All businesses must have a legal reason to use your personal information; if they do not have one, they cannot use your data. There are several legal grounds that enable data processing. Outlined below are the most relevant grounds you should be aware of.

We process the following data because we have a legitimate interest:

• Keeping your data in our system in order to keep it secure;
• The date on which you started using our services;
• The date on which you ceased to use our services; and
• A record of any complaints or compliments made by you and the action taken in respect of any such complaint or compliments;
• We may receive your business contact information directly from you, as a client or from business cards, or we may get your information from third party sources, such as your website or professional network profile; and
• The IP address and the MAC address when you visit our website enables us to keep our website secure

Activity	Type of data	What we use your data for	Lawful Basis	Retention
You are arranging to advertise your business’s services on our website	Your first name, surname, address, telephone/mobile number and e-mail address; A record of the information that you provide to us; Conversations you have when you call us;	We use your data for the purposes of: Entering into a contract with you/your company. Advertising your business’s products and/or service products.	The processing is necessary for the Performance of a Contract.	When you register an account with us, we will retain the information that you provide to us for as long as you hold this account.  Once an account has been closed, we will continue to retain this data for a period of seven years. This timeframe is in line with the Irish statutory limitation periods. If you don’t actively close your account with us, it automatically become inactive after 3 months of you not accessing it. After this, the data you have provided us will be retained for seven years.
Telephone	First name, surname, contact tel/mobile number and message.	We have a telephone voice messaging system in the office to record any messages from people who ring when the office is unattended.	Consent. You may or may not wish to leave a message.	Messages are deleted once a member of the team listened to it and followed up on any information left on the system.
Submitting an Event	First name, surname, contact tel/mobile number, company/society name, organiser’s email, organisers’s country.	We use your data for the purposes of: Entering into a contract with you/your company. Advertising your business’s event.	The processing is necessary for the Performance of a Contract.	When you register an account with us, we will retain the information that you provide to us for as long as you hold this account.  Once an account has been closed, we will continue to retain this data for a period of seven years. This timeframe is in line with the Irish statutory limitation periods. If you don’t actively close your account with us, it automatically become inactive after 3 months of you not accessing it. After this, the data you have provided us will be retained for seven years.
Website Enquiry Form	First name, surname, email address and your phone number	We collect personal information relating to you when you contact us through the contact forms on this website. We will only use this information to respond to your request. The advertiser (manufacturers, products and service providers) will receive a copy of any data that you have entered as part of your message in the Enquiry Form.	Consent	5 year or until you withdraw your consent whichever occurs first
Newsletters	First name, surname, email address, company name, country,	We collect your e-mail address so that we can email you about industry updates and events. We use a third-party provider, Mailchimp to deliver our newsletter. As a part of Mailchimp’s services, it collects statistics around e-mail opening and clicks using industry-standard technologies.	Consent	If you no longer wish to receive marketing newsletters from us, you have the right to ask us to stop processing your data for direct marketing purposes. Please send an e-mail to info@rapidmicrobiology.com with ‘UNSUBSCRIBE’ in the subject line or click the ‘Unsubscribe’ link in the eZine e-mail you receive from us we will remove you from the relevant list within 10 working days.   Any withdrawal of consent has no effect on past processing of personal data by Rapid Test Methods Limited up to the point in time of your withdrawal.
Interact with us by e-mail, or on social media	If you are a member of a social media site, the interfaces may allow the social media site to connect your site visit to your personal data.	Our website uses interfaces with social media sites such as Facebook, LinkedIn, Twitter and others. If you choose to “like” or share information from Rapid Test methods Limited’s website through these services, you should review the ‘Privacy Statement/Notice’ of that service.	Consent	You can withdraw your consent at any time.
Business Financial Information	VAT Number, Account Name, IBAN, Account Number and Sort Code	We will process your financial information for instance when you submit invoices for the purposes of receiving a proportion of your costs. We collect financial data required to comply with Irish Tax law to pay and sending invoices.	Processing is necessary for compliance with a legal obligation such as Taxation laws.  The Companies Acts and Taxes Consolidation Act, 1997 provide for a 6-year retention period of tax records.	6 years
Advertising displayed on our Website	Not applicable as we do not disclose information about identifiable individuals to our advertisers.We may provide them with aggregate information about our users (for example, we may inform them that 500 people from Germany have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, visitors from Germany).	We may disclose data to advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.  We may make use of the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.	Not applicable	Not applicable
Photographs, video footage and audio (i.e., imagery)	Identifiable (recognisable) people.	The imagery will be used on our website and on Audio Boom.	Consent.	7 years or until the person withdraws their consent whichever occurs first
Testimonials	First name, surname and company name.	Testimonial from the customer including their first name and surname are published on the company website.	Consent.	7 years or until the person withdraws their consent whichever occurs first
Customer Complaints	First name, surname, email address, tel/mobile number and details of said compliant.	If you have a complaint or concern about our work or about the bill.	Purpose of a Contract or in some cases Consent.	7 years
Website Cookies	The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Rapid Test Methods Limited’s website, including a history of the pages you view.	Rapid Test Methods Limited’s website collects specific information automatically and stores it in log files. We use this information to help us design our site to suit our users' needs better. We may also use your IP address to help diagnose problems with our server and to administer our website, analyse trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. Rapid Test Methods Limited’s website also uses cookies. It does not track users when they cross to third party websites, does not provide targeted advertising to them, and therefore does not respond to Do Not Track (DNT) signals	We have a legitimate interest in understanding how our clients and potential clients use our website. This assists us in providing more relevant services and communicating value to our clients.	See the Cookie Notice on our website for more details.

In the course of providing our services, we may process specific sensitive data for instance, in the unfortunate event that you experience an accident or incident we will record your personal data and any health implications. We rely on exceptions contained in Article 9 of the GDPR and the Data Protection Act 2018 to process this information.

Rapid Test Methods Limited is a service directed to and intended for use only by those who are 18 years of age or over. If you would like to make use of our service and you are not yet 18 years old, we require that an adult is present when you register. We will obtain that consent from the adult who is authorised to give the consent on your behalf.

There are some activities where we process personal information with your permission, which you can withdraw at any time, although if you do, we may not be able to provide the product or service you have requested. An example is where we want to use your photograph to promote our business. We would ask your permission first and you can withdraw your consent at any time. We will indicate in this Privacy Statement where we rely on consent

Where we may rely on consent to use your information, you have the right to revoke that consent for that processing activity at any time. However, we may have the right to rely on an alternative legal basis for the processing activity and will inform you of that.

A withdrawal of consent may still allow the processing of your data if:

• Processing is necessary for the performance of a contract with you.
• Processing is necessary for compliance with a legal obligation.
• Processing is necessary to protect your vital interest or that of another person.
• Processing is necessary for the performance of a task carried out in the public interest.
• Processing is necessary for the legitimate interests pursued by the controller or a third party; except where such interests are overridden by your interests or fundamental rights and freedoms.

In some of our articles, videos and blogs, we may reference other websites and provide links which are outside of our control. This Privacy Statement does not cover these other websites and links. Rapid Test Methods Limited do not accept any responsibility or liability for other sites’ Privacy Notices/Statements or Privacy Policies. If you access other websites using the links provided, please read their policies before submitting any personal information. Please refer to YouTube’s Terms of Service and the Google Privacy Policy.

Access to our online databases is password protected and all our computers are also password protected. We restrict access to personal data to employees, contractors and agents who need to know such personal data in order to operate, develop or improve the services that we provide. We ensure that we have appropriate physical and technological security measures to protect your information; and we ensure that when we outsource any processes that the service provider has appropriate security measures in place. All our documentation and records are securely stored on site.

Please note that the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of any data transmitted to our website, or to our office via e-mail, and any such transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We are not responsible for any delays, delivery failures, or any other loss or damage resulting from (i) the transfer of data over communications networks and facilities, including the internet, or (ii) any delay or delivery failure on the part of any other service provider not contracted by us, and you acknowledge that our website may be subject to limitations, delays and other problems inherent in the use of such communications facilities. You will appreciate that we cannot guarantee the absolute prevention of cyber-attacks such as hacking, spyware and viruses. Accordingly, you will not hold us liable for any unauthorised disclosure, loss or destruction of your personal data arising from such risks. Please also note that our website contains hyperlinks to websites owned and operated by third parties, and use of these is at your own risk (see ‘Third Party Websites’).

Your information will be disclosed where we are obliged by law to do so. We may also disclose your information where we are allowed by law to protect or enforce our rights or the rights of others and for the detection and prevention of crimes, such as fraud.

You have rights in respect of our processing of your personal data which are:

• To access your personal data and information about our handling of it. You also have the right to request a copy of your personal data (but we will need to remove information about other people).
• To rectify incorrect personal data that we are processing.
• To request that we erase your personal data if:
• We no longer need it;
• If we are processing your personal data by consent and you withdraw that consent;
• If we no longer have a legitimate ground to process your personal data; or
• We are processing your personal data unlawfully
• To object to our processing if it is by a legitimate interest.
• To restrict our processing if it was by legitimate interest.
• To request that your personal data be transferred from us to another company if we were processing your data under a contract or with your consent and the processing is carried out automated means.

If you want to exercise any of these rights, please contact us at info@rapidmicrobiology.com

As part of our business we use some third-parties such as Blacknight, which have one or more of the following international data transfer mechanisms in place:

• Standard Contractual Clauses (Model Clauses)
• Adequacy decision from the European Commission

We reserve the right to modify this Privacy Statement at any time. Each time you use this website, you shall be bound by the then current Privacy Statement and accordingly you should review the Privacy Statement each time you use this website. This is a live document, under regular review. This policy was last updated on June 2021.

If you have any comments, concerns or complaints about our uses of your information, we would ask that you contact us first, so that we can try and resolve the matter.

You are encouraged to raise any issues with the Compliance Officer:
Post: C/O Xeinadin, BLDG G West Cork Technology Park, Clonakilty, CORK, Ireland P85 VF62
Tel: +353 (23) 88 31884
E-mail: info@rapidmicrobiology.com

Where we are unable to help, you can complain to the Data Protection Commission (DPC) in Ireland or the Statutory Authority in your country of residence, who will be able to liaise with the Data Protection Commission.

The Data Protection Commission (DPC) can be contacted at:
Post: Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, Ireland, R32 AP23.
Telephone: +353 (0) 57 8684800
Telephone: +353 (0)761 104 800
Lo-Call Number: 1890 252 231
E-mail: info@dataprotection.ie