Current version published: 15 September 2018
Data protection is of a high priority for the team at Gospel Literature Ireland (G.L.I.), and we strive to be completely transparent with how we collect and use information we gather about you. Your privacy is important to us and we respect your preferences.
The processing of personal data, for example, the name, address, or telephone number of a data subject shall be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to G.L.I.
The data protection declaration of G.L.I. is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our data protection declaration should be legible and understandable for the public, as well as our customers and business partners. To ensure this, we would like to first explain the terminology used.
In this data protection policy, we use the following terms:
a) Personal data
Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
b) Data subject
Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
d) Restriction of processing
Restriction of processing is the marking of stored personal data with the aim of limiting their processing in the future.
Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
g) Controller or controller responsible for the processing
Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry, in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall follow the applicable data protection rules according to the purposes of the processing.
j) Third party
Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent of the data subject is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
2. Name and Address of the data Controller
The Controller, for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
Name Surname ("Gospel Literature Ireland")
“Mountainview”, Gortnacrehy Lower,
Co. Limerick, Ireland
Phone: +353 86 874 4182
Website: Not Applicable
3. Collection of general data and information
Purpose for collection of personal data
Personal data provided by the data subject through reply form or competition entry is collected and stored exclusively for internal use and for the sole purpose of G.L.I.
The personal data will include:
Personal data entered by the data subject through registration form is collected and stored exclusively for internal use and for the sole purpose of G.L.I.
When using general data and information collected via the website, G.L.I. does not draw any conclusions about the data subject. Rather, this information is needed to:
G.L.I. does not collect Calling Landline Identification (CLI) or any other information on the origins of a call. We do not record or retain phone conversations.
The website of Gospel Literature Ireland (www.goodnews4u.net) collects a series of general data and information when a data subject or automated system calls up the website.
This general data and information are stored in the server log files. Data collected may include:
G.L.I. analyzes anonymously collected data and information statistically, with the aim of increasing the data protection and data security of our organisation.
The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
StreetLife uses web beacons to help deliver cookies and gather usage and performance data. Our websites may include web beacons and cookies from third-party service providers. Cookies, among other things, allow websites to store your preferences and settings; enable you to sign-in; combat fraud; and analyze how our websites and online services are performing.
4. Enquiries and requests
By inputting their contact details on the electronic contact forms on the website, users are given the opportunity to submit an enquiry via an electronic contact form.
If a data subject voluntarily contacts G.L.I. by means of paper reply form, e-mail, by the electronic contact form or by the phone, the personal data transmitted by the data subject is automatically stored for relevant processing or contacting the data subject about the specified issue in question.
There is no transfer of this personal data to third parties.
The sender's email address will remain visible to all staff tasked with dealing with the query.
Please be aware that it is the sender's responsibility to ensure that the content of their message is within the bounds of the law. Unsolicited material of a criminal nature will be reported to the relevant authorities and blocked.
5. Withdrawal of consent
The consent to the storage of personal data, which the data subject has given for the selected service, may be withdrawn at any time. The revocation of consent to receiving emails or telephone calls may be terminated by the data subject at any time by sending an email or via the Contact Us form on the website.
6. Storage of personal data
G.L.I. shall process and store the personal data of the data subject only for the period necessary to achieve the specified purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject.
If the purpose for which the data was originally collected no longer exists, or if a storage period prescribed by the European legislator or Irish legislator expires, the personal data is erased in accordance with legal requirements and as outlined in the company policy on data retention.
7. Rights of the data subject
Data subject requests for information and access to personal data shall be responded to by G.L.I. free of charge, or, where applicable, in accordance with GDPR fee structure.
a) Right of confirmation
Each data subject shall have the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning him or her is being processed.
If a data subject wishes to avail himself of this right of confirmation, he or she may, at any time, contact our Data Protection Officer or another member of the organisation via the contact details provided within this document.
b) Right of access
Each data subject shall have the right granted by the European legislator to obtain from G.L.I. confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer
If a data subject wishes to avail himself of this right of access, he or she may at any time contact our Data Protection Officer or another member of the organisation.
c) Right to rectification
Each data subject shall have the right granted by the European legislator to request from G.L.I. without undue delay the rectification of inaccurate personal data concerning him or her.
Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If a data subject wishes to exercise this right to rectification, he or she may, at any time, contact our Data Protection Officer or another employee of the company.
d) Right to erasure (Right to be forgotten)
Each data subject shall have the right granted by the European legislator to request from G.L.I. the erasure of personal data concerning him or her without undue delay, and the organisation shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
If one of the reasons applies, and a data subject wishes to request the erasure of personal data stored by G.L.I. , he or she may at any time contact our Data Protection Officer or another member of the organisation.
The Data Protection Officer of G.L.I. or another designated member shall promptly ensure that the erasure request is complied with immediately.
e) Right to restriction of processing
Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
If one of the aforementioned conditions are met, and a data subject wishes to request the restriction of the processing of personal data stored by G.L.I., he or she may at any time contact our Data Protection Officer or another member of the organisation. The Data Protection Officer of G.L.I., or another member, will arrange the restriction of the processing.
f) Right to data portability
Each data subject shall have the right to receive the personal data concerning him or her, which was provided to G.L.I., in a structured, commonly used and machine-readable format.
He or she shall have the right to transmit that data to another controller without hindrance from G.L.I., as long as the processing is based on consent pursuant to point (a) of Article 6(1) of the GDPR or point (a) of Article 9(2) of the GDPR, or on a contract pursuant to point (b) of Article 6(1) of the GDPR, and the processing is carried out by automated means.
Furthermore, in exercising his or her right to data portability pursuant to Article 20(1) of the GDPR, the data subject shall have the right to have personal data transmitted directly from G.L.I. to another data controller, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
To assert the right to data portability, the data subject may at any time contact the Data Protection Officer designated by G.L.I., or another member of the organisation.
g) Right to object
Each data subject shall have the right to object, on grounds relating to his or her situation, at any time, to processing of personal data concerning him or her, which is based on point (e) or (f) of Article 6(1) of the GDPR.
G.L.I. shall no longer process the personal data in the event of the objection, unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject, or for the establishment, exercise or defense of legal claims.
If the data subject objects to G.L.I. to the processing for direct marketing purposes, G.L.I. will no longer process the personal data for these purposes.
In addition, the data subject has the right, on grounds relating to his or her situation, to object to processing of personal data concerning him or her by G.L.I. for scientific or historical research purposes, or for statistical purposes pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
To exercise the right to object, the data subject may directly contact the Data Protection Officer of G.L.I. or another member of the organisation.
h) Automated individual decision-making, including profiling
Each data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her, or similarly significantly affects him or her.
G.L.I does not use the personal data of the data subjects in any automated decision-making or profiling systems.
i) Right to withdraw consent
Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.
If the data subject wishes to exercise the right to withdraw the consent, he or she may at any time directly contact the Data Protection Officer of G.L.I. or another member of the organisation.
G.L.I., as the data controller shall, at any time, provide information upon request to each data subject as to what personal data is stored about the data subject. In addition, G.L.I. shall correct or erase personal data at the request or indication of the data subject, insofar as there are no statutory storage obligations. The data protection officer and members of G.L.I. are available to the data subject in this respect as contact persons. Contact details are provided within this document.
8. Legal basis for the processing
Art. 6(1)a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. That is to say, the data subject has given consent to the processing of his or her personal data for one or more specific purposes.
If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1)b GDPR.
The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of enquiries concerning our services.
If our organisation is subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1)c GDPR.
In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor was injured in our premises and his or her name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1)d GDPR.
Finally, processing operations could be based on Article 6(1)f GDPR. This legal basis is used for processing operations which are not covered by any of the above mentioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our organisation or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
A legitimate interest could be assumed if the data subject is a supplier or service recipient of the controller (Recital 47 Sentence 2 GDPR).
9. The legitimate interests pursued by G.L.I.
Where the processing of personal data is based on Article 6(1)f GDPR, our legitimate interest is to carry out our business, which is the provision of G.L.I., in favour of the well-being of all our members and the volunteers, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
10. Period for which the personal data will be stored
The criteria used to determine the period of storage of personal data is the respective statutory retention period. Alternatively, the retention period is that designated and documented as legitimate for the specified processing.
After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract.
11. Provision of personal data as statutory or contractual requirement
We clarify that the provision of personal data is partly required by law (e.g. tax regulations) or can also result from contractual provisions.
Sometimes it may be necessary that to perform a contract that the data subject provides us with personal data, which must subsequently be processed by us.
The data subject is, for example, obliged to provide us with personal data when our organisation provides the service to him or her.
The non-provision of the personal data would have the consequence that the service with the data subject could not be performed.
Before personal data is provided by the data subject, the data subject may contact our Data Protection Officer. Our Data Protection Officer clarifies to the data subject whether the provision of the personal data is required by law or contract or is necessary for the performance of the services, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.
12. How to contact us
Name Surname ("Gospel Literature Ireland")
10 Liosan, Newcastle West
Co. Limerick, Ireland
In the UK call 0845-304-5533
In The Republic of Ireland call 086-215-7975