Explore WHC Lab
1. Introduction
WHC Lab Limited (WHC) is a limited company with registered address at Ballinree House, Prospect Upper, Newcastle, Co. Wicklow. WHC Lab is a biotechnology business focused on the brewing/distilling industry. Our R&D laboratory boasts best in class laboratory equipment, experts in the industry and uses next-generation methods to grow yeast, bacteria and to perform analysis on beer, cider, spirits, water and wine. For further information, please visit our website.
WHC is committed to protecting the rights and privacy of individuals in accordance with both European Union and Irish data protection legislation. WHC shall lawfully and fairly process personal data about prospective employees, employees, customers, partners, clients and other stakeholders to allow us to undertake our primary function and activities. We want you, the ‘data subject’, to understand how we collect, use, store, and share your personal data. We also want you understand what rights you can invoke to help you to protect your privacy. In this regard, it is important that you read this Privacy Notice and understand how we use your personal data. Please note that we reserve the right to update this Privacy Notice as required.
2. Legislation
All personal data processed by us is done so in accordance with applicable Sections 5 and 6 of the Data Protection Act 2019.
3. Queries & Complaints
If you are unhappy with the way we handle your personal data and wish to complain, or if you simply want further information about the way your personal data will be used, please contact our data champion using our details below.
You have the right to lodge a complaint with the Data Protection Commission. To contact the Data Protection Commission, please use the following details:
Address: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28
4. Breaches
WHC will take all appropriate technical and organisational steps to safeguard your personal data. In the unlikely event of a data breach, we will contact you in line with our legal obligations.
5. How do we collect data?
We collect personal data to enable the provision of services to support the WHC purpose. The following non-exhaustive methods of data collection are an indication of ways in which we may obtain your information:
Obtain personal data directly from you (through use of our website, by phone, by email, through meetings etc); and
Please note that when entering our premises, you may be recorded on CCTV surveillance and the Visitor Sign In tablet/book for security purposes.
It is important that the personal data you provide us is up to date and accurate. As outlined in Section 10 (Right to Rectification) of this notice, if personal data we hold on you is inaccurate or incomplete, please contact us and we will update the information.
6. What do we do with your data
We use your data to communicate with you and to provide services to you. We use your data only as is necessary to carry out our business operations and our contractual and statutory obligations.
7. Who do we share your data with?
As detailed above, we may share personal data with other parties in the course of our duties. When this is done, we adhere to the following principles:
The transfer is based on a legal obligation, the performance of a contract, or explicit consent.
WHC, as a Data Controller, will not sell your data to any third party and will take all appropriate steps to ensure the security of your data in dealings with third parties.
While the parties we engage may change occasionally, we believe it is important you are aware of the types of parties we share data with. The categories and types of third parties outlined below is a non-exhaustive list but provides an indication of the parties we share data with.
Third parties for the purposes of internal and external audits, carrying out research, general practitioners, and or third parties who may improve our processes and services (such as consultants).
WHC is legally obligated to share personal data with state actors which is outlined in the Data Protection Act 2018.
Recipients of this data include Government departments, agencies, bodies, investigatory bodies, local authorities, and the Gardaí.
Where personal data is transferred outside the European Economic Area, WHC shall use safeguards known as Standard Contractual Clauses (SCCs).
8. What do we use the information for?
Process, Purpose, and Lawful Basis
We use personal data collected to fulfil our purpose of providing the products and services we provide.
We use personal data we gather for any of the following purposes (please note that this list is not exhaustive):
Making or Receiving Payments
Regulatory Compliance
To comply with financial regulations and any other relevant laws and regulations.
Processing is necessary for compliance with a legal obligation to which WHC is subject. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Third Party Data Sharing
To allow WHC to conduct and carry out functions with third party service providers that enable us to deliver our services.
Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
Back-ups
To store personal data and make back-ups of that data in case of emergencies and for disaster recovery purposes.
Processing is necessary for compliance with a legal obligation to which the WHC is subject.
Evidence Submissions
To gather information for dispute resolution services and legal proceedings.
Processing is necessary for compliance with a legal obligation to which the WHC is subject.
Transfer of Information for Parties Legal Proceedings
To allow parties to commence legal proceedings.
Processing is necessary for compliance with a legal obligation to which the WHC is subject.
Accidents and Incidents
To enable WHC to comply with record keeping obligation pursuant to the Safety, Health, and Welfare Act.
Processing is necessary for compliance with a legal obligation to which the WHC is subject.
9. What type of information is collected?
To fulfil our mandate and perform tasks as outlined in this statement, we need to collect various types of personal data. While the type of personal data may change occasionally, we believe it is important you are aware of the types of data we gather and use. The following table is a non-exhaustive list and provides an indication of the categories and types of data we use to perform our tasks.
Type of data
Category
First name, last name, contact details, email address, bank details, VAT details, relevant Insurance Policies. This list is not exhaustive, and we may seek to process, use or disclose your information for any other purpose which has not been listed in this policy always with your explicit prior consent. Please note you are not required to provide us with your personal data. However, if you do provide us with your personal data you are deemed to have consented to our collection, use and/or disclosure of your personal data in the manner set out in this policy.
10. What are your rights?
As a data subject, you will have the following rights as outlined in this section. However, restrictions may apply in certain situations.
Where do I send requests?
Please send all your requests to the contact details provided in Section 3, with as much detail as possible about your requirements to allow us to deal with your request efficiently. To answer your request, we may ask you to provide identification for verification purposes.
How long will a request take?
Upon receipt of a request, we will have 30 days to provide an answer with an extension of two further months if required. If we require more time to deal with your request, we will notify you of the delay and the reasons behind it within 30 days of the receipt of the request. If we refuse your request, we will also notify you within 30 days of the receipt of the request accompanied by the reasons for the refusal.
We will not charge a fee for any requests, provided we do not consider them to be unjustified or excessive. If we do consider these to be unjustified or excessive, we may charge a reasonable fee (also applicable for multiple copies) or refuse the request.
You are entitled to contact the Data Protection Commission if we refuse your request.
Consent
Where processing is based on consent, you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. To discuss withdrawal of consent, please do so via the contact details provided in Section 3.
Right of Access
You have a right to know what personal data we hold on you, why we hold the data, and how we are processing your personal data.
When submitting your request, please provide us with information to help verify your identity and as much detail as possible to help us understand the information you wish to access (i.e. date range, subject of the request) do so via the contact details provided in Section 3.
Please note that an access request is free of charge, however, where we determine a request to be unjustified or excessive, we may charge you a reasonable fee.
Right to Rectification
You have a right to request that our information held on you is up to date and accurate.
Where information is inaccurate or incomplete, we encourage you to contact us to have this information rectified. Upon receipt of request, we will ensure that the personal data is rectified and as up to date as is reasonably possible.
Right to be Forgotten
You have the right to seek the erasure of your personal data in the following circumstances:
However, we will be unable to fulfil an erasure request if the processing of personal data is necessary for the following:
Exercising the right of freedom of expression and information;
Please note that the where the legal basis for our processing of personal data is on the basis of a legal obligation, some processing in relation to your data may not be subject to the right to erasure.
To determine your request for erasure, we will carry out an assessment of the justification for the retaining your personal data where a legal requirement applies and contact you if we are unable to fulfil your request.
Please be aware that in some circumstances we may need to retain some information to ensure all of your preferences are properly respected.
For example, we cannot erase all information about you where you have also asked us not to send you marketing material. Otherwise, we would delete your preference not to receive marketing material.
Right to Restriction
You have the right to restrict the extent of personal data processed by the us in circumstances where:
When processing is restricted, your personal data will only be processed: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of other people; or for reasons important to public interest.
We will contact you confirm where the request for restriction is fulfilled and will only lift the restriction after we have informed you that we are doing so.
Right to Data Portability
You have the right to the provision of all personal data held in relation to you in a structured, commonly used and machine-readable format where:
You may also request that we send this personal data to another data controller where technically feasible.
Right to Object
You have the right to object to the processing of your personal data; however, the processing must have been undertaken on the basis of public interest or legitimate interest by us.
If you wish to object to the processing of data, please contact us with your request. We will then stop the processing of personal data unless it is required for legal proceedings.
We detected you are browsing from the United States. For faster shipping and region-specific details, switch to our US store.