Page 64 - EQA Employee Handbook
P. 64

The Privacy Statement, as maintained on the EQA (Ireland) website, details the means and
                       reasons for the collection and use of personal data.

                       The nominated email address for client correspondence is info@eqa.ie.

                       7.3.3.3. Certification Auditors:

                       An Independent Service Contract is signed and agreed with each certification auditor. The
                       contract stipulates compliance with the provisions of the “Data Protection Acts”, as defined
                       within the document, as well as conformance to the Information Security Policy of EQA
                       (Ireland).

                       A Data Protection Privacy Policy is appended to the main contract. This policy discloses the
                       ways EQA (Ireland) process personal data relating to its certification auditors (“lead
                       assessors”).

                       Terms of Reference related to the functions of certification auditors are also appended to
                       the Independent Service Contract.

                       7.3.3.4. Assessment Committee:

                       An Independent Service Contract is signed and agreed with each assessment committee
                       member. The contract stipulates compliance with the provisions of the “Data Protection
                       Acts”, as defined within the document, as well as conformance to the Information Security
                       Policy of EQA (Ireland).

                       A Data Protection Privacy Policy is appended to the main contract. This policy discloses the
                       ways EQA (Ireland) process personal data relating to its assessment committee members.
                       Terms of Reference related to the functions of the assessment committee are also appended
                       to the Independent Service Contract.

                       7.3.3.5. Irish National Accreditation Board (INAB):

                       As per the EQA (Ireland) General Terms & Conditions, clients acknowledge the inspection of
                       EQA (Ireland) by INAB in the course of the performance of its obligations under contract.
                       Clients also consent to INAB accompanying EQA (Ireland) by way of witness inspection.
                       As per the Independent Service Contract, certification auditors, assessment committee
                       members and technical advisors agree to the provision of personal data relating to
                       certification activities for which the various parties provide services. The sharing of this
                       personal data with INAB is explained within Appendix D ‘Data Protection Privacy Policy’ of
                       the Independent Service Contract.
                       7.3.3.6. Private Security Authority (PSA):

                       As per the EQA (Ireland) General Terms & Conditions, clients acknowledge the inspection of
                       EQA (Ireland) by INAB in the course of the performance of its obligations under contract.
                       Clients also consent to INAB accompanying EQA (Ireland) by way of witness inspection.

                       7.3.3.7. Third Party Data Processors:
                       Data processor agreements are agreed between both parties, as per the requirements of
                       Article 28 (‘Processor’) of the GDPR.




                                                                                             Page 63 of 79
   59   60   61   62   63   64   65   66   67   68   69