Privacy Policy

The principles by which Change Angel respects user privacy and practices data protection.

Change Angel perceives privacy and data protection as a human right.
Change Angel has a duty of care to the people within our data.
Change Angel see data about individuals as a liability and believe it should only be collected
and processed when absolutely necessary.
We detest spam as much as you do!
We will never sell or otherwise distribute or make public your personal information.

Relevant legislation

Change Angel business and internal computer systems, as well as this website, are designed to comply with the following legislation with regards to data protection and user privacy:
Data Protection Act 1988 (25/1988) & Data Protection Act 2003 (6/2003)
SI 336 of 2011 – European Communities (Electronic Communications Networks and Services) (Privacy  nd Electronic Communications) Regulations 2011
EU General Data Protection Regulation 2018 (GDPR)
This website’s compliance with this legislation implies that it is compliant with the data protection and user privacy legislation of many other countries and territories as well. If you are unsure you should contact our data protection officer (details of whom can be found below) for clarification on its compliance with regulations in your country or territory.

Your Rights Under GDPR

In accordance with the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. We are committed to facilitating the exercise of these rights.

These rights include:

1. Right to Access:
You have the right to request access to the personal data we hold about you. Upon your request, we will provide a copy of your personal data, along with information about how we process it, the purposes for which it is processed, and the categories of personal data involved.

2. Right to Rectification:
If you believe that any personal data we hold about you is incorrect, incomplete, or outdated, you have the right to request that we correct or update this data. We will promptly make the necessary corrections to ensure that your information is accurate and up-to-date.

3. Right to Deletion (Right to be Forgotten):
You have the right to request the deletion of your personal data in certain circumstances. These include when the data is no longer  necessary for the purposes for which it was collected, if you withdraw your consent to processing, or if you object to the processing and there are no overriding legitimate grounds for continuing it. We will erase your data without undue delay, provided that there is no legal obligation or other valid reason for us to retain it.

4. Right to Restrict Processing:
You have the right to request that we restrict the processing of your personal data under certain conditions. For example, if you contest the accuracy of your data or if you object to our processing of it, we will limit the processing of your data while we address your concerns.

5. Right to Data Portability:
You have the right to request that your personal data be provided to you in a structured, commonly used, and machine-readable format, or, where technically feasible, that it be transferred directly to another data controller.

6. Right to Object:
You have the right to object to the processing of your personal data at any time if the processing is based on our legitimate interests, direct marketing, or profiling. If you object, we will cease processing your personal data unless we have compelling legitimate grounds to continue processing or if it is necessary for legal claims.

7. Right to Withdraw Consent:
Where our processing of your personal data is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

8. Right to Lodge a Complaint:
If you believe that your rights have been violated, you have the right to lodge a complaint with a supervisory authority, particularly in the EU Member State of your habitual residence, place of work, or place of the alleged infringement.

How to Exercise Your Rights

To exercise any of the above rights, please contact our Data  Protection Officer using the details provided below:

We will respond to your request without undue delay, and in any event within one month of receiving your request. This period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receiving your request, along with the reasons for the delay.

Data Controller

The data controller of this website is: Change Angel Limited, an Irish Limited Company with company number: 623579
Whose registered office is: 35 Parkside Walk, Balgriffin, Co. Dublin
Data Protection Officer
Ms. Joanna Koprowicz
Director, Change Angel Ltd.
Telephone: 353 89 4450392
Email: joanna@changeangels.ie

About the personal information this website collects

This website collects and uses personal information for the following reasons:

Site visitor tracking

Like most websites, this site uses Google Analytics to track user interactions. This data is used to determine the number of people accessing our website. This aids our understanding of how they find and use our web pages and helps us to see their interaction with the
website. None of the data tracked by Google Analytics personally identifies you to us. The type of data tracked includes your geographical location, device type, internet browser and
operating system. Google Analytics does record your connection IP address but Google do not grant us access to this. For Change Angel Google is a third party data processor (more about third party processors below).

Google Analytics uses cookies, details of which can be found on  Google’s developer guides. This website uses the analytics.js implementation of tracking. By disabling cookies in your browser, you will stop Google Analytics from tracking any part of your visit to pages in this website.

Contact forms and email links

Should you choose to contact us using the contact form on our contact page or an email link like this one,
none of the data that you supply will be stored within this website. Instead it will be securely relayed to our email host with Google Suite. For more details see https://cloud.google.com/security/gdpr/

Email newsletter

When you choose to receive our email newsletter, the email address that you submit to us will be submitted to MailChimp who provide us with email marketing services. Change Angel considers MailChimp to be a third-party data processor (more about third-party processors
below). The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems. Your email address will be within the MailChimp database for as long as we continue to use MailChimp services for email marketing or until you specifically request removal from the list;
by unsubscribing using the unsubscribe links contained in email we send you or by requesting removal via email. If requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
*If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the MailChimp database, you will receive periodic newsletter-style announcement emails from us, approximately four per year.

Change Angel do not store your personal information on this website. If in future we do store data, such as comments on an article etc, it will be in a pseudonymous fashion meaning that the data would require additional processing using a separately stored ‘key’ before it could be used to identify an individual.

About this website server

This website is hosted by A2 Hosting within a secure data centre located within the EU (Amsterdam, Netherlands).
A2 Hosting’s data center is SSAE16 certified. Physical data center security measures include:
Gated parking lot with security key entry
Security key needed to enter data center
Security key needed to access fully enclosed locked server rack
Perimeter and internal IP CCTV system monitored 24×7
24×7 on-site security guards with static and mobile patrols
All on-site personnel are security vetted to BS7858 standard
Only authorised security-cleared staff are allowed into the facility
All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.

About our Third Party Data Processors

Change Angel uses the services of a number of third parties to process personal data on our behalf.

These third parties have been carefully chosen and all of them comply with GDPR legislation. Both of these third parties are based in the USA and are EU-U.S Privacy Shield compliant.

Google: https://policies.google.com/privacy?hl=en-ie
Mailchimp: https://mailchimp.com/legal/privacy/

In the event of a Data Breach

We will report any unlawful data breach of this website’s database or the database(s) of any of our third-party data processors in the event that it is confirmed to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.

Changes to this Privacy Policy

This privacy policy may change from time to time inline with legislation or industry developments. Change Angel will not explicitly inform clients or website users of changes. We recommend that you check this page occasionally for any policy changes. Specific policy
changes and updates are outlined in the change log below.

Changelog

13/08/2024 – Privacy policy instigated