We respect individual’s rights to privacy and to the protection of personal information. The purpose of this page is to provide information related to the processing of personal data by Turas Nua as a data processor and agent of the Department of Employment Affairs & Social Protection (DEASP). We may also collect information about visitors to our website that your browser sends when you use visit our site or access it through a mobile device. This usage data may include information such as your computer’s internet protocol address, browser type, browser version, the pages of our site that you visit, time spent on the site, unique identifiers and other diagnostic data. When accessed via a mobile device, the data may include your mobile device unique id, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser used, unique identifiers and other diagnostic data.
We may also collect information about visitors to our website that your browser sends when you use visit our site or access it through a mobile device. This usage data may include information such as your computer’s internet protocol address, browser type, browser version, the pages of our site that you visit, time spent on the site, unique identifiers and other diagnostic data. When accessed via a mobile device, the data may include your mobile device unique id, the IP address of your mobile device, your mobile operating system, the type of mobile internet browser used, unique identifiers and other diagnostic data.
Tracking and Cookies Data
a. Session Cookies
These are necessary for the operation of the website
b. Preference Cookies
We use preference Cookies to remember your preferences and settings
c. Security Cookies
Security Cookies are used for security purposes
The Department of Employment Affairs & Social Protection (DEASP) on whose behalf we process Customer data is the Data Controller and is responsible to the Data Protection Commissioner for the security of your data. A ‘data controller’ means “the natural or legal person, public authority, agency, or other body which, alone or in conjunction with others determines the purposes and means of the processing of personal data”.
Turas Nua is the Data Processor we act as an agent of the Department with regard to the processing of personal data collected under the JobPath programme. A data processor means “a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller”.
Turas Nua complies with the principles of the General Data Protection Regulations and Irish Data Protection Acts 2003 - 2018. We also comply with the instructions of the Data Controller (DEASP) in relation to the processing of customer personal data.
Data that is shared with Turas Nua
The Department (DEASP) provide Turas Nua with personal data at the time of referral to the Jobpath program. The data categories that may be shared include the following:-
Turas Nua collect additional data while you are on program with us, this may include the following:-
We will process the information you give us and information that is provided to us about you by DEASP fairly and lawfully, and we shall ensure that this data is adequate, relevant and limited to what is necessary for the purposes for which the data is processed in accordance with the GDPR and Irish Data Protection Acts 2003 – 2018 for the purposes of :-
Legal Basis for Processing
Where consent is the legal basis relied upon for processing, you have the right to revoke this consent as freely as it was given. You may revoke consent in writing or email to the Data Protection Officer at the address listed below.
Turas Nua have implemented appropriate technical and organisational measures to ensure a very high level of security and encryption for the personal data that we hold. We use industry standard technologies and security measures to safeguard your information, and we keep strict security monitoring standards to ensure the confidentiality and integrity of the data and to protect the data against accidental loss, destruction or damage. This data protection policy is supported by our Information Security policies, and ongoing employee training and awareness programs.
Sharing of Data
We will only disclose your information with the Department of Employment Affairs & Social Protection, and where necessary only relevant information may be shared with organisation’s who provide services to allow us to fulfil our obligations, and with whom written legal agreements containing the legal data protection clauses are in place. Generally these types of organisations are:-
Transfer of Data
Turas Nua shall not permit any party to process (including holding, rendering, transferring or storing) any personal data outside of the European Economic Area (EEA is the EU 27 plus Iceland, Norway and Liechtenstein), nor shall we permit any party, to process (including holding, rendering, transferring or storing) any unencrypted Personal data outside Ireland.
Turas Nua shall act only on the instructions of the Data Controller (DEASP) in relation to the retention of the data that we hold. We will only hold the data as long as is necessary in accordance with GDPR Article 5 1(e) i.e., “kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are being processed”. We shall comply with data retention periods as determined by the data controller i.e., for a minimum of 6 months after the end of program. We shall act on the instruction of the Data Controller to either delete, destroy or return the data to the Data Controller when the data is no longer required by Turas Nua for the purpose for which it was collected, or when Turas Nua reaches the end of the contract term as required.
Rights of the Data Subject
1. Right of Access
You have the right to request a copy of the information we hold about you. We will provide the information as required in GDPR Article 12 (1) in a concise, transparent, intelligible and easily accessible form. To obtain a copy of this personal information, you can email or write to us at at the address listed below. As an agent and Data Processor of DEASP, Turas Nua is required to provide the requested data to the Data Controller, we will gather the data you requested and send it to (DEASP), who will then fulfil the data subject access request in accordance with the provisions of GDPR Article 15 ‘Right of Access by the data subject’. Your written authorization is required when another party makes a request on your behalf. The DEASP will require proof of identity prior to release of the data file.
2. Right to have inaccuracies corrected
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate. You can do this during an appointment with your Personal Advisor, or you can email or write to us at the address listed below. You should also notify the Data Controller of any amendments you may require by contacting your local Intreo office.
3. Right to the erasure of personal data
Turas Nua cannot erase your data unless we are instructed to do so by the Data Controller. We will comply with any instruction received from DEASP to erase your personal data from our systems. Please refer to the Data Controller website Section 10.3 for further information on this right (see address below).
4. Right to object to processing of personal data
Turas Nua will respond to any instruction received from the Data Controller in relation to the exercise of this right. Please refer to the DEASP website Section 10.4 for further information on this right (see address below)
5. Right to object to automated decision making
An automated decision is a decision which is made entirely by a computer system, without the intervention of a person. Turas Nua systems do not use automated processes to make decisions about our customers without the intervention of a Personal Advisor.
6. Right to data portability
Data subjects (customers) have the right to request their data from one controller so that it can be given to another controller (company). Turas Nua will act on the instructions of the Data Controller in relation to this right. Please refer to the Data Controller website Section 10.5 for further information on this right. (see address below)
7. Right to be notified of a data breach
Turas Nua will without undue delay notify the Data Controller (DEASP) when we reasonably believe that there has been a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data processed by Turas Nua. We will investigate the Incident, take necessary steps to eliminate or contain the impact of the Incident and keep the Data Controller advised of the status of the Incident and all related matters. The Department will write out to you to confirm what happened and which of your data was affected. They will also inform the Office of the Data Protection Commission, should they wish to undertake an investigation.
Right to complain
As well as the rights detailed above, you also have the right to complain if you feel that your personal data has been illegally accessed, please contact:-