Writech Ltd Resources Privacy Notice

 

Purpose

The purpose of this Privacy Notice is to outline how we collect, process, and share personal data. It details the types of personal data we process, the legal basis for doing so, and your rights under the General Data Protection Regulation (GDPR).

Writech Ltd (“Writech”) is committed to safeguarding your personal data. We aim to be transparent about how we collect, store, and share information while ensuring you understand your rights.

 

In this Privacy Notice, we will cover:

  • The types of data we collect;
  • How we use your personal data;
  • Your rights under GDPR; and
  • How to contact us with questions or concerns.

 

  1. Company Information

Writech are internationally recognised, award winning company who Design, Manufacture, Install, Service & Commission Fire Protection Systems to all required standards. Fire Sprinklers are recognised as the single most effective method for fighting the spread of fire, and we have award-winning expertise in Fire Sprinkler Systems, Foam Enhanced Fire Protection, Gas Protection, Firewater Mist Protection, Insert Gas Protection & Special Hazard Fire Protection.

 

We work with a range of clients in Ireland, the UK and Europe in sectors including Data Centres, Retail and Commercial Facilities, Apartments and Industrial Buildings. We have over 40 years of experience in the industry, accredited at level 2 BIM and part of the LPS1048 scheme of fire sprinkler installers and FIRAS certification together with our ISO 9001: 2015 and ISO 45001: 2018, which shows our commitment to being the best at what we do.

 

We protect our employees and the environment through innovation and the integration of safety and sustainability into our operational planning. Quality and innovation is our system, processes and culture. Through quality and innovation, we exceed client and employee expectations. Writech is an employee-driven business. We continually review and optimise what we do in order to provide the best quality for our clients and our people.

 

  1. Relevant Legislation

Writech processes personal data in compliance with all applicable data protection laws, including:

  • The General Data Protection Regulation (GDPR);
  • The Data Protection Act 2018; and
  • The European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (“ePrivacy Directive”).

 

  1. Queries and Complaints

If you have questions, concerns, or complaints regarding how we handle your data, please contact us at:

 

Data Protection Officer
Writech Ltd
Zone B, Mullingar Business Park, Mullingar, Co. Westmeath, N91 Y657
Telephone: +353 44 93 49857
Email: hr@writechltd.com

 

You also have the right to lodge a complaint with the Data Protection Commission:

Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Email: info@dataprotection.ie
Telephone: +353 57 868 4800 / +353 761 104 800

 

  1. How We Collect Your Personal Data

We collect personal data through various means, including:

  • Directly from you, such as when you apply for a role;
  • During service provision, such as client feedback following an interview;
  • Through CCTV surveillance when visiting our premises.

 

It is important that the data you provide is accurate and up-to-date. If your data changes, please notify us promptly.

 

  1. Types of Data We Collect

The personal data we collect varies depending on our relationship with you. Below is a non-exhaustive list of the types of data we collect and why:

Process Types of Data Collected
Recruitment & Selection Name, date of birth, contact details, address, email address, CV, qualifications, employment history, etc.
Background Checks, if applicable Garda vetting, overseas police clearance, visa checks, references.
Diversity & Inclusion Gender, age, ethnicity, sexual orientation, disability.
Talent Support Interview notes, feedback from clients.
Direct Marketing Name, email address, phone number.
Health and Safety Medical information, incident reports.
Operational Security CCTV footage.

We may process special categories of data (e.g., health information, ethnicity) in line with GDPR Article 9, ensuring lawful grounds and robust safeguards.

 

  1. Lawful Basis for Processing

We rely on the following lawful bases to process personal data:

Purpose Description Lawful Basis
Recruitment & Selection To identify and place candidates suitable for roles. Performance of a contract or legitimate interests.
Background Checks To verify candidate eligibility and qualifications. Legal obligation.
Diversity & Inclusion To gather insights on diversity and inclusion. Consent.
Talent Support To improve candidate success rates with clients. Legitimate interests or performance of a contract.
Direct Marketing To inform candidates about job opportunities. Consent.
Health and Safety To record incidents or accidents. Legal obligation.
Operational Security To monitor access to premises. Legitimate interests (security and safety).

 

  1. Retention of Personal Data

We retain personal data only as long as necessary for its original purpose or as required by law. Retention periods are summarised below:

Data Type Retention Period
Recruitment Data 7 years post-employment (successful candidates); 3 years (unsuccessful candidates).
Compliance Data 7 years from last contact.
Diversity Survey Data 14 months.
Talent Support Data 7 years from last contact.
Direct Marketing Data Until consent is withdrawn.
Health and Safety Data 10 years from the date of the incident.
Operational Security Data 30 days.

 

  1. Your Rights Under GDPR

You have the following rights under GDPR:

  • Right of Access: Request copies of your personal data.
  • Right to Rectification: Request correction of inaccurate data.
  • Right to Erasure: Request deletion of your data under certain conditions.
  • Right to Restriction: Request limited use of your data.
  • Right to Data Portability: Request your data in a machine-readable format.
  • Right to Object: Object to the processing of your data for direct marketing or other purposes.
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
  • Right to Object to Automated Decision-Making: Object to decisions made solely by automated means.

To exercise your rights, email us at hr@writechltd.com.

 

  1. Data Transfers Outside the EEA

When transferring personal data outside the European Economic Area, we ensure compliance through mechanisms such as Standard Contractual Clauses or adequacy decisions.

 

  1. Data Breach Notification

In the event of a data breach, we will notify affected individuals and the Data Protection Commission within 72 hours, as required by law.

 

  1. Cookies

Our website uses cookies to function effectively. For more information, please review our Cookie Policy.

 

  1. Data Storage
    Writech Ltd ensures that personal data is securely stored in both hardcopy and softcopy formats:
  • Hardcopy Storage: Personal data held in physical form (e.g., documents, forms, records) is kept in locked filing cabinets or secure storage areas that are only accessible to authorised personnel. These areas are monitored and safeguarded against unauthorised access.
  • Softcopy Storage: Digital data is stored on secure servers, encrypted devices, and GDPR-compliant cloud storage solutions. Our systems are protected by firewalls, antivirus software, and regularly updated security protocols to reduce the risk of data breaches. Regular backups are conducted to maintain data integrity and availability in case of technical failures.

 

We enforce strict access controls and carry out regular audits to ensure data security and compliance with legal obligations.

 

  1. Restricted Access
    Writech Ltd enforces a restricted access policy to ensure the security of personal data:
  • Password Security: Access to digital systems containing personal data is safeguarded by strong password protocols, including mandatory updates and multi-factor authentication (MFA).
  • Third-Party Storage: We utilise third-party storage systems such as Microsoft OneDrive, which comply with GDPR and EU regulations. These platforms adhere to recognised security standards and provide secure data storage and processing.
  • Access Levels: Only authorised personnel with a legitimate need to process personal data are granted access. Access permissions are regularly reviewed and updated to maintain compliance with data protection principles.

 

By implementing these stringent measures, we aim to prevent unauthorised access, misuse, or disclosure of personal data.

 

  1. Employee-Related Policies

All employee-related GDPR policies, including the handling of personal data, are detailed in the Employee Handbook. This will be provided to you alongside your contract of employment. Please refer to the Employee Handbook for comprehensive information.

 

  1. Security and Disclosure of Data

We take measures to protect both electronic and manual data, including strong passwords, encryption, and secure access controls. Employees are expected to handle personal and company data responsibly, and breaches should be reported immediately.

 

  1. Updates to this Privacy Notice

We regularly review this notice and may update it to reflect changes in business practices, legal requirements, or data processing activities. This Privacy Notice was last updated on 13th January 2025.