Effective as of 23rd May 2018
Any references in this policy to “we”, “us”, “our”, “Ward”, “Ward Solutions” and/or the “Company” is to Ward Solutions Limited. Ward Solutions Limited is a private limited company incorporated in Ireland whose registered number is 316165 and whose registered office is at Unit 2054, Castle Drive, Citywest Business Campus, Dublin 24, Ireland. Any references in this policy to “we”, “us”, “our”, Ward and or Ward Solutions is to Ward Solutions Limited.
You have a number of rights which you may exercise in respect of your personal data. If you wish to exercise any of these rights, please email firstname.lastname@example.org detailing the right that you wish to exercise together with official documentation confirming your identity such as passport, driving licence. We must respond to you without delay and in any event within one month (subject to limited extensions). You are entitled to lodge a complaint with the Data Protection Commissioner if you are not happy with our response when you chose to exercise any of your rights below. The following are a synopsis of your data protection rights. We are allowed to refuse your request in certain limited circumstances. If this arises we will let you know.
Right to information - You have a right to certain information in relation to your personal data. We have included this in this document.
Right of access - You have the right to receive information from us in relation to the personal data that we hold about you.
Right of erasure/right to be forgotten - This is your right to have information which we hold in relation to you deleted in certain circumstances.
Right to rectification - This is your right to have inaccurate personal data held by us concerning you corrected and incomplete personal data completed.
Right to object - It is your right to object to the processing of your personal data by us but only where we are processing the personal data on the grounds of legitimate interest.
Right to restriction - It is your right to require us to limit the processing of your personal data where certain circumstances arise.
Right to data portability - This is a right to have your personal information transferred in an electronic and structured form to you or to another party This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
Right to object to automated decision making including profiling - This is a right not to be the subject of automated decision-making by us using your personal information or profiling of you.
Right to withdraw consent where we are processing your personal data on the grounds of consent you have a right to withdraw your consent to the processing.
The Company at all times reserves the right to process personal data for the establishment, exercise or defence of legal claims.
Any personal information which Ward collects about you will be treated with the highest standards of security and confidentiality, strictly in accordance with the Data Protection Acts, 1988 & 2003 and when it is introduced on 25 May 2018 GDPR. As IT security consultants we take our responsibilities to protect your personal data very seriously and employ the most appropriate physical measures including staff training and awareness and we review these measures regularly. We have undertaken a security review of any third parties described with whom we share your personal data.
5.1 What personal data do we collect about youWe collect the data that you actively provide during the following activities:
when filling in forms on our website (www.ward.ie) and other social media;
during phone calls;
in other correspondence e.g. email.
The following data can be collected actively from you:-
First and last name;
The organisation for which you work;
Phone number (where contact is made by phone);
As well as the information that you actively provide to us if you visit our site to browse, read or download information from our website, certain statistical information is available to us via our internet service provider. This information may include:
the IP address from which you access our website;
the top-level domain name used (for example .ie, .com, .org, .net);
the type of browser and operating system used to access our site;
the date and time of your access to our site;
the pages you visit;
and any previous website address from which you reached us, including any search terms used.
If you fill out a form on our website providing us with your personal data as outlined above, this may enable us to identify you on future visits to the website by combining the personal data that you have provided to us in the form and your IP address. This will enable us to identify your particular preferences and to particularly market those products and services to you. If you are already a client of the Company, we may chat to you about these particular products and services. Unless you provide us with your personal data through the form we will not be able to identify you on future visits to the website by your IP address although we may be able to identify more generally the company with which you work.
In addition, we also collect certain statistical information when you read our newsletter.
5.2 Use of your personal data – why and for how longWe will only process any personal data which you provide to us in accordance with the purpose for which it was provided
If you are our client we will use your personal data:
to provide products and services to you in accordance with any agreements entered into between us. For this purposes, we will store your personal data in our Client Relationship Management System (“CRM”); in accordance with the legitimate interests of the Company to generate as many sales as possible and to promote our organisation as a leader in its field we may send you information by e-mail from time to time about our products and services that might be of interest to you, security updates, white papers and events. You will always be provided with the opportunity to opt- out of receiving these communications; in an anonymised format for research, statistical analysis and behavioural analysis; and for diagnosing problems with the website and fraud prevention and detection.
Due to the longevity of the life of many of the products and consultancy services that we provide, unless notified otherwise by you we retain your personal data for five years from the date that you purchase products or services from us and delete the personal data after this period has expired.
If you are not a client of the Company but have provided us with consent to contact you with information in relation to our products and services, events, whitepapers, security updates or any other information we will only send you the information that you have asked us to send to you. You can withdraw your consent to our sending you this information at any time. We will continue to send you this information unless you tell us that you no longer require it. We will send emails reminding you of your right to withdraw your consent from time to time.
5.3 Who do we share your personal data withWe do not sell or distribute your personal information to third parties for purposes of allowing them to market products and services to you.
Marketing: We use Hubspot for sending digital forms and direct marketing emails and managing mailing lists. Hubspot stores the personal data in the United States for the purpose of providing us with this service. Hubspot have self-certified that they adhere to the EU-US Privacy Shield framework. Please see a link to Hubspot’s Privacy Statement here. We have entered into an agreement with Hubspot to ensure that they will only use your data for the purpose of our agreement with them and on our instructions.
Sub-contractors: From time to time we may use sub-contractors in the provision of the services to you – all sub-contractors use Ward equipment in providing the services to you and have entered agreements with Ward to ensure that they only use your data for the purpose of our agreement with them and on our instructions.
CRM: We are currently migrating to a new client relationship management system with Salesforce so that we can ensure that we provide you with the best possible service. We have entered into an agreement with Salesforce to ensure that they will only use your data for the purpose of our agreement with them and on our instructions.
Sage: If you place orders with us or are responsible in your organisation for arranging payment to us for products and services provided to your organisation we will store your personal information in Sage.
By law: We may also have to disclose your personal data if we are required to do so by law.
Sale or other transfer: We may also disclose your personal data in connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company. If any of these events were to happen, this policy would continue to apply to your information and the party receiving your information may continue to use your information, but only consistent with this privacy Statement.
Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
6.1 What personal data do we collect about youWe collect personal data from you as follows:
CV - On the basis that you have a profile on linked-in that is adequately populated to enable us to determine if you are a suitable candidate we do not require you to send us a cv in addition to a link to that profile when you are applying for a role with us. If you do not have a profile on Linked-in then you can send us a cv when applying for any such role. Please do not include information other than your contact details, education (including any relevant qualifications held) and job experience in your cv.
Results of psychometric testing. Psychometric testing will only be carried out after first interview and if you are applying for a sales role or a role on the management team;
References and other information to verify the information received during the application process;
In certain circumstances, background checks will be carried out depending on the clients that the prospective employee may work with or the nature of the work that will be carried out by the prospective employee e.g. PCI.
6.2 Use of your personal data – why and for how longWe will only use the personal data provided only for the purpose of determining whether the candidate will become an employee of the Company.
We will process the cvs and personal data provided at interview and recorded in interview note to take steps at your request prior to entering into a contract. We will retain this information for one year from interview. If you are not called for interview your cv will be deleted once the position has been filled.
You will be required to give your consent to undertake the psychometric testing before you begin the test. Ward ensures that your rights are protected by (i) offering you a copy of the candidate report; (ii) including competency based questions in the second interview to deal with any concerns that have been highlighted in the testing (iii) using the results of the psychometric test as part of the selection criteria only and are not a determining factor (iv) validating the security of the testing provider. The reports are deleted as soon as the successful job applicant has accepted the job.
We will process the reference information on the basis of the legitimate interests of the Company to verify information that you have provided to us to ensure the efficient running of the business and provision of services to our clients. We carry out the background checks on the basis of your explicit consent. We protect your rights in the context of the background checks by ensuring the security of the organisation providing the checks and their data protection requirements.
6.3 Who do we share your personal data withCvs and intereview notes are shared within the Company with the Head People, HR Co-ordinator and the hiring manager only. Cvs submitted through Linked-in recruiter are governed by an agreement with Linked-in which provides that any data processed by Linked-in on behalf of the Company will be processed in accordance with GDPR.
The organisation that carries out background checks will process your personal data on our behalf. We have entered into an agreement with the organisation that carries out background checks on our behalf to ensure that they process the personal data only in accordance with our agreement with them and on our instructions.
Psytech carry out psychometric testing on behalf of Ward. Please see a link to their privacy statement here.
7.1. What personal data do we collect about youWe collect the following information from you in respect of the individual in an organization from whom we order products and/or services/pay for products and/or services.
First and last name;
The organisation for which you work;
Phone number (where contact is made by phone);
Bank account details.
7.2. Use of your personal data – why and for how longWe will only use your personal data for the purpose of our rights and obligations under any agreement entered into between us and in particular to order and pay for products/services and request you to carry out your obligations under the agreement.
We will hold your personal data for the duration of the engagement/agreement between us. We will delete the information once the agreement between us terminates and it is not to be renewed.
Cookies are small pieces of information, stored in simple text files, placed on your computer or internet enabled device by a web site. Typically, it is used to ease navigation through the Website. Cookies can be read by the web site on your subsequent visits. In addition, the information stored in a cookie may relate to your browsing habits on the web page, or a unique identification number so that the web site can remember you on your return visit.
Marketing – Through Hubspot, we use pixel tags to track and improve the effectiveness of our marketing emails. For example, we may use such technologies to identify if you read a marketing or update we sent to you.
Functionality – These cookies remember choices you made to improve your experience on our website.
Targeting or advertising cookies – These cookies collect information about your browsing habits on the website in order to make advertising relevant to you and your interests.
We may change this Policy from time to time. We will notify you of any changes to the Policy.
This Policy and all issues regarding our website are governed by the laws of Ireland and are subject to the exclusive jurisdiction of the courts of Ireland
We welcome your feedback and questions. If you wish to contact us, please send an email to email@example.com or you can write to us at, our registered office, Unit 2054, Castle Drive, Citywest Business Campus, Dublin 24, Ireland.