Cirrutech Software Ltd Software Limited, (T/A ECCEsoft) is a company registered in Ireland whose registered address is Kingsfurze House, Old Lucan Road, Dublin, D20 KR60. (“Cirrutech Software Ltd” “We”).
If you have any questions regarding your personal data and how we may use it, including any queries relating to this Policy, please contact us at email@example.com (with the subject heading “Data Protection”), or writing to the “Data Protection Officer” at the office address noted above.
It is important that the personal data we hold about you is accurate and current. Please keep us (or our clients, where appropriate) informed if your personal data changes.
Cirrutech Software Ltd’s data protection and privacy measures are governed by the (i) the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the Ireland and UK and then (ii) any successor legislation to the GDPR or the country specific Data Protection Acts (“Data Protection Legislation”).
For the purpose of Data Protection Legislation:
- Where personal data is provided directly to Cirrutech Software Ltd through use of the Website, email, or other means where Cirrutech Software Ltd is determining the way in which that personal data is processed for its own use, then Cirrutech Software Ltd will be a data controller of such information.
- Where Cirrutech Software Ltd is provided personal data in its capacity of providing Services to its clients, then Cirrutech Software Ltd will only process that personal data in accordance with the instructions of its clients and Cirrutech Software Ltd will therefore act as a data processor in respect of such personal data; Cirrutech Software Ltd’s client will be the data controller of that personal data for that purpose and will be responsible to data subjects for the way in which their personal data is processed as the data controller.
Personal data and basis for collection
Personal data means any data or information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
Where Cirrutech Software Ltd is acting as a data controller, Cirrutech Software Ltd may collect, use, store and transfer different kinds of personal data about you which Cirrutech Software Ltd has grouped together as follows
Where Cirrutech Software Ltd needs to collect personal data by law, or under the terms of a contract Cirrutech Software Ltd has with you (or our client whom Cirrutech Software Ltd acts for) and you fail to provide that data when requested, Cirrutech Software Ltd may not be able to perform the contract it has or is trying to enter. In this case, Cirrutech Software Ltd may have to cancel the Services but it will notify you (or where appropriate, its client) if this is the case at the time.
Cirrutech Software Ltd uses different methods to collect personal data from and about you including through:
Cirrutech Software Ltd will only use your personal data when the law allows us to, i.e., if we have a legal basis for doing so, as outlined in this Policy or as notified to you at the time we collect your personal data, and for the purposes for which it was collected for, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do this. Please note that we may process your personal data without your knowledge or consent, where this is required or permitted by law.
Where we act as the data controller for client contact information, we have set out below in the table a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact Cirrutech Software Ltd if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Where we act as a data processor of personal data on behalf of our clients, we will process personal data in accordance with our clients’ instructions, or in order to comply with all legal or regulatory obligations.
Where we act as the data controller for client contact information, or where permitted by Cirrutech Software Ltd’s data controller clients, personal data processed by Cirrutech Software Ltd may be shared as follows:
Where we provide your personal data to Data Processors or Sub-Processors we will have in place a written agreement with each third party confirming on what basis the third party will handle your personal data and will ensure that there are sufficient safeguards and processes in place to protect your personal data. We require all third parties to respect the security of your personal data and to treat it in accordance with the law and only process that personal data in accordance with our (or our client’s) instructions. The third parties that we may send your personal data to are either within the European Economic Area (“EEA”) or to third parties under suitable protection mechanisms as laid out in applicable Data Protection Legislation.
From time to time we may transfer your personal data from within the EEA to other countries where we have put in place adequate security measures to ensure your personal data will be handled in a way that matches applicable Data Protection Legislation, so that where your personal data is being transferred it will be processed in line with our EEA-based service, regardless of which country (even if outside of the EEA).
Separate to the above, we may also transfer your personal data to countries outside of the EEA to other people or companies for one of the legal bases for processing your personal data as indicated above, or at the request of our data controller clients. Where we do so, we will take all steps to ensure that any country to which the personal data has been transferred has suitable protection mechanisms in place to protect personal data, including (if applicable) use of EU Model Clauses in any contract with that third party for steps to be taken to keep personal data secure.
We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed and have various information security policies in place to which we adhere to. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain personal data in accordance with our retention policy, which includes:
- where we act as a data controller in connection with client contact information, for as long as necessary to fulfil the purposes we collected it for;
- where we act as a data processor on behalf of its clients, for the period notified to Cirrutech Software Ltd by the data controller client;
- in either case, for the period required for the purposes of satisfying any legal, accounting, regulatory or reporting requirements.
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
To exercise any of the above rights please email your request to: firstname.lastname@example.org with the subject heading “Data Processing Request”. Alternatively write to the “Data Protection Officer” at the office address noted above.
Where you exercise your right to erasure (and we do not have another legal basis to hold on to that personal data) or where information is deleted in accordance with Cirrutech Software Ltd retention policy, please note that after the deletion of your personal data, it cannot be recovered, so if you require a copy of this personal data, please request this during the period Cirrutech Software Ltd retains the data.
Where you exercise your right to request access to the information Cirrutech Software Ltd processes about you, you will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Cirrutech Software Ltd will try to respond to all legitimate access requests within one month.
The Website is not intended for children and Cirrutech Software Ltd will not knowingly collect any personal data from persons under the age of 18 and will immediately delete any such data subsequently so determined.
If you would like to make a complaint in relation to how Cirrutech Software Ltd may have stored, used or processed your personal data, you have the right to make a complaint at any time to the Data Protection Commissioner. Cirrutech Software Ltd would, however, appreciate the chance to deal with your concerns before you approach the Data Protection Commissioner, so please contact us in the first instance.
We would like to place cookies on your computer to help us make your use of our Website better. Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Just so you know, the main cookies on our Website are from Google Analytics tracking and there’s also a session cookie generated that is essential to the running of the Website but holds no personal data.
Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser, but please note that if you choose to erase or block your cookies, you will need to re-enter your details to gain access to certain parts of the website.
We may also use third party IP lookup software which identifies and tracks visitors or organisations to our Website, which may create a link to an identifiable individual. Tracking technologies may record information such as internet domain and host names, internet protocol addresses, browser software and operating system types, clickstream patterns and dates and times that our website is accessed. We may also analyse information that does not contain personal data for trends and statistics.
Cirrutech Software Ltd is committed to ensuring that your information is secure and has in place reasonable and proportionate safeguards and procedures to protect your personal data. While Cirrutech Software Ltd does its best to protect your personal data, Cirrutech Software Ltd cannot guarantee the security of any information that you transmit to Cirrutech Software Ltd and you are solely responsible for maintaining the secrecy of any passwords or other account information.