Who are we?
We are Science Foundation Ireland, of Three Park Place, Hatch Street Upper, Dublin 2, D02 FX65 (“SFI”, “we” or “us”). SFI funds oriented basic and applied research in the areas of science, technology, engineering and mathematics (STEM), which promotes and assists the development and competitiveness of industry, enterprise and employment in Ireland. More details in relation to the functions of SFI can be found in the Industrial Development (Science Foundation Ireland) Act 2003, as amended.
SFI is committed to protecting and respecting your privacy. Any personal data collected by SFI must be processed and stored in accordance with this policy and Data Protection Law. This policy explains what personal data is collected and the purposes for which it is used and may be disclosed in accordance with applicable Data Protection Law. This policy also sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it. In this policy, “Data Protection Law” means all applicable data protection law, including the General Data Protection Regulation (Regulation (EU) 2016/679) and the Data Protection Act 2018 with effect form 25 May 2018 and any legislation which amends, extends, consolidates, re-enacts or replaces same.
Why do we collect your information?
We collect and process your personal data to manage and administer the relationship between you and Science Foundation Ireland (SFI), to fulfil our statutory functions, to comply with our statutory obligations and to evaluate and improve SFI’s performance.
The legal basis for processing your personal information
- compliance with a legal obligation to which we are subject e.g. disclosure of payments/grants to revenue;
- the performance of a task carried out in the public interest e.g. to fulfil our statutory functions; and
- that you have provided consent for the processing for one or more specific purposes e.g. where you have asked us to send you updates on our activities.
Information you give to us
SFI will only use your personal data for the purpose it was collected or to perform the services requested.
You may give us your personal data by filling in forms on our websites e.g. www.sfi.ie, www.smartfutures.ie, www.sfiengage.ie and www.esero.ie or by uploading data to our web portals, by applying for a grant, and/or by corresponding with us by phone, email or otherwise.
- personal data that you volunteer for example, by emailing us, filling in an on-line form replying to a tender, applying for a grant, and/or by using SFI’s Award Management System SESAME;
- statistical information gathered automatically when you visit the website;
- personal data provided voluntarily in using our websites; and
- personal data provided voluntarily when making an enquiry, request, giving us your business card or contact details, entering a competition or reporting a problem or performing a similar activity.
If you send an email to a general email address (e.g. firstname.lastname@example.org) then that email, including any personal data, may be accessed and processed by more than one SFI staff member. The information you give us may include your name, address, email address and phone number, financial and credit card information, business card, personal description, photograph, your CV or mini-biography including your work experience. We may collect personal data about teams of reviewers/grant awardees where the personal data is provided to us as part of a grant application process. Personal data relating to all team members will continue to processed for administration purposes for the duration of any grant awarded.
How do we use this information?
We will use this information:
- to fulfil our statutory functions, to comply with our statutory obligations and to evaluate and improve SFI’s performance;
- to carry out our obligations arising from any contracts entered into between you and us;
- to process on-line applications for awards through SFI’s Grants and Awards Management System (SESAME);
- to manage relationships by recording interactions with industry on SESAME;
- to provide you with the information that you request from us;
- to notify you about changes to our organisation;
- to communicate any upcoming SFI events;
to analyse feedback and commentary provided voluntarily on sfiengage.ie;
- to ensure that content from our site is presented in the most effective manner for you and for your computer; and
- to evaluate and improve SFI’s performance
Information we may collect from you
With regard to each of your visits to our websites we may automatically collect the following information:
- technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
How do we use this information?
We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to evaluate and improve SFI’s performance;
- to allow you to participate in interactive features of our service, when you choose to do so; and
- as part of our efforts to keep our site safe and secure.
We will not disclose such Personal Data relating to a user to any other party, unless:
- we are required to do so by law; or
- it is necessary in order to complete the user’s request or answer the user’s query.
Information we receive from other sources
We may receive information about you if you use any of our websites or interact with any of the other services we provide. In this case we will have informed you when we collected that personal data that it may be shared internally and combined with other personal data.
We may collect personal data about you from publicly available sources such as LinkedIn.
We also work closely with third parties (including, for example, government departments, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
Combining your data
We may combine personal data which we hold with personal data you give to us or personal data we collect or receive from third parties about you. We may use such combined personal data for the purposes set out above.
We will not use your personal data for a purpose that is materially different from the purpose(s) for which it was collected without first asking your permission and giving you an opportunity to “optout” of such use.
Who we might share this information with?
In order for us to fulfil our statutory functions, we may share your personal data with selected third parties as reasonably necessary in connection with the activities referred to above, including:
- Agencies such as IDA Ireland, SEAI, Enterprise Ireland and Government Departments such as the Department of Further and Higher Education, Research, Innovation and Science as well as other affiliate bodies such as Engineers Ireland.
- Business partners, suppliers and sub-contractors for the purpose of fulfilling our statutory functions, to comply with our statutory obligations, to evaluate and improve SFI’s performance and for the performance of any contract we enter into with you;
- Analytics and search engine providers that assist us in the improvement and optimisation of our site;
- Industry and other sister agencies for the improvement of education and minority representations in the fields of Science Technology Engineering and Maths (STEM). We do not disclose personal data relating to identifiable individuals to Industry and other affiliate bodies, but we may provide them with aggregate information;
- Registrants’ school details that are submitted through the website’s forms may be published on the website; and
- Where required in order to comply with any legal obligation. This includes exchanging personal data with companies and organisations for the purposes of fraud protection and credit risk reduction.
Do we transfer your information outside the Eurpoean Union or the European Economic area?
Yes, personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), including to a jurisdiction where the level of protection afforded to personal data is not as high as that in the European Union. This may include, for example, transfers to partner agencies, IT service providers, peer reviewers, expert groups or programme evaluators etc. where such third parties are based outside the EEA.
If we transfer personal data to such jurisdictions, we will ensure that appropriate measures are in place to allow us to comply with our obligations under applicable law in respect of such transfers. Such measures may include entering into ‘standard contractual clauses’ in the form approved by the European Commission or, in respect of transfers to the USA, ensuring that the transfer is covered by the EU-US Privacy Shield framework. If you would like to receive further details or a copy of the measures that we have taken in this regard, please contact us at email@example.com
The security of you personal information
The security of your personal data is very important to us. We have adopted appropriate technical and organisational security measures to guard against accidental, unauthorised or unlawful loss, access, disclosure, alteration, or destruction of your personal data, taking into account the risks involved in the processing and the nature of the personal data. We use industry-standard security measures to protect the integrity and confidentiality of any personal data we own or process on behalf of our customers and visitors, including, in appropriate circumstances, the use of firewalls, restricted access and encrypted transmissions. We limit access to personal data to those persons in our organisation who have a business need to process such personal data.
We will also ensure that our agents or third party service providers who process your personal data on our behalf are required to keep your personal data safe and secure.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long do we hold your personal data?
The safety of children using the Internet is very important to us. It is primarily the responsibility of parents and guardians to monitor their children’s usage of the Internet, though we will take reasonable steps not to compromise children’s rights and interests. We urge parents and guardians to instruct children never to give out their real names, addresses or phone numbers, without permission, when using the Internet. We recognise that there is a special obligation to protect personal information obtained from children. Visit the Department of Education & Skills / National Centre for Technology in Education website for more information on staying safe on the internet.
Information we receive from job applicants
If you submit personal data to SFI in connection with an employment opportunity, SFI will only use such personal data for recruitment purposes, and if you are offered a job or become employed by SFI, for other employment-related purposes.
By submitting your resume/C.V. to SFI, you agree that we may use it for recruitment purposes. It will not be used or shared for nonrecruitment purposes.
C.V.s should include information relevant to your employment history and education (degrees obtained, places worked, positions held, relevant awards, and so forth). SFI recommends that you do not include special categories of personal data (such as religion, philosophical or political beliefs or financial data) in your C.V. or letters to SFI.
What are your rights with respect to your information?
Subject to certain exceptions, you have the following rights in relation to your personal data which is held by SFI:
- to access your personal data;
- to have any inaccurate or misleading personal data rectified;
- to have your personal data erased;
- to restrict the processing of your personal data in certain circumstances;
- to object to the processing of your personal data in certain circumstances; and
- to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller(1)
You can exercise these rights at any time by contacting our Data Protection Officer at firstname.lastname@example.org. We may ask you to provide proof of identity in accordance with Data Protection Law.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
If you are not happy with the way we have used your personal data or addressed your rights, you have the right to make a complaint to the Data Protection Commissioner by emailing email@example.com.