1. Who We Are
1.3. Your personal data is held in a secure environment and is accessible only by relevant BSC Managementstaff using individual usernames and passwords and approved third parties. We have strict security procedures covering the storage and disclosure of your information in order to prevent unauthorised access and to comply with the Data Protection Act 1998 and 2003, including any amendments thereto and all regulations and orders made thereunder, (“the Data Protection Acts”), and the General Data Protection Regulation, Regulation (EU) 2016/679, including all regulations and orders implementing provisions of the Regulation in Irish law (“the GDPR”). This means that sometimes we may ask you for proof of identity before disclosing any personal information to you.
Information We Collect From You
2.1. Personal data you voluntarily provide
When you visit this website, you may choose to make an enquiry on this website. If you chose to provide your personal data to us by completing the enquiry form, this will result in us receiving the following personal data:
- Your name
- Email address
- Any other information you voluntarily provide in your enquiry message
2.2. Information collected when you visit the website:
Our website collects information to give us further information about who visits our website, learn about visitor numbers, website traffic, pages of interest etc. This is so that we can improve our website design and functionality, to develop our website based on users’ interests, and to ensure our website displays correctly. The information obtained includes:
- The type of browser you used to visit the website
- Operating system used
- Search engine referral
- The date and time of the visit
- Pages visited
This information is gathered using “cookies” which are small files that a site or its service provider uses. Further information is provided in our Cookies Policy at the end of this document.
How we use your information
3.1. In relation to the Information collected when you visit the website (per 2.2 above), we use that to analyse website visitors, analyse preferences, for statistical purposes, to troubleshoot any issues, to improve the effectiveness of our website, and for internal business purposes. We also analyse information provided by you and others to help us administer, support, and improve our business. The processing of this information is based on the legitimate basis of legitimate interests.
3.2. In relation to the personal data you voluntarily provide (per 2.1 above), we use that personal data in order to respond to your enquiry.
3.7. In respect of the personal data collected on this website we will process that personal data on the following legal bases:
- Legitimate interests;
- Consent (in certain situations).
3.8. In respect of the personal data specified collected above, we will use that personal data for purposes including:
- to process your enquiry
- to contact you in relation to your enquiry
- to resolve disputes, to vindicate our legal rights including taking and/or defending litigation etc.
Disclosure of Personal data and Data-Sharing:
We will share/disclose your personal data where it is necessary to fulfil your enquiry.
We also share your personal data with other third parties where it is necessary for our internal business purposes and for the proper and efficient management of the properties, for example with our insurers (including their duly appointed agents), our email platform (Office 365), IT service providers, support services, our security companies, our insurers, our legal advisors. We will disclose your personal data to comply with law or any Court order, to enforce any contractual agreements between us and our customers, to initiate or defend any legal claims, to obtain legal advices or otherwise vindicate our legal rights. If we are restructured or undergo any internal corporate reorganisations, your personal data will be transferred to or acquired by another legal entity as part of those restructuring processes. We will share your personal data with bodies including An Garda Síochána where we consider same to be necessary to our legitimate interests, for public interests, and/or for the protection of your vital interests (or those of another person) including to protect physical integrity or life. We reserve the right to disclose your personal data/information to other law-enforcement authorities (e.g. police organisations from another State) and other appropriate bodies (e.g. Revenue Commissioners, etc.) without notice to you where it is required for safeguarding the security of the State, or protecting the international relations of the State, or where it is required for the purpose of preventing, detecting or investigating offences, apprehending or prosecuting offenders or assessing or collecting any tax, duty or other money owed or payable to the State. In respect of the data referred to at (2.1) insofar as it relates to cookies and is gathered by website analytics companies (e.g. Google Analytics), further details are set out in our Cookies Policy at (9.0).
Data transfers within or outside EEA
5.1. In relation to the personal data you voluntarily provide, this data will be held on our computers in Ireland. It may be accessed by or given to our staff and service providers working within Ireland and the European Economic Area who are retained by us for us for the purposes set out in this privacy statement or for other purposes approved by you and/or relevant to providing the services you have requested from us.
5.2. In relation to the Information collected when you visit the website, this is utilised as part of Google Analytics and this information is transferred outside the EEA. That transfer is based on the EU-US Privacy Shield. Click here for further information. https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en
6.1. We take appropriate security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. This includes our taking reasonable technical security measures and organisational measures.
6.2. Although this website enables you to contact us, please note that communications across an electronic network is not a secure form of communication. Due to the risk of online fraud and the potential for unauthorised interception, we respectfully request that you never send us any sensitive personal data or financially sensitive information (e.g. bank account details) using the “Contact Us” page of our website or by email. It may be possible for unauthorised third parties to hack the website, or otherwise unlawfully intercept such communications. We take no responsibility whatsoever in the event of any email or communication from you to us being intercepted or changed by an unauthorised person. We accept no liability for any losses resulting from same.
BSC Management uses closed circuit television (CCTV) images to monitor and provide a safe and secure environment for employees and for visitors to the shopping centre.
The company’s CCTV facility records images only. There is no audio recording. Images that are stored on media are erased or destroyed once the purpose of the recording is no longer relevant. In normal circumstances, this will be a period of 30 days. Where a law enforcement agency is investigating a crime, images may need to be retained for a longer period.
Access to, and disclosure of, images recorded on CCTV is restricted. This ensures that the rights of individuals are retained. Images can only be disclosed in accordance with the purposes for which they were originally collected. Please see BSC MANAGEMENT CCTV policy at www.castlewestcork.ie/cctv .
7.1. Retention periods are calculated on the basis of why the data/information was provided to us, and the reasons for our data processing.
7.2. Some personal data is only kept for a short period (e.g. we will destroy when it is no longer needed). Some data we retain for a longer period as deemed necessary.
7.3. For example, there may be some records that become immediately obsolete. There may be some records that continue to be required until after year-end for financial audit purposes.
7.4. In general, we retain records for at least 2 years. Those records are shredded once no longer required. We reserve the right to retain records for longer than this period to ensure we can resolve disputes, to vindicate our legal rights including taking and/or defending litigation.
Automated decision making/profiling:
We do not engage in Automated Decision Making/profiling.
Data subject rights:
At any stage, you have the right to:
- Request access to your personal data (subject to exceptions and exemptions).
- Request rectification or erasure of personal data where it is incorrect, out of date, or was collected/processed without a legal basis.
- Right to object (including to automated decision-making, if any).
- Withdraw consent previously given. This does not invalidate actions taken based on the previously given consent.
If you would like to exercise any of these rights, please contact us using the contact details set out at (10).
What is a cookie?
Cookies do not contain any personally identifiable information such as your name, address or any financial information. If you do not wish to have cookies on your system, you can set your browser preferences to disable them.
10.1. If you have any queries, please contact us at:
Castlewest Cork Shopping Centre
Tel: 021 4876602
10.2. You can contact the Data Protection Commissioner or consult their website for further information:
Data Protection Commissioner
Telephone: Lo-Call 1890 252231