Privacy Policy

Privacy Notice

1. Who we are:

We are SOA Research Company Limited by Guarantee of Fumbally Exchange, Argus

House, Blackpitts, Dublin 8, Republic of Ireland. We are the controller of the personal data

you provide to us in connection with the purposes below. If you have any data privacy queries,

you can contact us by post at our registered address or by email at hello@soa.ie.

2. Why we process your data, the lawful basis for processing your data and who we share it with

A. For people who view and interact with our website or with us directly, we process data:

• to respond to your query when sent through our ‘contact us’ form, via our email or other

contact channels, at a show or trade fair, or any other means used to communicate

with us

• to sign up to our newsletter when you request subscription through our website

• via cookies and similar technologies on our website as follows:

cookie policy page

• to run any competitions or draws as per the terms of those from time to time

• for the purposes of the administration and the security of our business

The legal basis for this processing is our legitimate interest in the administration and operation

of our services as well as our legitimate interest in marketing and promoting our services. We

always include an unsubscribe button in our direct marketing communications, so you can opt

out of receiving such communications at any time.

We share this data with our IT support service providers, including hosting and client

relationship management system providers to process this data for the purpose of providing

us with their services. We may also share your data with our advisors; where required by law

or regulation; with a third party in connection with any sale or reorganisation of our business;

or to respond to any legal or regulatory process.

We will retain this data for the period of time it is required for us to conduct business; satisfy

legal or regulatory requirements; or where required to safeguard our business (e.g. statute of

limitations or investigations).

B. For our clients, potential clients, business contacts, research partners or those we engage

with as part of public consultations, we process data:

• in order to market the services of our firm

• to provide you with updates and newsletters to which you have subscribed

• to engage in our business with you

• to run any competitions or draws as per the terms of those from time to time

• for the purposes of the administration and the security of our business

The legal basis for the processing of this data is processing necessary for the purpose of the

legitimate interests of our firm in promoting our services and may be required pursuant to our

contract with you.

We share information such as your name and email address with our service providers

including newsletter services provider who sends out our newsletters. We may also share your

data with our IT support service providers; advisors; where required by law or regulation; with

a third party in connection with any sale or reorganisation of our business; or to respond to

any legal or regulatory process.

We will retain this data for the period of time it is required for us to conduct business; satisfy

legal or regulatory requirements; or where required to safeguard our business (e.g. statute of

limitations or during investigations).

C. For job applicants, we process data:

• to recruit new workers; or

• to ascertain your suitability for a specific role

• for the purposes of the security of our business

The legal basis for this processing is processing necessary for the purpose of the legitimate

interests of our firm in recruiting new staff.

We share the information you provide in your application with any contracted recruiter we have

engaged in order to recruit candidates. We may also share your data with our IT support

service providers; advisors; where required by law or regulation; with a third party in

connection with any sale or reorganisation of our business; or to respond to any legal or

regulatory process.

We will retain this data for the period of time it is required in relation to recruiting and

employment activities; satisfy legal or regulatory requirements; or where required to safeguard

our business (e.g. statute of limitations or during investigations).

3. Transfers of data outside the European Economic Area

We transfer data relating to service providers located worldwide. The safeguard we have put

in place for this transfer is to enter into European Commission approved standard contractual

clauses with the provider (where required).

[NOTE: REVIEW YOUR SERVICE PROVIDERS TO SEE IF THIS IS APPLICABLE. IF IT IS,

ENSURE THAT ANY SERVICE PROVIDERS OUTSIDE OF THE EEA HAVE STANDARD

CONTRACTUAL CLAUSES IN PLACE E.G. ANY STORAGE SERVICES, CLOUD

PROVIDERS OR DIRECT MARKETING PROVIDERS.]

4. Information received from third parties and the source of that data

We may receive data about you from third parties e.g. recruitment agents or referrals from

business affiliates (which they will make you aware of).

5. Your rights relating to personal data

You have the following rights under the GDPR, in certain circumstances and subject to certain

exemptions, in relation to your personal data:

• right to access the data – subject to certain exceptions, you have the right to request a copy

of the personal data that we hold about you, together with other information about our

processing of that personal data.

• right to rectification- you have the right to request that any inaccurate data that is held about

you is corrected, or if we have incomplete information you may request that we update the

information such that it is complete.

• right to erasure – you have the right to request us to delete personal data that we hold about

you in certain circumstances. This is sometimes referred to as the right to be forgotten.

• right to restriction of processing or to object to processing – in certain circumstances you

have the right to request that we no longer process your personal data for particular

purposes, or to object to our processing of your personal data for particular purposes.

• right to data portability – you have the right to request us to provide you, or a third party, with

a copy of certain personal data in a structured, commonly used machine readable format.

In order to exercise any of the rights set out above, please contact us at the contact details at

the start of this privacy notice.

If we are processing personal data based on your consent, you may withdraw that consent at

any time. This does not affect the lawfulness of processing which took place prior to its

withdrawal.

If you are unhappy with how we process your personal data, we ask you to contact us so that

we can rectify the situation. You have the right to lodge a complaint with a supervisory

authority. The Irish supervisory authority is the Data Protection Commission.

6. Security and Requirement to process personal data

We use organisational and technical measures to safeguard your information.

If you do not provide us with your information for the purposes described above, we cannot

send you our newsletter; respond to your queries; liaise with you on business matters; or

assess your suitability for a role within our firm.

7. Automated decision-making and profiling

We do not use any personal data for the purpose of automated decision-making or profiling.

[NOTE: ENSURE THIS IS ACCURATE E.G. NO ARTIFICIAL INTELLIGENCE TOOLS ARE

USED TO MODEL POTENTIAL CLIENTS FOR MARKETING PURPOSES.]

8. Updates to this Policy

We may update this policy from time to time, for example, where the law changes.

Last updated: April 2019