Information I hold
From your emails, phone calls, Initial Inquiry Form, Application Form, the Writing & Editorial Meeting and the drafting process:
Time & date of your ceremony
Your names, genders, phones, emails, postal address(es)
Venue’s name, address, contact name, phone number
Approximate expected number of guests
Whether you’d like ceremony indoors or outdoors
Confirmation that you (both) want a Humanist ceremony
Optional disclosure on if you consider you’re Humanist
Your preferred dates/times for the Writing & Editorial Meeting
Your confirmation that wedding venue is freely open to the public in respect of planning permission, certificate of fire safety, and meets all relevant health and safety requirements and has adequate public liability insurance cover
Optional disclosure of how you heard of me, including optional disclosure of who recommended me
Your confirmation that you read the terms of my detailed quotation previously sent to you by email (which had the link to the application form) and that you agree with those terms
Optional disclosure of personal information by you which may be recorded on the draft ceremony, and/or on an administrative fiche I keep for each ceremony, as a note/reminder to me (which may include confidential or sensitive information about you or a guest) or as something you would like incorporated into the script to form part of the ceremony.
I also insert your contact information at the top of your draft and at the top of the fiche that I keep for each ceremony, and possibly the photograph of you that I requested at the Writing and Editorial Meeting, to remind me what you look like and ensure that I marry the right people! I may also include on the draft and fiche selected extracts from emails you sent me. It also helps remind me who you are if, as often happens, you ask me in the future to conduct another ceremony for you. Accordingly, you should be careful not to distribute copies of your draft to others, nor to leave your personal printout of the ceremony at the venue, nor should you print out more than one copy of the ceremony as a backup on the day of your ceremony. I keep electronically and in hard copy format the fiche and the final draft in your file as a record for tax compliance purposes, together with invoices and receipts, and also as a reference in case you’d like me to do another ceremony subsequent to your wedding.
My paper records are kept in a locked dwelling and all electronic information is held on devices requiring encryption and/or passwords and/or multiple passwords.
My accounting software is Freshbooks Cloud Accounting, which is a Canadian-based online accounting service provider. Staff at Freshbooks can see the information that you can see on invoices and receipts such as your name(s) and address and amounts due or paid, and a timeline of when you paid each invoice. The Freshbooks infrastructure keeps all data in their Canadian server in case of data loss and in case of any other disruption all data is also kept in a separate backup server in the USA. Freshbooks assure me of the security of their data. For their security and reliability safeguards please see Freshbooks.com/policies/security-safeguards.
Every quarter, I file a report to the Humanist Association of Ireland (HAI) giving only the two surnames of each couple married, the date of the wedding and the name of the venue and its county; and a surname, date and venue for naming ceremonies and funerals. Where the venue for a naming ceremony is a private residence, my report does not give your private address but merely states ‘private residence’ and lists the county only. Separately, the reports lists the number of same sex and opposite sex marriages conducted that quarter, without indicating or disclosing the identities of which marriages were same sex or opposite sex.
I love to get feedback from clients. I usually request feedback after a ceremony and when you offer me feedback, or if you send me photos or videos of your ceremony, I may ask your permission to upload your feedback, photos or video on my blog www.joearmstrong.ie and/or www.HumanistWeddings.ie. I will not upload your feedback, pictures or videos unless you expressly reply to my request granting your permission for me to do so. Videos uploaded may be linked to my YouTube channel and photos uploaded may be added to my Pinterest boards.
Lawful basis for keeping your data
I need to process your data because the processing is necessary for a contract I have with you, or because you have asked me to take specific steps before entering into a contract with you. Specifically, I need to process your data in order to:
- set aside the date and time for your ceremony
- plan my route to your ceremony
- create and conduct your ceremony
- see all necessary information for your ceremony
- contact you generally or in an emergency
- check your Marriage Registration Form
- send you correct invoices and receipts
- evaluate the work that I did for you
- make quarterly returns to the Humanist Association of Ireland
- review ceremony statistics and trends
- keep accurate record of the ceremony I conducted
- retain your contacts and script as evidence should it be needed by the General Registrar Office that I married you
- maintain my tax compliance for Revenue Commissioners
Right of access
You have a right of confirmation that I am processing your data and of access to your data. You can request information verbally or in writing. Information is free of charge, although a reasonable fee may be charged if the request is manifestly unfounded, excessive or repetitive. In practice, the data I have will be the same as you can see on the script of your ceremony, which you will already have; on your invoices and receipts, which you will already have; in our emails, which you will already have; in the standard letters sent to me by the Civil Registration Office (similar to the letters the CRO give/send to you) acknowledging receipt of your notification of intention to marry, containing your names, the venue for your marriage and the date of your proposed marriage, and whether or not the Marriage Registration Form has yet been issued to you.
The CRO does not send me your Marriage Registration Form (MRF), which is sent/given only to you and which one of the parties to the marriage is legally obliged personally to show me before the ceremony (in practice, during the hour before the ceremony) in order for the ceremony to proceed. You must never send me your original Marriage Registration Form. It is sufficient to show it to me in the hour before the ceremony. I expressly cannot accept any responsibility for an original or scanned MRF sent to me. In short, do NOT send me your original MRF (you alone are responsible for that) and do NOT send me a scan of your MRF, since electronic copies exist in the electronic ether forever.
Right to rectification and data quality
You have the right to have personal data rectified if it is inaccurate or completed if it is incomplete. For instance, if after a ceremony you send me a review and if you grant me permission to upload it to my blog and if you spot an inaccuracy or typo, you have a right to have the inaccuracy rectified or completed if it is incomplete. Simply email Joe.Celebrant@gmail.com and I will correct or complete it for you as soon as possible.
Right to erasure including retention and disposal
If you granted me permission to upload your feedback on your ceremony to my blog, and/or if you sent me photographs or a video and gave me permission to upload it, you retain the right at any time to ask me to delete it. Simply email me and I will remove your review, feedback, photograph(s) and/or video(s).
If you request that I delete all your personal data, I may not be able to do so. I may need to retain basic personal data to comply with a legal obligation (I am required under Irish law to keep your basic personal data – name, address, contact details – for a minimum of 7 years) or to perform a public interest task or exercise official authority (such as to confirm to the Civil Register Office, perhaps years into the future, that I conducted your marriage on a specified date and at a specific place, for instance if the Marriage Registration Form was misplaced or lost or for other reasons was never returned to the Civil Register Office after marriage); for archiving purposes in the public interest or statistical purposes (for example the number, locations and types of Humanist ceremonies); or to exercise or defence of legal claims.
For the above reasons, I keep in hard copy and electronic format the script of your ceremony. Also, when, as frequently happens, a person or family ask me to create and conduct a subsequent ceremony, it is helpful for me to be able to look back at the earlier ceremony to remind me of names, relationships, and a context for the new ceremony. I have conducted naming, marriage and funeral ceremonies for the same families, sometimes unexpectedly, such as a funeral ceremony for the untimely death of a father after an earlier naming ceremony for his child or, more commonly, baby naming ceremonies preceding or following a marriage. Or the funeral ceremonies of the parents of a couple whom I’ve married.
Right to restrict processing
You have a right to block or restrict the processing of your personal data.
When processing is restricted, I am permitted to store the personal data, but not further process it. I can retain just enough information about you to ensure that the restriction is respected in the future.
If I disclosed personal data to other organisations (such as the Humanist Association of Ireland or the Civil Registration Office), I will, where possible, inform them about the restriction.
Right to object
You have a right to object to the processing of your personal data in certain circumstances. Whether it applies depends on my purposes and my lawful basis for processing. You can object verbally or in writing.
I only need your basic personal data needed to create and conduct your ceremony, such as your name(s), address(es), email(s) and phone number(s).
In short, I do not need to know sensitive information about you. Specifically I do not need to know whether you are single, divorced, widowed; nor your sexual orientation; nor your age, parents’ names, nationality, occupation, PPS numbers, etc.
You are of course free to share anything with me to personalise and enhance your ceremony. That is entirely up to you.
Please bear in mind that you are entirely responsible for your copy of the final draft and I am responsible for my copy.
As above, my accounting software Freshbooks have assured me of the security of their data. For their security and reliability safeguards please see https://www.freshbooks.com/policies/security-safeguards
My website www.joearmstrong.ie / www.HumanistIreland.ie is hosted by Hostgator. Here is their GDPR compliance page: https://support.hostgator.com/articles/pre-sales-policies/general-data-protection-regulation
I use Dropbox Plus for cloud storage and Dropbox assures me that Dropbox Plus will be fully GDPR-compliant by 25 May 2018. For general guidance on Dropbox and GDPR see https://www.dropbox.com/security/GDPR
Information Risks & Data Security
I take care of your data. I manage information risk by only requiring basic personal data, such as your name, address, email and phone number, so that I can process and conduct your ceremony; and whatever other personal information you choose to share with me for that purpose.
While preparing your ceremony, you may choose to reveal more personal information. However this too tends to be somewhat basic information, for instance how you met or some anecdote that may form part of the ceremony. By definition therefore the nature of what you may add tends to be something you are happy to share with your guests.
Other data may be shared with me of a more personal nature for my information, rather than for disclosure to the guests; and such disclosures tend to be recorded by me on the fiche and/or the script so that I will remember. For example, a bride might share that her parents don’t get on together and it’s prudent for me to be aware of that during the ceremony.
Accordingly I take one copy only of the final version of the ceremony to the ceremony and, while I always say it is prudent for the couple to have a copy of the ceremony too (in case I’m abducted by aliens en route!) one copy is sufficient for the couple to have. And given the names and contact information on the script, and especially if the script contains additional personal information, it is prudent to give the couple’s copy to me (presuming I’ve successfully ducked the aliens) and I can shred pages with your personal data at my office. For copyright and data protection purposes, the couple should not have multiple copies or distribute it willy-nilly for musicians, readers or guests.
I have already addressed earlier in this policy the encryption, passwords or multiple passwords on my devices; and the security of the online services I use such as Freshbooks, Dropbox Plus and Hostgator.
Data Protection by Design
I am actively implementing appropriate technical and organisational measures to integrate data protection into my processing activities through a root and branch review of emails, my website, accounting and other software, based on data protection principles including data minimisation, pseudonymisation and transparency measures.
I process personal data in a manner that ensures appropriate security. Bearing in mind the generally basic data that I hold, which is not usually sensitive information, a reasonable level of security is appropriate. A current review of my IT systems is underway to ensure that appropriate technical measures secure all data. The measures chosen will suit my business’s needs. I don’t expect them to be too onerous.
A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
In the event of such a breach, I would notify the Data Protection Commissioner, unless it is unlikely to result in a risk to the rights and freedoms of individuals. Where a breach is likely to result in a risk to the rights and freedoms of individuals, I would also notify those concerned directly and promptly.
In all cases I would maintain records of personal data breaches, whether or not they are notifiable to the Data Protection Commissioner.
GDPR imposes restrictions on the transfer of personal data outside the European Union, to third countries or international organisations. I am actively reviewing my internet hosting, email, accounting and cloud storage suppliers to ensure compliance with GDPR.
Cookies are small text files. They cannot look into your computer or read any personal information. Cookies cannot carry viruses or install anything harmful on your computer. Our cookies do not store sensitive information such as your name, address or payment details but they allow us to access this information once you have signed in to your account.