Info and Advice

Protecting Your Data: The ISPCC Childline’s Privacy Notice

Childline is a confidential listening service provided to all children and young people by The Irish Society for the Prevention of Cruelty to Children, Ireland’s national child protection charity.  Our mission is to make the protection of children everyone’s priority.  Childline provides confidential and preventative phone, text and webchat services directly to children and young people. We communicate children’s concerns and views with a range of stakeholders and are fortunate to benefit from thousands of donations from individuals and organisations.  We are committed to doing this while also keeping your data safe. 

The ISPCC is a registered charity, and our charity registration number is 20007225.

Our Privacy Notice explains why we collect data, what data is collected, what we do with it, what we don’t do with it, and what you can do to exercise your rights as a data subject or to seek further information. Please refer to the ISPCC’s full Privacy Notice on the ISPCC website for further details.

The controller (as defined in the GDPR) of your personal data for all purposes outlined in this policy is the ISPCC. We can be contacted by post at Irish Society for the Prevention of Cruelty to Children, 29 Lower Baggot Street, Dublin 2, by telephone at 01 6767960 and email at dataprotection@ispcc.ie.

Personal data is defined in the General Data Protection Regulation (GDPR) as:

 ‘Any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;’

‘Special categories’ of personal data (sensitive personal data) relate to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation.

A ‘controller’ is defined as ‘the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law’.

1. If you are a child accessing our Childline Phone service or Missing Children Hotline Service:

We will collect and process the following data:

  • For each call we record a name you wish to use for the call,  your age, gender, the reason for the call and other relevant details.
  • If you are at risk and want Childline to help you, then we may need further personal information about you. It  is your choice whether to give us further information or not.
  • If you do tell us your name and address (or another way that we could identify you) and we think you might be at risk or are worried that you were in some kind of danger we keep a record of this and tell someone who may be able to help you (Gardaí or a social worker).
  • We collect this data because we must do so by law if you are at risk and give us information that tells us who you are and where you live. In these cases, we may need to pass our concerns on to a statutory body such as the Gardaí or Tusla – the Child and Family Agency.

Your data will be used in the following way:

  • To provide a high quality listening service to all children.
  • To collect statistical information that cannot be related back to individuals to help us improve Childline and advocate for children all over the country.
  • To share case studies that cannot be linked back to individual children with policy makers and the media to help  increase awareness and understanding of what young people are experiencing and things that are important to them.
  • These statistics and case studies can also be shared with others to promote Childline as a charity and to help raise funds for Childline.

 

We hope that collecting your data in this way, will:

  • Offer you a friendly and non-judgemental listening ear anytime you want to talk to Childline.
  • Help you to get the support that you need if you are at risk.
  • Enable ISPCC to raise vital funds to continue to provide the Childline service to you 24 hours a day, 365 days a year.
  • Enable ISPCC to improve policies and services, thereby making life better and safer for you and for all children.
2. If you are a child accessing our Childline Text or Webchat service:

We will collect and process the following data:

  • When you register for the text or web service you will be providing personal information such as a nickname, age and gender in order to register. You will have a user name and password so that you can continue to chat  with Childline whenever you want.
  • A record of your conversations will be kept in line with our retention policy.
  • Please be assured that this data is kept confidential between you and Childline unless you have provided identifying information and we are required to report concerns for your safety to a social worker or Gardaí.

 

Your data will be used in the following way:

  • This will assist Childline in understanding your story/situation. It will help Childline to provide a better service to you and it helps us to measure the quality of the service we offer to children and young people.
  • We also use your data to collect statistical information that cannot be related back to individuals to help us improve Childline and advocate for children all over the country.
  • We share case studies that cannot be linked back to individual children with policy makers and the media to help them increase awareness and understanding of what young people are experiencing and things that are important to them.
  • These statistics and case studies can also be shared with others to promote Childline as a charity and to help raise funds for Childline.

 

We hope that collecting your data in this way, will:

  • Offer you a friendly and non-judgemental listening ear anytime you want to talk to Childline.
  • Help you to get the support that you need if you are at risk.
  • Enable ISPCC to raise vital funds to continue to provide the Childline service to you 24 hours a day, 365 days a year.
  • Enable ISPCC to improve policies and services, thereby making life better and safer for you and for all children.
3. If you are visiting the Childline website:

We will collect and process the following data:

Personal Data:

  • Registration for Childline webchat service
    • Nickname, password, gender, date of birth
    • Data is collected on a secure form. To keep this service safe for all the young people using it, you need to create a nickname and a password to log on to use the online chat service.
    • Date of birth is required to confirm that you are under 18 as the service is only available to children under this age. If your date of birth indicates that you are older then you will not be able to register.
  • Logged into Childline Webchat
    • Once registered you can chat with Childline. All your chats with Childline are safe.
    • A history of all the chats you have had with Childline webchat are kept together so that you don’t have to explain everything to Childline each time you come on to chat about what you want to talk about.
    • Each time you webchat to Childline, you might chat about the same thing or maybe it’s about something different every time. At the end of your chat with us, Childline makes a quick note to describe what your chat was about and store this with your chat conversation. Say your chat was about a friend that was annoying you. Childline might say that the chat with you was about “Relationship with Friends”.
    • Sometimes we add up all the chats from all the children and young people who contacted Childline and see how many chatted about “Relationship with Friends”. We use this information to tell everyone else about the types of things children and young people contact Childline about. It helps us to tell the Government what they should be doing to help all the children in Ireland.
    • Sometimes we use the types of reasons people contact us to tell stories about the reasons children contact Childline. We never use the exact information or stories people tell us, but we use examples from different people to make sure that individual stories could not be identified.

Non-Personal Data:

  • Website Analytics
    • In general, you can browse this website without telling us who you are or revealing any personal information about yourself. We use Google Analytics to gather general anonymous data from all visitors to our website. This data is made up of information that cannot be used to identify or contact you, such as your browser type (e.g. Firefox, Chrome, IE, Edge, Safari, Opera), operating system (e.g. Windows, Mac, Linux), and information such as the website that referred you to us, the files you downloaded, the pages you visit, and the dates/times of those visits, and other anonymous statistical data involving the use of our website.
    • This non-personal data informs us as to what is relevant to our visitors and what is stale and needs to be removed.

 

4. What Are Cookies

Cookies are small data files that are placed on your computer or mobile device when you visit a website, mobile app or use an online platform. Cookies are widely used by online service providers to facilitate and help to make the interaction between users and websites faster and easier, as well as to provide reporting information.

Cookies set by the website owner (in this case, ISPCC) are called "first party cookies". Cookies set by parties other than the website owner are called "third party cookies". Third party cookies enable third party features or functionality to be provided on or through the website (e.g. chat services, interactive content and analytics). The parties that set these third party cookies can recognise your computer or device both when it visits the website in question and also when it visits certain other websites.

5. How do we use Cookies?

The Childline website use cookies to give you a more personalized experience. It has a session cookie to remember what you type into forms so that you don't have to re-enter the data if you move away from the page and then come back. This cookie disappears when you close the browser client.

The Childline website uses an additional cookie if you log in to the website to chat online to a Childline volunteer. This cookie, called a chat token, is set when the user logs into the webchat with their login. This cookie is used by the chat server to recognize the user who's logged into the chat, and lets the Childline volunteer know to whom they are chatting.

6. Why Do We Use Cookies?

We use first party and third party cookies for several reasons. Some cookies are required for technical reasons in order for our Website to operate, and we refer to these as "essential" or "strictly necessary" cookies. Third parties serve cookies through our Websites for analytics and other purposes. This is described in more detail below.

7. Essential Website Cookies

Served by: Childline and LiveChat

These cookies are strictly necessary to provide you with services available through our website and to use some of its features, such as access to your account and the chat service.

Because these cookies are strictly necessary to deliver the website to you, you cannot refuse them.

You can block or delete them by changing your browser settings (as described bellow under the heading "How can I control cookies?") however you might not be able to use our services to their full extent anymore.

The cookies served by Childline help the website remember you, as you go from page to page so you don't have to keep signing in or making the same choices.

You can read more about the cookies served by LiveChat here.

8. Analytics and Customisation Cookies

Served by: Google Analytics

These cookies collect information that is used either in aggregate form to help us understand how the website is being used or how effective our marketing campaigns are, or to help us customise the websites for you.

To refuse these cookies, please click on the following opt-out link: Google Analytics

Served by: Youtube

Our Youtube videos have privacy-enhanced mode enabled: therefore YouTube won’t store information about our visitors, unless they play the video, according to the Google-Youtube guide.

9. How Can I Control Cookies?

You have the right to decide whether to accept or reject cookies. You can exercise your cookie preferences by clicking on the opt-out link provided above.

You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website though your access to some functionality and areas may be restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser's help menu for more information or click on the relevant link bellow:

Cookie settings in Internet Explorer
Cookie settings in Firefox
Cookie settings in Chrome
Cookie settings in Safari web
 and Safari for iOS.

10. Links to other websites

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

11. For how long will we keep your personal information?

 

We always have your best interests at heart and your personal information will not be retained by Childline for longer than necessary in relation to the purposes for which it was originally collected, or for which it was further processed.

We will retain personal data in accordance with our data retention policy. We review our data retention periods for personal information on a regular basis.

12. No commercial disposal to third parties

Childline will not sell, rent, distribute or otherwise make User Data commercially available to any third party without your prior permission.

13. Sharing your information with third parties

We may disclose your personal information to third parties - An Garda Síochána and Tusla, The Child and Family Agency - if we are legally obliged to for the purposes of meeting our statutory child safeguarding obligations under Children First legislation. This only happens where we are concerned a child may be at risk.

14. Data Security

The ISPCC Childline has put technological and organisational controls, including policies and procedures, in place to protect your personal data from loss, misuse, alteration or unintentional destruction. Our personnel who have access to the data have been trained to maintain the confidentiality of such information.

We carry out regular monitoring and testing of our security defences to ensure they continue to be effective against the latest threats.

Please note that no communications over the internet can be guaranteed as secure. Whilst we take appropriate steps to protect your data we cannot guarantee that it will remain secure in transit. Once data reaches your network it is your responsibility to ensure it remains secure. 

15. Your rights under the GDPR

Right to be informed: We will provide you with a privacy notice to tell you how we are using your personal data.

Right of access: You have the right to obtain access to your own personal data at any time. Information will be supplied within one month of receipt of the request.  This can be extended by a further two months where requests are complex or numerous. This will be provided free of charge unless you ask for multiple copies or the request is manifestly unfounded or excessive. We can also refuse your request if it adversely affect the rights and freedoms of others or is manifestly unfounded or excessive.

Right of rectification:  You have the right to have your personal data rectified if it is inaccurate or incomplete.  

Right of erasure: You have the right to request the deletion of personal data where there is no compelling reason for its continued processing or if we are processing it in an unlawful manner – for example, if we are using it for a different purpose than originally stated. 

Right to restrict data processing:  Under certain circumstances, you have a right to ‘block’ or suppress processing of personal data. When processing is restricted, we are permitted to store the personal data, but not further process it.

Right to data portability:  You can obtain and reuse your personal data in a structured, commonly used and machine-readable format for your own purposes across different services. This right applies where the processing is based on your consent or for the performance of a contract; and when processing is carried out by automated means.

Right to object:  You have the right to object on grounds relating to your particular situation to: 

  • Processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling);
  • Direct marketing (including profiling); and
  • Processing for purposes of scientific/historical research and statistics.

We must stop processing the personal data unless: 

  • We can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual; or
  • The processing is for the establishment, exercise or defence of legal claims.

Right in relation to automated decision making and profiling: Under certain circumstances, you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.

Please contact us at dataprotection@ispcc.ie if you wish to exercise any of your data protection rights.

 

We will consider each request in accordance with all applicable data protection laws and regulations. No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be excessive in nature.

Upon successful verification of your identity you are entitled to obtain the following information about your own personal data:

 

  1. the purposes of the processing:
  2. the categories of personal data concerned;
  3. the recipients or categories of recipients to whom your personal data has been or may be disclosed, along with the location of those recipients;
  4. the envisaged period of storage for your personal data or the criteria for determining the storage period;
  5. the sources) of the personal information, if it was not obtained from you;
  6. the use of any automated decision-making and/or profiling.
16. Changes to this Privacy Notice

We will keep this Privacy Notice under review.  Please check our website for the most recent version of our Privacy Notice. The notice was last reviewed in November 2018.

17. Queries and Complaints

If you require further information about the way your personal data will be used or if you are unhappy with the way we have handled your personal data and wish to contact us, please submit your concerns to dataprotection@ispcc.ie

 

The dataprotection@ispcc.ie mailbox is managed by the ISPCC DPO function and all correspondence received will be addressed accordingly, including support from the designated ISPCC Data Protection Officer.

 

You have the right to lodge a complaint with the Office of the Data Protection Commissioner. To contact the Office of the Data Protection Commissioner, please use the following details:

 

Data Protection Commission

Canal House, Station Road, Portarlington, Co. Laois

Telephone: +353 (0)761 104 800 Telephone: +353 (0)57 868 4800

Email: info@dataprotection.ie

LoCall Number: 1890 252 231

Fax: +353 (0)57 868 4757