Privacy Policy

Processing of personal data in connection with the Platform is carried out in accordance with Regulation (EU) 2016/679 ("GDPR") and the Irish Data Protection Act 2018.

Collection of the following data is limited to what is technically necessary to operate, secure, and improve the Platform and is not used for behavioural advertising, viz:

Each Controller identified in Section 1 shall ensure that personal data is collected for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those purposes, in accordance with applicable laws.

Where functionality is made available, Case data may be accessed, exported, or downloaded in PDF or similar format. Any such access, export, or download may result in the processing of personal data outside the Platform environment. The Company does not control or monitor the processing of Case data outside the Platform and shall not be responsible for any use of such data beyond the Platform environment. All processing of Case data, whether within or outside the Platform, must be carried out in accordance with applicable laws, and must be limited to lawful and compatible purposes for which the data was originally collected.

In accordance with Storage Limitation Principle under existing laws, the following are the data retention periods:

Where personal data is collected directly from Citizens through the Platform interface, this Privacy Policy is made available at the point of submission. When a Representative receives personal data indirectly, such as in the case of walk-in submissions in relation with the specific terms under the Terms of Service, the Representative is responsible for compliance, including informing the individual about the processing of their data. This includes providing information for: (i) the identity and contact details of the Controller; (ii) the purposes and legal basis of processing; (iii) the categories of personal data concerned; (iv) any recipients or categories of recipients; (v) the applicable retention period; (vi) the individual's data protection rights; (vii) the right to lodge a complaint with a supervisory authority; and (viii) the source of the personal data. Philoware Limited (T/A Constituency) acts solely as a Data Processor and, where required under its contract with the Representative, will assist the Representative in meeting such transparency obligations.

Citizens have the following rights: ● Right of access to obtain confirmation and a copy of personal data. ● Right to rectification of inaccurate data. ● Right to erasure. ● Right to restriction of processing. ● Right to data portability where processing is based on contract or consent. ● Right to object to processing based on legitimate interests or public task. ● Right not to be subject to solely automated decisions producing legal or similarly significant effects. Requests concerning Citizen Case Content must be addressed to the relevant Representative as Data Controller. All requests will be responded to within one (1) month.

Philoware Limited may be contacted at: Philoware Limited trading as Constituency PhilHQ, Foxford, Co. Mayo, Ireland F26PP40 Email: info@constituency.ie Data Protection Contact: dpo@constituency.ie Where the Representative acts as Controller, the Citizen should contact the Representative directly using the official contact details provided in the Case interface.

Where personal data is transferred outside the European Economic Area (EEA), such transfers will take place only where appropriate safeguards are in place to ensure that the data continues to receive a level of protection equivalent to that required under EU data protection law. This includes transfers to countries formally recognised as providing an adequate level of protection, or transfers made subject to approved contractual safeguards. Any third-party service providers engaged by Philoware Limited (T/A Constituency) are contractually required to implement appropriate technical and organisational measures to protect personal data in accordance with applicable data protection laws.

The Platform does not conduct automated decision-making that produces legal or similarly significant effects in respect of Citizen Case Content. Technical filtering tools are used solely for spam detection, abuse prevention, and cybersecurity monitoring.

Philoware Limited (T/A Constituency) implements encryption in transit (TLS), role-based access controls, multi-factor authentication, encrypted storage, access logging, and periodic security reviews. In the event of a personal data breach affecting Citizen Case Content, Philoware Limited (T/A Constituency) shall notify the relevant Representative without undue delay. The Representative, as Controller, is responsible for notifying the Irish Data Protection Commission where required under existing laws. Data subjects have the right to lodge a complaint with: Data Protection Commission 21 Fitzwilliam Square South Dublin 2, D02 RD28, Ireland Website: https://www.dataprotection.ie

Upon resolution of a Case, its treatment shall depend on its classification at the time of submission. Personal data contained in Private Cases shall remain confidential and shall not be disclosed, published, or made publicly accessible by the Platform, except where the data subject has provided explicit consent or where disclosure is required by applicable law, legal process, or statutory obligation. Personal data contained in Public Cases may remain accessible following resolution and may continue to be indexed, archived, or disseminated by third parties beyond the control of the Platform, and may be retained or displayed for transparency, civic engagement, or informational purposes, subject to applicable law and the exercise of data subject rights. The Platform may use anonymised or aggregated information derived from Cases for statistical, operational, or service improvement purposes, provided that no individual is identifiable. Nothing in this Section shall restrict disclosure required for compliance with legal obligations or for the establishment, exercise, or defence of legal claims.