 

1. OVERVIEW

This section of the Data Protection Statement supplements our General Data Protection Statement and covers the processing of Personal Data relating specifically to Students. King’s Inns primary focus is the training of barristers. In furtherance of this aim the school provides full–time and part–time courses of education and training that enables law graduates (including graduates from the King’s Inns Diploma in Legal Studies) to be admitted to the degree of Barrister–at–Law and to be called to the Bar of Ireland.

For those who do not hold a law degree but who wish to become barristers, King’s Inns runs a two year part–time Diploma in Legal Studies on the study of substantive law.

The King’s Inns also provides a suite of professional development courses for both lawyers and non–lawyers.

Please see the section labelled “Overview and General Information” above for information on:

  • Contact Details
  • Lawfulness of Processing
  • Security
  • Disclosure of Personal Data
  • Your Rights
  • Use of Third Party Websites
  • Cookies
  • Amendments
  • Questions or Complaints

2. SOURCES OF STUDENT DATA

We will only ever source Personal Data relating to Students in a way that would be generally expected. The primary source of Student Personal Data is directly from the Student. We may also receive Personal Data about Students indirectly, including from:

  • Teachers, examiners and invigilators of the Student
  • Anyone providing a reference for the Student 
  • Third parties and public sources
  • Class/Exam recordings and tutorials

3. CATEGORIES OF STUDENT PERSONAL DATA

The table below sets out the general categories of Personal Data that we collect in relation to Students. 

Personal Data Category

Description

Contact Data

may include a person’s email address, phone number, postal address, other communication details (e.g. Skype)

Identification Data

may include a person’s name, date of birth, driver’s license and passport information

Communications Data

may include Personal Data included in communications with us over email, phone or letter.

Parking Data

may include vehicle make and model and vehicle registration number

Financial Data

may include your payment details.

4. OUR PROCESSING ACTIVITIES

Some of the Personal Data we collect comes from the application form that you must complete if you wish to participate in one of our educational courses, including the Student Admission Declaration. 

We also obtain Personal Data while you are a student at the Kings Inns. This includes, in particular, Personal Data about your academic performance during the course of your studies. 

We can only collect your Personal Data if we have a lawful basis for doing so. 

We have set out in the table below, the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing. 

Purpose/Activity

Type of Personal Data

Lawful Basis for processing

Student Applications

  • responding to queries
  • reviewing student applications received
  • entrance examinations
  • sending acceptance/rejection letters
  • Application Data
  • Communications Data
  • Grant/Bursary Data
  • Contract
  • Legitimate Interest
  • Consent

Admission of students

  • responding to queries
  • completion of admissions procedures
  • address any health related requirements of Student
  • Admission Data
  • Communications Data
  • Health Data
  • Contract
  • Legitimate Interest
  • Consent

Course Management

  • Provision of teaching and associated services
  • Undertaking of physical examinations and related administration
  • Undertaking remote or online examination of students including invigilation of those exams
  • Student communications
  • Delivery of online classes and tutorials
  • Recording of classes
  • Examination of students
  • Contact Data
  • Identity Data
  • Education Data
  • Health Data
  • Communications Data
  • Log Data
  • Online Exam Data
  • Contract
  • Legal Obligation
  • Legitimate Interest
  • Consent

Student Administration

  • Maintaining student records
  • Library services
  • IT and communication services
  • Management of grievances and disciplinary actions
  • Dealing with complaints and enquiries
  • Contact Data
  • Identity Data
  • Education Data
  • Student Record Data
  • Communication Data
  • Library Data
  • Log Data
  • Online Exam Data
  • Contract
  • Legitimate Interest

Student Finance

  • Financial Data
  • Contact Data
  • Identity Data
  • Contract
  • Legitimate Interest

Graduation

  • management and administration of student finance
  • Contact Data
  • Identity Data
  • Education Data
  • Student Record Data
  • Contract
  • Legitimate Interest

Dining

  • to schedule dining and take reservations
  • to manage dietary requirements
  • to ensure Students meet requirements for dining
  • for administration of the dining hall and numbers and to take payments
  • Contact Data
  • Health Data (for dining requirements)
  • Financial Data
  • Contract
  • Legitimate Interest
  • Consent

5. RETENTION OF STUDENT PERSONAL DATA

In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate interests. We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.

Our retention policy is as follows: 

Purpose of Processing

Retention Period

Student Applications

12 months for unsuccessful applicants, 24 months for appeal

until the student completes the course, plus one year or until any relevant appeals process or statutes of limitation of appeals have expired

Admission of students

until the student completes the course, plus one year or until any relevant appeals process or statutes of limitation of appeals have expired

Course Management

until the student completes the course plus one year, or until any relevant appeals process or statutes of limitation of appeals have expired

 

Exam Scripts and Recordings are retained for 13 months

Student Administration

until the student completes the course plus one year, or until any relevant appeals process or statutes of limitation of appeals have expired

Student Finance

Payment details are deleted once the payment has been received. Record of the payment is maintained for 7 years

Graduation

In perpetuity

Dining

Attendance is kept until the student completes the course.

Members

1. OVERVIEW

This section of the Data Protection Statement covers those persons that are entered upon a register of members of King’s Inns (hereinafter the “Members”), which is maintained by the King’s Inns Council, and who fall into the following categories:

  • benchers (including honorary benchers) who have been appointed in accordance with the King’s Inns rules;
  • practising barristers who are members of the Law Library;
  • practising barristers who are not members of the Law Library;
  • Circuit Court and District Court judges who have been admitted to the degree of Barrister–at–Law; and
  • qualified barristers (who do not come within any of the first four categories);

Students who have paid tuition fees, are deemed to be student members of the King’s Inns but are covered in the “Students” section.

Please see the section labelled “Overview and General Information” above for information on:

  • Contact Details
  • Lawfulness of Processing
  • Security
  • Disclosure of Personal Data
  • Your Rights
  • Use of Third Party Websites
  • Cookies
  • Amendments
  • Questions or Complaints

2. SOURCES OF MEMBER PERSONAL DATA

We will only ever source Personal Data relating to Members in a way that would be generally expected. The primary source of Member Personal Data is directly from the Member. We may also receive Personal Data about Members indirectly, including from third parties and public sources.

3. CATEGORIES OF MEMBER PERSONAL DATA

The table below sets out the general categories of Personal Data that we collect in relation to Members.

Personal Data Category

Description

Contact Data

may include a person’s email address, phone number, postal address, other communication details (e.g. Skype)

Identification Data

may include a person’s name, date of birth, driver’s license and passport information

Criminal Data

Includes information relating to criminal convictions and offences

Health Data

includes information you provide us, including information about any disability or illness

Member Administration Data

Includes information about any complaint or grievance made by or against you. The Personal Data collected depends on the nature of the complaint.

If a complaint is made against you we will obtain your Personal Data from the complainant and, in instances where we investigate the complaint, other persons who have relevant information pertaining to the complaint.

Communications Data

may include Personal Data included in communications with us over email, phone or letter.

4. OUR PROCESSING ACTIVITIES

We can only process your Personal Data if we have a lawful basis for doing so. The table below sets out the purpose for which we collect your Personal Data, our lawful basis for doing so, and the Personal Data that we collect. 

In limited circumstance we may need to use your Personal Data for purposes other than those stated when we collected the Personal Data. Should this happen we will notify you of this new purpose.

Purpose/Activity

Type of Personal Data

Lawful Basis

Roll of Barristers

  • Management of admission to roll of qualified barristers
  • Maintenance of roll
  • Contact Data
  • Identity Data
  • Criminal Data
  • Communication Data
  • Legal Obligation
  • Legitimate Interest

Referring complaints to the Legal Services Regulatory Authority

  • Member Administration Data
  • Legal Obligation under section 51 of the Legal Services Regulations Act 2015

6. RETENTION OF MEMBER PERSONAL DATA

In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate interests. We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.

Our retention policy is as follows: 

Purpose of Processing

Retention Period

Roll of Barristers

Permanent

Referring complaints to the Legal Services Authority

Permanent

Business Contacts 

1. OVERVIEW

This section of the Data Protection Statement covers those business contacts including suppliers, consultants, customers and business partners (collectively, “Business Contacts”) that provide goods or services to the King’s Inn relating to the carrying out of its functions.

Please see the section labelled “Overview and General Information“ above for information on:

  • Contact Details
  • Lawfulness of Processing
  • Security
  • Disclosure of Personal Data
  • Your Rights
  • Use of Third Party Websites
  • Cookies
  • Amendments
  • Questions or Complaints

2. SOURCES OF BUSINESS CONTACT PERSONAL DATA

We will only ever source Personal Data relating to Business Contacts in a way that would be generally expected. We receive Personal Data about Business Contacts from a variety of sources, as follows:

  • the Personal Data is often provided by the Business Contact as part of the relationship;
  • the Personal Data may be collected from public sources;
  • the Personal Data may be collected indirectly from another person within the company of the Business Contact;
  • the Personal Data may be collected through our website;
  • the Personal Data may be collected indirectly from a website or from a third party.

3. CATEGORIES OF BUSINESS CONTACT PERSONAL DATA

The table below sets out the general categories of Personal Data that we collect in relation to Business Contacts: 

Personal Data Category

Description

Contact Data

may include a person’s name, date of birth, driver’s license and passport information

Communications Data

may include Personal Data included in communications with us over email, phone or letter.

Parking Data

may include vehicle make and model and vehicle registration number

Financial Data

may include your payment details.

4. OUR PROCESSING ACTIVITIES – BUSINESS CONTACTS

The table below sets out the purpose for which we collect your Personal Data, our lawful basis for doing so, and the Personal Data that we collect. 

In limited circumstance we may need to use your Personal Data for purposes other than those stated when we collected the Personal Data. Should this happen we will notify you of this new purpose.

Purpose/Activity

Type of Personal Data

Lawful Basis

Parking Services

  • to review applications for our parking services
  • to manage the parking contract
  • for administration of relationship
  • Contact Data
  • Identification Data
  • Communications Data
  • Parking Data
  • Financial Data
  • Contact
  • Legitimate Interest

Accommodation (HSKI Rental Cottages)

  • to review tenancy applications
  • to manage the tenancy contract
  • for administration of the tenancy
  • Contact Data
  • Identification Data
  • Communications Data
  • Financial Data
  • Contact
  • Legitimate Interest
  • Legal Requirement

Managing payments and administration of the contract

  • to process payments to and from our business.
  • to fulfil our legal/contractual obligations
  • to manage/respond to complaint/issue
  • Contact Data
  • Identification Data
  • Financial Data
  • Contact
  • Legitimate Interest
  • Legal Requirement

Venue Hire

  • to review requests for venue hire
  • to manage/respond to complaints/issues
  • Contact Data
  • Communication Data
  • Legitimate Interest

5. RETENTION OF BUSINESS CONTACT PERSONAL DATA

In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate interests. We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims.

Our retention policy for Business Contact Personal Data is as follows: 

Purpose of Processing

Retention Period

Parking Services

Duration of contract plus 7 years

Accommodation Services

During of Tenancy plus 7 years

Managing payments and administration of the Contract

Duration of contract plus 7 years

Venue Hire

For 12 months after the last communication