The Irish Veterinary Behaviour Association (IVBA) is committed to protecting your privacy. At all times we aim to respect any personal information you share with us and keep it safe. This Privacy Policy (“Policy”) sets out our data processing practices and your rights and options regarding the ways in which your personal information is used and collected.

Provision of your personal information to us is voluntary. However, without providing us with your personal information, your use of our services or your interaction with us may be impaired.

Data Subjects

We collect personal information only as needed from those with whom we conduct business:

• current members
• previous members
• current professional contacts (for example: pharmaceutical suppliers or sponsors)

The IVBA does not process children’s personal information. We require that all members be over the age of 18 years.

How we collect personal information about you

We collect personal information about you when

• you give it to us directly, such as, when you communicate with us by email, phone or mail or register for a course or dog training service.
• your information may be available from external publicly available sources. For example, depending on your privacy settings for social media services, we may access information from those accounts.
• you visit our website, we may automatically collect technical information and information about your visit to the website.
• you visit our website which may collect cookies.

Types of personal data collected

We collect personal information (PI) that you provide to us, which is information that identifies you as an individual. We only do this when you have provided us with the information and you have given your consent that we can use it in your interest for the purposes set out in this Policy.

We collect only the personal information that we require to provide you with a complete service.

We may ask you to provide:

• full name
• email address
• phone number
• information about your visits to our website
• financial details such as bank details
• postal address
• employment, education and experience history (relevant only to members registering for CPD or educational courses)

Purposes for collection

• Full name: we record your full name so as to issue certificates, where relevant, correctly
• Email address: this is our primary mode of contact with you and we will use emails to communicate about course materials, course events, training service notes, homework & reports, to send you information about other related courses or services, to send you course results and feedback
• Phone number: we will contact you by phone only where a course or training may not run, unexpectedly, and where we must contact you at short notice. We may contact you by phone to return a phone message from you.
• Information about your visit to our website: through the use of ‘cookies’, our website or mobile applications may tailor your interaction and experience with our website to your individual preferences.
• Financial details: where you organise payment via bank transfer, your bank references are recorded in our accounting database by accounting software (SURF)
• Postal address: we may ask for your postal address so as to deliver certificates to you.
• Employment, education, experience history: to fully evaluate your application on a course, we may review your history to ensure that your chosen course of study is suitable and appropriate.

Any personal data you volunteer will be used for the purpose for which you supply it and will be treated with the highest standards of security and confidentiality, strictly in accordance with General Data Protection Regulations.

The IVBA collects and uses your personal information (PI) to deliver the most suitable or related services you have requested. Your information will only be used for contacting you regarding IVBA events or activities and will not be passed on to any third party or otherwise.

By providing your PI, and where you have agreed to receiving communications from us, we may use the information:

• to consider your application for IVBA membership
• to communicate with you regarding course events
• to register your place on any education course or event provided by the IVBA
• to send course materials to you to facilitate completion of courses and educational events
• to register you as an applicant for educational courses and events
• to issue certificates
• to carry out reviews or appeals
• to communicate scheduling information
• to otherwise provide you with services, products, or information that you have requested
• to register and book your place on any CPD or training events provided by the IVBA
• to send you course information and materials to facilitate you implementing training advice
• to urgently notify you of late-notice cancellations
• to notify you of suitable training courses or services provided by the IVBA in the future
• to notify you of educational courses and events provided by the IVBA in the future
• to improve on the level of service that we provide
• to communicate as necessary regarding courses, materials, resources, and training service resources and information
• to provide further information about our services, where necessary, and only where you have provided your consent to receive such information
• to answer queries and communicate with you in general
• to administer activities of the IVBA, including our website, and ensure that content is presented in the most effective manner
• to audit and administer our accounts
• to satisfy legal requirements

We may use your contact details to provide you with information about our work, events, and services which we consider may be of interest to you.

Where we do this, we will contact you by email and only with your consent.
Where you have provided us with your consent previously but do not wish to be contacted by us about our work, events, services and/or activities in the future, please let us know by email info@ivba.ie.

Lawful bases

The legal basis for processing your personal information is that you have explicitly given your consent to us. This consent can be given at the time of initially seeking our services or having read the company’s Privacy Statement providing explicit consent to our continuing use of the personal data you have supplied us.

GDPR requires us to rely on one or more lawful bases to use your personal information. We consider the grounds listed below to be relevant:

• Where you have provided your consent for us to use your personal information in a certain way. For example, we may ask for your consent to collect special categories of your personal information to allow us to accommodate specific considerations on your behalf in relation to course activities and assessment.
• Where necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering a contract (for example, to provide you with certification after submitting assessment).
• Where there is a legitimate interest in us doing so.
  “Legitimate interest” refers to running the IVBA as a commercial entity, delivering courses and providing assessment and certificates in line with our standards.

GDPR allows us to collect and process your personal information if it is reasonably necessary to achieve our legitimate interests.

When we process your personal information to achieve such legitimate interests, we consider and balance any potential impact on you and on your rights under data protection laws. We will not use your personal information for activities where our interests are overridden by the impact on you.

Retention period

How long we will keep your data will vary depending on the purpose for which we received your personal information. The IVBA will only hold this data for as long as we deem necessary when full consent is received.

Consent

We will only use your personal information for the purposes set out in this Policy.

We will take measures to ensure that consent is freely given, specific, informed and that it is a clear indication that an individual has chosen to agree to the processing of their data by way of statement or a clear affirmative action.

When you engage our services, we will clearly set out how we will use your personal information via our Privacy Statement and ask that you consent to us contacting you relevant to the services purchased.

You can withdraw your consent at any time, by email.

We will always ask for your consent in writing and retain a copy of that consent. Where you withdraw your consent, we will also retain that correspondence.

Will we share your personal information?

We do not share, sell or rent your personal information to third parties.

Security/ storage of and access to your personal information

The IVBA are committed to keeping your personal information safe and secure and we have appropriate and proportionate security policies and organisational and technical measures in place to help protect your information.

Only IVBA Executive Committee members have access to your personal information.

All personal information is stored on secure servers and password protected which have features to prevent unauthorised access.
Hard copy data is kept to a minimum and any paper records are stored in suitable filing cabinets and secured rooms. 

International Data Transfers

Given that we are Irish-based organisation we will normally only transfer your personal information within the European Economic Area (“EEA”), where all countries have the same level of data protection law as under GDPR.

However, because we may sometimes use agencies to process personal information on our behalf, it is possible that personal information we collect from you will be transferred to and stored in a location outside the EEA, for example the United States.

Where your personal information is stored or otherwise processed outside the EEA, we will take reasonable steps to ensure that your personal information is protected and treated securely, in accordance with this Policy.

No transmission of your personal information over the internet can be guaranteed to be 100% secure – however, once we have received your personal information, we will use strict procedures and security features to try and prevent unauthorised access

Exercising your Rights

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for marketing purposes or to unsubscribe from our email list at any time. You also have the following rights:

• Right of access – you can write to us to ask for confirmation of what personal information we hold on you and to request a copy of that personal information. Provided we are satisfied that you are entitled to see the personal information requested and we have successfully confirmed your identity, we will provide you with your personal information subject to any exemptions that apply.
• Right of erasure – at your request we will delete your personal information from our records as far as we are required to do so. In many cases we would propose to suppress further communications with you, rather than delete it.
• Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You can also ask us to check the personal information we hold about you if you are unsure whether it is accurate/up to date.
• Right to restrict processing – you have the right to ask for processing of your personal information to be restricted if there is disagreement about its accuracy or legitimate usage.
• Right to object – you have the right to object to processing where we are (i) processing your personal information on the basis of our legitimate interests, (ii) using your personal information for direct marketing or (iii) using your information for statistical purposes.
• Right to data portability – to the extent required by GDPR, where we are processing your personal information (that you have provided to us) either (i) by relying on your consent or (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact, and in either case we are processing using automated means (i.e. with no human involvement), you may ask us to provide information in machine compatible format.
• Rights related to automated decision-making – you have the right not to be subject to a decision based solely on automated processing of your personal information which produces legal or similarly significant effects on you, unless such a decision (i) is necessary to enter into/perform a contract between you and the IVBA; (ii) is authorised by EU or Member State law to which the IVBA is subject (as long as that law offers you sufficient protection); or (iii) is based on your explicit consent.

We encourage you to raise any concerns or complaints you have about the way we use your personal information by contacting us using the details below.

Procedure:

As soon as a concern is raised by a data subject, we will acknowledge that concern, by email. We will make you aware of your rights, via our Privacy Statement and ask what action you would like us to take.

We will complete the requested action within one month of the request.

Data processing will be halted on request and no further use of data implemented.

All data will be provided by email attachment as PDF, .jpg or .png or MP4 or MOV where relevant.

Once completed we will notify you of the methods used and completion of that action. All correspondence will take place via email.

Data breaches will be reported immediately electronically. Data subjects affected by such a breach will be notified immediately of all details.
Advice will be sought regarding updating and monitoring security.

Changes to this Notice

We may update this Policy from time to time. We will notify you of significant changes by contacting you directly where reasonably possible for us to do so and by placing an update notice on our website. This Policy was last updated on 21^st June 2022.

Links and third parties

We link our website directly to other sites. This Policy does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

How to contact us

Please let us know if you have any questions or concerns about this Policy or about the way in which the IVBA processes your personal information by contacting us:

Post: The Irish Veterinary Behaviour Association, 1, Charlotte’s Quay, Limerick, V94 TW5E

Email: info@ivba.ie

Or social media messaging.