Privacy Policy

 

Need and Purpose of our Privacy Policy

 

Dogpatch Labs Management DAC (“Company”, “NDRC”, “Founders”, “we”, “us”) is subject to certain laws that regulate how NDRC can collect, store, use, or otherwise process your personal data. At NDRC we value the importance of protecting privacy and personal data. While we have to reserve the right to update this privacy policy at any time without prior notice, our data processing will always remain fair, transparent, and lawful. This policy is NDRC public affirmation of how we intend to fulfil that goal.

Organisation Identity

 

NDRC is Ireland’s Government-funded startup incubator and accelerator located in the heart of Dublin’s Digital Docklands, at the following address: NDRC, Unit 1, The CHQ Building, Custom House Quay, Dublin 1, Ireland.

The assigned Data Protection Officer can be contacted at privacy@ndrc.ie.

Applicability of the Privacy Policy

 

This policy only concerns itself with the processing of personal data. The policy applies to all websites that we own and operate, including the websites located at www.ndrc.ie and all related websites such as www.joinfounders.co, our applications and/or APIs, and online services (our “Site“), as well as our application platforms (“Platform“), and other services, offerings, and other interactions (e.g., customer service inquiries, or your participation in programmes, office hours, pre-accelerators, accelerators, mentoring sessions, user conferences, community events, etc.) you may have with us that are subject to this Privacy Policy (together with our Site, collectively referred to as our “Services“). If you do not agree with the data practices described in this Privacy Policy, you should not use our Services.

This Privacy Policy does not apply to any third party applications or software that integrate with the Services through our Site (“Third Party Services“), or any other third party products, services or businesses.

The types of personal data that NDRC may process will vary and depend on the interactions that a person has with NDRC. Specific policies may apply to your relationship with NDRC in addition to this general statement of policy, for example if you are an employee with specific policies to your role. Those specific policies will take precedence over any conflicting provision in this Privacy Policy. If you are unsure or would like to ask what policies we consider apply to your relationship with NDRC please send an email to our data protection officer at privacy@ndrc.ie.

Definitions

 

Personal data is data that relates to an identified or identifiable person. If data does not permit us or another party to identify a person, directly or indirectly, then it is not personal data. The law does not require, and it is not NDRC practice, to acquire extra, unnecessary information solely for the purpose of identifying persons.

Processing, refers to actions that can be done with personal data: collecting, storing, analysing, communicating, et cetera. This includes processing completed with or without computers.

GDPR means the EU General Data Protection Regulation 2016/679 (as amended and replaced from time to time)

Data controller determines the purposes for which and the means by which personal data is processed

For purposes of this policy, except where otherwise stated, the controller is NDRC. As the contracting body, the Department of the Environment, Climate and Communications (“Minister”, “DECC”) of Ireland is the Joint Controller (ref 35.5 (B)) for data relating to the NDRC programmes.

Processing, refers to actions that can be done with personal data: collecting, storing, analysing, communicating, et cetera. This includes processing completed with or without computers.

A processor is any vendor or service provider who processes personal data on behalf of NDRC.

Sensitive Data means any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Personal data is data that relates to an identified or identifiable person. If data does not permit us or another party to identify a person, directly or indirectly, then it is not personal data. The law does not require, and it is not NDRC practice, to acquire extra, unnecessary information solely for the purpose of identifying persons.

Consent is a clear, unambiguous action by a person that they agree to a specific processing. In order for this consent to be valid, the person consenting has to understand the purpose, nature, and conditions of the processing, including, for example, if NDRC will be getting outside help to process personal data.

GDPR Data Protection Principles

 

NDRC commits itself to operating on the basis of the following privacy principles:

  1. Lawfulness, Fairness, and Transparency  

    1. Beyond upholding your legal rights, our aim is to provide our services fairly to you, and to be transparent in the way we process your data.

    2. We will always provide you with a clear statement of the purpose behind our data processing.

    3. We will always provide you with a clear statement on how that processing is compatible with your legal rights, also known as the legal or lawful basis for processing.

      1. One common example of a lawful basis is where processing is necessary for a service or contract that you have requested. Another common basis is where we have a legal obligation to process your data, such as to protect against fraud. Your consent can sometimes also be a legal basis for processing.

  2. Purpose limitation  

    1. We aim to collect your data only for specific, limited purposes that we will specify to you in advance as clearly as we can.

    2. Moreover, in the event we ever rearrange how we do things, we aim never to process your data in a way that is incompatible with the original purposes.

  3. Data Minimisation: We try only to process the personal data that we really need –no more and no less.

  4. Accuracy: We will try to correct or erase, depending on what is appropriate in the context, personal data that are inaccurate.

  5. Storage Limitation: No one needs or wants their data floating around for eternity, so we try to delete data when we no longer need them.

  6. Integrity and Confidentiality: We protect your data with the appropriate technologies and business practices. We guard against unauthorised or unlawful processing, and against accidental loss, destruction, or damage to your data.

  7. Accountability

    1. We aim to document, as necessary and appropriate, the things we do for your protection.

    2. You also have a number of rights that you can use to check up on us and hold us accountable.

    3. Finally, in addition to holding ourselves accountable, we also demand that our processors commit themselves to the protections you deserve. We aim to be transparent in our choice of processors so that you can hold them accountable too.

Your Rights

 

You enjoy certain rights and privileges too that are important enough that they get their own section. We’d especially like to draw your attention to your rights to object and to restrict processing.

Right to Withdraw Consent

For any processing that is based on your consent, you can withdraw that consent at any time. This means that we will stop that processing, unless there is another basis to continue processing, such as a legal obligation. Withdrawing consent does not affect any processing that has already taken place.

Rights to Hold Us Accountable

You have a number of legal rights that will help you hold us accountable and abide by the above privacy principles. 

Here’s a listing of rights that you should keep in mind:

  1. Rights to Information and Access

  2. Right to correct inaccurate data, or supplement incomplete data

  3. Right to erasure

  4. Right to restriction of processing

  5. Right to data portability

  6. Right to object

  7. Right to avoid automated individual decision-making

  1. Rights to Information and Access

    1. “Who?”  You have a legal right to know who we are, who our representative(s) is/are, who our data protection officer is, and contact information for each.

    2. “Who else??”  You have the right to know who, if anyone will receive your information from us. If we didn’t get your personal data from you, we will tell you where we got it.

    3. “What are you doing?”  You have the right to know in advance the purposes behind our data processing. Moreover, you have the legal right to know in advance the legal basis for our processing. We will always tell you where we processing is necessary for our legitimate interests.

    4. “Why should I?”  We will always tell you whether providing your personal data is voluntary or obligatory, and what would be the result if you choose not to provide your personal data. In particular, we will tell you if you are legally or contractually required to provide us with personal data.

    5. “Where?”  Not all jurisdictions or countries provide the same legal protections for personal data and privacy as the European Union and its Member States. Therefore, you have the right to know if your data is being sent outside the EU and if so, what appropriate safeguards have been put in place especially to protect your data protection and privacy rights. Whenever this arises, we’ll tell you how to get a copy of the protections in place for your personal data. You have a right to receive other information too. We’ll always provide the following specifics to you at the appropriate, relevant time, but here’s a list of what you have a right to receive:

    6. “How long?”  You have a right to know how long we’ll keep your data. If we can’t state a hard number, then we’ll tell you the criteria that will determine when we will delete your personal data.

    7. What does NDRC have?”  You have a right to hear from us what it is that we have about you. If you see anything that needs correction or that you’d like deleted, please contact us through our data protection officer at privacy@ndrc.ie  

    8. “I don’t consent.” If the basis for our processing is your consent, you have a right to withdraw that consent at any time. Withdrawing consent does not affect any processing we’ve already undertaken. It also doesn’t have any effect where processing is not based on your consent.

    9. “I’m still unhappy…” If you think your rights have been violated, you have a right to file a complaint with Ireland’s Data Protection Commissioner.

  2. Right to correct inaccurate data, or supplement incomplete data: We will take every reasonable step to ensure the personal data we process are accurate and up to date. You have the right to inform us of an inaccuracy in data that we process and expect that we will correct it without undue delay. Likewise, if you find that the data we’re processing is incomplete considering the purposes of the processing, you have the right to submit supplementary information. Depending on the circumstances, we might have to ask for some verification of your identity. We’ll do our best to keep those questions to a minimum and to avoid asking for new personal data we don’t already have.

  3. Right to Erasure: In many cases, you have the right to have your personal data deleted. For more information, email our data protection officer at privacy@ndrc.ie

  4. Right to Restrict Processing: European law also provides you with a right called restriction of processing. If objection is like a stop button, then restriction of processing is the pause button: It lets you put a pause on all or certain types of processing.

  5. Right to Data Portability: We understand that sometimes you’ll need to take your data with you. At your request, we’ll provide you with a transferable copy of your data or send it directly (if possible) to your designated recipient. To make this request, please get in touch with the data protection officer at privacy@ndrc.ie. Please note this only applies where the lawful basis was either consent or performance of a contract and processing was automated]

  6. Right to Object: European law provides you with a right to object. This means you have an absolute right to tell us to stop processing your personal data for direct marketing. Where the processing is for purposes other than direct marketing, you should explain to us what it is you’re objecting to and why it is that you’re objecting. NDRC is then entitled at law to consider whether any legitimate grounds override those objections. If not, then NDRC will cease that processing right away.

  7. Right to Avoid Automated Individual Decision-Making: At NDRC, all decisions that could affect your rights are human-made! While we use computers to help us in our work, all decisions are made by real people.

Exercising Your Rights

 

The easiest way for you to exercise the rights above is to contact our data protection officer (DPO) directly via email. Let our DPO know, if possible, what it is that you’re looking for, and what it is that you’d like us to do. If you have multiple requests, please do make sure you state them all clearly so we can act on them all.

We train and instruct all our employees to identify and appropriately escalate what appear to be subject requests based on the above rights. Employees should usually escalate requests to their managers, who will be in touch with the DPO. The DPO may or may not require the assistance of an outside lawyer.

Information We Collect and Receive

 

We collect and receive information that relates to identified or identifiable individuals (“personal information“) as follows:

  • Identity Data: Information such as your name; address; email address; telephone number; gender; date of birth, age and/or age range; photo/avatar

  • Contact Data: Identity Data that includes personal and business contact information, such as postal address, email address, telephone number, or other identifiers used for communication.

  • Special Category Data: Information you voluntarily disclose to use revealing your racial or ethnic identity, health or disability status, or sexual orientation or other personal information. This data is voluntarily submitted.

  • Content: Unstructured or free-form content that you post on our Site or Platform that may include personal data (e.g., text, images, photographs, messages, comments, feedback and correspondence), such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with our Site, receive customer support or otherwise correspond with us.

  • Financial Data: Information such as bank account details, payment card information, and information from credit reference agencies.

  • Commercial Data: Information from transactions and purchases you make through the Site, registrations through our Site, and billing details.

  • Device/Network Data: Information regarding your interaction with a website, application, or advertisement. This includes technical information (e.g., IP Address, MAC Address, SSIDs, etc.), online user ID, device characteristics (such as browser/OS version), web server logs, browser plug-ins, your time zone application logs and language settings, cookie data, web beacons, clear GIFs, pixel tags. It also includes practical information like any login information and information about how you use our Site and interact with us.

  • Inference Data: Data such as your preferences for receiving marketing communications and details about how you engage with them, as well as information relating to your demographics and interests.

  • Audio/Visual Data: Recordings such as audio files and records (e.g., voice mails, call recordings, and the like) and photos

How We Collect Personal Information

 

Personal Information is collected from the following sources:

Information you give us

You may give us personal information when you apply for a NDRC program, register for the Platform or otherwise submit information to use through the Services or other communications with us. For example:

  • We may collect Identity Data, Content Data, and Special Category Data when you create a profile on our Platform.

  • We may collect Device/Network Data when you use our website

  • We may collect Inference Data when you subscribe to our newsletter, send us any sort of message (text, email, post), or ring us on the phone.

  • We may collect Financial or Commercial Data such as credit card information, such as the card number, security code, billing address, and bank or issuer details before you can receive funding from our programme.

We will always process your information according to the privacy principles we explained above. In particular, we would like to say again that all our processing is limited to the specific purpose that we tell you at the time we collect your data, and is only stored for as long as is strictly necessary. Please note we regard the disclosure of personal data as explicit consent.

Information automatically collected

In order for computers to be able to talk to each other, they absolutely have to disclose some minimum information. We may automatically collect personal information such as Device/Network Data when you access and use our Site. This can include technical information or practical information. Some of these data are necessary for us to run our website or to respond to your requests, like ticket bookings. Other data are a huge help to us in providing you with better services and maintaining a well-run company. We will always tell you what is necessary and what is voluntary.

For example

  • We may log your computer or mobile device operating system name and version, manufacturer and model, browser type, browser language, screen resolution, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site. We collect this information about you using cookies. Please refer to the Cookies and Similar Technologies section below for more details.

Information other parties give us

Sometimes we receive information about you from other parties. We may subscribe to databases or contract with third party data providers from which we collect personal information such as Contact Data, Professional Data and other personal data regarding individuals that may be interested in our Events and programs. We may also collect, and combine with other personal data we maintain, personal data that is publicly available, such as that provided by business networking sites and databases (for example Crunchbase, Tech Ireland or LinkedIn), information related to the organization for which you work and personal interests and skill sets, and other similar information.

We also may obtain information from those in the NDRC network such as our event organizers, contractors, and local representatives who have agreed to a relationship with us in order to deliver our Services. This may include information about potential interest in our programs, company and individual progress, interest in local events, and attendance at other similar events.

We process personal data received from those parties by the same rules and principles as personal data that you give us directly. Moreover, we will always tell you who gave us your information and their contact information. That way, if you prefer, you can instruct those parties to stop sharing your information (we don’t have the authority to do that).

Event Recordings

As part of our Services, we host, coordinate, and operate events, competitions, demo days, mentor sessions, and other public or private events (“Events“) where you may engage with NDRC, founders, teams, sponsors, investors, and other community members. We may create audio or visual recordings of these events, take photographs, conduct interviews or surveys, or conduct similar activities at these Events (“Event Recordings“), and we will collect and process, Audio/Visual Data incorporated into these Event Recordings. You may object to the processing of your personal information in connection with Event Recordings during the Event by speaking with organizers of the Event, or afterwards, by contacting us using the information below. Please note, the processing of personal information in connection with Event Recordings may be subject to additional terms and conditions to which you are a party (e.g. a release or consent) that will supersede the nature of processing or individual rights described in this Privacy Policy to the extent in conflict.

Changes to your personal information

It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at privacy@ndrc.ie.

How We Use Your Information

 

To provide the Services you request

If you use our Site, sign up for, or request to participate in a particular Service, we will process your personal information you give us or that we receive from relevant parties as necessary or appropriate for us to provide that Service. This includes but is not limited to:

  • Providing you with the information, products, or services that you have requested

  • Fulfilling our obligations to you, including Provide you with NDRC services, products, and experiences

  • Fulfilling our legal obligations to you and financial or other institutions

  • Improving and develop our business, such as our website, products, services, and experiences

  • Providing you with information that we think would be of interest to you, sometimes pertaining to new products, services, and experiences

  • Enforcing our rights under our terms and conditions or any other contracts with you

  • Preventing fraud

  • Protecting the rights, property, and safety of NDRC employees and customers or other relevant persons

  • Responding, when necessary, to valid law enforcement requests

  • Complying with applicable laws

  • Gathering your opinions and input

  • Managing any situation where processing or other transactions are disputed

  • Handling and resolve complaints

In connection with marketing communications

If you request information from us, register on our Site, or participate in our surveys, promotions or events, where allowed by law, we or our processors may use your personal information, such as Identity Data, Contact Data or Inference Data, to send you updates, newsletters, surveys, offers, and other promotional materials, including communications that may be targeted to you based on your personal information, as permitted by law. We also may, from time to time, contact you about a particular offering that may be of interest to you based on publicly available information, or information obtained through the NDRC network, Events you’ve attended, or your participation in NDRC Services. You will have the ability to opt out of such communications.

To document and promote NDRC and our events

If we create any Event Recordings, we or our event sponsors or participants may use those Event Recordings (including any Audio/Visual Data therein) as part of our marketing and promotional activities. Further, we may also publish the Event Records, including Audio/Visual Data or related Identity Data therein, in connection with our documentation of or publicity relating to those Events, for example, on the NDRC website or a relevant Event-specific page. We may seek your consent or a release from you in the event the nature of our processing requires such consent or release. However, in certain circumstances, we may process or publish certain video, images, etc. without your consent, such as when we publish on an Event page certain Event Recordings that include images of groups or crowds in attendance at an Event.

With your consent

We may use or share your personal information with your consent, such as when you: consent to participate in additional surveys on gender and race/ethnicity (where legally permissible), let us post your testimonials or endorsements on our Sites, instruct us to take a specific action with respect to your personal information, or opt into third party marketing communications.

Please note, in certain cases (such as in connection with our Diversity & Inclusion efforts), we may collect and share with parties you authorize, information about race, ethnic origin, religious beliefs, physical/mental health, sexual orientation, or other personal information that is classified as a “special category” of personal data under applicable law. You may revoke your consent to this processing at any time. Additional information regarding these programs, how your personal information will be shared, and the parties that may receive it, are available within program descriptions we provided at the time you agreed to participate in the program.

To create aggregated or de-identified information

We may disclose or use aggregated or de-identified information for any purpose, subject to limits under applicable law. For example, we may share aggregated or de-identified information with processors, partners, sponsors or prospects for business or research purposes, such as when we analyze and report on demographic trends to measure our objective of having healthy diversity ratios across our programmes.

At NDRC we respect your privacy and data protection rights, and recognize the importance of protecting the personal data we collect and process. Equally, we recognise that there are serious shortcomings in data regarding the situation of underrepresented groups and minorities. These shortcomings lead to a lack of evidence-based support to inform policy and services and help:

  • Identify bias/discrimination and promote equality

  • Challenge discrimination and promote equality and inclusion

  • Tailor interventions and services to further the representation of underrepresented groups

Social Media

 

Our Site may include interfaces that allow you to connect with social networking sites (each a “SNS“). If you connect to a SNS through our Site you authorize us to access, use and store the information that you agreed the SNS could provide to us based on your settings on that SNS. We will access, use and store that information in accordance with this Privacy Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS.

We care deeply about our relationship with our customers and our community. Therefore, we look to see what people are saying about us in public forums. This includes but is not limited to: Twitter, Instagram, Facebook, YouTube, LinkedIn. Again, we only see what you share with the general public or share directly with us.

Website Data Processing

 

Why do we collect website data

  • Provide you with the services you seek from our website,

  • Information you provide helps us respond to your customer service requests and support needs more efficiently.

  • Improve our website and our services,

  • We may use the feedback you provide to improve our products and services.

  • Ensure the security of our website.

  • Improve our marketing.

  • Send you periodic emails

  • We may use the email address to respond to enquiries, questions and other requests

Without prior consent, we will not make use of personal data such as IP address, device and browser information, or time and number of times you click on links or open emails.

Cookie Policy

Our Site may collect personal information using the following types of cookies and similar technologies and process that data for the purposes set out below:

  • Required – Enable navigation and basic functionality

  • Functional – Enable analysis of website usage to offer settings and personal experience

  • Marketing – Enable us to assess the effectiveness of our marketing and advertising efforts. The cookies are from third-parties, but they are for our use, namely, to analyse and track site visit and sign-ups.

For further details please see our Cookie Policy linked to in the page footer.

Data Security

 

We use the following technologies and measures to help protect your data: Encryption, locked physical storage, restricted access areas, confidentiality agreements, shredding and secure disposal, regular reviews for personal data we should delete because it’s outdated or unnecessary for the original purpose.

Personal Data may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“) where there are appropriate safeguards in place pursuant to Article 46 of the GDPR. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order and the provision of services. By submitting your personal data, you agree to this transfer, storing or processing.

While no system is absolutely secure, we take every reasonable precaution to protect your data and to respect your privacy.

Confidentiality of Personal Data

 

NDRC requires all its employees to maintain the confidentiality of the personal data you handle. Further, we expect you to voice or escalate any concerns you have about the way NDRC handles personal data.

Recipients

 

In order to provide the services and experiences that we offer, we rely on processors to process your information, such as payments, communication and working space management platform. Our contracts with these third parties require them to maintain the confidentiality of the personal information we provide to them, only act on our behalf and under our instructions, and not use information for purposes other than the product or service they’re providing to us or on our behalf.

You can contact our DPO to receive a list of processors for your specific situation, and what it is that they do, whether or not they have any access to your personal data, or if they only handle your data in its encrypted form.

Assurance on Data Sale

 

We do not sell, rent, release, disclose, disseminate, make available, transfer, or otherwise communicate in any way your personal information to third parties in exchange for monetary or other valuable consideration. Note, however, we may make any disclosure or otherwise process personal information in connection with our provision of the Services to you or at your request, and we make any of the disclosures described in the Data Sharing section below.

We disclaim responsibility related to social media features which are governed by privacy policy of respective platforms.

Data Processors

 

Squarespace - a platform provided by Squarespace, Inc. that allows the Owner to build, run and host this website. Squarespace is highly customizable and can host websites from simple blogs to complex e-commerce platforms. Personal Data processed: various types of Data as specified in the privacy policy of the service: www.squarespace.com/privacy. Place of processing: United States. This service has the purpose of hosting and running key components of this website, therefore allowing the provision of this website from within a unified platform. Such platform provides a wide range of tools to the NDRC – e.g. analytics, user registration, commenting, database management, payment processing – that imply the collection and handling of Personal Data.

Google Fonts - Google Fonts is a typeface visualization service provided by Google Ireland Limited that allows this Application to incorporate content of this kind on its pages. Personal Data processed: Usage Data; various types of Data as specified in the privacy policy of the service: https://policies.google.com/privacy. Place of processing: Ireland. This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.

Fathom Analytics (“Conva Ventures Inc.”) - Fathom Analytics is an anonymized analytics service provided by Conva Ventures Inc. that gives NDRC insight into the use of this Website by Users without needing to identify them. Data collected is anonymized by making use of hashing techniques. Further information may be found here and within the service's privacy policy. Personal Data processed: Trackers; Usage Data. Place of processing: Canada. Privacy policy: https://usefathom.com/privacy.

Mailchimp - Mailchimp is an email address management and message sending service provided by The Rocket Science Group LLC. Personal Data processed: email address; first name; last name. See their Privacy Policy here: https://mailchimp.com/legal/privacy/. Place of processing: United States. This type of service makes it possible to manage a database of email contacts, phone contacts or any other contact information to communicate with the User. These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message.

Hubspot - Hubspot is an email address management, message sending service, analytics service, and user database management service provided by HubSpot, Inc. Personal Data processed: the data you provide, various types of Data as specified in Hubspot’s privacy policy. These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message. Place of processing: United States. Why do we use it: As the general CRM, analytics and newsletter service.

Stacker - Stacker create the digital tools needed to engage customers, partners and company. Personal Data processed: the data you provide. This service may also collect data concerning the date and time of user interactions. Place of processing: European Economic Area. Why do we use it: For gathering and processing program application information.

Airtable - An online spreadsheet and collaboration service provided by Formagrid, Inc. Personal Data processed: address; city; company name; country; Data communicated while using the service; device information; email address; first name; gender; geographic position; last name; password; phone number; profession; profile picture; screenshots; Tracker; Usage Data; username; VAT Number; workplace; ZIP/Postal code, and any data you provide it through our Platform or as part of our Portfolio services. Place of processing: United States. Why do we use it: Data storage application.

Make (formerly Integromat) - Make automates processes and transfers data across different services. Personal Data processed: any data that you provide to us through any of our services. Personal Data may stored for a period of up to 60 days on Make’s secure servers (certified ISO 9001 and ISO 27001). Place of processing: European Economic Area. Why do we use it: To automate some processes in our workflow, synchronising data from one service with another.

DocuSign - DocuSign is a suite of applications and integrations for automating and connecting the entire agreement process. Personal Data processed: email address, company information, personal information, any data that is relevant to contracts you may be signing with us. Place of processing: United States. Why do we use it: To enable digital signatures to be collected on confidential, legally binding contracts.

Meta - Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms Ireland Limited that connects data from the Meta Audience Network with actions performed on this Website. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network. Personal Data processed: Trackers and Usage Data. Place of processing: Ireland – Privacy PolicyOpt out.

Dogpatch Labs - Dogpatch Labs is the provider of the NDRC services. Personal Data processed: email address, company information, personal information, the data you provide, various types of Data as specified in Dogpatch Labs' privacy policy. These services may also collect data concerning the date and time when the message was viewed by the User, as well as when the User interacted with it, such as by clicking on links included in the message. Place of processing: Ireland. Why do we use it: As the general provider of the NDRC services.


Please note that while we strive to keep this Privacy Policy up to date, this list is always changing and for the lates and most up to date version you may contact our DPO to receive a list relevant to your situation.

How We Share Your Information

 

Except as described in this Privacy Policy, we do not share the personal information that you provide to us with other organizations. We may disclose personal information to third parties for the following purposes:

Joint Controllership: We may disclose your personal information to the Minister for the purposes of reporting, auditing, validating invoices and verifying execution on the services NDRC is to carry out: Accelerator Programmes, Capital Investments, Pre-Accelerator Programmes, Training Services, Investment Management, and other programmes we may be subject to running for or on behalf of the Minister.

Partners, Mentors and User Groups: We may disclose your personal information to our partners, mentors, and other groups with whom we have contracted to sponsor and deliver industry-focused Accelerator and Startup Programs, and to other users of our Services, for the purpose of providing our products and services, including sharing with other members of the groups for which you have provided an application (e.g. founders, mentors).

Examples

  • When you apply to participate in a programme, your personal information may be shared with the identified accelerator partners to organize and deliver the accelerator (including Ignite, Portershed, RDI Hub and Republic of Work).

  • When you register for an event through our Services, your personal information may be shared with the Event organizers and sponsors in order to communicate with you about the Event.

  • Finally, you may request to join certain programs, initiatives, projects, or promotional opportunities operated by or in connection with third parties (for example First Fridays for Startups or the Ulster Bank Hackathon) where your information will be shared with the parties you choose or that operate the relevant program.

Professional Advisors: We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us. Their confidentiality policy binds them to not disclose any of this information outside of what is required by law.

Friendly Affiliates: We may disclose your aggregated or de-identified information to our parent company, subsidiaries, joint ventures, or other corporate affiliates for purposes consistent with this Privacy Policy. Examples of these affiliates are ScaleIreland, Tech Ireland, Venture Capital firms, or spin offs we create that are closely related to your interests. Where personal data is disclosed you will be explicitly notified.

Business Transfers: We may sell, transfer or otherwise share some or all of our business or assets, which may include your personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, transfer of the NDRC contract to a new operator, reorganization or sale of assets or in the event of bankruptcy, in which case we will make reasonable efforts to require the recipient to honor this Privacy Policy.

Service Providers & Business Purposes: We may employ third party companies and individuals to administer and provide the Services on our behalf (such as account creation, quality assurance testing, technical support, hosting, email delivery and database management services). We may also disclose your data in connection with certain other business and operational purposes, such as data security monitoring, service analytics, internal research, quality control, etc. We generally share your personal data as you request, or in accordance with certain business purposes. When we disclose information for business purposes (e.g., where we disclose information as part of our own internal operations, such as security operations, internal research, etc.)

Compliance with Laws and Law Enforcement; Protection and Safety. NDRC may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Services; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

Rights of state agency: A state agency can request to access subject data by sending an email to privacy@ndrc.ie.

If you have any questions please do not hesitate to contact us at privacy@ndrc.ie

Review

 

We aim to reviewing our data protection and privacy policies and procedures at least once a year, and more often if necessary to account for changes in the law or in the way we do things. Any changes will be posted on this page: ndrc.ie/privacy-policy.

Last updated: 14 June 2023

CCTV Disclosure

 

NDRC is headquartered in a building where CCTV images are monitored for crime prevention and public safety.

Please see the respective Privacy Policy on dogpatchlabs.com/privacy-policy.

Contact Info

 

General Contact: NDRC, Unit 1, The CHQ Building, Custom House Quay, Dublin 1 Ireland. Email address: info@ndrc.ie

DPO Contact: Data Protection Officer, NDRC, Unit 1, The CHQ Building, Custom House Quay Dublin 1. Email address: privacy@ndrc.ie