Data Privacy Statement
Griffin’s Funeral Since 1860 Ltd. are committed to upholding all practices involved in protecting the data of our clients. As data controllers we subscribe to upholding the General Data Protection Regulations (GDPR) set out in Data Protection Act 2018. As long standing members of the Irish Association of Funeral Directors we also comply with their Code of Practice and Customer Care Charter.
The following outlines the personal data we require of our clients and how it is generally shared with third parties. Please note that GDPR only applies to the data of living subjects.
The data we collect and hold on our clients varies greatly between client types. The data collected from the account holder (next of kin or executor) of the deceased is generally used for account management purposes and is retained indefinitely on our local servers. We retain these records for historical archiving purposes and in the event of a subsequent death in the family.
Your data is only shared with third parties where we are lawfully required to do so or in the provision of funeral arrangements. We will not unlawfully share any data without previously requesting your permission. All data shared in the provision of funeral arrangements are done with trusted subcontractors who are bound to a duty of confidentiality. These include; Headstone & monumental works, cemetery staff, crematorium, musicians, clergy/celebrants, subcontracted hearse and limousine drivers, death notice(s) (newspaper, radio & rip.ie), florists & catering companies, Golden Leaves (pre-payed funeral plan).
It is your lawful right to request any data held on you. This is known as a Subject Access Request. Upon this request we must provide:
- Confirmation of whether or not personal data concerning you is being processed.
- A copy of the personal information held.
- Other additional information as follows:
- Purpose(s) of the processing.
- Categories of personal data.
- Any recipient(s) of the personal data in particular recipients in third countries or international organisations and information about appropriate safeguards.
- The retention period and (or) reasons for this retention.
- The right to rectify, erase, restrict processing or object and the knowledge to do so. Confirmation of whether or not personal data concerning you is being processed.
Your Subject Access Request can be made to email@example.com, and will be processed within 30 days of receipt. Any changes to the way in which we handle your data will be posted on our website and your permission will be requested prior.
Further information can be obtained from the Data Protection Commission at www.dataprotection.ie.