The Irish Planning Institute takes privacy and the protection of our member and customer data very seriously. In this notice we explain how we collect your personal information, how we use it and how you can interact with us about it. Your data is processed in accordance with the General Data Protection Regulation and Data Protection Acts 1988-2018.

Who are we?

The Irish Planning Institute is a company limited by guarantee without share capital, registered in Ireland. Company Registration Number: 97882. Company Registered Address: Ground Floor, Fitzwilliam House, 6 Fitzwilliam Street Lower, Dublin 2, D02 TX34. When we talk about “the Institute”, or “IPI” or “us” or “we” in this notice, we are talking about the Irish Planning Institute.

Data Protection

With any queries about how we collect, use, share and protect your information and to ensure your rights are fulfilled contact: dataprotection@ipi.ie or by writing: Data Protection, Irish Planning Institute, Ground Floor, Fitzwilliam House, 6 Fitzwilliam Street Lower, Dublin 2, D02 TX34.[updated: 26 January 2023]

How we collect information about you

We collect personal information from you when, for example, you apply to become a member or apply to change membership category or to attend one of our continuing professional development (CPD) or other events and services. We also collect information through our websites, web-conferencing, social media and through communication between you and the Institute by telephone and email (for example, when you call to make enquiries or when you are raising concerns or queries). We may also obtain your personal data from third parties, for example:  

  • Information provided by your employer or representative acting on your behalf 
  • Information about you provided by referees you have nominated as part of a membership application
  • Third level institutions offering planning programmes accredited by the Institute which you are attending
  • Issuing authorities of documents you have submitted as proof of qualifications (e.g. verification of your degree by your previous university) 

When you apply to us for membership, CPD, events and services and during the time you avail of these, we may verify your identity. We may do this by sending and receiving information about you, to and from third parties including your employer.

If you place an order on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Technical details of your visit the Institute’s website are recorded. The details include IP addresses, browser details and web search terms. This information will only be used for statistical and site management purposes. We do not store any personal or traceable customer information in the cookies that we use. Additionally, all our cookie data is encrypted to prevent third parties from accessing the information they contain.

Information we collect about you 

The Institute collects personal data relating to you in order to provide our services to you.  If you do not provide this personal information, we may not be able to provide you with our membership benefits, products and services.

The types of personal data processed by the Institute may include (depending on the context of the service being provided to you) but are not limited to: 

  • Institute membership number – generated when an Institute membership is created for you 
  • Unique personal identifiers and biographical Information, such as your third level institution student number, name, title, date of birth, country of birth, nationality 
  • Your contact details including residential and employer addresses, mobile phone number, email address(es) 
  • Employer and work experience details 
  • Details of previous examination results and qualifications awarded 
  • Bank details, including IBAN, BIC, Name of bank/building society 
  • Credit card details (processed securely by our payment provider) 
  • Information to provide support services such as mentoring, where applicable 

The Institute may in some cases process “special category data”, for example, health data, when you request a maternity leave pro-rata adjustment to your subscription.

How we keep your information safe

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. If you request a password reset, your IP address will be included in the reset email. When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.

How long we keep your information for

How long we hold your information depends on the nature of the information and the purposes for which it is processed. We determine appropriate retention periods which meet our membership and legal obligations. We hold your information while you are a member or customer and for a period of time after that. We do not hold it for longer than necessary. If the purpose for which the information was obtained has ceased and the personal information is no longer required, the personal data will be deleted.

Meeting our membership and legal obligations

To meet our membership and legal obligations, we collect some of your personal information, verify it, keep it up-to-date through regular checks, and delete it once we no longer have to keep it. We may also gather information about you from third parties to help us meet our obligations. If you do not provide the information we need, or help us keep it up-to-date, we may not be able to provide you with our membership benefits, products and services.

To use your information lawfully, we rely on one or more of the following legal bases:

  • your consent;
  • necessary for the performance of a contract with you;
  • necessary for compliance with a legal obligation (e.g. to keep a register of members, with their name and address, under the Companies Act 2014 which can be made available on request in line with the requirements of the Companies Act;
  • necessary for the purposes of our legitimate interests, including to pursue our goals and promote our services, or the legitimate interests of a third party (e.g. your employer).
  • We will not process your personal data for these purposes if to do so would constitute an unwarranted interference with your own interests, rights and freedoms.

Consent

Sometimes we need your explicit consent to use your personal information. When we use sensitive personal information about you, such as health data, for example when you request a maternity leave pro-rata adjustment to your subscription, we may ask for your consent. Before you give your consent, we tell you what information we collect and what we use it for. You can withdraw your consent at any time by contacting us. This may mean that we are no longer able to provide you with membership benefits, products and services.

How we use your information

We use information about you to:

  • process and administer your membership, this includes the operation of the Institute’s branches, networks and committees and CPD and other events and activities;
  • enabling your access to and use of the website services;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • allowing us to perform our functions and objectives as set out in our Constitution;
  • organise events, conferences and webinars including branch organised events;
  • track your professional development and adherence to the Institute’s CPD policies;
  • give you access to on-going learning and networking opportunities including career support and mentoring;
  • ensure we provide you with the best service possible, including customer support for any technical issues you may experience accessing our website, web-conferencing or other platforms;
  • manage your subscription fees;
  • administer assessment processes;
  • provide other operational supports;
  • provide and promote information on our membership, education, designation and CPD services;
  • safeguard and promote the welfare of members;
  • carry out surveys and statistical analysis;
  • respond to your enquiries or complaints;
  • confirm details relating to you to your employer, where they have a legitimate interest in providing or receiving those details – e.g. your membership status when availing for member only rates;
  • prevent unauthorised access to your information;
  • meet our legal and regulatory obligations, including under the Companies Act 2014;
  • establishing, exercising or defending legal claims;
  • from time to time we may set up WhatsApp groups or similar fora on particular planning related issues to enable rapid sharing of information and response from members. We will contact people in advance to see if they want to become part of these fora and they can remove themselves from them at any time;
  • to provide you with information that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes or where it is within the performance of the functions of the Institute and the Website to provide you with this information; and
  • identify ways we can improve our products and services to you

Your information and third parties

Sometimes we process and share your information with trusted third parties. For example, we share information with:

  • service providers (e.g. printers, auditors, legal advisors and other professional advisors)
  • employers (e.g. to confirm details regarding membership, CPD participation)
  • other legal and regulatory bodies (e.g. the Companies Registration Office)
  • Information and Communications Technology (ICT) and information security providers

However, we may also share information with third parties to meet any applicable law, regulation or lawful request (including the requirements of Sections 169 and 215-217 of the Companies Act 2014), including with law enforcement agencies, which may be either in or outside Ireland or to deal with any claim or dispute that may arise.

We expect these third parties to have the same levels of information protection that we have. In some cases we share information via systems that we control and where we do this, we require the third party recipients to comply with appropriate terms and conditions that govern access to those systems.

We will not share your information with third parties with which we have no direct involvement.  We will not share your information with commercial third parties nor with commercial or other professional organisations promoting conferences or seminars or training events.

Our website

Articles on our website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Data submitted through forms on our website is validated by Google’s recaptcha anti-spam service.

Your personal information rights

When your personal information is handled by the Institute in relation to a membership, a product or service, you are entitled to rely on a number of rights. These rights allow you to exercise control over the way in which your personal information is processed, subject to applicable exemptions.

For example, we may help you in:

  • Accessing your personal information: You can ask us for a copy of the personal information we hold about you.
  • Correcting and Updating your personal information: If you believe that any personal information we hold about you is inaccurate or out of date, you can look for the information to be corrected at any time.
  • Withdrawing consent: You can change your mind wherever you give us your consent, such as  using your sensitive information, such as medical data.
  • Restricting our use of your personal information: You have the right to restrict our use of your personal information in certain circumstances, such as where our use of it is not compliant with applicable law.
  • Objecting to our use of your personal information: You have the right to object to us using your personal information, where we are doing so based on this being necessary for the performance of a task carried out in the public interest or for the purposes of a legitimate interest. Where you exercise this right to object, we will be obliged to stop using your personal information in that way, unless there are compelling legitimate grounds for us to continue to do so, despite your objection.
  • Not to be subject to automated decision making: You have a right (subject to limited exceptions) not to be subject to a decision based solely on automated processing of information, including profiling, which produced significant legal effects concerning you or otherwise significantly affects you.
  • Deleting your information (your right to be forgotten): You may ask us to delete your personal information.
  • Moving your information in electronic form (your right to Portability): You may request (in certain cases) that your personal information is transferred to you or another organisation in digital form.

How to exercise your rights

You may execute any of these rights free of charge. You may do so by contacting us:

Phone: + 353 1 8788630 Email: dataprotection@ipi.ie

When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information. Once we are satisfied that we have effectively verified your identity, we will respond to the majority of requests without undue delay and within a one month period of receipt of the request. The Institute will action your request to have your personal information corrected within 10 calendar days. These periods may be extended in exceptional circumstances and we will inform you where the extended period applies to you along with an explanation of the reasons for the extension.

International transfers of data

We sometimes need to share your information with organisations which are located or who undertake processing outside the European Economic Area (EEA) to help us provide you with membership, or products and services. Some ICT partners, for example, are provided/located outside the EEA. We expect the same standard of data protection is applied outside of the EEA to these transfers and the use of the information, to ensure your rights are protected and will only transfer personal information to a country or territory outside of the EEA: (a) if that country provides an adequate level of protection for personal information as set down by the European Commission or (b) where the transfer is made under a legally binding agreement which covers the EU requirements for the transfer of personal information to recipients outside of the EEA, such as the model contractual clauses approved for this purpose by the European Commission, or (c) where there is an alternative basis for engaging in the transfer that is compliant with applicable laws. For more information about the European Commission’s decisions on the adequacy of the protection of personal information in countries outside the EEA, please visit: ec.europa.eu/info/law/lawtopic/data-protection_en

For more information about the Institute’s arrangement regarding transfers of personal information outside EEA you can contact us by phone or email via the details set out below.  

Making a complaint

If you have a complaint about the use of your personal information, please let a member of staff know, giving them the opportunity to correct things as quickly as possible. If you wish to make a complaint you may do so in writing and by email dataprotection@ipi.ie. Please be assured that all complaints received will be fully investigated. We ask that you supply as much information as possible to help our staff resolve your complaint quickly.

You may also contact the Data Protection Commission in Ireland to lodge a complaint (details below).

Data Protection Commission 21 Fitzwilliam South, Dublin 2, D02 RD28 Web: dataprotection.ie

Updates to this notice and policy

We keep this notice and policy under regular review and will make changes from time-to-time, particularly when we change how we use your information, and change our technology and products or services. We will inform you of material changes to the contents of this Data Protection Notice, through a notification posted on our website or through other communication channels.