Privacy policy

Privacy Statement-  Update May 2024

At SolarAdmin Ireland, we are committed to protecting and respecting your privacy. This Privacy Statement outlines our policies and practices regarding how we collect, use, maintain, and disclose information collected from users of the SolarAdmin Ireland website.

**Information We Collect**

We may collect personal identification information from users when they visit our site, fill out a form, or in connection with other activities, services, features, or resources we make available. Users may be asked for information such as name, email address, and phone number. We will collect personal identification information from users only if they voluntarily submit such information to us.

**Non-personal Identification Information**

We may collect non-personal identification information about users whenever they interact with our site. This may include the browser name, the type of computer and technical information about users' means of connection to our site, such as the operating system, internet service provider, and other similar information.

**Web Browser Cookies**

Our site may use "cookies" to enhance user experience. Users' web browsers place cookies on their hard drives for record-keeping purposes and sometimes to track information about them. Users may choose to set their web browser to refuse cookies, or to alert them when cookies are being sent.

**How We Use Collected Information**

SolarAdmin Ireland may collect and use users' personal information for the following purposes:

1. To improve customer service.
2. To personalize the user experience.
3. To improve our site.
4. To send periodic emails, if the user decides to opt-in to our mailing list.

**Protecting Your Information**

We adopt appropriate data collection, storage, and processing practices, and security measures to protect against unauthorized access, alteration, disclosure, or destruction of your personal information stored on our site.

**Sharing Your Personal Information**

We do not sell, trade, or rent users' personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners and trusted affiliates for the purposes outlined above.

**Changes to This Privacy Statement**

SolarAdmin Ireland has the discretion to update this privacy statement at any time. We encourage users to frequently check this page for any changes and to stay informed about how we are helping to protect the personal information we collect.

**Your Acceptance of These Terms**

By using this site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our site. Your continued use of the site following the posting of changes to this policy will be deemed your acceptance of those changes.

**Contacting Us**

If you have any questions about this Privacy Statement, the practices of this site, or your dealings with this site, please contact us at: solarassistireland@gmail.com

 

Privacy Policy for SolarAdmin Ireland's Website

Introduction

Welcome to SolarAdmin Ireland. We specialise in providing administrative services to PV installers and installation companies. This Privacy Policy outlines how we collect, use, and protect the personal information of our users, including PV installers, installation companies, and the general public, when they use our website hosted on Shopify. It also details the rights you have regarding your personal data.

 

Information We Collect

1. Data Collected on Our Payment Page:

When you purchase services through our website, we collect information necessary to complete the transaction, including your name, contact information, and payment details.

2. Data Collected via Our Lead Capture Form:

If you make an inquiry through our website, we collect information such as your name, email address, phone number, and any other details you provide in your message.

3. Automatic Data Collection:

As you navigate through our website, certain information may be passively collected (gathered without your actively providing the information) using various technologies and means, such as cookies, Internet tags, and navigational data collection.

 

Use of Data

1. Service Provision:

Your data is used to fulfill service requests, manage transactions, and respond to inquiries.

2. Communication:

We use your information to communicate with you about your orders, inquiries, and our services.

3. Marketing:

With your consent, we may use your information to send you promotional messages and updates about new products and services. You can opt out of receiving marketing communications from us at any time.

 

Sharing and Disclosure

1. Shopify:

As our website is hosted on Shopify, your data is stored on Shopify’s data storage, databases, and the general Shopify application. Shopify data storage facilities adhere to secure server protocols.

2. Payment Processors:

We use third-party services for payment processing (e.g., credit card transaction processors). We do not store or collect your payment card details; this information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy.

3. Legal Requirements:

We may disclose your personal information if required by law or if we believe that such action is necessary to comply with a legal obligation, protect and defend our rights or property, or protect the personal safety of users of the Service or the public.

Data Security

We take the security of your data seriously and use appropriate measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include encryption and secure software practices.

International Data Transfers

Information that we collect may be stored and processed in and transferred between any of the countries in which we operate to enable us to use the information in accordance with this policy. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Your Rights

You have the right to access, correct, update or request deletion of your personal information. You can also object to processing your data, ask us to restrict processing of your data, or request portability of your data. To exercise these rights, please contact us using the details provided below.

Changes to This Privacy Policy

We may update this policy periodically to reflect changes to our privacy practices. The date of the most recent revisions will appear on this page. We encourage you to review this policy frequently to stay informed about how we are protecting the information we collect.

 

Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Email: solaradminireland@gmail.com

Phone: 019019667

WhatsApp: 0851369416

 

By using our website, you acknowledge that you have read and understand this Privacy Policy.

 

Privacy Policy for SolarAdmin Ireland  (Home, Business Owners, Client’s Clients)

1. Introduction

This Privacy Policy outlines the commitment of SolarAdmin Ireland to protect the privacy and security of personal information. As an administrative service provider for PV installers and installation companies throughout Ireland, we handle significant amounts of personal data, primarily to facilitate the administration of solar installations and related services. This policy details our practices regarding the collection, use, and protection of personal data, ensuring transparency and building trust with the homeowners and PV installers we serve.

Purpose of the Policy: The purpose of this Privacy Policy is to inform homeowners and PV installers about how SolarAdmin Ireland collects, processes, and uses the personal data provided to us. It explains the measures we take to protect personal data and the rights of individuals in relation to their personal information. Our goal is to comply fully with the General Data Protection Regulation (GDPR) and to ensure that our practices are clear and understandable to everyone involved.

Types of Personal Data Collected and Processed: SolarAdmin Ireland collects various types of personal data to effectively carry out our administrative duties. These include:

•Personal Identifiers: Names, addresses, email addresses, and phone numbers of homeowners and business owners. This data is essential for communication and for processing any necessary documentation related to PV installations.

•Technical Information: Information about the homeowner's property that is relevant to the installation and maintenance of PV systems, such as property size, location, and existing electrical infrastructure.

•Financial Information: If applicable, we collect financial details necessary to process applications for grants, subsidies, or financing solutions tailored to the needs of homeowners for PV installations.

•Contractual Data: Information contained in contracts between homeowners and PV installers, which is necessary for us to perform our administrative services.

Each type of data is collected for specific, legitimate purposes, detailed within this policy, and is handled with the utmost care to ensure privacy and security.

2. Information Collected

At SolarAdmin Ireland, we collect personal data that is essential for providing administrative services to PV installers and ensuring that homeowners receive efficient and compliant installations of their PV systems. Understanding the types and methods of data collection is crucial for transparency and trust between all parties involved.

Types of Personal Data Collected:

•Personal Identifiers: We collect basic personal details such as the homeowner's name, postal address, telephone number, and email address. This information is necessary to identify the project, process the project, to communicate effectively, and to ensure that documents and correspondence are accurately addressed.

•Contact Information: Beyond basic identifiers, we gather additional contact details that may be necessary for extended communication or emergency contact purposes.

•Property Information: Details about the property where the PV system will be installed, including geographic location, property size, and specifics of the current energy system, are collected. This information helps in planning the installation and ensuring compliance with local energy regulations and grant bodies.

•Financial Information: For homeowners seeking subsidies for their PV installations, we collect financial data required to process these applications.

Methods of Data Collection:

•Through PV Installers and Companies: The primary method of collecting personal data is through the PV installers who contract our services. Homeowners provide their information to the PV installer as part of the initial consultation and agreement process for installing a PV system. The PV installer then shares necessary information with us to facilitate administrative tasks such as registration, compliance, and subsidy applications.

•Directly from Homeowners: In some cases, we may collect information directly from homeowners, particularly when additional details are needed or to verify the information previously provided. This direct collection occurs through secure communication channels such as encrypted emails, secure web forms, or over the phone, ensuring data security and privacy.

Automated Technologies: We may also use automated technologies to collect data indirectly, such as through our website's analytics tools. This can include technical data about the contractors / businesses or homeowner's interactions with our website, although such information is typically used in aggregate form for improving our services and is not linked to personal identifiers without consent.

Our approach to data collection is guided by the principles of legality, consent, and transparency, ensuring that all personal data is collected fairly and lawfully, with the informed consent of the homeowner. This process is outlined clearly in our agreements with PV installers and in our communications with homeowners to maintain a high level of trust and compliance.

 

 

3. Use of Data

 

At SolarAdmin Ireland, the personal data we collect is used strictly for defined purposes that support our administrative services for PV installers and homeowners. Here is how we utilise this information:

 

Specific Purposes for Processing Personal Data:

Paperwork and Application Processing for PV Installations: The core use of collected data is to facilitate the administrative aspects of PV installations. This includes preparing and submitting necessary documentation for permits, registration with local authorities, and compliance with energy regulations.

Communication and Coordination: We use contact information to communicate effectively with homeowners and PV installers, ensuring that all parties are informed of the progress, requirements, and any issues related to the PV installation process. We use contact information where it is required for project applications.

Financial Processing: For homeowners or business owners applying for grants, subsidies, we process financial data to manage these applications.

Customer Service and Support: Personal data helps us provide timely support and service to homeowners and business owners, addressing any queries or concerns they might have throughout the admin process. We request that all clients deal directly with their installer or installation company with queries unrelated to admin projects.

Quality Control and Service Improvement: We analyse data to assess the quality of our service and to identify areas where we can improve efficiency and customer satisfaction.

 

Legal Bases for Processing:

Contractual Necessity: The primary legal basis for processing personal data is the performance of a contract. Homeowners agree to share their information as part of their contractual relationship with PV installers, who in turn contract us to handle specific administrative tasks necessary for the installation of PV systems.

Legal Obligations: We process personal data to comply with legal obligations, such as building and safety regulations, tax laws, and other statutory requirements that apply to the installation and operation of PV systems.

Consent: In scenarios where personal data is used for purposes beyond contractual and legal requirements (e.g., marketing or additional services), we obtain explicit consent from contractors,  homeowners or business owners. This consent is freely given, specific, informed, and unambiguous, ensuring that contractors, installers, homeowners or business owners are fully aware of what they are agreeing to.

Legitimate Interests: When applicable, we may process data based on legitimate interests pursued by SolarAdmin Ireland or a third party, provided these interests do not override the fundamental rights and freedoms of the data subjects. This includes activities like marketing our services to potential new clients (PV installers, installation companies), provided these activities are conducted responsibly and transparently.

 

Our data usage practices are designed to be compliant with GDPR and to respect the privacy and rights of all individuals involved. We are committed to processing personal data responsibly, ensuring that it is used only for the purposes for which it was collected and with due regard for the privacy and rights of the data subjects.

 

4. Sharing and Disclosure

 

At SolarAdmin Ireland, the sharing and disclosure of personal data are conducted with strict adherence to data protection regulations and principles. We understand the importance of privacy and ensure that all data shared is done so transparently and securely.

 

Entities with Whom Data Might Be Shared:

SEAI (Sustainable Energy Authority of Ireland): For business owners or homeowners applying for grants related to PV installations, necessary personal and financial information is shared with SEAI to process grant applications and verify eligibility.

Homeowner, Business Owner and PV Installer: Data is primarily shared with the homeowner and the PV installer who has contracted our services. This facilitates effective communication and the seamless coordination necessary for the installation process.

ESB Networks: To register and connect the PV installation to the national grid, relevant information is shared with ESB Networks. This includes homeowner’s details and technical specifications of the PV system, essential for ensuring safe and compliant grid connections.

Regulatory Bodies: When required by law or for compliance with regulations, we may disclose personal data to governmental or other regulatory authorities. This ensures adherence to building, safety, and energy regulations.

 

Conditions Under Which Data May Be Disclosed:

Consent: Personal data is disclosed based on explicit consent from the homeowner, particularly for data sharing not strictly necessary for contract performance or compliance with legal obligations.

Contractual Necessities: Disclosure of data is essential for fulfilling our contractual obligations to business owners, homeowners or PV installers, installation companies, enabling the administration and facilitation of PV installation processes.

Legal Obligations: Data may be disclosed to comply with legal requirements, such as responding to lawful requests from courts or governmental agencies.

Vital Interests: In exceptional cases, data may be shared to protect the vital interests of individuals, particularly in emergency situations.

 

Safeguards and Protections in Place:

Data Protection Agreements: We ensure all third parties, like Installers SEAI and ESB Networks, with whom data is shared are bound by strict data protection agreements that mandate the confidentiality and security of the data.

Minimal Disclosure: Only the minimal necessary information is shared to fulfill the intended purposes, adhering to the principle of data minimization as prescribed by GDPR.

Secure Transmission: We employ secure methods of transmission for all personal data to prevent unauthorised access, use, or disclosure.

 

This careful approach to the sharing and disclosure of personal data ensures that all necessary parties are informed and involved in the PV installation process while maintaining the integrity and confidentiality of the data subjects’ information. SolarAdmin Ireland remains committed to upholding the highest standards of data protection and privacy for all our clients and partners.

 

5. Data Security

At SolarAdmin Ireland, we are deeply committed to ensuring the security of personal data under our stewardship. We employ a comprehensive set of measures to safeguard data against unauthorised access, loss, destruction, or alteration. Here are the specific security measures we have implemented:

Antivirus Protection on All PCs and Laptops: We equip every computer and laptop used within our operations with industry-standard antivirus software. This software is regularly updated to protect against the latest threats, including malware, viruses, and ransomware. Regular scans and real-time protection measures ensure that all devices are secure and that threats are neutralized promptly.

Password-Protected Backups: To safeguard against data loss due to system failures, natural disasters, or cyber-attacks, we maintain regular backups of all critical data. These backups are encrypted and password-protected, ensuring that only authorized personnel can access them. Backup files are stored securely in multiple locations, providing redundancy to prevent total data loss.

Password-Protected Shared Files: When sharing files internally or with authorised external parties, we utilise password protection to ensure that only individuals with the correct credentials can access the information. This method is part of our broader approach to data access control, minimizing the risk of data leakage or unauthorized access.

Additional Security Measures:

Encryption: Sensitive data, especially when transmitted over public or unsecured networks, is encrypted to prevent interception by unauthorised parties.

•Access Controls:  We enforce strict access controls and user authentication to ensure that only authorised employees have access to sensitive data. This is managed through role-based access permissions, which are regularly reviewed and updated.

•Security Training and Awareness: All employees receive regular training on data security practices, including how to identify phishing attacks, the importance of maintaining strong passwords, and the procedures for reporting security incidents.

•Regular Security Audits: We conduct regular security audits to assess the effectiveness of our security measures. These audits help identify potential vulnerabilities and prompt timely enhancements to our security protocols.

By implementing these robust data security measures, SolarAdmin Ireland ensures that personal data is adequately protected from both internal and external risks, maintaining our commitment to the privacy and security of the data entrusted to us.

 

6. International Data Transfers

SolarAdmin Ireland does not typically transfer personal data outside the European Union (EU). If it becomes necessary to transfer data internationally—outside the EU—we ensure that such transfers are carried out in compliance with the General Data Protection Regulation (GDPR). Safeguards include:

Adequacy Decisions: We rely on the European Commission’s adequacy decisions regarding the country to which data is being transferred, ensuring it offers an adequate level of data protection.

Standard Contractual Clauses (SCCs): If no adequacy decision exists, we use Standard Contractual Clauses approved by the European Commission as a means to provide necessary safeguards on data protection for the data being transferred internationally.

 

 

 7. Data Subject Rights

Data subjects have several rights under GDPR, which include:

Right to Access: You have the right to request a copy of the personal data we hold about you.

Right to Rectification: You can ask us to correct any inaccuracies in the personal data we hold.

Right to Erasure: You can request the deletion of your personal data when it’s no longer necessary for the purposes it was collected.

Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.

Right to Data Portability: You have the right to receive the personal data provided to us in a structured, commonly used, and machine-readable format.

Right to Object: You may object to the processing of your personal data, based on your particular situation, at any time.

Rights Related to Automated Decision Making Including Profiling:  You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

 

To exercise any of these rights, please contact our Data Protection Officer using the contact details provided at the end of this policy.

 

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The criteria used to determine our retention periods include:

The length of time we have an ongoing relationship with you and provide the services to you;

Whether there is a legal obligation to which we are subject; or

Whether retention is advisable considering our legal position (such as regarding applicable statutes of limitations, litigation, or regulatory investigations).

 

9. Changes to the Privacy Policy

We may update this privacy policy from time to time to reflect changes to our data handling practices or for other operational, legal, or regulatory reasons. When we make changes, we will revise the "last updated" date at the top of the policy, and in some cases, we may provide additional notice (such as adding a statement to our homepage or sending you a notification). We encourage you to review our Privacy Policy whenever you access our services to stay informed about our information practices and the ways you can help protect your privacy.

 

10. Contact Information

If you have any questions or concerns about our use of your personal information, please contact our Data Protection Officer at:

 

Email: solaradminireland@gmail.com 

Phone: 019019667 

WhatsApp: 0851369416

 

You may also use these contact details to exercise your rights as a data subject under GDPR. Our dedicated team is ready to address any questions or concerns you might have about your data.

 

 

GDPR Policy for SolarAdmin Ireland

 

1. Introduction

Purpose of the Policy

The purpose of this GDPR Compliance and Privacy Policy is to delineate the framework through which SolarAdmin Ireland manages and protects the personal data it processes as part of its administrative services to photovoltaic (PV) installers and installation companies throughout Ireland. The policy is designed to ensure that all personal data collected from homeowners and Business owners, through their contractual engagement with PV installers, is handled in accordance with both legal requirements and the highest standards of privacy and security. This includes detailing the types of information collected, the reasons for its collection, the lawful bases for processing, the measures taken to protect data, and the rights of individuals whose data is processed. The policy serves not only to comply with regulatory demands but also to fortify trust with PV installers and homeowners by demonstrating a commitment to the conscientious management of their personal information.

Commitment to Data Protection and Privacy in Compliance with GDPR

SolarAdmin Ireland is steadfastly committed to the protection of data and privacy in compliance with the General Data Protection Regulation (GDPR). This commitment is embedded in all our operations and practices involving the handling of personal data. We recognise the importance of safeguarding the personal information of homeowners and business owners as provided by our PV installation clients and are dedicated to processing this data solely in manners that are lawful, fair, and transparent.

Our organisational policies and procedures are meticulously designed to adhere to the GDPR's stringent standards, ensuring data is collected, used, stored, and disposed of in ways that respect both the letter and spirit of the law. We regularly review and update our data protection strategies to address new challenges and risks, guaranteeing that our practices remain current and effective in protecting the privacy rights of individuals. We also maintain open channels of communication to address any concerns or inquiries about data handling, underscoring our commitment to transparency and accountability in all data-related matters.

 

2. Scope

Who the Policy Applies To

The GDPR Compliance and Privacy Policy of SolarAdmin Ireland applies to all personnel within the organisation who interact with or handle personal data in any capacity. This includes full-time and part-time employees, temporary staff, and external contractors. The policy is also pertinent to any third-party service providers with whom SolarAdmin Ireland engages and who may have access to or process personal data under the instructions of SolarAdmin Ireland.

All these parties are required to understand and adhere to this policy as part of their contractual obligations with SolarAdmin Ireland. Compliance with this policy ensures that every individual involved in our operations maintains the integrity and confidentiality of the personal data we process, in line with GDPR requirements and our organisational standards.

Types of Data Processed

In the execution of its administrative services for PV installers and installation companies, SolarAdmin Ireland processes various types of personal data pertaining to homeowners and business owners. This data typically includes, but is not limited to, the following categories:

Personal Identifiers: Names, addresses, and other contact details such as telephone numbers and email addresses.

Technical Information: Data that may be related to the energy usage and efficiency of the homeowner's property, necessary for assessing the suitability and performance of PV installations.

Financial Information: Details necessary for processing applications for subsidies, grants, or financing arrangements for the PV systems, such as bank account details and other related financial data.

Property Details: Information concerning the homeowner’s property where the PV installation is to be conducted, including location, size, and existing electrical infrastructure.

This information is essential for processing necessary paperwork related to PV installations, such as applications for grants, permissions, and compliance with local regulations & ESB. SolarAdmin Ireland ensures that all data collected is relevant and limited to what is necessary for the purposes for which it is processed, adhering to the GDPR's principle of data minimisation.

 

 

3. Data Protection Principles

 

Lawfulness, Fairness, and Transparency: SolarAdmin Ireland is committed to processing personal data lawfully, fairly, and in a transparent manner. All data processing activities are conducted in strict adherence to legal provisions and without infringing on the rights or freedoms of the individuals concerned. We ensure that all persons whose data is processed are informed about how their data will be used, whom it will be shared with, and the purposes of these activities. Information regarding data processing is presented in a clear and understandable way, promoting an open and honest relationship with stakeholders.

 

Purpose Limitation: We collect data exclusively for specified, explicit, and legitimate purposes and do not further process this data in a manner that is incompatible with those purposes. Each collection point is carefully evaluated to ensure that it aligns with the effective and efficient fulfillment of our services to PV installers and their clients, while also meeting any legal or contractual requirements.

 

Data Minimisation: SolarAdmin Ireland adheres to the principle of data minimisation by ensuring that only the data that is necessary for the completion of its designated purposes is collected and processed. We regularly review our data collection practices ensuring that all data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

 

Accuracy: We take every reasonable step to ensure that personal data we process is accurate and, where necessary, kept up to date. Any inaccuracies are promptly corrected or deleted without delay. Regular audits and reviews are conducted to ensure the ongoing accuracy of the data processed.

 

Storage Limitation: Personal data is not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is processed. We have clear policies and procedures in place to ensure that data is regularly reviewed for deletion or anonymisation, adhering to statutory and regulatory requirements. Data is stored until the project reached the completion milestone, such as grant money is marked as paid. Then the folder is scheduled to be deleted. It is the installers responsibility to store the information in relation to the sale and supply of goods act.

 

Integrity and Confidentiality: Protecting the integrity and confidentiality of data is paramount. SolarAdmin Ireland implements appropriate technical and organisational measures to ensure data is processed securely. This includes protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage by using appropriate technological solutions and robust organisational strategies.

 

Accountability: SolarAdmin Ireland takes responsibility for, and is able to demonstrate compliance with, the above principles. We have designated a Data Protection Officer (DPO) and have implemented internal policies and measures which meet the principles of data protection by design and data protection by default. Our accountability measures include keeping detailed records of data processing activities, conducting regular data protection impact assessments, and providing training to all staff and contractors involved in data handling processes.

 

4. Legal Basis for Processing

 

Contractual Necessity: SolarAdmin Ireland processes personal data primarily under the legal basis of contractual necessity. This entails handling data necessary for the performance of a contract to which the data subject is party, or in order to take steps at the request of the data subject prior to entering into a contract. Specifically, we process personal details of homeowners to fulfill our administrative services contracted by PV installers and companies. This includes processing data for the installation, maintenance, and legal compliance of PV systems, ensuring all contractual obligations between homeowners, PV installers, and other parties are satisfactorily met.

 

Compliance with Legal Obligations: Another foundation for our data processing activities is compliance with legal obligations. SolarAdmin Ireland is required to process certain personal data to comply with various legal requirements that apply to our business operations. This includes tax laws, labor laws, and other statutory requirements. For instance, we might process personal data to fulfill our obligations under energy regulation, safety compliance, or financial regulations, ensuring that all installations and operations adhere to the pertinent laws and guidelines.

 

Legitimate Interests Pursued by SolarAdmin Ireland or a Third Party: SolarAdmin Ireland also processes data on the basis of legitimate interests. This occurs when such processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, provided that these interests are not overridden by the interests or fundamental rights and freedoms of the data subjects which require protection of personal data. Examples include data processing for purposes of enhancing service delivery, optimising user experience, security enhancements, and direct marketing. Before relying on this basis, we ensure a thorough assessment is conducted to balance our interests against the rights and freedoms of the data subjects, ensuring that their privacy rights are not unduly impacted by our operations.

 

 

 

5. Rights of the Data Subjects

 

Right to Information: Data subjects have the right to be informed about the collection and use of their personal data. SolarAdmin Ireland ensures that clear information is provided about who is collecting the data, the purpose of the processing, the retention periods, and who it will be shared with. This is communicated through our Privacy Policy and other informational materials at the time of data collection. It is the responsibility of the installer or installing company to inform their client that information is being handled by a third party.

 

Right to Access: Individuals have the right to access their personal data processed by SolarAdmin Ireland. They can request a copy of their personal data, along with other details about how it is being processed, to verify the lawfulness of the processing.

 

Right to Rectification: Data subjects have the right to have inaccurate personal data rectified, or completed if it is incomplete. SolarAdmin Ireland provides an easy process for individuals to update their personal information as necessary, ensuring their data remains accurate and up-to-date.

 

Right to Erasure ('Right to be Forgotten'): Individuals can request the deletion or removal of personal data where there is no compelling reason for its continued processing. This right applies when the data is no longer necessary in relation to the purposes for which it was collected, when consent is withdrawn and there is no other legal ground for processing, or when the personal data has been unlawfully processed.

 

Right to Restrict Processing: Data subjects have the right to request the restriction of processing of their personal data. This means that the processing of data is limited, so we can store the data but not use or process it. This right is applicable in specific circumstances, such as when the accuracy of the data is contested, or the processing is unlawful.

 

Right to Data Portability: This right allows individuals to obtain and reuse their personal data across different services. It applies to data that an individual has provided to a controller, where the processing is based on the individual’s consent or for the performance of a contract and is carried out by automated means. This allows them to move, copy, or transfer personal data easily from one IT environment to another in a safe and secure way.

 

Right to Object: Data subjects have the right to object to the processing of their personal data based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

 

Rights in Relation to Automated Decision Making and Profiling: Individuals have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them. SolarAdmin Ireland ensures that individuals can intervene, express their point of view, and obtain an explanation of the decision and challenge it, where such processes are used.

 

SolarAdmin Ireland is committed to facilitating these rights efficiently and without undue delay. Requests are handled promptly and in accordance with GDPR guidelines, ensuring transparency and accessibility for all data subjects.

6. Data Security

 

Measures to Secure Data: SolarAdmin Ireland is committed to ensuring the security of personal data through the implementation of robust technical and organisational measures. This includes the use of encryption technologies to protect data in transit and at rest, secure access controls to limit access to data to authorised personnel only, and regular security assessments to identify and mitigate vulnerabilities. We employ state-of-the-art cybersecurity tools to safeguard against unauthorised access, alteration, disclosure, or destruction of information. Additionally, all employees and contractors are trained on best practices for data security and privacy, reinforcing the importance of protecting personal data as part of their everyday responsibilities.

 

Procedures for Dealing with Data Breaches: In the event of a data breach, SolarAdmin Ireland has established a formal incident response plan to manage such situations effectively and in compliance with GDPR requirements. This plan includes immediate steps to contain and limit the breach as much as possible, assess the nature and scope of the breach, and determine the potential impact on data subjects. We are committed to notifying the relevant supervisory authority without undue delay and, where applicable, the affected data subjects, particularly if the breach is likely to result in a high risk to their rights and freedoms. Notifications include detailed information about the breach, the possible consequences, and the measures being taken to address the breach. Regular reviews and updates to our incident response plan ensure that it remains effective and aligned with the latest data protection practices and regulatory requirements.

7. Data Transfers

SolarAdmin Ireland strictly controls the transfer of personal data, adhering to the principle that personal data is not shared with any parties other than the homeowner or business owner to whom the data belongs, or the PV installer or company who has contracted us to carry out administrative tasks. Given this policy, international data transfers are generally not a routine aspect of our operations. However, in certain circumstances where data may need to be transferred internationally, the following conditions and protocols are adhered to ensure compliance with the General Data Protection Regulation (GDPR):

Limited Circumstances for Transfer: Data transfers outside the European Economic Area (EEA) only occur under exceptional circumstances, such as when it is necessary for the completion of the services contracted by the homeowner and the PV installer, or when explicitly required by law.

Strict Transfer Protocols: In scenarios where data must be transferred internationally:

•Data Minimisation: Only the minimum necessary data is transferred, strictly limited to what is required to fulfill the contractual obligations or legal requirements.

•Security Measures: Comprehensive security measures, including encryption and secure data handling protocols, are implemented to protect the data during transfer and at its destination.

•Legal Compliance: All transfers are conducted in compliance with legal frameworks, ensuring that they do not compromise the rights and freedoms of the data subjects.

Contractual Obligations and Consents: Before any data transfer:

•Clear Communication: Homeowners, business owners and PV installers are clearly informed about the specifics of any data transfer, including the reasons for the transfer and the measures taken to protect the data.

•Consent: Explicit consent is obtained from the data subject prior to the transfer, particularly in situations where sensitive data may be involved or where the destination country may not have data protection laws equivalent to those within the EEA.

Regulatory Oversight: SolarAdmin Ireland remains vigilant and responsive to the regulatory environment, ensuring that any changes in data protection laws or practices are promptly reflected in our policies and procedures.

By maintaining these strict guidelines, SolarAdmin Ireland ensures that all data transfers are conducted responsibly, securely, and in full compliance with GDPR, safeguarding the personal information of homeowners and supporting the trust placed in us by our clients.

 

 

8. Roles and Responsibilities

Data Protection Officer (DPO):

If applicable, the Data Protection Officer (DPO) at SolarAdmin Ireland plays a critical role in ensuring compliance with the GDPR. The responsibilities of the DPO include:

•Monitoring Compliance: Overseeing the implementation and compliance of GDPR practices across the organisation.

•Advisory Role: Advising the company and its employees on data protection obligations and best practices.

•Training and Awareness: Organising training sessions for staff to enhance their understanding of GDPR requirements and data protection measures.

•Point of Contact: Acting as the point of contact between the company and supervisory authorities, as well as between the company and individuals whose data is processed (data subjects).

•Risk Assessment: Conducting regular assessments to identify and mitigate data protection risks, including the management of data protection impact assessments for high-risk processing activities.

•Policy Development and Implementation: Helping to develop and implement internal policies related to data protection and privacy.

Responsibilities of Employees / Contractors:

All employees and contractors at SolarAdmin Ireland are responsible for handling data in accordance with GDPR compliance and company policies. Their responsibilities include:

Data Handling: Ensuring that personal data is handled and processed solely for the purpose of completing administrative tasks related to the services provided to homeowners and PV installers.

Minimising Data Exposure: Applying the principle of data minimisation by ensuring that only necessary data is accessed and used during the performance of their duties.

•Security Practices: Following all security protocols and measures set by the organisation to protect data from unauthorised access, loss, or breach.

Reporting Concerns: Immediately reporting any data breaches or security incidents to the DPO or the designated authority within the organisation.

•Privacy by Design: Incorporating data protection measures in the early stages of any new process or project that involves personal data processing.

•Confidentiality Commitment: Maintaining the confidentiality of the personal data they handle as part of their job responsibilities.

By defining clear roles and responsibilities for the DPO and all employees, SolarAdmin Ireland ensures a strong data protection culture within the organisation, promoting adherence to GDPR requirements and safeguarding the personal information of all data subjects involved in our operations.

 

9. Training and Awareness

At SolarAdmin Ireland, we recognise the importance of continuous education and awareness regarding data protection laws and GDPR compliance. Our commitment to safeguarding the personal information we handle is reflected in our rigorous training and awareness programs, designed to keep all staff informed and vigilant. Here’s how we implement this key component:

Regular Training Programs: We conduct regular, mandatory training sessions for all employees, regardless of their role or level within the organisation. These sessions are scheduled at least annually, or more frequently in case of significant changes in data protection laws or internal processes. The training covers the following areas:

•Fundamentals of GDPR: An overview of GDPR regulations, principles, and the rights of data subjects.

•Specific Role-Based Responsibilities: Detailed training tailored to the specific data handling roles and responsibilities of different employee groups within the organisation.

•Secure Data Handling Procedures: Instructions on how to handle data securely, including the proper methods of data collection, processing, storage, and deletion.

•Breach Response: Training on how to identify and respond to data breaches, including the importance of timely reporting to the designated internal contacts.

Awareness Campaigns: In addition to formal training, we run ongoing awareness campaigns to keep data protection at the forefront of our employees' minds. This includes regular newsletters, updates on the latest data protection practices, and reminders about the importance of GDPR compliance.

Resources and Support: All employees have access to resources and materials related to GDPR and data protection, available through our internal knowledge base. We also ensure that our Data Protection Officer (DPO) is accessible for any questions or additional training needs employees may have regarding specific data protection issues.

Assessment and Feedback: Following each training session, employees are required to complete a short assessment to demonstrate their understanding of the content covered. Feedback is collected to continually improve the training programs and ensure they are effective and engaging.

Record Keeping: SolarAdmin Ireland maintains records of all training sessions, including attendance and assessment results, to ensure compliance and accountability within our training program.

This comprehensive approach to training and awareness ensures that all employees at SolarAdmin Ireland are equipped with the knowledge and skills necessary to protect personal data effectively, promoting a culture of compliance and respect for privacy throughout our operations.

 

Website GDPR Policy for SolarAdmin Ireland

Introduction

SolarAdmin Ireland is committed to protecting the privacy and security of personal data collected through our website, in accordance with the General Data Protection Regulation (GDPR). This GDPR Policy outlines the principles and practices we follow to ensure the data privacy of all users, including PV installers, installation companies, and the general public.

 

Principles of Data Protection

Our data protection practices adhere to the following principles:

 

Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner.

Purpose Limitation: We collect data for specified, explicit, and legitimate purposes and do not process it further in a manner that is incompatible with those purposes.

Data Minimisation: We ensure that personal data is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

Accuracy: We take every reasonable step to ensure that personal data that we process is accurate and, where necessary, kept up to date.

Storage Limitation: We retain personal data in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.

Integrity and Confidentiality: We process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.

Scope and Application

This GDPR Policy applies to all personal data processed by SolarAdmin Ireland via our website hosted on Shopify. It encompasses data collected through various methods such as payment pages, contact forms, and automatic data collection technologies.

 

Data Collection and Use

Personal Data Collected: This includes names, contact details, payment information, and any other information users choose to provide us through the website.

Purpose of Data Collection: Data collected is used for transaction processing, customer service, marketing purposes (with consent), and improving our website and services.

Legal Basis for Processing: We process personal data under the legal bases of consent, contractual necessity, and legitimate interest, in compliance with GDPR.

Data Subject Rights

Under GDPR, data subjects have the right to:

 

  • ·         Access their data
  • ·         Request correction or erasure of their data
  • ·         Restrict processing
  • ·         Object to processing
  • ·         Data portability

To exercise these rights, data subjects can contact our Data Protection Officer at the contact information provided at the end of this policy.

Data Sharing and Transfers

Third-party Processors: Data may be shared with third-party service providers who perform services on our behalf, such as payment processing and website analytics.

International Transfers: Any data transferred outside the EU is done so with appropriate safeguards in place, such as Standard Contractual Clauses.

Data Security

We implement robust security measures to protect data from unauthorized access, disclosure, alteration, and destruction. These include encryption, security protocols, and regular security audits.

 

Updates to this Policy

We may update this GDPR Policy from time to time. Users will be notified of significant changes through our website or via direct communication.

 

Contact Information

For any questions, concerns, or requests regarding this GDPR Policy, please contact:

Data Protection Officer:

Email: solaradminireland@gmail.com

Phone: 019019667

WhatsApp: 0851369416

 

This policy is effective as of June 2023, Updated May 2024, and reflects our commitment to comply with the provisions of GDPR and respect the privacy of our users.

 

 

SolarAdmin Ireland App Security and Privacy Policy

Effective Date: 18.07.2024

1. Introduction

SolarAdmin Ireland (“we,” “us,” “our”) is committed to protecting your privacy and ensuring the security of your data. This Security and Privacy Policy outlines how we collect, use, store, and protect your information when you use our app, available on the iOS and Android App Stores. Our practices comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Collection and Use

Types of Data Collected:

  • Personal Information: Name, email address, company name, and login credentials.
  • Project Data: Images and documents related to solar PV installations.

Purpose of Data Collection:

  • To facilitate the use of our app for capturing and managing solar PV installation documents.
  • To provide secure storage and transfer of documents to Dropbox.
  • To communicate with users regarding app updates, services, and support.

3. Data Storage and Security

Storage:

  • All images and documents captured through the app are initially stored in a secured AWS (Amazon Web Services) account.
  • After initial storage, the data is transferred to a designated Dropbox account for compilation and sharing with the installation company or installer.

Security Measures:

  • Encryption: Data is encrypted both in transit and at rest using industry-standard encryption protocols.
  • Access Controls: Each user has unique login details and secure passwords. Multi-factor authentication (MFA) is available for added security.
  • Regular Audits: We conduct regular security audits and vulnerability assessments to ensure the integrity of our systems.

4. Data Sharing and Disclosure

Third-Party Services:

  • AWS and Dropbox: We use AWS for secure storage and Dropbox for document compilation and sharing. Both services comply with GDPR and other relevant data protection laws.
  • Service Providers: We may engage third-party service providers to perform functions on our behalf, such as customer support. These providers have access to personal data only as necessary to perform their functions and are obligated to maintain its confidentiality.

Legal Requirements:

  • We may disclose your personal data to comply with legal obligations, enforce our terms and conditions, or protect our rights, property, or safety.

5. User Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request access to your personal data and obtain a copy.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal obligations.
  • Restriction: Request restriction of processing of your personal data.
  • Data Portability: Request transfer of your data to another service provider.
  • Objection: Object to the processing of your personal data in certain circumstances.

To exercise these rights, please contact us at solarassistireland@gmail.com

6. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

7. Children's Privacy

Our app is not intended for use by children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that a child under 16 has provided us with personal data, we will take steps to delete such data.

8. Changes to This Policy

We may update this Security and Privacy Policy from time to time. We will notify you of any changes by posting the new policy on our website and within the app. You are advised to review this policy periodically for any changes.

9. Contact Us

If you have any questions or concerns about this Security and Privacy Policy, please contact us at:

SolarAdmin Ireland
Email: solarassistireland@gmail.com
Phone: 019019667 

By using our app, you acknowledge that you have read and understood this Security and Privacy Policy and agree to our data practices as described.

Last Updated: 18.07.2024