This tells you what to expect us to do with your personal information.
Contact details
What information we collect, use, and why
Lawful bases and data protection rights
Where we get personal information from
How long we keep information
Who we share information with
Sharing information outside the UK
How to complain
Contact details
Baseline Communities Ltd.
3rd Floor, 61 Thomas St., Dublin D08 W250, Ireland.
Email privacy@baseline.community
What information we collect, use, and why
We collect or use the following information to provide membership:
Names and contact details
Addresses
Purchase or account history
Payment details (including card or bank information for transfers and direct debits)
Health information (including dietary requirements, allergies and health conditions)
Website user information (including user journeys and cookie tracking)
Photographs or video recordings
Information relating to sponsorship
We collect or use the following information for the operation of member accounts:
Names and contact details
Addresses
Payment details (including card or bank information for transfers and direct debits)
Account information, including registration details
Information used for security purposes
We collect or use the following information for updates or marketing purposes:
Marketing preferences
Location data
IP addresses
Website and app user journey information
We collect or use the following information for research or archiving purposes:
Recorded images, such as photos or videos
We collect or use the following personal information for dealing with queries, complaints or claims:
Names and contact details
Lawful bases and data protection rights
Under EU data protection law, we must have a “lawful basis” for collecting and using your personal information. There is a list of possible lawful bases in the GDPR. You can find out more about lawful bases on the Data Protection Commission’s website.
Which lawful basis we rely on may affect your data protection rights which are in brief set out below. You can find out more about your data protection rights and the exemptions which may apply on the Data Protection Commission’s website:
Your right of access - You have the right to ask us for copies of your personal information. You can request other information such as details about where we get personal information from and who we share personal information with. There are some exemptions which means you may not receive all the information you ask for. You can read more about this right here.
Your right to rectification - You have the right to ask us to correct or delete personal information you think is inaccurate or incomplete. You can read more about this right here.
Your right to erasure - You have the right to ask us to delete your personal information. You can read more about this right here.
Your right to restriction of processing - You have the right to ask us to limit how we can use your personal information. You can read more about this right here.
Your right to object to processing - You have the right to object to the processing of your personal data. You can read more about this right here.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you. You can read more about this right here.
Your right to withdraw consent – When we use consent as our lawful basis you have the right to withdraw your consent at any time. You can read more about this right here.
If you make a request, we must respond to you without undue delay and in any event within one month.
To make a data protection rights request, please contact us using the contact details at the top of this privacy notice.
Our lawful bases for the collection and use of your data
Our lawful bases for collecting or using personal information to provide membership are:
Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Our lawful bases for collecting or using personal information for the operation of member accounts are:
Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Our lawful bases for collecting or using personal information for updates or marketing purposes are:
Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Our lawful bases for collecting or using personal information for research or archiving purposes are:
Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Our lawful bases for collecting or using personal information for dealing with queries, complaints or claims are:
Consent - we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time.
Where we get personal information from
Directly from you.
How long we keep information
We will keep your information for no more than 12 months after you cease being a member of Baseline.
Who we share information with
Data processors:
Cobot - We use Cobot to manage membership subscriptions and invoicing.
Kisi - Kisi provides a cloud-based access solution to members.
Proven - Baseline uses Proven to provide perks to our members.
Stripe - Stripe processes membership payments.
WhatsApp - WhatsApp provides members with online messaging via its Community feature.
Others we share personal information with
Organisations we’re legally obliged to share personal information with
Sharing information outside the EU
Where necessary, we may transfer personal information outside of the EU. When doing so, we comply with the GDPR, making sure appropriate safeguards are in place.
Organisation name: Kisi, Inc.
Category of recipient: Workspace access management software
Country the personal information is sent to: The United States of America
How the transfer complies with EU data protection law: Kisi has implemented safeguards to ensure an adequate level of data protection where your Personal Information is transferred outside of the EEA and UK, such as by means of our customer data processing agreement through which we implement the standard contractual clauses for the transfer of Personal Information as approved by the European Commission (Article 46 GDPR).
Organisation name: Proven, Inc.
Category of recipient: Perk management system
Country the personal information is sent to: The United States of America
How the transfer complies with UK data protection law: Proven has implemented safeguards to ensure an adequate level of data protection where your Personal Information is transferred outside of the EEA and UK, such as by means of our customer data processing agreement through which we implement the standard contractual clauses for the transfer of Personal Information as approved by the European Commission (Article 46 GDPR).
How to complain
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.
If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the Data Protection Commission.
The Data Protection Commission’s contact details:
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland.
Helpline number: (01) 765 01 00 / 1800 437 737
Website: https://dataprotection.ie/en/contact/how-contact-us
— — —
Last updated 13th August 2024