Important: This Privacy Statement is provided by Clearbookings Limited (referred to as “us”, “our”, or “we”) for the information of users of our services and visitors to our website(s) (referred to as “you” or “your”). We provide event registration services (the “Services”). By submitting Personal Data to us, you agree that it may be processed by us in the manner described below.
We are committed to the online privacy and protection of all of our users. We respect your right to privacy and take seriously our responsibilities in relation to the processing of Personal Data. We do not collect or process Personal Data unnecessarily. This Privacy Statement describes our current practices with regard to Personal Data collected by us from you. The Privacy Statement explains how we use the information we collect about you, the basis on which any Personal Data we collect from you, or that you provide to us will be processed in connection with your use of these websites (www.clearbookings.com) and ( ) (together our “Site” or the “Site”) and/or the Services and how you can instruct us if you prefer to limit the use of that information. The term “Personal Data” refers to information about you personally. Because of changes in the law and the changing nature of technology, our data practices will change from time to time. If and when our data practices change we will (as soon as practicable) post the changes on our website to notify you of the changes. We encourage you to check this page frequently.
This statement applies to the collection and use of Personal Data both for the purposes of the processing of registration details for activities and events held by 3rd party providers utilising the ClearBookings bookings platform and payments associated with these registration processes. In this Privacy Statement, “third parties” means persons, firms or companies which are not subsidiary or associated or joint venture companies of Clearbookings Limited. We do not knowingly attempt to solicit or receive information from children.
WHO WE ARE
The Site is controlled by Clearbookings Limited. Clearbookings Limited is a private limited company incorporated in Ireland with company number 533011. Our registered office address is:
Galway Innovation District
Controller, Processor and our contact details
Under this Privacy Statement, and unless the circumstances otherwise require, with regard to:
the Personal Data we receive from our direct customers (the “Event Organisers”), we will be what’s known under the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) as the “controller” of the Personal Data you provide to us; and
the Personal Data we receive from end customers that are making bookings for events organized by Event Organisers on our Site (the “Registrants”), we will be what’s known under the GDPR as the “processor” of the Personal Data you provide to us.
Any queries regarding this Privacy Statement may be directed to firstname.lastname@example.org.
COLLECTION AND USE OF PERSONAL DATA
Information you give us:
In order to (i) provide the Services to the Event Organisers and (ii) to process the registration requests for events by the Registrants using the ClearBookings bookings platform we will be required to collect information which may include but is not limited to the following:
Contact E-mail address
Contact Phone number
Date of birth
Age of participants
Details relating to health (only to the extent that such details are required by Event Organisers in respect of Registrants)
Other details pertinent to particular Event Organisers
In order to process payments associated with the registration for events we will be required to collect the following information:
Credit Card/Debit Card details (we use third party payment service providers to fulfill this requirement and do not collect it directly).
Information we collect about you:
Automatically Collected Information: With regard to each of your visits to our Site, we may automatically collect the following information:
Usage Data: information about your visit , including the full Uniform Resource Locators (URL), clickstream to, through and from our Site (including date and time), publications, services or other products you viewed or searched for, page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs) and methods used to browse away from the page.
Technical Data: technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login name, browser and type and version, time zone setting, browser plug-in types and versions and operating system and platform.
The information that you may be asked to provide enables us to supply you with further information about our company, products and/or services. It also helps us to contact you if you have requested services, further information or logged an enquiry.
We may on occasion, collect additional personal information through our Site, products and services.
We may also use aggregated information and statistics for the purposes of monitoring website usage and our products and/or services and we may also provide such aggregated information to third parties for the purpose of managing or improving our product and/or services. You cannot be personally identified by aggregated information.
What We Do With Your Information:
We will only use your personal information when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
with respect to Event Organisers, where we need to perform the contract we are about to enter into or have entered into with you.
where it is necessary for our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests.
where we need to comply with a legal or regulatory obligation.
We confirm that we shall not use your Personal Data for any purpose other than:
in respect of Event Organisers, the operation of the contract we are about to enter into or have entered into with the Event Organiser; and
in respect of Registrant, to manage the booking of the Registrant.
Payments through our Site are processed through the payment gateway of choice of the Event Organiser. Current available choices are by Global Payments and Stripe.
We have set out below, in table format, a description of the ways we plan to use your Personal Data and the legal basis we rely on to do so. We have also identified our legitimate interests where appropriate:
|Purpose/Activity||Type of data||Legal basis for processing|
|To respond to your queries and to provide you with the information you request from us in relation to the Services.||
|Necessary for our legitimate interests (to respond to new or existing customer queries and grow our business) Performance of a contact with you|
|To provide and improve the Services we deliver to you.||Identity Data||Performance of a contract with you|
|To manage payments, fees and charges and to collect and recover money owed to us.||
|Performance of a contract with you Necessary for our legitimate interests (to recover debts due to us)|
|To manage our relationship with you, including notifying you about changes to the Services or our Privacy Statement.||
|Performance of a contract Necessary to comply with a legal obligation Necessary for our legitimate interests (to keep our records updated and to study how customers use our products and services).|
|To provide you with information about services we offer that are similar to those that you have enquired about.||
|Necessary for our legitimate interests (to develop our products or Services and grow our business) (existing customers). Consent|
|To provide you with marketing communications about other products, services, promotions, competitions or events we feel may interest you.||
|To ensure that content is presented in the most effective manner for you and for your computer or device.||
|Necessary for our legitimate interests (to keep our Site and the Services updated and relevant and to develop and grow our business).|
|To administer and protect our business, our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.||
|Necessary for our legitimate interests (for running our business and as part of our efforts to keep our Site and the Services safe and secure).|
|To use data analytics to improve or optimise our Site, marketing, customer relationships and experiences.||Technical Data||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Site and the Services updated and relevant, to develop and grow our business and inform our marketing strategy).|
|To measure or understand the effectiveness of advertising we serve to you and others, and, where applicable, to deliver relevant advertising to you.||
|Necessary for our legitimate interests (to study how customers use our products or Services, to develop them, to grow our business and to inform our marketing strategy).|
|To anonymise, and conduct statistical analysis or research using this anonymised data and/or to appoint or collaborate with a third party to do so.||Usage Data||Necessary for our legitimate interests (to identify general (anonymised) trends and behaviours, relevant to our business).|
DATA INTEGRITY AND SECURITY
We strive to maintain the reliability, accuracy, completeness and currency of Personal Data in our databases and to protect the privacy and security of our databases. We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. Our servers and our databases are protected by industry standard security technology. The employees, agents, contractors and other third parties who have access to Personal Data have been trained to handle such data properly and in accordance with our security protocols. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality. Although we cannot guarantee against any loss, misuse, unauthorised disclosure, alteration or destruction of data, we take all reasonable steps to prevent this from happening.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a personal data breach where we are legally required to do so.
DATA ACCESS AND CORRECTIONS
With respect to Event Organisers, upon receipt of your written request and enough information to permit us to identify your Personal Data, we will disclose to you the Personal Data we hold about you. We will also correct, amend or delete any Personal Data that is inaccurate.
With respect to Registrants, you will need to make contact with the Event Organiser.
Your request will be dealt with promptly and in any event will not take more than one month to process. You should include any personal identifiers which you have supplied during your visit to our website (e.g. name, e-mail address etc).
There is usually no charge applied to access your Personal Data (or to exercise any of the other data subject rights). However, if your request is clearly unfounded, repetitive or excessive, we may charge a reasonable fee. Alternatively, we may refuse to comply with your request in these circumstances.
What are cookies and why we use them:
Cookies may be used to save your personal preferences so you do not have to re-enter them each time you access the Site.
We use so-called “cookies” to extend the operability of our Site and make its use more convenient for you. “Cookies” mean that data can be saved on your computer when you visit our Site. You have the option of preventing cookies being stored on your computer by altering your browser settings, however this will limit your use of our Site.
DATA COLLECTION BY THE USE OF GOOGLE ANALYTICS
Our website uses Google Analytics, a web analysis service. Both Google and Google Analytics use “cookies”. Google Analytics collects information on your operating system, browser, IP address, the previous website visited (Referrer URL) and the date and time you visited our Site. Information about your use of our Site generated by this text file is transmitted to a Google server in the USA and stored there. Google uses this information to analyse your use of our Site, to compile reports on website activity for website operators and provide other services associated with website use and internet use. Google passes this information onto third parties where this is statutorily prescribed or where third parties process this data on behalf of Google. This use is anonymous or uses pseudonyms. You can find more information about this from Google at policies.google.com/privacy
COLLECTION AND SAVING OF USAGE DATA
We collect and store data, such as the date and time of the website access and the page from which you called up our Site etc., to optimise our Site. This is done anonymously without personally identifying the user of the Site. User profiles are also created by the use of pseudonyms. Here too, there is no link between the person behind the pseudonym and the usage data collected. We only collect this data for statistical purposes to further enhance our Site and make our online presence even more attractive. This data is only collected and saved anonymously or under a pseudonym and cannot be traced back to you as an individual.
ASSIGNED USE OF DATA
We adhere to the principle of the assigned use of data and only collect, process and store your personal information for the purpose for which you have communicated it to us. Your personal data will not be passed to third parties without your express permission, where this is not necessary, in the case of Event Organisers to provide the Services or complete the contract, and in the case of Registrants to process the booking. We will also only transmit your personal data to State institutions and authorities authorised to access this information within the scope of our statutory duty of disclosure or if we are obliged to disclose this personal data by a court judgement.
We take data protection within our company very seriously. Our staff and contracted service companies have a duty of confidentiality and adhere to legal data protection regulations.
RIGHT OF INFORMATION AND WITHDRAWAL
The Event Organisers can obtain information free of charge at any time about the personal data we have saved about them without the need to give a reason. The Event Organisers can block, rectify or delete at any time personal data that we have saved about them. The Event Organisers can also at any time and without giving a reason revoke the consent they have given us to collect and use their personal data. The Registrants have identical rights which we will refer to the Event Organisers. To do so, please contact email@example.com. We would be happy at any time to answer any other questions you may have about our data protection information and the processing of your Personal Data.
CHANGE OF PURPOSE
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at firstname.lastname@example.org. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your Personal Data without your knowledge or consent, in compliance with this Privacy Statement, where this is required or permitted by law.
HOW LONG WE KEEP YOUR INFORMATION
We will only retain your Personal Data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This means that the period of time for which we store your Personal Data may depend on the type of Personal Data we hold. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. For more information about our data retention policies please contact us at email@example.com.
DISCLOSURE OF YOUR INFORMATION
We may disclose information to third parties if you consent to us doing so as well as in the following circumstances:
You agree that we have the right to share your personal information with the following recipients or categories of recipients:
- any department or authorized person within our company or any member company within our group, which means any subsidiary or holding company within the meanings of sections 7 and 8 of the Companies Act 2014; and
- selected third parties including business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you in relation to the Services and analytics and search engine providers that assist us in the improvement and optimization of our Site and the Services.
We will disclose your personal information to third party recipients:
- in the event that we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of our business or assets;
- if all or substantially all of our business or assets are acquired by or transferred to a third party whether in the event of a merger, reorganization, transfer of undertakings, receivership, liquidation or other winding up or any other similar circumstances, in which case Personal Data held by us will be one of the transferred assets;
- if we are under a duty to disclose or share your Personal Data in order to comply with any law, legal obligation or court order, or in order to enforce rights under the GDPR or under an agreement;
- to protect our rights, property or the safety of our customers or others. This excludes exchanging information with other companies and organisations for the maintenance and security of the Site and the Services.
YOUR PERSONAL RIGHTS AND YOUR RIGHTS
Right of Restriction
An Event Organiser may restrict us from processing its Personal Data in any of the following circumstances:
- it has contested the accuracy of the Personal Data we hold on record in relation to it or for a period of time to enable us to verify the accuracy of the Personal Data;
- the processing of its Personal Data is unlawful and request the restriction of use of the Personal Data instead of its erasure;
- we no longer require its Personal Data for the purpose of processing but it requires this data for the establishment, exercise or defence of legal claims; or
- where it has contested the processing (under Article 21(1) of the GDPR) pending the verification of our legitimate grounds.
With respect to Registrants, we will refer your request to the relevant Event Organiser.
Corrections or Erasure (Right to Rectification and Right to be Forgotten)
If we hold Personal Data concerning Event Organisers which are no longer necessary for the purposes for which they were collected or if the Event Organiser withdraws consent for us to process the Personal Data, the Event Organiser can request the deletion of this Personal Data. This right, however, will not apply where we are required to process Personal Data in order to comply with a legal obligation or where the processing of this information is carried out for reasons of public interest in the area of public health. If the personal information we hold about an Event Organiser is inaccurate, the Event Organiser may request to have your personal information updated and corrected. To do so at any time, please contact us at firstname.lastname@example.org.
With respect to Registrants, we will refer your request to the relevant Event Organiser.
Your Right to Object
You have the right to object to the processing of your Personal Data at any time:
- for direct marketing purposes;
- for profiling to the extent it relates to direct marketing;
where we process your Personal Data for the purposes of legitimate interests pursued by us, except where we can demonstrate compelling legitimate grounds for this processing which would override your interests, rights and freedoms or in connection with the enforcement or defense of a legal claim.
To exercise your right to object at any time, please e-mail us at email@example.com. With respect to Registrants, we will refer your objection to the relevant Event Organiser. E-marketing communications will also give you the opportunity to unsubscribe. For more information about our marketing practices, please see the Marketing Communications section below.
Should you object, we will no longer process your Personal Data for these purposes unless doing so is justified by a compelling legitimate ground.
When we process your Personal Data by automated means (i.e not on paper) and this processing is based on your consent or in the case of Event Organisers required for the performance of the contract between us, you have the right to request from us a copy of your Personal Data in a structured, commonly used machine-readable format and, where technically feasible, to request that we transmit your Personal Data in this format to another controller.
The rights described in this section are personal rights and are exercisable only by the individual person (or data subject) concerned.
Personal Data may be transferred to our trusted partners and service providers who maintain their servers outside of the European Economic Area (the “EEA”), where the privacy and data protection laws may not be as protective as those in your jurisdiction. This is only for the purposes of providing, and to the extent necessary to provide, the Services to you. There are special requirements set out under Chapter V of the GDPR (with which we would comply) to regulate such data transfers and ensure that adequate security measures are in place to safeguard and maintain the integrity of your Personal Data on transfer.
For more information about this and the safeguards in place relating to such transfers, please contact us at firstname.lastname@example.org.
We will not use your Personal Data to send marketing communications to you about promotions, competitions, updates and new products or services that may be of interest to you, unless we have your permission to do so.
Your right to object
You have the right to object to the processing of your Personal Data by us for our marketing purposes. To object or if you change your mind at any later time, you can withdraw your consent to the processing of your Personal Data for such marketing purposes by contacting us at email@example.com. You may also opt out of receiving marketing communications from us at any time by selecting the “unsubscribe” option when you receive an electronic marketing communication from us. The withdrawal of your consent will not impact upon the lawfulness of processing based on your consent prior to the withdrawal.
THIRD PARTY MATERIAL
We always endeavour to deal with vendors and other third parties who are GDPR compliant or, in the case of the third parties located outside of the EEA, who are certified as compliant, or who have adequate security measures in place to safeguard the security of Personal Data. That said, we, our employees, agents, holding company and subsidiaries, accept no liability howsoever arising for the content or reliability of any third party materials or websites referenced by hyperlink or other means on the Site or for the data collection and use practices or security measures used by such
third parties. If you submit Personal Data to any of those sites, your Personal Data is governed by their privacy statement. We encourage you to carefully read their privacy statements.
CHANGES TO THIS PRIVACY STATEMENT
Any changes made to this Privacy Statement from time to time will be published at the Site.
Any material or other change to the data processing operations described in this Privacy Statement which is relevant to or impacts on you or your Personal Data, will be notified to you in advance by email. In this way, you will have an opportunity to consider the nature and impact of the change and exercise your rights under the GDPR in relation to that change (e.g to withdraw consent or to object to the processing) as you see fit.
QUESTIONS OR COMPLAINTS
If you have any questions about this Privacy Statement, how we run the Site or your dealings with our products or services, please send your query to us at Clearbookings Limited, The Portershed, Galway Innovation District, Eyre Square, Galway, Ireland or firstname.lastname@example.org.
We are committed to complying with the terms of the GDPR and to the processing of Personal Data in a fair, lawful and transparent manner. If, however, you believe that we have not complied with our obligations under the GDPR, you have the right to lodge a complaint with the Data Protection Commission https://www.dataprotection.ie/.
Updated: 25 May 2018