Privacy Policy Update

Please below to view our Privacy Policy update from Privacy Shield to the EU-US Data Privacy Framework.

THE INFORMATION WE COLLECT AND HOW WE USE IT

As a visitor to our site:

The website uses cookies which collects information on visitors. Full details and a list of cookies are provided in our Cookie Policy.

To receive emails from us please complete a contact form and you can provide your consent (You have the right to unsubscribe at any time). By providing consent we will also collect your email address.

We process Personal Information collected via the Glantus website for various purposes including:

·  to provide answers to your enquiries regarding the products and services we offer, or to provide support

·  to provide personalised service, such as answering your emails or requests

·  to deliver and conduct surveys or evaluations

·  to provide information or materials regarding our products and services that we offer

·  to extend invitations to marketing events

·   to register for a webcast or other event

·  to provide access to content and news from Glantus from time to time

·  to apply for employment with Glantus

·   to analyse the behaviour, habits and preferences of persons who contact Glantus, with a view toward improving our services offerings to you

We also use Non-Personal Data for various purposes, including:

·    to help diagnose problems with our website

·    to build up marketing profiles

·    to support strategic development

·    to help administer and audit usage of the Glantus website

·    to improve the usability of our website

Our Legal Basis for Processing Personal Information

·   Is based upon the individual’s consent to the processing of their Personal Data pursuant to the Privacy Policy set forth herein.

·    In the event the individual wishes to engage in pre-contractual steps to engage our services, the processing of Personal Data may be necessary for the performance of a contract to which the individual is a party.

·    We will not use your Personal Information in a manner that is inconsistent with the purpose of its original collection.

As our customer we collect the following information:

Name, company name, title, phone number and email address.

When applying for a job through a recruitment agency or by contacting Glantus directly:

 · Information provided by the applicant will only be used for the purpose of recruitment

·   Information provided will be deleted if the applicant is unsuccessful

·   Appropriate technical and organisational measures will be applied to protect data at all times

TO WHOM WILL YOUR INFORMATION BE DISCLOSED?

For the purposes of providing our services :

·   Our employees

·   Successors in title to our business

·    Third party consultants, contractors or other service providers who may access your personal information when providing services (including but not limited to IT support services) to us

 ·   If you complete the form requesting that we contact you, your details (name, phone number, company, email address) will be stored on the with Zoho CRM. Your information will only be used for Glantus contacting you. You may review Zoho’s privacy policy here.

·   Government bodies and law enforcement agencies and in response to other legal and regulatory requests

·    Auditors or contractors or other advisers auditing, assisting with or advising on any of our business purposes, in any jurisdiction where we operate

Please note that at any stage it is your right to request the details of the information we hold on you as our customer. You can do this by emailing compliance@glantus.com and detailing the information you wish to receive. This information will be provided to you free of charge. Please be aware that any requests that are deemed excessive or are repeat requests for information already provided may result in a charge as per the details outlined in the regulations.

INFORMATION SECURITY

The internet is not a secure medium. Data security is of great importance to us and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected online. Please be aware that communications over the Internet, such as emails/webmail’s are not secure unless they have been encrypted.

YOUR CONSENT

By using our service, you consent to collection and use of any information you provide to us for the purposes described above. If we decide to change our privacy policy, we will post those changes on this application and on our website. We recommend you re-visit this page periodically to check for changes.

If you would like to withdraw any consent provided to us, please follow the steps below:

·   Emails – Consent can be withdrawn at any time by emailing info@glantus.com or by clicking unsubscribe on any Glantus email.

·    Cookies – Cookie consent can be accepted, modified or declined at any time. Please look to the bottom right hand corner of our webpage to access the ‘Cookie Settings’ button.

Your Rights

The Data Protection Act 2018 and General Data Protection Regulation (GDPR EU), UK GDPR, CCPA or equivalent level of data protection law gives you the right to access any information held about you. Your right of access can be exercised in accordance with this Act. Your requests will be dealt with free of charge.

 Rights of the Data Subject under GDPR are: 

I. Right to Access

II. Right to Rectification

III.Right to Erasure

IV. Right to Restrict Data Processing

V.  Right to be Notified

VI. Right to Data Portability

VII.Right to Object

VIII.Right to Reject Automated Individual Decision-Making

However, where requests from a data subject are considered ‘manifestly unfounded or excessive’ (as set out in section 12(5) of the GDPR (EU and UK), for example if a data subject is making repeated requests for the same data) the data controller may: Charge a reasonable fee, taking into account the administrative costs of providing the information/ taking the action requested; or Refuse to act on your request.

In cases where this is used as a reason to refuse an access request or to charge a fee, it is up to the organisation to prove why they believe the request is manifestly unfounded or excessive.

You have the right to change or modify PII information about you so long as the information is accurate e.g. change of name, change of address etc.

Your data can be removed from our system. However, we may be required to hold onto certain data for legal or legitimate reasons. Data will be deleted after date of expiry; this period differs depending on location and type of data.

Glantus only store limited personal data (name, email address) and keeps a record of the legal basis and retention period for that data to fulfil the contract. We do not hold or request sensitive personal data. A complete list of our technical and organisational measures, along with data we hold and a list of data subjects, please refer to our Data Processing Agreement.

If you would like to request details of the information we provide or to have your information deleted, please email compliance@glantus.com and we will respond to your request with further information.

You have the right to lodge a complaint with the Data Protection Commissioner on:

 Telephone +353 57 8684800 and +353 761 104 800

Lo Call Number 1890 252 231

Fax +353 57 868 4757

E-mail info@dataprotection.ie

Postal Address

Data Protection Commissioner

Canal House

Station Road

Portarlington

R32 AP23 Co. Laois

You also have the right to lodge a complaint with the Information Commissioners Office on:

Telephone +44 303 123 1113 (0303 123 1113)

Monday to Friday 9am to 5pm

You have the right to lodge a complaint with the Data Protection Commissioner on:

TelephoneEmailPostal Address
+353 57 868 4800info@dataprotection.ieData Protection Commissioner
+353 76 110 4800Canal House, Station Road,
Lo Call 1890 252 231Portarlington, Co. Laois, R32 AP23

EU-US Data Privacy Framework - Contact Information

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Glantus commits to resolve DPF Principles-related complaints about our collection and use of your personal information.  EU, UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Glantus at: 

Compliance@glantus.com

Organisation Contact:

Name :             John Robinson

Job Title:          Group Compliance Manager

Email :              john.robinson@glantus.com

Phone :             +353876086838

Organisation Corporate Officer:

Name :             Paula Nolan

Job Title:          Chief Compliance Officer

Email :              paula.nolan@glantus.com

Phone :             +353862677800

EU-US Data Privacy Framework

Glantus complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Glantus has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Glantus has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the Data Privacy Framework Principles, Glantus commits to resolve complaints about our collection or use of your personal information.  EU, UK, US and Swiss individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact Glantus at: 

compliance@glantus.com 

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Glantus commits to cooperate and comply with the advice of Data Protection Commission (DPC), the UK Information Commissioner’s Office (ICO), the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship. 

The Federal Trade Commission has jurisdiction over Glantus’ compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Under certain conditions, an individual can invoke binding arbitration. The Recourse, Enforcement and Liability Principle explains that organizations are obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to the organization at issue and following the procedures and subject to conditions set forth in Annex I. For more information, please click the following link:

https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

Regarding onward transfers of data, the Accountability for Onward Transfer Principle imposes obligations on EU-U.S. DPF certified organisations. Glantus adheres to limited and specified purposes when transferring personal data to third-party controllers or processors. For more information, please visit:

3. ACCOUNTABILITY FOR ONWARD TRANSFER (dataprivacyframework.gov)

Further relevant links below: 

Homepage | Data Protection Commission - Data Protection Commissioner Ireland 

Information Commissioner's Office (ICO) - Information Commissioner United Kingdom 

https://www.dataprivacyframework.gov/  - Data Privacy Framework United States of America 

Homepage (admin.ch) – Federal Data Protection and Information Commissioner – Switzerland