At Mespil Swimming Pool, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR). This Privacy Statement explains how we collect, use, store, and protect your personal data, as well as your rights under the GDPR.
1. Who We Are
Mespil Swimming Pool is responsible for the processing of your personal data. Our contact details are:
Mespil Swimming Pool
Mespil House Flats, 4 Sussex Rd, Dublin, D04 H9T0
Email: info@mespilpool.com
2. Data Controller
The data controller responsible for your personal data is [Insert Name or Position of the Data Controller]. For any questions regarding this Privacy Statement or how we handle your personal data, you can contact us at [Insert Contact Email].
3. Personal Data We Collect
We collect and process the following types of personal data:
- Personal Identifiable Information (PII): Full name, date of birth, address, email address, phone number.
- Booking and Payment Data: Details of your swimming pool bookings, membership information, payment card details (only processed through secure third-party payment gateways).
- Health and Safety Information: For example, medical conditions, if relevant for specific swimming programs or activities.
- Usage Data: Data related to your use of our website, booking platform, or mobile app, including IP addresses, browser type, device information, and usage patterns.
4. Purpose and Legal Basis for Processing
We process your personal data for the following purposes and on the following legal bases:
- To provide our services: To process your bookings, manage memberships, and ensure you can access swimming pool facilities.
Legal Basis: Performance of a contract (Article 6(1)(b) GDPR). - To communicate with you: To send you booking confirmations, updates, and promotional materials (with your consent).
Legal Basis: Consent (Article 6(1)(a) GDPR) and legitimate interest (Article 6(1)(f) GDPR). - To ensure safety and security: To monitor and improve the safety of all guests using the facilities, including in emergencies or medical situations.
Legal Basis: Legitimate interests (Article 6(1)(f) GDPR). - To comply with legal obligations: For example, to maintain health and safety standards, comply with tax and accounting laws, and meet other regulatory requirements.
Legal Basis: Legal obligation (Article 6(1)(c) GDPR).
5. How We Protect Your Data
We take the security of your personal data seriously and implement appropriate technical and organizational measures to protect it. These measures include secure encryption of payment information, restricted access to sensitive data, and regular security audits.
However, no method of transmitting data over the internet or storing data is 100% secure. While we use commercially reasonable means to protect your personal data, we cannot guarantee absolute security.
6. Sharing Your Data
We may share your personal data with third parties in the following circumstances:
- Service Providers: We may share your data with third-party companies that provide services such as payment processing, marketing, IT support, and email communications.
- Legal Requirements: We may disclose your personal data to comply with legal obligations, including responding to lawful requests from authorities (e.g., government agencies or law enforcement).
We do not sell, rent, or trade your personal data.
7. Data Retention
We will retain your personal data only for as long as is necessary for the purposes for which it was collected. Once it is no longer needed, we will securely delete or anonymize your personal data, unless required by law to retain it for a longer period.
8. Your Rights Under GDPR
As a data subject under the GDPR, you have the following rights regarding your personal data:
- Right to Access: You have the right to request a copy of the personal data we hold about you.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
- Right to Erasure: You can request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw your consent.
- Right to Restriction of Processing: You have the right to request that we limit the processing of your personal data in certain circumstances.
- Right to Data Portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another data controller.
- Right to Object: You have the right to object to the processing of your personal data in certain cases, such as when processing is based on legitimate interests or direct marketing.
- Right to Withdraw Consent: If you have provided consent for processing, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact us at [Insert Contact Email].
9. Cookies
Our website uses cookies to enhance your experience. Cookies are small text files placed on your device to remember preferences, track usage patterns, and ensure that the website functions properly. You can choose to disable cookies through your browser settings, but this may limit certain features of our website.
10. International Transfers
If we transfer your personal data to countries outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your data, such as using standard contractual clauses or relying on an adequacy decision by the European Commission.
11. Changes to This Privacy Statement
We reserve the right to update or amend this Privacy Statement at any time. When we do, we will update the “Effective Date” at the top of the page. Please review this statement periodically for any changes.
12. Complaints
If you believe that we are not complying with the GDPR or your data protection rights, you have the right to lodge a complaint with a supervisory authority. In Ireland, the supervisory authority is the Data Protection Commission (DPC).