Cookie Policy

Cookie Policy of ism.ie

Cookies consist of portions of code installed in the browser that assist the Owner in providing the service according to the purposes described. Some of the purposes for which the Cookies are installed may also require the Users consent.

Technical Cookies and Cookies serving aggregated statistical purposes

Activity strictly necessary for the functioning of the service

This Application uses Cookies to save the Users session and to carry out other activities that are strictly necessary for the operation of the same, for example in relation to the distribution of traffic.

Activity regarding the saving of preferences, optimisation, and statistics

This Application uses Cookies to save browsing preferences and to optimise the Users browsing experience. Among these Cookies are, for example, those to set the language and the currency or for the management of first party statistics employed directly by the Owner of the site.

Other types of Cookies or third-party tools that might use them

Some of the services listed below collect statistics in aggregated form and may not require the consent of the User or may be managed directly by the Owner and depending on how they are described without the help of third parties.

If any third party operated services are listed among the tools below, these may be used to track Users browsing habits in addition to the information specified herein and without the Owners knowledge. Please refer to the privacy policy of the listed services for detailed information.

Analytics

How can I manage the installation of Cookies?

In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent, for example, third parties from installing them. Through the browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that might possibly have saved the consent for the installation of Cookies by this website. It is important to note that by disabling all Cookies, the functioning of this site may be compromised. Users can find information about how to manage Cookies in their browser at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Explorer.

In the case of services provided by third parties, Users can exercise their right to withdraw from the tracking activity by utilising the information provided in the third party’s privacy policy, by clicking the opt-out link, if provided, or by contacting the third party.

Notwithstanding the above, the Owner informs that Users may take advantage of Your Online Choices. This service allows Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of this resource in addition to the information provided in this document.

Owner and Data Controller

Irish School of Motoring (ISM), 22 Jamestown Business Centre Finglas, Dublin 11.

Since the installation of third-party Cookies and other tracking systems through the services used within this Application cannot be technically controlled by the Owner, any specific references to Cookies and tracking systems installed by third parties are to be considered indicative. In order to obtain complete information, consult the privacy policy for the respective third-party services listed in this document.

Given the objective complexity linked to the identification of technologies based on Cookies and their very close integration with the operation of the web, Users are encouraged to contact the Owner should they wish to receive any further information on the use of Cookies themselves and any possible use of them, for example, by a third party carried out through this site.

Definitions and Legal References

Personal Data (or Data)

Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.

Usage Data

Information collected automatically from this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilised by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilised to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilised by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the Users IT environment.

User

The individual using this Application, which must coincide with or be authorised by the Data Subject, to whom the Personal Data refers.

Data Subject

The legal or natural person to whom the Personal Data refers.

Data Processor (or Data Supervisor)

The natural person, legal person, public administration or any other body, association or organisation authorised by the Data Controller to process the Personal Data in compliance with this privacy policy.

Data Controller (or Owner)

The natural person, legal person, public administration or any other body, association or organisation with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.

This Application

The hardware or software tool by which the Personal Data of the User is collected.

Cookies

Small pieces of data stored in the Users device.

Legal information

Notice to European Users: this privacy statement has been prepared in fulfilment of the obligations under Art. 10 of EC Directive n. 95/46/EC, and under the provisions of Directive 2002/58/EC, as revised by Directive 2009/136/EC, on the subject of Cookies.

============================================================================================================

Privacy Policy

INTRODUCTION

The purpose of this document is to set out the privacy entitlements of Data Subjects, as defined in the General Data Protection Regulation (GDPR), of living persons.  Privacy can only apply to information that is not already in the public domain and GDPR only applies to such personal data.

The General Data Protection Regulation (GDPR) is a European Union Regulation that sets out the data entitlements of data subjects and the obligations of those who process the personal data of data subjects. GDPR seeks to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU.

Our Company’s Services

Our company provides the following services:

  • Driving lessons no matter where you are located in Ireland
  • Training for work
  • Recruitment Agency Services to get you the job you would like, permanent or temporary

PERSONAL DATA

Our company collects data from you and uses that data to assist in providing you with the services we have to offer.

Driving Lessons:

We collect data from you in order to match you with a driving instructor, registered with our company, who is convenient to you.  We will only ask you for the details needed to contact you and enable the driving instructor to meet with you.  If you make a payment we do not see your payment details except for the fact that the payment is made.  We keep your data on file until such time as the driving lessons have all been used and you no longer are in credit with us.

Training:

We collect the data we need in order to ensure that you are registered and present at one of our courses.  If that booking has been made in conjunction with your employer or the ETB then we will be required by contract to provide the outcome of the course with your employer or with the ETB whichever is relevant.  Otherwise, we will keep your data on file and the outcome of the course until such time as the competence period expires, at which time we will contact you, in accordance with the legitimate interest basis, to advise you of the expiry of your certificate and to invite you to undertake a refresher course.  You can opt-out of this service at will and we will respect your request.

Recruitment:

If you engage with our recruitment service, when you make contact with us you are agreeing to our company acting as an agent for you in your pursuit of an employment position with a third party until you either opt-out (which you can do at any stage) or we decide to desist in promoting you to potential employers. Our company in its capacity as your agent operates as a Data Controller in respect of the personal data you supply to us.  We share your data with third party Clients in order to advance your prospect of obtaining your desired position and while we require that our clients are GDPR compliant we can make no guarantees or warranties in that regard.

We cannot contact every person who submits a CV to us for the recruitment process. If we find that your CV, skills and competencies do not match those that our clients are looking for we will keep your details for one year, in the hope that something matching may occur. Otherwise, we will delete your personal information from the system at the conclusion of one year.  If we find that your skills and competencies do match those of our clients, we will bring your details in from the emailing system onto our Data Records Management System and you will receive a notification at that time telling you that you are now registered with us for the recruitment process.

We collect personal data about you from the application forms and questionnaires you may be asked to complete; we also gather personal data from records of our correspondence, phone calls, emails and details of your visits to our website, including but not limited to personally-identifying information like Internet Protocol (IP) addresses. This information can be used to identify visitors to our website and also to collect statistics about the behaviour of visitors to our website.

Once on our system and registered to act as temporary agency workers with our clients, we will use your personal contact details to join you to a WhatsApp group in order to facilitate the offer of work on very short notice or to facilitate the arrangement of cover for work between temporary agency workers working under contract with us.

We have found that some individuals who wish to register for work with us may not feel confident with either computer technology, English language or some other matter. In such an instance we are happy to facilitate discussions with our data subjects through or in conjunction with their nominated person.  However, we will need confirmation in writing when the data subject wishes to nominate a person to assist them in their communications with us.

Our website uses cookies; a cookie is a text file that a Web browser stores on a user’s machine. Cookies are a way for Web applications to maintain the application state. They are used by websites for authentication, storing website information/preferences, other browsing information and anything else that can help the Web browser while accessing Web servers. We use cookies to help us identify and track visitors and their website access preferences. If you do not wish to have cookies placed on your computer, you should set your browser to refuse cookies before using our website.

Data Minimisation Principle:

We will only collect the information we need so that we can ensure adequate information is provided to our employer/clients consistent with the requirements of the particular placement relevant to you, as the contract is being performed, it may be necessary to obtain further data from you, we will do this if and when it is necessary and only the necessary data will be obtained.  This agency does not sell or broker your data.

DATA SUBJECTS

This company has different categories of data subjects:

  1. Data subjects who are general candidates looking for temporary or permanent work.
  2. Data subjects who are engaged on a contract of employment by our company to be placed in temporary assignments in our client companies.
  3. Data subjects who are our own internal employees carrying out the work of the recruitment agency.
  4. Data subjects who are trainees in one of our courses.
  5. Data subjects who are students of our driving school.
  6. Data subjects who are trainers.
  7. Data subjects who provide driving lessons.
  8. Data subjects who are the person of contact in our client companies or supplier companies.

There are different categories of data required between the differing data subject categories and only the information necessary to conduct the contractual relationship and perform the contract unique to each data subject will be collected.

LEGAL BASIS FOR PROCESSING ANY PERSONAL DATA

We rely upon the following legal bases for data collection:

1. Contract:

Candidates: Information is required in order to perform the contract of “Employment agent” on behalf of our candidates with potential employers.  The basis of data gathering in that instance is a contractual requirement.  This will include identification information such as but not limited to name, address, date of birth, information regarding education/qualifications and reference checks.

Trainees/Driving Lesson Students: Information is required in order to perform the contract of providing you with the training you have engaged us to provide.

Clients/Suppliers/Driving Instructors/Trainers: We will process data pursuant to business to business transactions, but where so required, we will rely on the lawful basis necessary for the performance of the contract for the processing of personal data within this relationship.

2. Statutory/Legal Obligation: Information is required in order to perform our statutory obligations such as tax returns and compliance with employment permit legislation. This information will include PPS numbers and, where relevant, evidence of entitlement to work.

3. Legitimate Interest:

Clients: We will utilise personal data in the form of email addresses and contact telephone numbers in order to keep our clients and potential clients informed in relation to the careers and market-related information.  We consider that this is in the legitimate interest of our business to maintain our market presence.

Candidates/Trainees: Information is processed in the legitimate interests of the business of the employment agency and training company, and where so processed it will be in accordance with and subject to your data subject rights and entitlements. We process your data when it is in the legitimate interests of our company to do so and we do this by balancing your data protection rights.  We consider that our legitimate interest is that you have registered with us because you are interested in gaining access to the information we provide in relation to salary surveys, marketplace analysis, regulatory changes etc., and/or information in relation to the career opportunities with our clients and prospective clients.

In balancing your data protection rights against this legitimate interest of our company, we have considered:

  1. The frequency of notifications to you in order to ensure that no nuisance is caused to you;
  2. The security and integrity of the data you have provided to us;
  3. Your rights and entitlements to stop the processing of your data with ease and to this end, we put you in control of the data that is accessible on our website

4. Consent: On occasion, we may rely on consent in the collection and processing of some data. Given the nature of the relationship of agent to Candidate, agent to Client, driving school to trainee, we consider that consent is not an appropriate ground on which to rely and therefore it will only be utilised on rare occasions.

DISCLOSURE

A necessity of our contractual engagement is that we share your personal data with our ETB, employer/clients.  We have in place Data Sharing Agreements (in the form of actual agreements or merely additional clauses within the terms and conditions of engagement between the agency and its clients) or Data Processing Agreements with all such employer/clients and we have done our utmost to ensure that all such parties process your data in a manner that is consistent with this Privacy Notice and GDPR.

Our employer/clients, in some instances, have security requirements that require the collection of sensitive data, bank details, photographic identification details, which will be disclosed to the client in the event of candidate placement. Candidates will be advised in advance of this requirement and made fully aware of the client details and requirements.

Our employer/clients may themselves be subject to third party audits either in the form of ethical audits, governmental/statutorily required audits or legal obligations, these are deemed a necessity of the contract of engagement between you and our company and on this legal basis your personal data will be shared to comply with these requirements.

We do not broker or pass on information gained from your engagement with the agency. However, we may disclose your Personal Information to meet legal obligations, regulations or valid governmental requests. The agency may also enforce its Terms and Conditions, including investigating potential violations of its Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of our company, its clients and/or the wider community.

Please note that references given in confidence will not be disclosed to you as a data subject even upon request under your access request.  It is necessary that we are able to receive such information about individuals whom we may hire in confidence.

RETENTION POLICY

We will process personal data during the duration of any contract and will continue to store only the personal data needed for periods after the contract has expired to meet any legal obligations as set out in the table below.  After these periods any personal data not needed will be deleted.

Source of Obligation Retention Period
Revenue Commissioners, Collector General, Companies Acts legislative provisions 6 years rolling retention of records
Personal Injuries related records Records are retained for a period of 3 years past the date of the cause of action unless it involves a minor, in which case the retention period will be up until 3 years after the minor reaches the age of 18.
Breach of Contract related records Records are retained 6 years from the date of the breach
Employment Agency Candidate for Interviews/Placements Records Candidates who are unsuccessful at the screening or interview stage and who may hold a different skill set than that required by our clients will have their data held for a period of 1 year past the initial contact with the agency by the candidate unless the candidate exercises their entitlement to termination of processing.

 

Candidates who have been successful at the screening stage may have their data retained indefinitely or until such time as they request to be removed from our database.  This is for the purposes of upholding contractual and statutory obligations.

Employment contract/terms of employment-related information Duration of the employment – this includes everything from the application form, interview notes, contract-related, performance appraisals, references
Organisation of Working Time – time sheets/holiday and public holiday records

National Minimum Wages

Protection of Employment – Temporary Agency Workers, Part Time Workers, Fixed Term Workers

Protection of Young Persons

3 years post the termination of the employment.  Records kept are sufficient to show compliance with legal obligations in accordance with the statutory provisions.
Parental Leave Related 8 years – records kept show the dates when a qualifying employee availed of the parental leave and force majeure leave provisions
Employment Equality All records, including interviews and applications, are kept for a period of one year.
Health and Safety Records All records relating to health and safety will be kept for a period of 10 years
Data Law Compliance Records in relation to our compliance with Data Law and GDPR will be kept for a five year period.

DATA STORAGE

Data is held in Ireland using different (multiple) servers. We do not store personal data outside the EEA.

DATA SUBJECT RIGHTS UNDER GDPR

YOUR RIGHTS

  • Right of access – you have the right to request a copy of the information that we hold about you in accordance with Section 86 of the Data Protection Act 2018; this is not an absolute right and is subject to the privacy rights and entitlements of others also;
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete in accordance with Section 87 and Section 89 of the Data Protection Act 2018;
  • Right to erasure – in certain circumstances, you can ask for the data we hold about you to be erased from our records in accordance with Section 87 and Section 89 of the Data Protection Act 2018; this is not an absolute right and is subject to the obligations of data retention imposed on us by statute;
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing in accordance with Section 87 and Section 89 of the Data Protection Act 2018
  • Right of portability – subject to certain restrictions, you have the right to have the data we hold about you transferred to another organisation where we hold it in electronic form. This right of data portability applies to: (i) personal data that we process automatically (i.e. without any human intervention); (ii) personal data provided by you; and (iii) personal data that we process based on your consent or in order to fulfil a contract.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.

 

These rights may on occasion need to be modified/curtailed by statutory or competing obligations. For example, you may request that we delete your data, however, if we have been your employer can only do so after the statutory period of record retention has expired.  In the event that we are obliged to refuse your request in accordance with your data subject rights, or if we are obliged to place conditions on our assent to your request, we will provide you with a reason why which you have the right to legally challenge.

At any time following a request from you we can confirm what information we hold about you, as well as how and why it is being processed.

YOU CAN REQUEST THE FOLLOWING INFORMATION

  • Identity and the contact details of the person or organisation that has determined how and why to process your data.
  • Contact details of the data protection officer, where applicable.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of our company or a third party such as one of its clients, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient(s) or categories of recipients that the data is/will be disclosed to.
  • How long the data will be stored.
  • Details of your rights to correct, erase, restrict or object to such processing.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority (Data Protection Regulator).
  • Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
  • The source of personal data if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

TO ACCESS YOUR PERSONAL INFORMATION, IDENTIFICATION WILL BE REQUIRED

We will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, driving license, passport, birth certificate and a utility bill not older than three months. A minimum of one piece of photographic ID listed above and a supporting document is required. If we are dissatisfied with the quality, further information may be sought before personal data can be released.

COMPLAINTS

In the event that you wish to make a complaint about how your personal data is being processed by us or by our partners, you have the right to complain to info@ism.ie

If you do not get a response within 30 days you can complain to the OFFICE OF THE DATA COMMISSIONER, Supervising Authority of Ireland.

Data Protection Commissioner

Canal House

Station Road

Portarlington

R32 AP23 Co. Laois

Telephone  +353 57 8684800

Lo Call Number     1890 252 231

E-mail     info@dataprotection.ie

CHANGES TO THE PRIVACY STATEMENT

Our Privacy Statement may change from time to time and changes to the statement will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy. If you do not agree to these changes, please do not continue to use this Website to submit personal information.