RedZinc Services Ltd. may outsource certain business activities (e.g. debt-collection, legal advice, back up services, IT support, etc.) to third parties. If we share personal data in our capacity as a data controller then we will have in place a proper data processing agreement with the data processor (e.g. lawyers, accountants, etc.). We may also have to disclose certain personal data in accordance with any legal obligation imposed on us. Any such disclosure would be in accordance with the law, e.g. disclosed on foot of a court order, child protection concerns, etc. Red Zinc Services Ltd. transfers personal data to the following locations:
1. Within the EU.
Some of our employees are based outside of Ireland but in the EU and work in their own premises, e.g. we have staff who work from home in Spain, UK, etc. We also outsource certain business activities to businesses within the EU, in our capacity as a data controller and or a data processor, depending on the circumstances. In any event, we use the Data Protection Commission’s One Stop Shop Mechanism that permits inter-EU data transfers and we have identified the Irish Data Protection Commission as the proper supervisory authority for all data protection matters.
2. Outside of the EU
In our capacity as a data controller, we may outsource certain business activities to businesses outside the EU and in particular to the United States. In such cases we ensure that GDPR protections still apply to all data by various mechanisms as identified under Chapter 5 of GDPR, including but not limited to, EU-US Privacy Shield, Binding Corporate Rules, Standard Contractual Clauses and Adequacy Decisions. As such, your rights under GDPR are maintained and your personal data remains secure.
For more information about international transfers of data, the One Stop Shop Mechanism, EU-US Privacy Shield, Binding Corporate Rules, Standard Contractual Clauses and Adequacy Decisions, please visit the Irish Data Protection Commission’s website at www.dataprotection.ie.