This website uses Google Analytics tracking which has been set to anonymise traffic data, so we cannot identify users or access any personal data. There are no other cookies set for this website.
Deer Park Golf is the trading name of WSHI Unlimited hereafter referred to as Deer Park Golf, the company also operate Howth Castle Cookery School. In relation to the collection of information and its use by the company the General Manager is the Data Controller in relation to the processing activities described in sections 3, 4 and 5. This means that Deer Park Golf decides why and how your personal information is processed. Where this Privacy Notice refers to 'we', 'our' or 'us', unless it mentions otherwise, it is referring to Deer Park Golf.
Personal data is data that relates to an identifiable living person i.e. the 'Data Subject'. For example, this could include your: -
Special Categories of Personal Data: GDPR refers to sensitive personal data as 'Special Categories of Personal Data'. This relates to an identifiable living person but reveals any of the following: -
We collect and process a broad range of personal data in order to deliver our services and support you either as a member of the public or as our employee. For example,
To collect and use your personal information lawfully, we rely on one or more of the following legal basis: -
If you choose to withhold requested information, we may not be able to provide you with certain services.
We collect personal information from various sources both directly from you and indirectly from third parties. For example,
Each business within Deer Park Golf collects and processes personal data for a number of purposes. We only collect, hold and process certain categories of personal information where it is necessary and proportionate to do so in order to deliver our services or meet a legal or regulatory requirement.
If we do not need certain categories of your personal information, we will not ask for it. If we already hold categories of your personal information and do not consider it likely that we will continue to require all of it for the same purpose for which it was originally collected, we will destroy it in accordance with our Retention and Disposal Schedule. Where we plan to use personal information for research and analysis purposes, your details will be anonymised unless you provide written consent that we can disclose them for such specific purposes.
We may ask you to consider providing your personal details to endorse our products or services for marketing purposes, and it is only with your written consent will we do so.
We protect your personal information by implementing appropriate and up to date technological and organisational control measures and in accordance with our internal policies and external regulatory requirements; these keep our computers, files and buildings secure.
Staff access to personal information is restricted to only relevant staff members in each work area who have a requirement to maintain a relationship with you or update your personal data. Staff that have access to sensitive personal information operate with an additional level of security restriction. Only authorised Deer Park Golf staff can have access to the various types of personal information that we collect and process.
Hard copy personal data files are held in secure filing systems. Personal information held on electronic data storage systems is stored on secure servers at our offices and disaster recovery sites. All laptops are encrypted for increased security to allow the temporary storage of personal data where this is necessary for business purposes. Encryption means that information is hidden so that it cannot be read without special knowledge, such as a Password; this is done with a secret code. Some services utilised by Deer Park Golf are hosted by other organisations within the European Union, with GDPR compliance requirements agreed in writing by such contractors.
If we are planning to store or process your personal data in new ways, we will consider the risks and decide whether or not a Data Impact Assessment is required. Where the plan for new storage or processing is considered to be high risk, we will carry out a Data Impact Assessment. If we decide that a Data Impact Assessment is not required, we will document the reasons for this decision.
Reinforcing our Data Protection standards
Deer Park Golf staff are obliged to treat any personal data collected in full compliance with the requirements of the General Data Protection Regulation 2018 and the Deer Park Golf Data Protection Policy. Compliance with the Deer Park Golf Data Protection Policy and monitoring of same is regularly reviewed and addressed with staff through audits, and training and awareness briefings. When you contact us to ask about your personal information, we will ask you to identify yourself with certain ID to enable us respond to any 'Subject Access Request' you may make for disclosure of your personal information, or to exercise other Data Subject rights detailed in Section 10. Verification of your identity is important in enabling us to protect your information.
We will only use and store your information for as long as it is required for the purpose for which it was originally collected. How long it will be stored for depends on the nature of the personal information, what it is being used for and sometimes, statutory legal requirements which obligate us to hold certain personal information for specified periods. Deer Park Golf has a Records Retention and Disposal Schedule which outlines the timeframes after which personal data will be deleted and / or destroyed. You can access our Records Retention and Disposal Schedule by contacting our Data Protection Officer as explained in section 12.
We only share information with others where there is a legal requirement to do so, to fulfil our organisational responsibilities, to meet employment contractual obligations, or in response to employee requests.
We do not sell or share your personal information for other organisations to use.
We have a legal obligation to disclose your personal information in relation to the following: -
When we engage third party suppliers and service providers to operate on our behalf
We use third party suppliers and service providers that store or process personal information on our behalf, help deliver our services to you. It is also in our legitimate interests to use third party suppliers to maintain cost effective and efficient operations.
We will always have complete control over what our third-party suppliers and service providers see, how long they see it for and what they are allowed to do with it. We only disclose to them any personal information that is necessary for them to provide their service. We ensure this by having a written contract in place that requires them to keep your information secure and not to use it other than in accordance with our specified instructions.
Third Party Suppliers and Service Providers with whom we share personal information in relation to our operations
Third Party Suppliers, Service Providers and individuals with whom we share personal information in relation to employment contractual obligations
When an employee requests that we share their personal data with other organisations and individuals
Where a Data Processor is engaged to process personal data on our behalf (for example, Marketing purposes) we will ensure in the form of written contract clauses that they process personal data in full compliance with Ireland Data Protection legislation and the EU General Data Protection Regulation (GDPR), including associated safeguards where an international transfer of personal data is required.
The General Data Protection Regulation offers Data Subjects specific rights in relation to the collection and processing of their personal data. In order to exercise any of these rights, please contact our Data Protection Officer as explained in section 12 of this document. We can assist you with the following: -
Being informed about what information we process (Right to be Informed)
Accessing your personal information (Right of Access)
You may ask us for a copy of the personal information we hold relating to you, and how we collect, share and use your personal information. This will be provided free of charge unless the request is considered to cause an excessive administrative burden. A request to obtain a copy of the personal information we hold regarding you, known as a 'Subject Access Request', can include both hard copy and electronic records. Your request will be processed and the information
provided to you within 1 calendar month from the date of receiving the request. We will require proof of identify and address before we can release this information.
Updating and correcting your personal information (Right to Rectification)
You may ask us to update / correct personal information we hold about you that is inaccurate or incomplete. It is your responsibility to ensure that all personal data provided to us is accurate and complete, and if it changes you must let us know as soon as possible.
Deleting your personal information (Right to Erasure also known as the Right to be Forgotten)
You may ask us to delete or destroy your personal information. In some cases, we will retain your information where it is required for legal purposes.
Restricting your personal information (Right to Restriction)
You may request us to restrict the processing of your personal information if for example you consider the data is inaccurate or that the processing is unlawful, but you do not want us to erase your data. We may continue to process your personal data where you provide consent to such processing, it is necessary for legal purposes or in the public interest.
Removing your consent (Right to Object)
You can change your mind whenever you give us your consent, for example to receive direct communications or marketing, or to enable us use your sensitive information, such as medical data in the case of employment. We will provide you with information on the actions we have taken if you remove your consent or object to us continuing to process your personal information.
Moving your information (Right to Portability)
You have the right to ask for your personal information to be given back to you or another service provider of your choice in a commonly used format. Where possible, we will share a digital copy of your personal information directly with you or another organisation.
Right not to be subject to automated decision-making including profiling
We do not currently use automated decision-making in relation to any personal data you may provide. Should Deer Park Golf decide to do so in the future, it will not be used without human intervention to enable the expression and consideration of individual views. This will ensure that no decision is taken regarding you based solely on an automated process.
To enable us effectively to deliver our services to you, we need you to do the following: -
These actions on your part will enable us to ensure that your personal information is accurate and kept up to date.
Deer Park Golf endeavours to meet the highest standards when collecting and using your personal information and in doing so, encourages people to bring to our attention if they think that the collection or use of their personal information is considered to be unfair or inappropriate.
If you wish to make a complaint regarding the way we have collected or processed your personal information, please contact our Data Protection Officer by telephone, written or email correspondence.
Data Protection Officer's contact details:
Please be assured that all complaints received will be fully investigated. To enable us to address your complaint quickly and effectively resolve it, we ask that you provide us with as much information as possible.
If you are dissatisfied with the Data Protection Officer's findings in relation to your complaint, you have the right to complain to either the Data Protection Commission.
Data Protection Commission
21 Fitzwilliam Square
Dublin D02 RD28
Tel: 00353 (0761) 104 800