Information we may collect from you
We collect Data from you which you volunteer when you provide such Data to us, or via our services with which you interact. We may also be given other Data relating to you by other persons, or we may obtain such other Data about you as may be provided to us in the course of our legitimate business activities.
We may collect and process Data; including the following in the course of providing services to you, which could contain your Data:
Your full name; your address; your various email addresses; your various phone numbers including mobile phone numbers; your nationality; gender, your address; financial information about you, including your bank account details, credit card details, or other payment details; details of contracts you have entered with third parties for us to provide services to you; details of your relationship to other parties; details of your membership of professional or other organisations; your date of birth; your event booking confirmation, details of children ; medical details, including details of allergies and other health information; details of your car registration number; details of your driving licence; and details of your passport, your employer and employer contact information references, criminal records checks, details of emergency contacts, photographs and/ or video images, CCTV images. We may require you to provide certain financial information (including pension information) in order to facilitate the processing of payments and all other Data which you ask us to process on your behalf, or which is necessary for us to process in order for us to fulfil our role as providing event organisation and other related services to you.
We may also process other data, which is not personal data.
When you access our website or WiFi facilities, your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you. When you use our WiFi service, you provide your email address and are required to consent to being marketed to by RDS at that email address.
Special Categories of Data
The RDS processes Special Categories of Personal Data in certain circumstances, such as the ordinary course of employee administration. The RDS shall process such Special Categories of Personal Data in accordance with Data Protection Law.
Security and where we store your Data
We are committed to protecting the security of your Data. We use a variety of security technologies and procedures to help protect your Data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We will continue to revise policies and implement additional security features as new technologies become available.
The transmission of information via the internet is not completely secure and may involve the transfer of data to countries outside of the European Economic Area (EEA). This occurs typically through use of cloud solutions for web hosting, email hosting or proprietary software solutions delivered to us through the Cloud. We do not however authorise any third party to use your Data for their own purposes without the appropriate authority. Non-EEA countries may not provide an adequate level of protection in relation to processing your Data. By submitting your data, you agree to this transfer, storing and processing.
Although we will do our best to protect your Data, we cannot guarantee the security of your Data transmitted to us. Any transmission of data is at your own risk. Once we receive your Data, we use appropriate security measures to seek to prevent unauthorised access.
The GDPR obliges Data Controllers to notify the Data Protection Commission and affected data subjects in the case of certain types of personal data security breaches. Any Data Breaches identified in respect of Personal Data controlled by the RDS will be dealt with in accordance with Data Protection Law and the RDS’s Data Breach Procedure.
The RDS will engage certain service providers to perform certain services on its behalf which may involve the Processing of Personal Data. To the extent that such processing is undertaken based on the instructions of the RDS and gives rise to a Data Controller and Data Processor relationship, the RDS will ensure that such relationship is governed by a contract which includes the data protection provisions prescribed by Data Protection Law.
The RDS will also act as a Data Processor in certain situations when Processing Personal Data for and on behalf of third parties such as our clients who book events with us. Where the RDS acts a Data Processor, we will ensure that such relationship is governed by a contract which includes the data protection provisions prescribed by Data Protection Law.
Uses made of your Data
We use your Data that we hold to:
- In our legitimate interest of advertising our services, provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (our list of services below);
- carry out our obligations arising from any contracts entered into between you and us;
- in our legitimate interest of advertising our services, provide details of any loyalty scheme or promotion;
- comply with legislation; and/or notify you about changes to our services.
The following processing activities are carried out for the purposes of a legitimate interest pursued by the Society:
RDS Events: In order for us to achieve our charitable aims and objectives, we organise and run a number of RDS Foundation events annually. These include the Dublin Horse Show, the RDS Visual Arts Awards and the RDS Agricultural Awards, among others. We keep a record of your participation at our events as an attendee, presenter or participant.
Members: To send you information about member events, RDS Elections and Notices of the Stated General Meeting, and other member related events.
Attendees: If you register for or purchase tickets for an RDS event and you are a Member, we will access the information in your Member account to provide you with information and services associated with the event. If you are not a Member and you register for one of our events, we will collect your name and contact information, which we will store in our database(s) and use to provide you with information and services associated with the event.
Presenters: If you are a presenter at one of our events, we will collect information about you including your name, employer and contact information, and we may also collect information provided by event attendees who evaluated your performance as a presenter.
Participants: When you submit an application/entry/project to an RDS event, you provide us with your Data. We use this information to keep a record of your participation and to correspond with you in relation to your application/entry/project and for the administration and management of our event.
Appropriate data may be shared with relevant people associated with our events including: members of judging panels, RDS Committees, attendees and other participants at events.
Videography and Photography: When you attend an event at the RDS you may be photographed and/or filmed/recorded due to your presence at the event by the RDS or by any third party authorised by the RDS. The images resulting from the photography, videography or recordings, and any reproductions or adaptations of same, may be used for promotion, publicity and/or other purposes to assist the RDS in the provision of its chartable aims.
Appropriate data may also be shared publicly for communications purposes on digital platforms (including social platforms), and through publications, media (including newspapers, television and radio), and advertisements.
When we intend to record or photograph an event, we will inform you of this fact via our Public Announcement system. Clear visible signage will also be placed around the area(s) where the event is taking place.
Volunteers: If you volunteer for the RDS, for example, if you act as a judge or steward at an RDS Event, you provide us with your Data. If you’re a volunteer then we may collect information about you (e.g. references, criminal records checks, details of emergency contacts, medical conditions etc.). This information will be retained for legal or contractual reasons, to protect us (including in the event of an insurance or legal claim) and for safeguarding purposes.
Children’s data: We may collect and manage information from children and aim to manage it in a way which is appropriate to the age of the child. Information is usually collected when children enter or attend our events. Where possible and appropriate we will seek consent from a parent or guardian before collecting information about children. Our events have specific rules about whether children can participate, and we will make sure advertising for those events is age appropriate.
Employment: Processing of employees’ personal data for employment purposes including payroll administration, general personnel administration and RDS management.
In connection with a job application or related inquiry, you may provide us with personal information including a resume, cover letter, or similar employment-related materials. This information will be used for the purpose of processing and responding to your application for current and future career opportunities.
CCTV: The Society employs CCTV for the security of its staff, visitors and property. To ensure the security and safety of visitors and staff, the RDS uses CCTV located throughout its premises covering buildings, internal spaces, car parks, roads, pathways and grounds. The RDS CCTV system is implemented in a proportionate manner as necessary for the legitimate interest of the security of staff, and visitors including visitors to the RDS premises (to protect their vital interests) and to protect RDS property against theft or pilferage.
Images are in general not stored beyond a period of one month, except where incidents or accidents have been identified in which case such footage is retained specifically in the context of an investigation of that issue. CCTV footage is not disclosed to third parties except where disclosure is required by law (such as for the purpose of preventing, detecting or investigating alleged offences) and in such instances disclosure is based on a valid request. Signage indicating that CCTV is in use is displayed prominently throughout the RDS sites.
The CCTV system is operated in accordance with the provisions of the Society’s CCTV Policy.
Fundraising & Philanthropy: We work to secure philanthropic support for the Society’s Foundation Programme. In order to do this, we maintain a database that contains Data collected by the Society during the course of its relationships with Members and other sponsors. The majority of the information we hold is obtained directly from you, but there may be some additional data which we have been obtained from publicly available sources.
Unless you have requested otherwise, this Data will be used and processed for a range of engagement activities and programmes. This processing is carried out to assist us in securing funds for the provision of our charitable aims
Business Contact and Customer Relationship Management: We collect and maintain information about our Customers and Clients, which may include company name, business contact name and title, phone number, email and other contact details. We may also collect billing address, financial account, credit card information, order details, subscription and license information, and usage details.
Maintenance of “do not contact” lists (suppression lists): If you ask the RDS not to contact you by email at a certain email address, the RDS will retain a copy of that email address on its “master do not send” list in order to comply with your no-contact request.
Provision of Services: We may compile and process your information to help us understand trends in our customer behaviour and to understand our risks better, including for providing management information, operational and data risk management.
Marketing: We may use your identity, contact, transactional history, profile data and communications data to form a view on what we think you may like, or what may be of interest to you, and to send you details of upcoming events, products, offers and news which may be relevant for you. You may opt-out of receiving such emails by following the instructions in each promotional email we send you. In addition, if at any time you wish not to receive future communications, or you wish to have your name deleted from our mailing lists, please contact us at firstname.lastname@example.org.
Testimonials: We collect and display personal testimonials of satisfied clients and users in addition to other endorsements for marketing purposes. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, please contact email@example.com
When you enter a competition, we will make use of and process the personal data you provide in connection with the competition to administer the Competition, and to contact you in respect of advertising, marketing, promotional and publicity material and any other items which will be set out in the terms and conditions of the competition.
The information you provide may be shared, both inside and outside the European Economic Area, with third parties such as our Sponsors and Partners. You should read and satisfy yourself with our Partners and Sponsors privacy policies prior to entering a Competition.
We review data annually to ensure that it is still relevant and necessary. Data shall be kept for no longer than is necessary for the purposes for which it is being processed.
As stipulated in The National Vetting Bureau (Children and Vulnerable Persons) Acts 2012 to 2016 all RDS staff, volunteers, voluntary officers and other individuals who provide services to the RDS and who interact with children or vulnerable persons must be vetted by An Gardaí Síochána.
Garda Vetting is a procedure through which An Garda Síochána is asked, with a person’s permission, to disclose any information held on Garda file. The vetting process requires the provision of verified proof of identify and proof of address by all vetting candidates and, subsequently, checks by An Gardaí Síochána of their records.
The purpose for processing your Data in this context is that it is necessary to comply with our legal obligations under the National Vetting Bureau (Children and Vulnerable Persons) Acts 2012 to 2016.
List of services
- Rental of exhibition space
- Social Media promotions and competitions
We may use your data to send you information relating to our services, events and products which may be of interest to you. If you do not want us to use your data in this way, please notify us to that effect at firstname.lastname@example.org.
We keep your data for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. If you no longer want us to use your data to provide this service to you, you can request that we erase your Data and close your account with us. Please note that if you request the erasure of your Data:
- We may retain some of your Data as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety
- We may retain and use your Data to the extent necessary to comply with our legal obligations. For example, we may keep some of your information for tax, legal reporting and auditing obligations.
- Because we maintain our records to protect from accidental or malicious loss and destruction, residual copies of your Data may not be removed from our backup systems for a limited period of time.
Disclosure of your information
We may disclose your Data to third parties who provide a service to us or in the event that we sell or buy any business or assets, in which case we may disclose your Data to the prospective seller or buyer of such business or assets or if we are under a duty to disclose or share your Data in order to comply with any legal obligation, or to protect our rights, property, or safety of staff or customers. Currently we disclose your Data to the following providers.
Some non-EU jurisdictions may not have adequate safeguards for the protection of personal data, and where this is the case we comply with Chapter 5 of the General Data Protection Regulation (“GDPR”) to provide an alternative method of safeguarding your personal data.
Third parties with whom:
(i) we need to share your information to facilitate transactions you have requested, and
(ii) you ask us to share your information
EU and Non-EU
Service providers who provide us with support services
EU and Non-EU
Statutory and regulatory bodies (including central and local government) and law enforcement authorities in order to any applicable laws, grant applications and /or court orders
Third parties in connection with a sale or purchase of assets by us
EU and Non-EU
Service providers who provide us with marketing including online marketing services, WiFi services, website services, appropriate data may be shared with relevant people associated with our events including members of judging panels, RDS Committees, attendees and other participants at events. Appropriate data may also be shared publicly for communications purposes on digital platforms (including social media platforms), and through publications, media (including newspapers, television and radio), and advertisements
Videography and Photography: The RDS is an event venue and when you attend an event at the RDS you may be photographed and/or filmed/recorded due to your presence at the event. Some of these events are of public and media interest and therefore are subject to audio and visual recording and photography. When attending an RDS event, which is a public place, there is a reasonable expectation that staff and visitors may be photographed and recorded in video footage and that these images and recordings may be published by us for promotional purposes to publicise and promote the RDS, and third parties including media outlets and broadcasters. Such processing is undertaken in the RDS's legitimate interests and those of media outlets and broadcasters.
By attending the RDS for such events, you acknowledge that the RDS is a public place and that you may have a reduced expectation of privacy. While you have a right to object to your inclusion in any photographs or video footage, any such objection must be balanced against the legitimate interests pursued by the RDS and/or third-party media outlets and broadcasters.
Sponsors and other fund-raising sources
Training providers and service
EU and Non-EU
Trade associations and professional bodies, non-statutory bodies and members of trade associations
EU and Non-EU
Business or joint venture partners
EU and Non-EU
We do not conduct profiling.
Where we process your Data based only on your consent, you may withdraw your consent.
You have the right to bring a complaint to a supervisory authority if you have any complaints about the processing of your Data. In Ireland the Data Protection Commission is the supervisory authority.
In circumstances where the provision of your Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, we will advise you at the point of collecting your Data whether the Data is a required field, and the consequences of not providing the Data.
Where the Data is not provided by you we will set out what the categories of Data are, and where we obtained the Data here.
We may need to collect the following information, as it is necessary for the adequate performance of the contract with you and to comply with applicable law (such as anti-money laundering regulations).
- Payment Information. When you make payments, we require certain financial information (like your bank account or credit card information) in order to process payments and comply with applicable law.
- Identity Verification and Other Information. We may require identity verification information, in order to verify your identity and comply with applicable law.
How we use the payment data collected
- Enable you to pay for our products and services.
- Detect and prevent fraud, abuse, security incidents, and other harmful activity.
- Conduct security investigations and risk assessments.
- Conduct checks against databases and other information sources.
- Comply with legal obligations (such as anti-money laundering regulations).
- Enforce our payment terms.
We process this information in our legitimate interest in providing goods and services and where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
We may market to you by post. If you wish to be removed from our list (opt-out), at any time, you can do so by contacting us at the address at the bottom of each communication you receive from us.
If you are not a customer, you may still opt to receive electronic or telephonic marketing communications from us which we consider may be of interest to you. You will be asked to opt-in if you wish to receive these. If you wish to be removed from our list (opt-out), at any time, you can do so by clicking on the unsubscribe link at the bottom of each communication you receive from us. You can also opt out by contacting the Registrar at email@example.com.
As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process data relating to you. These rights apply in certain circumstances and are set out below: -
- The right to access data relating to you (‘access right’).
- The right to rectify/correct data relating to you (‘right to rectification’).
- The right to object to processing of data relating to you (‘right to object’).
- The right to restrict the processing of data relating to you (‘right to restriction’).
- The right to erase/delete data relating to you (i.e. the “right to erasure”).
- The right to ‘port’ certain data relating to you from one organisation to another (‘right to data portability’).
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
RDS Mobile Application
Information we get from the RDS Mobile Application: The RDS mobile application needs to access certain information held in the user’s phone and some of the device’s functions to work properly. By downloading the RDS mobile application, the data subject is giving the RDS permission to do this for the purposes set out below.
Device ID and Identity of the User: The RDS mobile application captures information about the device it has been installed on, such as the model of phone, the version of the operating system and the version of the application that has been installed. This allows the RDS to accurately notify the data subject when updates to the application are available. The application also captures a device ID reference which allows the application to send notification messages to the device provided the data subject has given it permission to do so.
Location: If the data subject gives permission for the RDS mobile application to access location services (such as GPS or location from the network), the application will use this data to enable the ‘Locator’ feature to help trigger content near the present location of the data subject. Content can be triggered when a user comes within range of a location trigger and the RDS mobile application uses GPS coordinates to do so. The GPS coordinates are used in addition to network data for more accurate positioning.
It is possible to enable or disable location services on the RDS mobile application at any time through the user’s device settings.
Wi-Fi, Network Connections and Internet Data: The user of the RDS mobile application is provided with an opportunity to download newly added content each time the application is opened provided a connection to the internet is available. Therefore, this means that the RDS mobile application can be accessed when the user does not have an available internet connection. If the application cannot use an available Wi-Fi network, data may be retrieved from the network using the device’s 3G or 4G connection.
Log Data: In case of an error on the RDS mobile application, the application will collect data and information (through third party products) on the data subjects’ device and this is called ‘Log Data’. This ‘Log Data’ information may include information such as device name, operating system version, the configuration of the app when utilising the service, the time and date of the service, and other statistics.
Monitoring the functioning of the RDS Mobile Application: Llama Digital Limited may employ third-party companies and individuals due to the following reasons - to facilitate the service, to provide the service on their behalf, to perform service-related services; or to assist in analysing how the service is used.
The RDS mobile application uses third party service providers that may collect information used to identify data subjects, links to the privacy policies of the third-party services used by the application are below:
The controller of your Data for the purposes of GDPR is the RDS.
Changes to this policy
We reserve the right to change this Policy from time to time in our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use Data and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data to us after we post any such changes, you accept and agree to this Policy as modified.
Questions, comments, requests and complaints regarding this Policy and the information we hold are welcome and should be addressed to the Registrar at firstname.lastname@example.org
All requests will be dealt with promptly and efficiently.
Schedule 1 - Data Protection Notice for Wired Network Access
This Data Protection Notice together with any disclaimers sets out the basis on which any personal data we collect from you or that you provide to us, or that is provided to us relating to you in the course of providing you with access to our wired network ("Data for Network Access") by any means will be processed. Please read the following carefully to understand our use of Data for Network Access. Please note that the Statement relates only to living individuals in relation to personal data relating directly to themselves, and not to persons in any other capacity.
This Data for Network Access will be processed by the Royal Dublin Society of Ballsbridge, Dublin 4 (registered charity number 20002008) (the "RDS").
The RDS will process certain Data for Network Access about you in the course of providing you with access to its wired network so that you may access the internet. The RDS will be the controller of this Data for Network Access.
The Data for Network Access which the RDS will process is the IP address of your connected device.
The Basis and Purposes for this Processing
The RDS processes this personal data on the basis of pursuing the following purposes which are in its legitimate interests:
- to facilitate full monitoring of usage and to ensure that you abide by the Network Access Terms and do not use your access to the RDS' wired network for any of the purposes noted in the "Inappropriate Use" section of the Network Access Terms;
- to ensure connectivity to our network;
- to troubleshoot network issues;
- to monitor network performance; and
- to comply with applicable laws, regulations or requests of law enforcement agencies.
The RDS has determined that this processing is necessary to pursue these purposes and has carefully considered the impact of these processing activities on your fundamental rights and freedoms. The RDS will not process such Data for Network Access where its legitimate interests are outweighed by the impact on your rights and freedoms (unless otherwise required or permitted by law).
Disclosure, Security and Retention of Data for Network Access
The RDS may disclose some or all of this Data for Network Access to:
- regulatory authorities and law enforcement agencies; and
- trusted third party ICT service providers.
The RDS stores and processes this Data for Network Access on servers located within the European Economic Area (the "EEA"). The RDS shall only transfer this Data for Network Access outside the EEA where the European Commission has decided that the third country in question ensures an adequate level of protection in line with EU data protection standards or there are appropriate safeguards in place to protect this personal data.
Once the RDS has received your personal data, it shall use strictly maintained physical, electronic and procedural safeguards to prevent unauthorised access.
Generally the RDS shall only retain this personal data for as long as you avail of access to the wired network but in certain circumstances it may hold your personal data for a longer period, for example, if it is processing an ongoing claim or believes in good faith that the law or a relevant regulator may reasonably in its view expect or require it to preserve this Data for Network Access.
Contacting the RDS about your Data for Network Access
If you have questions or concerns about the way your Data for Network Access is being processed by the RDS, you may contact the RDS by sending an email to email@example.com.
“Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed.
“Data Controller” means the entity which, alone or jointly with others, determines the purposes and means of the processing of Personal Data.
“Data Processor” means the party that Processes Personal Data on behalf of the Data Controller.
“Data Protection Law” means the General Data Protection Regulation (No 2016/679) (“GDPR”) and the Data Protection Acts 1988 to 2018 and any other laws which apply to the RDS in relation to the Processing of Personal Data.
“European Economic Area” or “EEA” means Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, the UK, Iceland, Liechtenstein, and Norway.
“Personal Data” is any information relating to a living individual which allows the identification of that individual. Personal Data can include a name, an identification number, details about an individual’s location, or any other information that is specific to that individual.
“Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Process” and “Processing” are interpreted accordingly.
“Special Categories of Personal Data” are types of Personal Data that reveal any of the following information relating to an individual: racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. Special Categories of Personal Data also include the Processing of genetic data, biometric data (for example, fingerprints or facial images), health data, data concerning sex life or sexual orientation and any Personal Data relating to criminal convictions or offences.