Thank you for visiting our website. Reign Healthcare understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who engages with our services and visits our website, and only collect and use your personal data as described in this Privacy Notice. Any personal data we collect will only be used as permitted by law.

Reign Healthcare is committed to protecting and respecting your privacy. This Privacy Notice tells you about your privacy rights and sets out how we, when we act as a Data Controller, collect, use, process and disclose your personal data relating to your interactions with us. In cases where we act as a Data Processor when engaged by a Data Controller (such as government agencies) to provide contracted care services, you will need to refer to the Privacy Notice of that specific Data Controller. Please read this Privacy Notice carefully and ensure that you understand it.

1. What Does This Notice Cover?

This Privacy Notice applies generally to cases where Reign Healthcare is a Data Controller of your personal data, such as when you submit personal data via our website for example or when you contact us to engage in business, or for an employment opportunity. We do also act as a Data Processor for certain care services which we provide on behalf of other agencies. In these cases, we act upon the instructions of the agency, and they are deemed as the Data Controller. The Data Controller will collect your personal data in the first instance and so you will need to contact them directly as to how they process your personal data.

 Our website may contain links to other websites but please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy notices of any such websites before providing any data to them.

2. What Is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers. If you do not provide us with your personal data, we may not be able to provide you with our services or respond to any questions or requests you submit to us.

3.How Do You Use My Personal Data?

Where we collect any personal data, it will be processed and stored securely, for no longer than is necessary in light of the reasons for which it was first collected. We will comply with our obligations and safeguard your rights under the relevant data protection legislation at all times.

Below is a summary of the purposes and lawful bases we rely on to use your personal data:

Data Collected	Purposes/activity	Legal basis for processing
First and last name, email address, subject matter and message details which you volunteer to us.	To respond to your communication to us via our website ‘Contact Us’ or ‘Request a Callback’ website form.	Your consent.
First and last name, Email address, telephone contact details.	To contact/respond to customers or prospective customers regarding our care services which they are interested in using.	Your consent.
First and last name, email address, CV details, phone number, professional qualifications, employment history, information relating to any relevant disabilities which need to be accommodated, references, Garda Vetting records, confirmation that you are 18 years or older.	To process job applications from candidates for employment within Reign Healthcare.	·       Subject to entering into a contract of employment with you/prior to entering into a contract of employment. ·       processing is necessary for compliance with a legal obligation to which the controller is subject; ·       processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee. ·       Your consent
IP address, browser type etc.	To assist the proper operation and functionality of our site.	The processing is necessary to support our legitimate interests in managing our business and maintaining website security.
IP address, browser type, cookie preferences.	To analyse, improve and tailor our website content in line with user preferences and behaviour.	Your consent.

4.Information collected from other sources.

In our role as a Data Processor, we may also obtain personal data from third party Data Controllers such as government agencies. For example, we may receive necessary personal data from Tusla about an individual, in order for us to carry out our contracted services of care for that individual. Any access that we may have to such information from a third-party source is in accordance with the authorisation procedures determined by that Data Controller and the specified service. Please note that we are not responsible for those separate Data Controllers’ privacy or security practices which may be different than ours. For details on how your data is managed once collected from such sources, please contact them directly.

5. Security and where we store your personal data.

When you provide your personal data to us, we are committed to protecting the security of this data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We have implemented strict internal guidelines to ensure that your privacy is safeguarded at every level of our organization. We will continue to revise policies and implement additional security features as new technologies become available.

Personal data security is essential to us, and to protect personal data, we take the following measures:

• limiting access to your personal data to those employees and third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality.
• procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Data Protection Commission (DPC) when legally required to do so.

6. What Are My Rights?

Under the General Data Protection Regulation, you have the following rights, which we will always work to uphold:

1. a) The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in the ‘Contact Us’ section.
2. b) The right to access the personal data we hold about you. ‘Contact Us’ below will tell you how to do this.
3. c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. It is important that your personal data is kept accurate and up to date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
4. d) The right to be forgotten, i.e., the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in the ‘Contact Us’ section to find out more.
5. e) The right to restrict (i.e., prevent) the processing of your personal data.
6. f) The right to object to us using your personal data for a particular purpose or purposes.
7. g) The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
8. h) The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
9. i) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
10. j) the right to lodge a complaint with the Data Protection Commission, if you have any cause for complaint about our use of your personal data. We would welcome the opportunity to resolve your concerns ourselves however, so please contact us first, using the details in the ‘Contact Us’ section.

7. Do You Share My Personal Data?

We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions:

Service Providers:

Carefully selected companies that provide services for or on behalf of us, such as companies that help us with IT support and provision, and website security. These providers are also committed to protecting your information.

Other Parties When Required by Law or as necessary to protect our services:

For example, it may be necessary by law, legal process, or court order from governmental agencies to disclose your information. They may also seek your information from us for the purposes of law enforcement, national security, anti-terrorism, or other issues that are related to public security. We will challenge any such requests that are not valid.

Other Parties in Connection with Corporate Transactions:

We may disclose your information to a third party as part of a merger or transfer, acquisition or sale, or in the unlikely event of a bankruptcy.

Other Parties with Your Consent or at Your Direction:

In addition to the disclosures described in this Privacy Notice, we may share information about you with third parties when you separately consent to or request such sharing. If any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the EEA and under the relevant data protection legislation. Such steps would involve the use of the Standard Contractual Clauses (SCCs).

8.   Retention of your personal data

We will store your personal data only for as long as necessary for the purpose(s) for which it was obtained. The criteria used to determine our retention periods include (i) the length of time we have an ongoing relationship and/or provide our services; (ii) whether there is a legal requirement to which we are subject; and (iii) whether the retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). Please contact us if you wish to obtain further information concerning our retention periods (see ‘Contact Us’ below).

9. International Transfers

Your use of our services may from time to time involve the transfer, storage, and processing of your personal data to other countries outside of the European Economic Area. We will take appropriate measures, in compliance with applicable law, to ensure that your personal data remains protected. Such measures include the use of Standard Contractual Clauses to safeguard the transfer of data outside of the EEA.

As stated in Part 7 above, we may be required by law, legal process, or court order from governmental authorities to disclose your information. Reign Healthcare also commits that if we are ever compelled by a valid and binding legal request to disclose personal data, we will disclose only the minimum amount of data necessary to fulfil our legal obligation.

10.Processing of Childrens’ data

While we may process the personal data of children in our services as a Data Processor, in such cases we process the data on the instructions of the relevant Data Controller, such as Tusla for example. We do not market to children. If you are under the age of 16, please do not submit any personal information through our website. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Privacy Notice by instructing their children never to provide personal information via our website without their guardian’s consent.

11.Contact Us

Where we act as a Data Controller, you may request at any time a copy of the personal data held about you and request its correction or deletion. To obtain a copy of this information, please send an email to info@reignhealthcare.ie. Upon receipt of your request and within one month we will inform you about the type of personal data we hold about you, the purposes for which we hold it and the possible recipients or types of recipients. In some cases, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress. Where we act as a Data Processor, you will need to contact the relevant Data Controller first, who will then contact us.

To contact us about anything to do with your personal data, including to make a subject access request, please use the following details (for the attention of Data Protection Team):

Registered address: 30 Lansdown Road,

Portarlington,

Co. Laois,

R32 E2C,

Ireland

Email address: info@reignhealthcare.ie

12. Changes to this Privacy Notice

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be posted on our website, and you will be deemed to have accepted the terms of the Privacy Notice on your first use of our site following the alterations. We recommend that you check this page regularly to keep up-to-date. This Privacy Notice was last updated on 1^st October 2023.