This webpage outlines how REQA uses and protects any information that you give, when using this website.
Our Privacy & Data Protection statements and policies are under regular review as we are committed to ensure that all site visitors, clients etc. privacy rights are protects. Please note, we take a number of measures to protect all clients data in a secure and professional fashion.
Reviewed & updated : May 2019
Who we are
RE Quinn Architects Ltd.
Registered in Northern Ireland [NI068375]
14 Princes Street, Dromore, Co. Down, NI, BT25 1AY
Data Protection Policy
RE Quinn Architects Limited [REQA] takes its responsibilities with regard to General Data Protection Regulation (GDPR)seriously. This policy sets out how REQA manages those responsibilities.
REQA obtains, uses, stores and otherwise processes personal data relating to current staff, former staff, consultants, contractors and clients, collectively referred to in this policy as data subjects. When processing personal data, REQA is obliged to fulfil individuals’ reasonable expectations of privacy by complying with GDPR and other relevant data protection legislation (data protection law).
This policy therefore seeks to ensure that we:
- are clear about how personal data must be processed and REQA expectations for all those who process personal data on its behalf;
- comply with the data protection law and with good practice;
- protect REQA reputation by ensuring the personal data entrusted to us is processed in accordance with data subjects’ rights
- protect REQA from risks of personal data breaches and other breaches of data protection law.
Personal data protection principles
REQA are guided by the following GDPR principles when processing personal data:
- To be processed lawfully, fairly and in a transparent manner.
- To be collected only for legitimate purposes.
- To be adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
- To be maintained accurately and where necessary updated.
- To be not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the personal data is processed.
- To be processed in a manner that ensures its security, using appropriate technical and organisational measures to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage.
Data Subjects’ Rights
Data subjects have rights in relation to the way REQA handle their personal data. These include the following rights:
- where the legal basis of our processing is Consent, to withdraw that Consent at any time;
- to request access to your personal data (see below);
- to prevent our use of the personal data for direct marketing purposes;
- to object to our processing of personal data in limited circumstances;
- to ask us to erase personal data:
- if it is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- if the only legal basis of processing is Consent and that Consent has been withdrawn and there is no other legal basis on which we can process that personal data;
- if the data subject objects to our processing where the legal basis is the pursuit of a legitimate interest or the public interest and we can show no overriding legitimate grounds or interest;
- if the data subject has objected to our processing for direct marketing purposes;
- if the processing is unlawful.
- to ask us to rectify inaccurate data or to complete incomplete data;
- to restrict processing in specific circumstances e.g. where there is a complaint about accuracy;
- to ask us for a copy of the safeguards under which personal data is transferred outside of the EU;
- the right not to be subject to decisions based solely on automated processing, including profiling, except where necessary for entering into, or performing, a contract, with REQA; it is based on the data subject’s explicit consent and is subject to safeguards; or is authorised by law and is also subject to safeguards;
- to prevent processing that is likely to cause damage or distress to the data subject or anyone else;
- to be notified of a personal data breach which is likely to result in high risk to their rights and freedoms;
- to make a complaint to the ICO; and
- in limited circumstances, receive or ask for their personal data to be transferred to a third party in a structured, commonly used and machine readable format.
The identity of an individual requesting data under any of the rights listed will be verified.
Data Subject Access Requests must be submitted to the Managing Director. Requests will be complied with, usually within one month of receipt. A charge can be made for dealing with requests relating to these rights only if the request is excessive or burdensome.
If you have concerns about our privacy practices, your personal information, or if you wish to file a complaint, you can contact us by email using firstname.lastname@example.org, or by mail to the address above.