Who are we? Pieta House is a not for profit company and a registered charity in the Republic of Ireland (CHY 16913).
What do we do? Darkness into Light (DIL) is Pieta House’s flagship fundraising event, a sponsored walk, held at locations around the world. Pieta House provides a one to one professional counselling programme for people who are suicidal, self-harming or have been bereaved by suicide. The DIL event team process personal data (identifying information) to organise this annual fundraising event.
How can you contact us?
Address: 1st Floor, Greenhills Retail Park, Greenhills Road, Tallaght, Dublin 24, Ireland.
Telephone: (+353) (01) 4585490
Who do we process data about? To hold our Darkness into Light fundraising event we will process your data if you chose to register as a participant in the annual walk. In relation to the Darkness into Light event, Pieta House as the data controller contracts third parties to process and fulfil event registrations (including entry fees), maintain the database of registrants, and additional actions such as delivering participants t-shirts and sending email communications. Event volunteers are also used for certain functions in relation to the organising and holding of the walk. If you sign up to become a DIL volunteer we will share your necessary personal data with local event organisers.
What kind of data is processed by us? We process the following types of personal data about event participants:
- Name and contact information
- Registration payment details
- Registration for event and its location
- Participant general age range
Where did we get your data from? We receive your personal data from you when you chose to sign up for the Darkness into Light 2019 walk through our online portal. You may also sign up other adults, or children for whom you are legally responsible for. DIL swiftly communicates directly with the other adults, who have not registered themselves, in order to recognise their autonomy and ownership of their own personal data and offer them the opportunity to object to the processing of their data as set out in the DIL Terms and Conditions and this statement. DIL does not collect contact details for anyone aged less than 18 years.
What are our grounds for processing? In each instance that DIL processes your personal data as a participant it will rely on the legal grounds of either GDPR Art 6.1 (a) specific consent or GDPR Art 6.1 (b) performance of a contract to fulfil some or all of the following purposes:
- Registration of participants and fundraisers for Darkness into Light
- Online fundraising
- Processing financial transactions such as entry fee payments
- Organising events and maintaining event registration
- Communications about this event and future related events by Pieta House
- Communications about the work of Pieta House and/or a partner charity
- In some circumstances we may also be legally obliged to share your data with State entities, for example the Charities Regulator or the Revenue Commissioners, for financial compliance (GDPR Art 6.1 c).
When the legal basis relied upon is specific consent you will be informed that you can withdraw your consent at any time.
How long do we retain your data? DIL will retain participant data, such as your contact details, for 12 months from the date of the event. If you wish your data to be removed from our contact list before the end of that 12 month period please email firstname.lastname@example.org. We have a legal obligation to retain all relevant financial records for the current financial year plus six years (Revenue Commissioners). On a case by case basis, we may retain personal data for longer where they are required for actual or potential legal actions or the management or mitigation of operational or strategic risks for the charity. Where records are subject to this kind of hold the ongoing retention will be reviewed annually.
Where do we keep your data? Pieta House/DIL endeavours to keep your data within the EU/EEA, however, some third party service providers contracted to help organise the 2019 event are located outside the EU/EEA. This may necessitate cross border transfers of personal data, for example, Facebook may transfer your data to the U.S. relying on Privacy Shield and Funraisin may transfer your data to Australia relying on Standard Contractual Clauses. We monitor the legality of such cross border transfers.
Do we share your data? As outlined above, we interface with third party service providers that can access your personal data. These situations are managed by data processor agreements which contain clear contractual safeguards for individuals and their personal data. We do not share your data with any partner charities linked to Pieta House. We will never sell your data. We will never allow any third party gain access to our participant database other than those contracted to provide a service.
What are your rights? Individuals have rights over their personal data under EU and Irish Data Protection law. These rights are not absolute and qualifications or restrictions can apply. In summary your rights are: Right to be informed; Right of access; Right to rectification; Right to be forgotten / erasure; Right to restrict processing; Right to object; Right not to be subject to automated decision making and/or profiling; Right to portability. If you believe your data privacy rights have been infringed you have the right to make a complaint to the Irish Data Protection Commission, your local EU data protection regulator, or to seek compensation through the judicial system. Pieta House/DIL is committed to helping individuals exercise their rights.
How do you contact the Data Protection Commission?
Address: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, Ireland.
Telephone: +353 (0)57 8684800 / +353 (0)761 104800
This data protection statement is dated February 2019. We may update our relevant policies from time to time. Any updates will be made available and, where appropriate, notified to you. Words and expressions used in this statement shall have the meanings given in the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018.