SUICIDE OR SURVIVE

Suicide or Survive Privacy Notice

This notice may change from time to time, and any changes will be posted on our website and will be effective when posted. Please review this notice each time you use our website or our services.

This notice was last updated on 10/06/2024.

1. Who are we?

We are Suicide or Survive (SOS), a registered charity operating since 2003. We provide mental health and suicide prevention programmes nationwide.

Our headquarters are based in Blackrock, Co. Dublin. SOS are the data controller in respect of Personal Data which we collect and process from you. This notice sets out the basis on which any Personal Data we collect from you, or from others, will be processed by us. Please read the following carefully to understand our practices regarding your Personal Data and how we will treat it.
Our data protection contact may be contacted at 01 2722158 or by emailing info@suicideorsurvive.ie.

2. Data Protection Terms

Data is information, which is stored electronically, on a computer, or in certain paper-based filing systems.
Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
Data Subject means an identified or identifiable natural person.
Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Profiling means any form of automated processing of Personal Data consisting of the use of Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
Pseudonymisation means the processing of Personal Data in such a manner that the Personal Data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the Personal Data are not attributed to an identified or identifiable natural person.
Data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Data processor means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.
Recipient means a natural or legal person, public authority, agency or another body, to which the Personal Data are disclosed, whether a third party or not. However, public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process Personal Data.
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him or her.
Personal Data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
Genetic data means Personal Data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question.
Biometric data means Personal Data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopic data.
Data concerning health means Personal Data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.
Representative means a natural or legal person established in the Union who, designated by the controller or processor in writing pursuant to Article 27 of the GDPR, represents the controller or processor with regard to their respective obligations under the GDPR.
Supervisory authority means an independent public authority which is established by a Member State pursuant to Article 51 of the GDPR.
Special categories of Personal Data and Sensitive Personal Data includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

3. Details of Personal Data Processing

In the course of our business, we collect and process the Personal Data as set out in this Notice. This may include data we receive directly from a Data Subject (for example, by completing forms or by corresponding with us by mail, phone, email or otherwise) and data we receive from other sources (including, for example, business partners, sub-contractors in technical, payment and delivery services).

We will only process Personal Data for the specific purposes set out in this Notice or for any other purposes specifically permitted by the applicable law. We will notify those purposes to the Data Subject when we first collect the data or as soon as possible thereafter.

The Personal Data we collect, details of the processing activity and the lawful basis is as follows:

PROCESS
DESCRIPTION OF DATA, PURPOSE OF PROCESSING AND USE
LAWFUL BASIS
EmailsWhen corresponding with us by phone, e-mail or otherwise, we ask you to disclose only as much information as is necessary to answer your query.Contract/ legal obligation
Sales and marketingFor sales and marketing purposes we collect your name, contact details, and communication preferences.  We use this data to provide information about our programmes, fundraising, and/ or events and to send you our newsletter where you have subscribed to receive same.  We also use this information to ensure payment of our invoices and to receipt you when payment is made.Consent / legitimate interest
Programmes

When you register for our Wellness Workshop, Supporters and WRAP Programmes we collect your name, contact details, and for in-person programmes, your dietary and accessibility needs.  We do this in order to communicate with you regarding programme dates and times, to ensure we provide appropriate refreshments and accommodations where required, and to provide you with a certificate of attendance for the WRAP and Supporters programmes.

When you apply for our Eden Programme we collect your name, contact details, details of an emergency contact person and your reason for applying for the programme.  You can choose how much or little to include in your reason for applying.  We use this information to ensure that you have applied for a programme that can meet your needs, to contact you to schedule a time and date for your holistic interview, and if you go on to attend the programme, to contact you about programme related matters.  We collect the details of an emergency contact person so that we have someone to make contact with who can support you if we have a concern for your safety or welfare during the application process.  During the Eden interview process we will ask you for more information about yourself, your history and current circumstances, and why you have applied for the programme we record this information on an interview form.  We do this to collect sufficient information to ensure we offer places on the programme to people who can most benefit from attending.  When you are offered a place on the programme, we will ask you for the names and contact details of people who you consent to us contacting so that we have someone to make contact with who can support you if we have a concern for your safety or welfare during the programme.

 
Website data

We collect data from cookies on our website. See our cookie policy for more information.

We use this data to administer and improve our website and for internal operations including troubleshooting, data analysis, research, statistical and survey purposes; as part of our efforts to keep our website safe and secure; to measure or understand he effectiveness of advertising; and to advertise relevant content to you.

legitimate interest and consent

4. Who do we share your data with?

We will not disclose your Personal Data to third parties unless you provide consent, unless the third party is required to fulfil a request you have made or a contract that you have willingly entered, or unless required to by law.

Where appropriate, your Personal Data may also be processed by our service providers in which case we will take steps to ensure that the processing complies with the GDPR 2018 and DPA 2018.

5. Limits to Confidentiality

We act in accordance with best practice and legislation in relation to the limits to the confidentiality we offer those who contact our services. Where there is substantial reason to believe that either the individual themselves are at risk or any other individual is at risk, SOS reserves the right to contact the appropriate person to seek support for the individual and/or report the risk. SOS complies with The Children First Act 2015 and all other legislation relating to the reporting of child protection and adult safeguarding concerns. Staff are referred to the SOS Child Protection Policy and Guidance and Adult Safeguarding Policy in relation to these issues.

6. How long do we keep hold of your information?

We only collect the amount of Personal Data that is necessary for us to answer your query or enrol you in one of our programmes. We will only keep that data for certain periods. The time periods for which we retain your data depends on the type of Personal Data and the purposes for which we use it. We will keep your Personal Data for no longer than is required or permitted.

For further information on the periods for which your Personal Data is kept, please see our data retention policy which can be accessed here.

7. Special Category Data

With the exception of our Eden Programme we generally do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

However, if you share your personal experiences or a family members experience relating to suicide or mental health, we may collect this as health information. We will treat this type of personal data with extra care.

8. Profiling/ Automated Decision Making

SOS do not make decision about your data on the basis of automated decision making.

9. Do we transfer your information outside of the EU or EEA?

No.

10. What are your rights with respect to your Personal Data?

You have the following rights:

  • to request access to any Personal Data held by us relating to you (a “Data Subject Access Request”). To make a Data Subject Access Request, please contact us at info@suicideorsurvive.ie. We may request proof of identification to verify your request.
  • to have any inaccurate or misleading data rectified, corrected or erased (subject to certain statutory restrictions);
  • to restrict the processing of Personal Data in certain circumstances;
  • not to be subject to a decision based solely on automated decision-making including profiling (subject to certain statutory restrictions);
  • to data portability, which allows individuals to move, copy or transfer Personal Data from one IT environment to another. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
  • to object to processing of Personal Data based on public interest grounds or based on legitimate interest of the data controller (subject to certain statutory exceptions).
    where your data is processed based on your consent, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of processing based on consent before your consent was withdrawn.

Please note that these rights are not absolute rights and may be subject to statutory restrictions. To avail of any of the rights set out above, you may write to us at the address above or by email to info@suicideorsurvive.ie. Suitable proof of identification may be required before a request can be processed.

You also have the right to make a complaint to a supervisory authority. Details of how to lodge a complaint can be found on the Data Protection Commission’s website, or by phoning 01 7650100 or 1800437 737.

11. What will happen if we change our privacy notice?

This notice may change from time to time, and any changes will be posted on our website and will be effective when posted. Please review this notice each time you use our website or our services. This notice was last updated on 10/06/2024.

12. How can you contact us?

Our Data Protection Officer can be contacted by email at info@suicideorsurvive.ie.