How we use your information

In its everyday business operations, the National Standards Authority of Ireland (NSAI) makes use of a variety of personal data about identifiable individuals, including data about -

  • Visitors to our website
  • Customers, including subscribers to our webstore and our subscription services
  • Members of standards committees
  • Traders and economic operators 
  • Other stakeholders

This privacy notice tells you what to expect when NSAI collects personal information. Read below or download as a PDF.

Information we collect

When you contact us regarding our business operations or to purchase products and services from us, the personal data we will collect from you can include:

  • Your name
  • Your home or work address
  • Your email address and or phone number
  • Your job title
  • Your payment and delivery details, including billing and delivery addresses, credit card or bank account details
  • Usernames and passwords
  • And any other data you provide
The lawful basis for use of your personal data

We process data where it is necessary for the following purposes:

  • To fulfil a legal obligation with which we must comply. 
  • For the performance of a task carried out in the public interest or in the exercise of official authority, which includes:
    • responding to any comment, feedback or complaint you may send to us and to investigate any complaint received from you about our operations, products or services, and
    • monitoring use of our website and on-line platforms in order to correct or improve their use and content.
  • For the performance of a contract to which you have agreed or in order to take steps at your request prior to entering a contract.
  • To protect our legitimate interests in order to ensure we can exercise our legal rights for purposes such as legal claims, regulatory, business and legal compliance and to prevent fraud.
  • With your consent to contact you regarding relevant events, products and services, market research or studies.
Sharing information

We may share your personal data with our subsidiary in the United States (NSAI Inc.) to meet the purposes for which you have provided the information. We may also share your personal information with the following third parties -

  • Our agents or sub-contractors for functions carried out on our behalf such as auditing services, sales of standards, provision of prescribed functions under law and courier/delivery services.  These parties only have access to such information as necessary to perform their functions and may not use it for any other purpose.
  • Our providers of professional business services such as financial and legal advisors, accountants and auditors.
  • Our audit and oversight bodies to provide access to or disclose personal information such as is necessary for any accreditation or recognition agreement we have entered into or otherwise to protect NSAI. 
  • Our external suppliers of personal data processing services, e.g. cloud hosting services.
  • Search engine and web analytic services 

All third parties used by us to process personal data must provide the same level of protection for your data as we do.  Your personal data may also be shared with government authorities in accordance with law or if required for compliance with law or to protect our legitimate interest.

Purpose and duration of processing

We will process your data in accordance with our legal obligations and for so long as you instruct us to do so, where applicable.  Personal data collected is managed and retained in accordance with our Data Retention and Destruction Policy.

Visitors to our website

Use of cookies

You can read more about how we use cookies in the Cookies page of our website. 

Search engine

Our website search and decision notice search is powered by Google Analytics. Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by either NSAI or any third party.

NSAI e-zine

We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve our e-zine newsletter.  No information is shared with a third party. You can subscribe and unsubscribe from this listing at any time. 

People who email us

We will monitor any emails sent to us, including file attachments, for viruses or malicious software.  Please be aware that you have a responsibility to ensure that any email you send is lawful.

Events, Marketing and Communications

We disseminate information relevant to standardization, certification and metrology through promotional events such as conferences, seminars, award presentations and workshops, etc. By registering for events you agree to provide us with personal data for the purpose of facilitating your participation at the event.  We may engage third parties to host or assist with hosting events in which case we may provide that they share your personal information.  Additionally, your contact information may be used by us to provide you with information on our activities or on similar future events.  You can unsubscribe from such listings at any time. 

Customers

Certification and Calibration 

We provide certification and calibration services by written agreement. When you provide personal information as part of such agreement it will be retained for the purpose of delivering that service.  When you are listed on our customer database, either as an individual or representing a client company, we may contact you from time to time with updates and offers of other services which may be of interest to you. You can choose to unsubscribe from this listing at any time.

People who are listed on certification registers or directories

We maintain registers and directories of businesses we have certified, most of which are publicly available on our website. This information may sometimes include a contact person or by itself identify an individual as a certified person. This information is provided to allow for claims to be certified by us to the verified and promote the certification of the certified businesses.

You may contact us at any time to update or correct the personal data contained on our registers or directories.

Training

When we hold training sessions, we will collect your personal data and process it for this purpose and we will not contact you regarding further training opportunities without your consent.

People who purchase standards

We use third party providers for sales of standards on-line.  The third parties may only use the data for the agreed purposes and in accordance with data protection requirements.  They also provide NSAI with information on standard sales which can include personal data of standards purchasers from Ireland which we may use to contact you from time to time with updates and offers of other services which may be of interest to you. You can unsubscribe from this listing at any time.

Subscribers to Standards Information Services (SIS)

We provide a Standards Information subscription service through email entitling subscribers to discounts on standards sales.  NSAI may share this information including personal data with our on-line sales providers who may only use this information for the purpose of providing you with the discounted sales.

We will hold this personal data for so long as you are a member of the SIS scheme and you may unsubscribe from SIS membership at any time.

Number registration schemes

NSAI issues unique number sets for various registration schemes relating to international numbering set down in standards.  Where we collect personal information when processing registration scheme requests the data is collected for the purpose of providing the requester with the unique number set and we will hold the associated personal data for so long as the number remains valid or you advise us of a change of contact. 

Standards Committee Members and Commenting

We formulate standards through consultation with a wide range of stakeholders who contribute to the process on a voluntary basis.  When applying for membership of a standards committee you provide us with personal data which will be used to validate your application and upon acceptance to the committee you will have access to the on-line platforms used to share documents amongst committee members.

This information is shared with the standardization organisation developing the standard in accordance with the personal data protection policies of the organisation.  NSAI, as member of the standardization organisations, is party to the agreement on implementation of the data protection policies.

Commenting

As part of its consultations on standardization work NSAI hosts an on-line platform allowing people to make a comment on draft standards.  When registering with the on-line platform you are providing us with personal information.  This information is shared with the standardization organisation hosting the standardization work and is held in accordance with the personal data protection policies of the organisation.  NSAI, as member of the standardization organisations, is party to the agreement on implementation of the data protection policies.

Traders and Economic Operators

Where we have enforcement functions we collect personal information about people who are responsible for compliance with law.  This information may be shared where we determine it necessary to uphold the law and it may also be shared where we have a written agreement with another public body for such arrangement. 

Your rights to access, restrict and delete your personal data may be subject to exceptions when it is processed for these purposes.

Security of Personal Data

NSAI has organisational, physical, administrative and technical measures in place to protect the personal data we collect and process.  We monitor the measures to ensure information is secure and operating in a manner to reasonably protect the collected and processed information.  The information security systems and measures are upgraded from time to time to limit risks of unauthorised disclosure.

In the event of a data breach, NSAI will issue breach notifications as may be required under law.

Your Rights

Where personal data is processed or held by NSAI, the following rights apply with regard to your data - 

  • You can request us to provide you information on any personal data we hold about you and you can request us to provide you with a copy of that data subject to exceptions provided in law.
  • You can object to the processing or request erasure of your personal data, unless the processing is required by law.
  • Where the personal data we hold about you is incorrect or incomplete you can contact us and we will correct or update the information.
  • Where we hold your data and it is processed by automated means you may be entitled to be provided with a copy of that data in a structured machine-readable format.
  • Where you have given your consent only to us to use your personal data you can withdraw that consent at any time.  
Data Protection Contacts

For security purposes, NSAI may require verification of identity before providing access to personal information. If you wish to make a Data Protection request or have a question about this policy, you can contact the NSAI Data Protection Officer by email at DataPrivacy@nsai.ie or by post to – 

Data Protection Officer
National Standards Authority of Ireland
1 Swift Square, Northwood, Santry, Dublin 09 A0E4, Ireland

If you are not satisfied with the way we have processed a request to us about your personal data or if you or a complaint about the way NSAI has collected, processed, used or disclosed your personal data, you can contact the Irish supervisory authority for data protection at – 

Office of the Data Protection Commissioner. 
Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland. 
Phone +353 (0761) 104 800 | LoCall 1890 25 22 31 | email info@dataprotection.ie

Changes to the Privacy Statement

We will post any changes to this privacy notice on our website in order to inform you of the personal data we collect, how it is used and the circumstances, if any, it can be disclosed.

If we decide to use personal data in a significantly different manner to that stated in this Privacy Statement or for a different purpose for which it was collected, we will notify you of such change and if appropriate you will be given a choice as to whether we use your information in the new manner.