15 - 26 JUNE 2022

Privacy

Name of register

Contact person register for the Cork Midsummer Festival’s application process

Controller

Cork Midsummer Festival, Civic Trust House, 50 Popes Quay, Cork, IRL.

Person in charge of registry matters

Communications Manager Conall Ó Riain, conall@corkmidsummer.com

Purpose of personal data processing

The primary purpose of this personal data register is to provide a contact person register of performers at the Cork Midsummer Festival event organised by the Cork Midsummer Festival. The register contains personal data concerning the contact persons indicated by the performers that have signed up for the Cork Midsummer Festival event. In addition to the contact person’s basic information, information is collected from contracts, service use, service use areas as well as the information required for service production and management. The register may also contain information concerning areas of interest as supplied by the contact person him/herself.

The contact person data contained in the register may be processed for the following purposes:

  • the organisation and management of the Cork Midsummer Festival event
  • the implementation, development and maintenance of services for event performers.
  • the planning and implementation of festival research related to the event
  • publicity, communications, marketing, sales promotion and market research related to the services and products of Cork Midsummer Festival
  • the operational business needs of Cork Midsummer Festival, such as the implementation of the service process, invoicing and reporting
  • the planning and development of Cork Midsummer Festival business activities
  • service communications and advertising based on service contracts for the contractual partners of Cork Midsummer Festival’s electronic business

The legal bases for processing personal data are as follows:

  • the implementation of measures related to a contractual relationship or legitimate interest
  • consent given by the data subject

Data content of the register

The database contains the following information:

  • names
  • addresses
  • country of residence
  • phone numbers
  • email addresses
  • notes on direct marketing permissions and restrictions
  • other information required for service use

Regular sources of data

The data in the register are collected from:

  • the data subject him/herself
  • the organisation for which the data subject is a contact person
  • with the data subject’s consent, from third parties

Storage time

The controller stores the personal data for as long as is necessary to fulfil the aforementioned purposes, unless legislation requires that personal data be stored for longer.

For organisations, the storage of the data subject’s personal data is connected to the duration of time that the data subject in question acts as a representative of the organisation.

When the data are no longer required in the manner described above, the data will be removed within a reasonable time.

Regular disclosures of data and transfer of data out of the EU and EEA

Personal data are not disclosed to third parties unless required by compelling legislation.

Personal data may be transferred out of the European Union or the European Economic Area using standard clauses approved by the European Commission or other legal transfer protocol, for example, when required for the technical implementation of services or communication.

However, personal data may be disclosed with the personal consent of the data subject.

Register security

The register is in an automated data processing format. Access rights to the register are reserved for those persons employed by the controller and other specified persons that need the data in their work. They have user IDs and passwords at their disposal. The data are protected by a firewall and other technical measures.

Rights of the data subject

The data subject has the right to review and demand the rectification of their data, receive a copy of their personal data, restrict the sending of electronic marketing messages and offers as well as the use of their personal data for direct marketing purposes.

The data subject has the right to cancel their consent concerning the processing of personal data. Cancelling the consent may influence the implementation of measures as per the contractual relationship.

The data subject also has the right, in situations specified in the General Data Protection Regulation, to request a restriction of or otherwise oppose the processing of their personal data.

Should they wish to exercise the rights mentioned above or receive further information concerning the processing of the personal data, the data subject may contact the person in charge of registry matters mentioned earlier.

The data subject has the right to appeal to the controlling authority if they feel that the processing of personal data does not comply with legislation.

(Updated on 8 Feb 2021)