Introduction

AB Group Packaging and its subsidiaries (ABGP) is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection

Personal data is any information relating to an identified or identifiable living person. ABGP processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.

When collecting and using personal data, our policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, please go to the relevant sections of this statement.

Your Rights

New data protection laws have come into force across Europe that give you more rights and choices about how your data is used. The General Data Protection Regulation (GDPR) strengthens your rights over how companies use your data. A summary of these rights is as follows.

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that ABGP refuses your request under rights of access, we will provide you with a reason as to why.

All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.

For the Republic of Ireland see– www.dataprotection.ie

The data we collect and how we use it

If you submit your email address on the website it will only be used by ABGP. It is our policy not to pass email addresses to any third parties without first obtaining your consent. We receive and store certain types of data when you interact with us. For example, like many websites, we use “cookies” and we obtain certain types of data when you access the website. Cookies are small pieces of data that are stored by your browser on your computer’s hard drive and enable us to provide features such as remembering your address. Cookies can be deleted from your device or blocked if you wish. Most web browsers automatically accept cookies, but you can change your browser to prevent it from accepting them. We may also use aggregate information and statistics for the purposes of monitoring web site usage in order to help us develop the web site and our service and may provide such aggregate information to third parties. These statistics will not include data that can be used to identify any individual. We may collect personal data about you if you choose to provide it in the various sections in this website to provide you with information or a quotation. The data you provide will be used to assist in your request for a quote, provide you with information, or to improve the Web site and our products and services.

How we protect your data

The Internet is not a secure medium. However every effort has been put in place to protect your data. We have put in place, various security procedures as set out in this policy. Firewalls are used to block unauthorised traffic to our servers and these servers are located in a secure location which can only be accessed by authorised personnel. Your data is encrypted, confidential and is only stored for lawful purposes. All staff members follow internal procedures and are trained to keep your data safe and secure.

Disclosure to 3rd parties

We do not sell, trade or rent your personal data to others. It is our policy not to pass personal data to any third parties without first obtaining your consent. We may provide aggregate statistics about users, traffic patterns and related site data to reputable third-parties, but these statistics will include no personally identifying data.

We may have to disclose names of our customers/suppliers to comply with the Waste Management Packaging Regulations 2014 to supply this information to the council. The processing of this data is lawful under Article 6.1 (c) of GDPR as the following criteria applies: the processing is necessary for for compliance with a legal obligation to which the controller is subject;

In certain circumstances, ABGP may disclose personal data to law enforcement agencies providing the request is legitimate. In such circumstances ABGP will seek assistance from our legal advisers where necessary.

Collection and use of Personal Data

We use personal data to arrange transactions on your behalf as agreed with you, to service our customers and our suppliers and any other normal business transactions. We must have a lawful basis to collect and use personal data.

Needed for your contract:

We need to collect and use your personal data to provide our services to you, this includes but is not limited to, your name, contact details and trading bank account details. We restrict access to, and use of, any sensitive personal data. We also create new personal data.

Personal Data is held and used to;

  • Process your orders or supplies or other business related activities;
  • Issue or receive payments;
  • Provide you with information about our business;
  • Provide customer care and service; and
  • Contact you to inform you of any relevant actions you may need to take.

Required by law:

We use your personal data to comply with law and regulations such as;

  • Reporting to regulators;
  • Keeping proper books and records.

We may collect certain personal data to comply with Anti-Money Laundering Law.

Legitimate Interest:

We use your personal data for our legitimate interests as shown below. This doesn’t affect your privacy rights. We believe these uses benefit our customers. You can contact us if you have any questions using the contact details of this Privacy Notice.

Statistical Analysis

  • We may combine and group personal data for analysis to help us understand our customers and develop better services for you.
  • We use summary data to help promote our services and products

Your Consent

You need to give your consent for us to collect and use personal data classed as sensitive or for certain uses of your personal data. You are given the choice to provide consent, or not. When we collect your consent, we will explain what we need it for and how you can change your mind in the future.

  • Profiling
  • Direct Marketing

    We would like to be able to contact you about offers and services from across our group of companies, separately from your policy communications. We will only send you digital marketing content where we have your consent. When you use our website you can consent to third party advertising. This shows us if you have visited our website before or visited any websites offering similar products or services.
  • Sharing with Other Companies with whom we have business arrangements

    We believe it may help you if we know whether you have products and services provided by other companies or if other services may be of interest to you. We will use this to provide you with additional services with your consent.

Consent and How to Withdraw Consent

If we process your personal data based on consent, you have the right to withdraw that consent in certain circumstances. The opt-out methods will depend on how the consent was collected and will be explained when you give us your consent, e.g. you can change your mind using the opt-out link in any direct marketing emails sent to you.

You can also withdraw consent by contacting us directly.

How and where do we get your personal Data?

You provide us with your personal data directly when you contact us, complete our forms, speak with us or visit our websites, and social media accounts. For more information on what personal data is collected and used on our website please review this document.

For full details of how your personal data is used and stored by your insurer you can contact us by email dataprotection@abgrouppackaging.com in writing to

Data Protection Officer
AB Group Packaging Ltd
Blessington Industrial Estate
Blessington
County Wicklow
Ireland
Postcode: W91 W898

How long do we keep your personal data for?

We keep and use your personal data for as long as you have a relationship with us. We also hold it after this where we need to for complaints handling, for system back-ups needed for disaster recovery and for as long as necessary under the relevant regulations.

Purpose

The purpose of this policy is to specify ABGP’s guidelines for retaining different types of data.

Scope

The scope of this policy covers all company data stored on company-owned, company-leased, and otherwise company-provided systems and media, regardless of location.

Note that the need to retain certain data can be mandated by local, industry regulations and will comply with EU General Data Protection Regulation (GDPR) and the Data Protection Act 1988 and the Data Protection (Amendment) Act 2003.

Policy

Subject Access Request:

Subject access requests must be made in writing to the Data Protection Officer. You must give any details needed to help you identify and locate all the data we may have (e.g., previous addresses, customer account numbers). ABGP may also ask to verify your identity.

Reasons for Data Retention

ABGP does not wish to simply adopt a “save everything” approach. That is not practical or cost-effective and would place an excessive burden on company and IT Staff to manage the constantly-growing amount of data.

Some data, however, must be retained in order to protect ABGP’s interests, preserve evidence, and generally conform to good business practices. Some reasons for data retention include:

  • Litigation
  • Accident investigation
  • Security incident investigation
  • Regulatory requirements
  • Intellectual property preservation

Retention of Data

The length of time we hold your data depends on a number of factors, such as regulatory rules and the type of financial product we have provided to you.Those factors include:

  • The regulatory rules contained in laws and regulations or set by authorities
  • The product we have provided to you.
  • Whether you and ABGP are in a legal or some other type of dispute with another person or each other.
  • The type of data we hold about you.
  • Whether you or a regulatory authority asks us to keep it for a valid reason.
  • Whether we use your data for long-term statistical modelling, provided that such modelling does not affect any decision we make about you.
  • As a general rule, we keep your data for a specified period after the date on which a transaction has completed or you cease to be a customer.

Retention of Encrypted Data

Encryption keys must be retained for the same period as the data that they are used to decrypt.

Data Destruction

Data destruction is a critical component of a data retention policy. Data destruction ensures that ABGP will use data efficiently thereby making data management and data retrieval more cost effective. Exactly how certain data should be destroyed is covered in the Data retention Policy.

When the retention timeframe expires, ABGP must actively destroy the data covered by this policy. If an employee feels that certain data should not be destroyed, he or she should identify the data to his or her supervisor so that an exception to the policy can be considered.

ABGP specifically directs employees not to destroy data in violation of this policy. Destroying data that an employee may feel is harmful to himself or herself is particularly forbidden, or destroying data in an attempt to cover up a violation of law or company policy.

Applicability of Other Policies

This document is part of ABGP cohesive set of security policies. Other policies may apply to the topics covered in this document and as such the applicable policies should be reviewed as needed.

Right of Rectification or Erasure

If we hold incorrect data about you, you have the right to have the data amended. Further, you have the right for any data you have given us to be deleted. We are not required to rectify or erase data that would prevent you from meeting your contractual obligations or where we are required to process (including retaining) your personal data for a lawful purpose in accordance with regulations, laws or data protection acts.

Children’s Privacy

Our website does not address anyone under the age of 13 (“Children”). We do not knowingly collect personal identifiable data from children under 13 directly. If you are a parent or guardian and become aware that we may have collected Personal Data from a child without parental consent, please contact us immediately so we can take steps to remove the data from our servers.

How to contact AB Group Packaging Ltd.

We welcome your views about our website and our Privacy Policy. If you would like to contact us with any queries or comments please send an e-mail to dataprotection@abgrouppackaging.com

Changes to this privacy policy

AB Group Packaging reserves the right to modify this Privacy Statement. If and when our data collection practices change, we will modify this Privacy Statement. We encourage you to check this page frequently for any material changes or other modifications to this Privacy Statement. You can contact us at any time to:

  • Request access to Data that ABGP has about you
  • Correct any data ABGP has about you.
  • Delete certain data that ABGP has about you

If you have any additional questions about ABGP collection and storage of data, please contact us at:

Tel: +353 (45) 865611

Email: dataprotection@abgrouppackaging.com

Write to:
Data Protection Officer

AB Group Packaging Ltd

Blessington Industrial Estate

Blessington

County Wicklow

Ireland

Postcode W91 W898

Website(s): www.abgrouppackaging.com