Protecting the Integrity & Reputation of Irish Horseracing

Integrity Portal

Data Protection Privacy Notice

Last update: July 2022

This data protection notice provides information about the ways in which Irish Horseracing Regulatory Board (referred to as “IHRB”) collects and uses personal data.

IHRB will process all personal data in compliance with the General Data Protection Regulation (GDPR) and any applicable local privacy law. This is to provide you with a service you have requested and to meet our statutory obligations.

For the purposes of data protection legislation, the Data Controller of your personal data is:

Irish Horseracing Regulatory Board
The Curragh
Co. Kildare
R56 Y668

E-mail: info@ihrb.ie   
Telephone: +353 45 445 600
Fax: +353 45 445 601

This notice applies to all personal data collected by IHRB in connection with the performance of its functions as outlined below. IHRB can receive the personal information directly from individuals or indirectly from another party (such as Garda Siochana, Horse Racing Ireland, Weatherby’s, Racing Authorities and statutory bodies including the Department of Agriculture, Food and the Marine).

Collection and use of Personal Data

IHRB processes personal data to perform its functions.

The key functions of the Irish Horseracing Regulatory Board are:

  • To be solely and independently responsible for making and enforcing the Rules of Racing.
  • To provide integrity services for horse racing.
  • To ensure the provision of on course integrity services by employing monitoring and controlling the activities of horseracing officials.
  • To licence all participants in horseracing in Ireland.
  • To make all decisions relating to doping control, forensic testing and handicapping in respect of horseracing.
  • To be responsible for the representation of Irish horseracing internationally in respect of its functions.
  • To provide governance and to enforce the Irish National Hunt Steeplechase Regulations for point-to-point steeplechase.

We also process your personal data for the purposes of:

  • The licensing of participants in Irish racing;
  • The administration of Irish horse racing;
  • Making and enforcing the Rules of Racing;
  • Ensuring horses are run properly and fairly; and
  • Administration of membership by the Qualified Riders Association.

The types of personal data processed by IHRB in order to perform its functions are described in further detail below:

 Jockeys/Trainers/Amateur and Professional Riders/Point to Point Handlers and Owners/Authorised Representatives/Stable Staff & Trainer’s Employees:

  • Identity Data: first name, maiden name, last name, username or similar identifier, title, date of birth and gender, signature, National ID or Passport information, Visa information, footage, photo.
  • Contact Data: billing address, email address, home address and telephone numbers.
  • Financial Data: bank account and payment card details.
  • Transaction Data: details about payments to and from you.
  • Sensitive Data*: Any disabilities or medical co
  • Technical Data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website (for more detail read our Cookies Notice).
  • Profile Data: your username and password, feedback and survey responses.
  • Usage Data:details about how you use our website, applications or other products or services.
  • Marketing and Communications Data: your preferences in receiving marketing from us and our third parties and your communication preferences.

*We collect sensitive information like health data as we are required to do so, pursuant to applicable laws or regulations. We use this information to assess the applicant’s fitness to race ride.

Personal Data will be also used for communication purposes.

IHRB may keep personal data on file as long as it is needed for the purpose for which it was collected.

 

Collection and use of personal data for other purposes

Recruitment

IHRB collects personal data from candidates for recruitment purposes. The information that IHRB may collect and hold about candidates includes:

  • Name, address, telephone number(s) and email address
  • Details of qualifications, skills, experience and employment history
  • Details of current immigration status
  • Details of criminal or pending criminal convictions in Ireland or any other jurisdiction
  • Any additional information contained in a candidate’s CV such as referee information, disclosed at interview or otherwise provided to IHRB during the recruitment process.

IHRB needs to process data to decide whether to enter into a contract of employment with a particular candidate and may also process certain data to ensure that it is complying with its legal obligations. IHRB has a legitimate interest in processing personal data during the recruitment process and in keeping records of the process in order to manage the recruitment process, to assess and confirm a candidate's suitability for employment and decide to whom to offer a particular role. IHRB may also need to process candidates’ data to respond to and defend against legal claims.

For certain managerial positions, the candidate’s information may be provided to a third party service provider for the purpose of assessing the suitability for the role. In all other cases IHRB will not share a candidate’s data with third parties, unless his or her application for employment is successful and an offer of employment is made to him or her. Once an offer of employment has been made to (and been accepted by) a candidate, that candidate’s personal data will be provided to An Gardaí Síochána for the purposes of vetting and IHRB may also contact previous employers named by that candidate as referees for the purpose of obtaining employment references. The candidate will also be required to provide medical information to IHRB’s occupational health provider for the purposes of assessing his or her capacity to work.

If a candidate’s application is unsuccessful, IHRB may keep his or her personal data on file for a period of 12 months.

CCTV

IHRB has installed CCTV systems at our premises for the purposes of public and staff safety, crime prevention and detection as well as to comply with standard business and insurance protocols. CCTV cameras are located at access points, general reception areas, car parks, shared areas and the exterior perimeter.

Signage advises of areas covered by CCTV equipment. IHRB will only disclose CCTV images to others who intend to use the images for the purposes stated above.

Images captured by CCTV will generally be retained for a minimum period of 30 days. However, on occasion, there may be a need to keep images for longer, for example for the purposes of investigating a crime.

Tenderers and Suppliers of Goods or Services

IHRB may process personal data submitted by tenderers to manage procurement award procedures and decide whether to enter into a contract with a particular tenderer. Personal data collected for this purpose may relate to the tenderer, its staff or its sub-contractors. Following finalisation of the procurement procedure in question and the entry into by IHRB of a contract with our chosen supplier(s), IHRB may process certain personal data in order to perform its obligations under that contract, such as arranging payment.

Lawful Basis for processing

Performance of a contract with you: the processing is necessary for a contract we have with you, or because we have asked you to take specific steps before entering into a contract.  For example, we process your data in order to fulfill your registration.

Legal Obligation: In circumstances where it’s our legal obligation to disclose or share your data in order to comply, pursuant to a legal request, subpoena or other legal processes, or in order to enforce or apply the company’s Terms of Use and other agreements, including for billing and collection purposes; or to protect the rights, property, or our safety, or others. This may include exchanging information with other authorities for the purposes of fraud protection and credit risk reduction.

Performance of a task carried out in the public interest or in the exercise of official authority: carrying out a specific task in the public interest which is laid down by law; or. exercising official authority tasks, functions, duties or powers which is laid down by law. For example, when we have to make decisions relating to doping control, investigations and handicapping in respect of horseracing.

Legitimate interest: The processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests. For example, for our legitimate interest of maintaining a file with your personal data for administration purposes.

Before we process your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law), we make sure we consider and balance any potential impact on you and your rights before we process your personal data.

Vital Interest: In certain conditions when your consent it is not possible to be obtained, it may be necessary for us to process your Personal Data, including Sensitive Personal Data you provided through our Services, where it is in your vital interest or in the interest of others. Vital interest or in the interest of others could be an event of a medical emergency.

Consent: in case where you have given a clear consent for us to process your personal data for a specific purpose.

You have the right to withdraw consent at any time by contacting us. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain services to you. We will advise you if this is the case at the time you withdraw your consent.

How long we keep your information

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, primarily for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use and/or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and also the applicable legal requirements.

In some circumstances you can ask us to delete your data. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Cross-Border Data Transfers

The Personal Data and other information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”), for example where we are asked to share it with foreign TURF Authorities.

To comply with applicable data protection law, we have implemented international data transfer agreements on the basis of EU Standard Contractual Clauses in order to provide appropriate and suitable safeguards for Personal Data transferred to countries outside the EEA where an adequate level of protection is not already guaranteed.

Disclosure of Personal Data

In order to properly and efficiently run racing and to comply with legal obligations, IHRB may disclose personal data to:

  • Third parties, where required or permitted by law to do so which may include our service providers and statutory bodies, including An Garda Síochána, the Revenue Commissioners.
  • Horse Raising Ireland, Department of Agriculture, Food and the Marine
  • Foreign Turf Authorities
  • Legal advisors, Auditors, Other agencies (where applicable)
  • Relevant public authority (where applicable)
  • Supervisory authorities in other EEA Member States for the purpose of performance of their functions.
  • Supervisory authorities in countries outside of the EEA where permissible under data protection legislation (i.e. generally, where the European Commission has made an adequacy decision in relation to the country in question or where other appropriate safeguards are in place).

IHRB requires all third parties to respect the security and confidentiality of personal data disclosed to them. Third-party service providers may only process such personal data for specified purposes and in accordance with IHRB’s instructions.

Your Rights

If your personal data is processed by IHRB, you have certain rights in relation to that data, which are outlined in summary form below. IHRB may require further information from you before we can respond to your request. The scope of certain rights may be subject to certain restrictions or exceptions provided for under data protection legislation.

All requests to exercise your rights will be duly considered by our representatives. Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted. Please contact us through our DPO Office via email at dataprivacy@ihrb.ie so we provide you with the necessary information.

You have the following rights:

Right of Access

You have the right to receive a copy of the personal data IHRB holds about you as well as information about how it is used.

Applicability

This right is applicable at all times when IHRB holds your personal data.

Right to Rectification

You have the right to ask IHRB to correct personal data we hold about you where it is incorrect or incomplete.

Applicability

This right is applicable at all times when IHRB holds your personal data.

Right to Erasure

This right entitles you to require the erasure of your personal data from IHRB’s systems and records. However, this right applies only in certain circumstances (e.g. where IHRB no longer needs the personal data for the purpose for which we collected it or where you withdraw consent to our use of your personal data and where there is no other legal basis for continuing to use it).

Applicability

This right does not apply where personal data is required for the purpose of compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority.

Right to Restrict Processing

This right entitles you to restrict the processing of your personal data by IHRB. Where this right is exercised, IHRB is still permitted to store your personal data but other use of the data is prohibited, save in certain limited circumstances.

Applicability

You can exercise this right if one of the following applies:

  • You contest the accuracy of the personal data held about you and the IHRB is verifying the accuracy of the data.
  • The personal data has been processed unlawfully and you oppose erasure and request restriction instead.
  • IHRB no longer needs the personal data but you need the data in connection with a legal claim.
  • You have objected to processing and IHRB is considering whether its legitimate grounds override your rights and interests.

Right to Data Portability

This right allows you to obtain your personal data in a format that enables you to transfer that personal data to another organisation where IHRB is processing your personal data on the basis of consent or on the fulfillment of a contract and if processing is carried out by automated means.  You may have the right to have your personal data transferred by us directly to the other organisation, if this is technically feasible.

Applicability

This right does not apply where personal data is required for the purpose of compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority.

Right to Object

You have the right to object to the IHRB’s use of your personal data in certain circumstances. However, IHRB may continue to use your personal data, despite your objection, where there are compelling legitimate grounds to do so or we need to use your personal data in connection with any legal claims.

Applicability

This right applies where IHRB processes your personal data for the performance of a task carried out in the public interest or in the exercise of official authority or in pursuance of its legitimate interests.

Right Relating to Automated Decision Making and Profiling

You have the right not to be subject to a decision based solely on automated processing (without human involvement) where that decision produces a legal effect or otherwise significantly affects you.

Applicability

As IHRB currently does not make any automated decisions, this right is not applicable.

Right to Withdraw Consent

You have the right to withdraw your consent to the processing of your personal data by IHRB at any time. This will not affect the lawfulness of our processing before the withdrawal.

Applicability

This right only applies where the sole legal basis for processing your personal data is your consent.

Right to Complain to Data Protection Commission

You have the right to lodge a complaint with the Data Protection Commission (DPC) via their website www.dataprotection.ie if you think that the IHRB has not processed your personal data in accordance with data protection legislation.

Applicability

This right applies at any time.

Failure to provide personal information

If you fail to provide certain information when requested, we will not be able to fulfill our legal obligations or deliver the service you have requested.

Modifications of this policy

We may revise this policy occasionally by publishing a new version on our website. You may choose to check this page on a regular basis to note any changes to this notice.

Data Protection Officer

Our Data Protection Officer's contact detail: 

dataprivacy@ihrb.ie

 


Copyright © 2018, I.H.R.B, All Rights Reserved.

Main Menu