Contents of Page
Statement of Policy
CPPP aims to achieve the best possible standards of protection for all the data, including personal, sensitive and medical data, which it collects and processes. It is committed to compliance with the requirements of the Data Protection Acts and the General Data Protection Regulations of May 2018.
The Irish Society of Chartered Physiotherapists (ISCP) (‘we’) must comply with the Data Protection Acts 1988- 2018 and the General Data Protection Regulations (GDPR). We respect your right to privacy and to the protection of your personal information. This Privacy Statement sets out the details of the information that we collect, how we process it and who we share it with. It also explains your right under data protection law in relation to our processing of your data.
Please read this Privacy Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. We respect your rights to privacy and are committed to protecting and respecting your privacy.
The Information We Process
We collect information about you in the course of operating the ISCP, which allows us to provide our services to you.
We collect Personal Data from you through the use of application forms, payments, online services, phone calls and when you email your Personal Data to us.
The types of data we collect include:
- Personal Data: This is data that identifies you or can be used to identify or contact you and may include your name, address, email address, user IP addresses in circumstances where they have not been deleted, clipped or anonymised, telephone numbers, birth date, occupation, employer, qualification, CORU registration number, billing and credit card information. Such information is only collected from you if you voluntarily submit it to us.
- Sensitive Data: If we process any sensitive personal information, we will restrict access to and use of this.
Legal Basis for Processing Personal Data
We will process any data you provide to us for the following purposes:
- To determine eligibility for membership,
- To provide you with professional and administrative services,
- To contact you, if required, in connection with the provision of our services, or respond to any communications you might send to us.
Any Sensitive Personal Data that we process will be used solely for providing you with the required services.
If the purpose of processing is for a reason other than the reasons outline above, we will seek explicit consent.
By sending your Personal Data to us, or purchasing our services, you signify your consent to your Personal Data being used, and processed by us.
How We Obtain Your Information
We obtain your personal data from the information you give to us.
How We Use Your Information
We will process the information you provide in a manner compatible with the GDPR. We will endeavour to keep your information accurate and up to date, and will not keep it for longer than is necessary.
We are required to retain information in accordance with the law, such as information needed for insurance, claims, cover verification and audit purposes.
All employees (not already covered by a professional confidentiality code) sign a confidentiality agreement that explicitly makes clear their duties in relation to handling personal information and the consequences of breaching that duty.
When visiting our website, you are accepting the terms of our Privacy Statement and Cookies Statement. Any external links to other websites are clearly identifiable as such, and we are not responsible for the content or the privacy and cookies statement of these other websites.
Visiting Our Website
When you access this website via a browser or search engine no personal information is revealed to us, although certain statistical information is available to us via our internet service provider.
This information may include the IP and address of the server you are using, the top-level domain name from which you access the internet (for example .ie, .com, etc.), the type of browser you are using, the date and time you access our site and the internet address linking to our site.
You may send us information via this website, such as through the “contact us” page or any other area where you may send e-mails, ask us to contact you or provide feedback. By choosing to participate in these, you may need to provide us with some personal information.
This information will only be used by us for:
- The purposes for which it was provided by you and any reasonable / relevant purposes;
- Verification purposes and statistical analysis
- Administration purposes (billing)
Our website may, from time to time, contain links to and from other website (the “Third Party Websites”). If you follow a link to any of Third Party Websites, please note that the Third Party Websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check the Third Party Websites’ policies before you submit any personal data to the Third Party Websites.
The material contained on our website is for general information purposes only and does not constitute professional advice covering any specific situation.
Cookies are small text files placed on your computer and are commonly used on the internet.
They allow us to make our website more useful based on stored information about your preferences when you visit us. We do not store cookies beyond such interaction. If you choose to, you can set your web browser to reject cookies from our service, although you may not be able to experience the full service we provide if cookies are disabled.
You may withdraw this consent at any time by unsubscribing from our mailing list.
You have certain legal rights concerning your information and the manner in which it is processed, which include: o A right to get access to your personal information;
- A right to request us to correct inaccurate information, or update incomplete information;
- A right to request that we restrict processing of your information in certain circumstances;
- A right to request the deletion of personal information;
- A right to receive the personal information you provide to us in a portable format;
- A right to object to us processing your personal information in certain circumstances; and o A right to lodge a complaint with the Data Protection Commission.
Some of these rights only apply in certain circumstances and so are not guaranteed or absolute rights.
If you have any queries or concerns about your rights, contact the Practice Data Protection Officer. If you are not satisfied you can contact the Data Protection Commission.
Sharing Information with Third-Parties
We will disclose your Personal Data if we believe, in good faith, that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirement.
We may when requested disclose membership status (current member or former member, not a member).
In accordance with European Directive (2005/36/EC) on the Recognition of Professional Qualifications, the ISCP is obliged to exchange information regarding disciplinary action or criminal sanctions taken or any other serious circumstances, which are likely to have consequences for pursuit of activities under this Directive.
Personal data may be used in a number of circumstances such as:
- The furnishing of information relating to the good standing of a member of the Society to the Irish Government Agencies/Foreign Government Agencies/Professional bodies, including recording information with regard to conduct or professional indemnity of that member, the context in which the information was required is almost exclusively in the context of refinement or appointment to posts or positions. This information is automatically required of all overseas applicants and E.U. Legislation will regard a practice that does not require the same information of all applicants for membership as discriminatory.
On occasion some of your data may be shared with a course facilitator or professional body (for an interdisciplinary event or other course event. This data is shared only for the purposes of communications and/or sharing of resources.
Access to Your Records
You can access your records. The request must be in writing with a sufficient description of what you are looking for. You may be required to provide satisfactory evidence of identification as additional protection of your information.
How Your Records are Stored
We are committed to ensuring that your information is secure. We have a number of security precautions in place to prevent the loss, misuse or alteration of your information. All employees have a duty to keep information about you confidential.
Use of Data Processors
Data processors are third parties who provide some elements of our business service for us. When we use a thirdy-party, we have a strict agreement in place governing the processing of your personal data, on which no action can be taken without instructions from us. The third-parties with whom we work will never share or disclose your personal information and will hold it securely at all times.
We will only retain your information for as long as necessary. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.
Payment Card Industry Data Security Standard
In line with best practice, members’ credit card details are stored on by Global Payments. Global Payments is fully compliant with the Payment Card Industry Data Security Standard (“PCI DSS”) which is the standard required by banks and credit card companies for card storage and processing.
The data protection contact person is: Fran Theron, firstname.lastname@example.org,
Please contact our data protection contact person:
If you have any queries in relation to Data Protection or other issues around the security of your personal information,
For more information about the steps, we take to protect your information,
For more information about your rights, including the circumstances in which you can exercise them and how to exercise them,
If you wish to raise a complaint on how we have handled your personal information.
The Data Controller is:
The Irish Society of Chartered Physiotherapists,
Royal College of Surgeons in Ireland,
St. Stephen’s Green,
D02 H903, Ireland, or
The Data Protection Commission is the national independent authority responsible for upholding the fundamental rights of individuals in the EU to have their personal data protected.
You can contact the Data Protection Commission:
– By Phone: 01 765 0100 / 1800 437 737 (Monday – Friday)
– By Post: 21 Fitzwilliam Square South, Dublin 2, D02 RD28