Aspéire Consulting Group Ltd. is committed to the privacy of its clients the users of the aspeire.com website (the “Site”). We take our responsibilities under the Data Protection Acts, 1988 and 2003, and the GDPR seriously and we are committed to protecting your privacy when you are visiting the Site.
Aspeire Consulting Group Ltd Clients
Types of Personal Data Processed. The types of personal data processed will vary depending on the data you require us to process in order to deliver to you with the requested service(s) and in accordance with our engagement terms with you. We may process ‘personal data’ as defined in Article 4(1) GDPR (we do not expect there to be a consulting situation where we would process ‘Special category Personal Data’ as defined in Article 9(1) GDPR).
Categories of Data Subjects. Personal data we process for our own purposes and on your behalf may include but may not be limited to your client and prospect data, your staff data, your contractor data, your supplier data and similar data related to your business and its operations.
Categories of data subjects will, for so far as we act as a data processor, be determined by you and as contemplated by our engagement terms with you. Normally, we will only require limited aspects of your staff data for our own purposes and will advise you should it become necessary for us to process any other categories for our own purposes.
Legal Basis for Data Processing. Generally, it is your responsibility as the Data Controller to ensure you provide us with data for processing activities for which you have identified a legal basis for such processing. We will not accept responsibility for your providing us data without a legal basis for doing so. Where we require personal data from you for our own purposes we normally do so on the following legal bases as defined under GDPR:
Contract entry and performance: In order to commence working with you as a client we are legally required to take certain steps, such as assuring ourselves of your identity. In order to do so we require some personal data from you. During the course of our engagement with you we require to continue processing personal data about you to enable us to deliver the service(s) to you
Our legitimate interests: We may also use your personal data based on our own legitimate interests in promoting our services and developing our services and assessing our performance. Activities promoting our services may include business to business marketing which you may opt-out of at any time. Opt-out may be achieved by responding using the unsubscribe options contained within the information you have received or by emailing our Data Protection Officer at info (at) aspeire.com.
Legal obligations: In some instances, we may be required to provide it to third parties such as law enforcement. Where such obligations arise we will, insofar as is possible without breaching any other duty we owe to those services, advise you of our intention to process your data for their purposes. Should we ever require Special Category Personal Data from you, we will ask for your permission to process that data. If you are not willing to provide us with certain data we may be unable to deliver some or all of our services, and we will inform you of this.
Duration of Processing. We will process personal data on your behalf for so long as you instruct us to do so. At the cessation of our processing activities on your behalf it is your decision what happens to the personal data you have provided to us. We will work with you to carry out your reasonable instructions.
Personal data we collect for our own purposes will be managed in accordance with our Data Retention Policy which reflects current legal obligations. We retain and manage all information submitted through this website in accordance with our Data Retention Policy and only hold it for as long is necessary.
Use of Third-Party Service Providers (Sub-processors). As part of our service delivery it is necessary for us to use sub-processors. Our computer, communications and IT support are largely provided by parties external to Aspeire Consulting Group Ltd. Some solutions we use are cloud based, such as Dropbox for file storage and Google for Business for email. All sub-processors have contracted terms of service which provide at least the same level of protection for your data as we do. Most sub-processors do not engage directly with your data and simply provide secure storage and/or communications solutions for the data we process. Unless we have otherwise expressly agreed, sub-processors are prohibited from using your personal data for their own purposes.
Data Transfers. Aspeire Consulting Group Ltd. utilizes a number of suppliers to provide IT and other associated services for the operation of our business and delivery of services to you. In many cases, the suppliers we use will be granted access to the data we are processing to provide us with technical assistance. Such processing activities are not directly related to our principal services to you and are considered ancillary to our own internal activities.
Data may be stored on encrypted devices and transported by individuals as necessary for the delivery of our services in accordance with the terms and conditions we have agreed with you. We have put in place appropriate technical measures to ensure data remain secure irrespective of where our people deliver our services.
As part of our service delivery we process limited personal data for the purposes of, but not limited to, data storage, back up, destruction, billing, client management, conflict checking and know-how under standard contractual clauses agreement via third-party suppliers worldwide. In the event this is necessary we will ensure appropriate controls that meet GDPR standards are in place via EU standard contractual clauses or the Privacy Shield Framework to protect your data and data subject rights and freedoms.
By asking us to act as a Data Processor on your behalf you permit us to use EU standard contractual clause agreements and/or the Privacy Shield Framework with our chosen service providers/sub-processors on your behalf. All such agreements will be in our name and you may enforce rights against the sub-processor(s) directly through us.
Your Data Subject Rights. Where we act as a Data Controller for your data you may exercise several rights. You may:
Request access to the personal data we hold about you
Ask us to correct any data which are inaccurate
Request to have your personal data deleted
Put in place restrictions on our processing of your data
Ask us to transfer your data to another controller (data portability)
We will handle all exercise of your data subject rights in accordance with the requirements of GDPR and any national laws at the time of your request. Requests should be submitted in writing to our Data Protection Officer info (at) aspeire.com.
If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the matter for you, you may take your complaint to the Information Commissioner’s Office. Further details can be found via their website at www.dataprotection.ie/docs/Home/4.htm.
Should we receive a request from you or one of your staff, clients, customer, contractors or prospects, to exercise data subject rights but we are only acting as a Data Processor, we will forward your request to you as Data Controller to process. Unless you explicitly instruct us not to, we will advise the data subject that we have passed their request to you.
Data Security. We have put in place reasonable controls, including policies and procedures, to protect your personally identifiable information from loss, misuse, alteration or unintentional destruction, as have our contractors, sub processors and suppliers.
Data transferred over the internet by us and through our website are protected using encryption technologies to ensure they remain secure. However, please note that no communications over the internet can be guaranteed as secure. While we take appropriate steps to protect your data we cannot guarantee that it will remain secure in transit. Once data reaches your network it is your responsibility to ensure it remains secure.
Aspeire.com Website Privacy Statement
The Aspéire Consulting Group Ltd. website (www.aspeire.com) (the “Site”) is published by Aspeire Consulting Group Limited.
Personal Information Collected. Unless you provide us with your email address to subscribe to our blog or to contact us via the info (at) aspeire.com email link on the Site, the Site does not collect any personally identifiable information. If you have provided such personal information, we will process it in accordance with the terms set forth above.
The cookies we use are provided by Google Analytics (Opt out) and Wix.com.
We have integrated the component of Google Analytic on the Site. Google Analytics is a web analytics service. Web analytics is the collection, gathering, and analysis of data about the behavior of visitors to websites. A web analysis service collects, inter alia, data about the website from which a person has come (the so-called referrer), which sub-pages were visited, or how often and for what duration a sub-page was viewed. Web analytics are mainly used for the optimization of a website and in order to carry out a cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.
The purpose of the Google Analytics component is to analyze the traffic on our website. Google uses the collected data and information, inter alia, to evaluate the use of our website and to provide online reports, which show the activities on our websites, and to provide other services concerning the use of our Internet site for us.
Google Analytics places a cookie on the information technology system of the data subject. The definition of cookies is explained above. With the setting of the cookie, Google is enabled to analyze the use of our website. With each call-up to one of the individual pages of this Internet site, which is operated by the controller and into which a Google Analytics component was integrated, the Internet browser on the information technology system of the data subject will automatically submit data through the Google Analytics component for the purpose of online advertising and the settlement of commissions to Google. During the course of this technical procedure, the enterprise Google gains knowledge of personal information, such as the IP address of the data subject, which serves Google, inter alia, to understand the origin of visitors and clicks, and subsequently create commission settlements.
The cookie is used to store personal information, such as the access time, the location from which the access was made, and the frequency of visits of our website by the data subject. With each visit to our Internet site, such personal data, including the IP address of the Internet access used by the data subject, will be transmitted to Google in the United States of America. These personal data are stored by Google in the United States of America. Google may pass these personal data collected through the technical procedure to third parties.
The data subject may, as stated above, prevent the setting of cookies through our website at any time by means of a corresponding adjustment of the web browser used and thus permanently deny the setting of cookies. Such an adjustment to the Internet browser used would also prevent Google Analytics from setting a cookie on the information technology system of the data subject. In addition, cookies already in use by Google Analytics may be deleted at any time via a web browser or other software programs.
Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/ and under http://www.google.com/analytics/terms/us.html. Google Analytics is further explained under the following link https://www.google.com/analytics/.
The Site is hosted by Wix.com, S.a.r.l, 5, rue Guillaume Kroll, L-1882 Luxembourg. Wix.com may collect, store and process certain non-personal and personal Information (i.e., your email address as part of our use of Wix.com's blog subscription service) of visitors ("Users-of-Users) to our website (“Users-of-Users Information”), solely on our behalf and at our direction. For example, we may collect and manage email contacts the website. Such contacts are then stored with Wix.com, on the our behalf.
For such purposes, Wix serves and shall be considered as a “Processor” and not as the “Controller” (as both such capitalized terms are defined in the European Union General Data Protection Regulation) of such Users-of-Users Information, and we are the “Controllers” of such Users-of-Users Information, and are responsible for complying with all laws and regulations that may apply to the collection and control of such Users-of-Users Information, including all privacy and data protection laws of all relevant jurisdictions.
More Information on Cookies.
You can also deactivate specific 3rd party cookies through the following page managed by the EDAA (European Interactive Digital Advertising Alliance): http://www.youronlinechoices.com. Most Internet browsers automatically accept cookies. You can instruct your browser, by changing its settings, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. However, some Services may not function properly if you disable cookies. You can visit http://www.aboutcookies.org for more information on how to manage and remove cookies across a number of different internet browsers.
Log Files. Like most websites, the Site uses log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the site, track user's movement in the aggregate, and gather broad demographic information for aggregate use. However, none of the information stored in our log files, including but not limited to IP addresses, is linked to personally identifiable information.
Children. The Site is not intentionally designed for or directed at children 13 years of age or younger. It is our policy never to knowingly collect or maintain information about anyone under the age of 13 through our websites. If you are under 16 years of age you must obtain the consent of a parent or guardian to submit information via our site. Please ask them to review this information before you communicate with us.