Folens Publishing Company Unlimited Company (“Folens”) is a registered company at Hibernian Industrial Estate, Greenhills Road, Tallaght, Dublin 24. Folens are committed to protecting your personal data and respecting the data protection laws and regulations within Ireland and the EU. This Data Subject Access Request Policy explains how you can make a request to see what personal data we hold about you.
Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic format.
The General Data Protection Regulation (GDPR) lays down strict rules about the way in which personal data and sensitive personal data are collected, accessed, used, shared, transferred and disclosed.
GDPR stipulates that individuals have the following rights:
- the right to be informed how Folens collect their data (at the point of collection)
- to access a copy of their information that comprises personal data on request
- the right to object to processing that is likely to cause or is causing damage or distress
- to prevent processing for direct marketing
- to object to decisions being taken by automated means (including profiling)
- check that information that Folens have is accurate and they have the right to request rectification, erasure or restriction or to object to such processing
- the recipients or categories of recipient Folens disclose the personal data to
- Folens retention period for storing the personal data or, where this is not possible, the criteria for determining how long it is stored;
- the purposes of Folens processing;
- the categories of personal data concerned;
- a right to claim compensation for damages caused by a breach of the GDPR
- the right to lodge a complaint with the Data Protection Commissioner (DPC) or another supervisory authority · information about the source of the data, where it was not obtained directly from the individual
- the safeguards Folens provides if personal data is transferred to a third party or international organization.
What is a Data Subject Access Request (DSAR)?
A request from an individual (Data Subject) to see what personal data a company holds on them. How do you make a DSAR from Folens?
The best ways to make a DSAR from Folens are:
- Complete this form
- Email email@example.com
- Write to us at:
Hibernian Industrial Estate
What information should be included with your Data Subject Access Request?
While information can be requested verbally, we do not have a phone tracking system so please let us know how you would like us to send you your data through the form below, email or letter. You will need to include sufficient information to identify the Data Subject to Folens satisfaction. In cases where Folens are unable to prove your identity we may ask for proof of identification, in the form of picture ID such as passport or driver’s licence. We require this to ensure that we are dealing with the correct person and are not sharing your personal information with any unauthorised individual. We shall retain a copy for no longer than the period of the subject access request. However, we will not require this in the case of you wishing to unsubscribe from our database we will always present you with the opportunity to unsubscribe at any time.
Folens will ask the Data Subject to specify the exact information he or she wishes to receive. However, Folens acknowledges that, where the Data Subject wishes to receive a copy of everything we hold about them, then we will fulfil a complete search of the data in the organization.
Can I authorise another individual on my behalf to request a Data Subject Access Request?
Yes, a Data Subject can authorize a third party such as a family member or a solicitor to make a request on their behalf. The person making the request must provide written evidence of their authority to make the request on behalf of the Data Subject. This requires the written authorization of the Data Subject. If there is any doubt about this request, it will be necessary to contact the Data Subject to get confirmation of their consent to disclose their personal data to the third party.
How long will it take to process the DSAR?
We will respond within two working days to acknowledge receipt of your request and aim to fulfil the request within 30 days of receiving written confirmation of the request and validation of your identity. We will communicate with you during the 30-day period if we need clarification on any of the data parts that you require.
What do I need to do if I want the personal data I receive changed or deleted?
If a Data Subject discovers that any information kept about them is inaccurate, they then have the right to have that information rectified or erased. Folens will rectify the inaccuracy or correct the incorrect information.
The Data Subject is advised to send a written request to the Privacy Officer at Folens stating what they deem to be inaccurate and what it should be changed to.
The Data Subject also has a right to have any personal data erased that they regard as irrelevant, excessive for the purpose or obtained unfairly or has no further operational requirement to Folens.
What format will the results be presented to me?
The results will be sent to you in a password protected pdf. If you wish to receive your results by any other manner, please specify when making your request.
Data Request Exemptions
Each request is subject to the following exemptions or prohibitions.
- The data is held for the purpose of preventing, investigating or detecting an offence.
- The data is kept for anti-fraud functions where the result of access would impede such functions.
- The data identifies a person other than the individual making the request and it is not possible to redact or omit the data identity of this other person.
- The data contains an expression of opinion about the data subject by a third party and that third party gave the information to Folens in confidence on the understanding that it would be treated as confidential.
- The data is held for statistical purposes or to carry out research and the identities have been removed.
- Where the data would be covered by a claim of legal professional privilege e.g. communications between Folens and its solicitors in relation to a case.
- The supply of the data is not possible or would involve disproportionate effort on the part of Folens.
- Where the data is backed up but will include archived data.
- It is at the discretion of Folens whether to process a current Data Subject Access Request if a similar or identical one has been processed recently in the preceding 12 months.
This DSAR Policy is reviewed on a regular basis and was last updated on 31st May 2018.