Privacy Statement

Our approach to personal data processing

Hotline.ie is a registered business name of the Internet Service Providers Association of Ireland CLG (registered company no. 285632), a non-for-profit members' association. As a members' association, membership is voluntary but online service providers who choose to become members agree to abide by the Hotline.ie Code of Practice and comply with the Notice and Takedown requests for removal of child sexual abuse from the Internet.

This Privacy Statement is intended to help you understand the online information security practices of Hotline.ie and how we will use and process any personal data you provide o us.

Hotline.ie works to eliminate online child sexual abuse imagery, disrupt the cycle of online child sexual exploitation and prevent repeat-victimisation of child victims and survivors.

Hotline.ie procedures and operations are approved and overseen by the Department of Justice and Equality and An Garda Síochána.

Hotline.ie would not be able to fulfil its mission without the public's vigilance and readiness to report suspect images/videos of children or other forms of suspected illegal content online within the Hotline.ie remit. We highly value the support received from the public; our members, partners and stakeholders and we take your personal data privacy very seriously. We are fully committed to compliance with applicable data protection laws, to keep data collected through the Hotline.ie reporting service private and confidential at all times, and to keep up-to-date with legislation changes such as the introduction of the GDPR.

In processing reports submitted to Hotline.ie for the fulfilment of our remit and to the extent that this is personal data, we are doing so for reasons of substantial public interest and for preventing the availability and spread of child sexual abuse images/videos which are documented evidence of a crime being committed, a child being sexually exploited and often actually raped. The Hotline.ie service is provided under special agreement with Government and law enforcement.

Please note that GDPR requires us to minimise the data we keep unless it's required for the provision of a service or for existing legal requirements (such as Revenue purposes), therefore we use best efforts to keep your data only for as long as it's needed for the original purpose we collected it. To the extent that it is personal data, in most cases we collect information that is given to us by you, either through the submission of a non-anonymous report (through the use of Hotline.ie web-reporting forms, email, TAM or post); membership application; recruitment e.g. if you choose to apply for a role with Hotline; information with a view to forming a business relationship.

Once we receive your personal data, we will employ appropriate physical and technical measures to secure your data, including staff training and awareness. These measures will be reviewed regularly and changed/updated as required.

Please take a moment to read this Privacy Statement carefully to familiarise yourself with our views and practices regarding your personal data and how we treat it. By visiting our website you are accepting and consenting to the practices described in this Privacy Statement.

Cookie Policy

A cookie is a small text file that is sent to your computer's hard drive when you visit a website. A cookie typically contains the name of the website from which it has come, the lifespan of the cookie and a value. The value is usually a unique code that will only make sense to the website that has issued it. Cookies can also be used to measure how people use websites and what kind of browsers or devices they're using.

www.hotline.ie does not use Cookies to keep any information relating to website usage by our users and we do not make any attempt to try to identify users or their browsing activities.

Where we provide links to other websites that are not owned or managed by Hotline.ie we cannot be held responsible for the privacy of data collected by those sites. You should consult each website's respective Privacy Notice or Policy if you have any concerns or would like further information.

Making a report to Hotline.ie

The Hotline.ie website is HTTPS (Hyper Text Transfer Protocol Secure), which means the information is encrypted all the way from the reporter's device to the Hotline web-server so that no one "in between" can read it.

If you make an anonymous report submission to Hotline.ie – through our online reporting form(s)

Reports can be made to www.hotline.ie either anonymously or non-anonymously. If you opt to make an anonymous report submission, you can do so without providing any personally identifiable information and please know we do not attempt to collect such information via cookies or scripts.

If you opt to make NON-anonymous report submission to Hotline.ie – through our online reporting form(s)

In the event that you wish to receive a report acknowledgement or be contacted about your query, you will have to opt for a non-anonymous report submission. Subsequently we will require at least your name and email address. Personally identifiable information submitted to www.hotline.ie when making a non-anonymous report will be stored in our secure database. Please note that by providing your contact details to us, you consent to us storing them for the above mentioned purpose.

Personal data relating to persons making a report to Hotline.ie, held by us, is not transmitted to any third-party or law enforcement agencies. We do not pass on personal details to law enforcement without a court order or your express written permission. However, in rare circumstance it may be necessary or advisable for us to disclose your details to law enforcement, where not to do so would pose a potentially immediate risk of serious harm to a child or other person(s). In such case we regard the disclosure to be either in the public interest, or as a legitimate interest for the purpose of preventing the spread of child sexual abuse material.

Once your NON-anonymous report has been investigated and closed, your contact data is automatically deleted within 90 days. Please be aware that if you make more than one NON-anonymous report with the same details, each instance of reporting starts that 3 month retention period again. Therefore, if you do not wish for your details to be retained for that period following each report you may prefer to go back a step and report anonymously.

If you make a report submission to Hotline.ie via email

It is more efficient for the Hotline to process reports made using our online reporting form(s). We prefer to receive reports via the web-reporting reporting forms, as these are designed to request relevant technical details based on e.g. where the content was encountered, suspicion, URL (link) how to access the content being reported etc., key in the assessment process. Moreover, the web-reporting forms have integrated help boxes that will guide you through the steps or provide further details on information required.

Please only use the email address provided on the website (Contact Us page) if for some reason you believe our online reporting forms are unsuitable.

Please note that when you email Hotline.ie your email service automatically includes your email address with the message. If you do indeed wish to proceed with the submission of a report via email, you are consenting to us storing personally identifiable information that is being provided. This information will be held in our secure database while the reported material is being investigated. Once the report has been investigated and closed, the contact data is automatically deleted within 90 days. Be assured that your personal details, held by us following your email report submission, will not be transmitted to any third-party or law enforcement agencies. We do not pass on personal details to law enforcement without a court order or your express written permission. If you do not wish for your details to be retained for that period you may prefer to instead submit a report anonymously through our web-reporting forms.

Hotline.ie Members and our Partnerships

Members

If your organisation chooses to join our Membership, our team will be in touch to explain the details they'll need from you that will be used to communicate with you in the delivery of our services. Key to this, for example, will be the information that you submit when you complete the Membership Application form and return it to membership@hotline.ie or via post to our office address, which would include, inter alia, contact details (names, phone numbers and work email addresses) of your designated team members so that we can successfully work together.

In processing this information with a view to forming a business relationship we're initially processing the data with a legitimate interest. In working with any third parties we ensure robust due diligence is carried out, and formal arrangement are in place to ensure the security and confidentiality of any personal data that may be processed in working with them.

Partnerships

Transnational crime such as online child sexual abuse and child sexual exploitation requires coordinated national and international multi-stakeholder approach. We work in partnership with a number of highly regarded and varied organisations across the world for the purpose of combatting online child sexual abuse. For example we work with: Government, An Garda Síochána and international law enforcement agencies such as INTERPOL, Internet Industry [online service providers], other NGOs, INHOPE – the International Association of Internet Hotlines and INHOPE member hotlines engaged in combatting online child sexual abuse material.

These partnerships come in many forms and are managed through a mix of formal agreements, legal contracts, initiatives and collaborations. Be assured that where personal data (including that of our staff or any contractor(s) working on our behalf) is processed in order to carry out any such partnership, it is done securely and within the confines of the law.

At national level – for example – Hotline.ie is part of the Irish Safer Internet Centre The Irish Safer Internet Centre is a consortium of Industry, education, child welfare and Government partners, providing a range of functions and activities to make the Internet a safer and more positive environment for children and young people. Webwise, PDST Technology in Education provides the Irish Internet Safety Awareness Hub; Hotline.ie provides the primary national channel where the public can securely, anonymously and confidentially report suspected illegal content online, especially child sexual abuse and activities relating to the sexual exploitation of children in a way; ISPCC – Childline – provides 24 hours confidential Helpline service for all children up to 18 years; while NPC provides Helpline service to parents and guardians. The Department of Justice and Equality, is the Project Coordinator. Since 2008 the partnership has been appointed by the European Commission as the Safer Internet Centre for Ireland and is one of 30 Safer Internet Centres in Europe. Further information about our Irish Safer Internet partners and their Privacy Policy can be found on their websites.

At international level – for example – we are one of the founding members of INHOPE, the International Association of Internet Hotlines INHOPE is a membership organisation uniting 47 Internet Hotlines in 43 countries worldwide (incl. Hotline.ie). INHOPE's mission is to support and enhance the work of hotlines by managing a secure international report management system (ICCAM) which enables efficient and secure processing of illegal content between hotlines in different jurisdictions. The ICCAM platform is managed by INHOPE in collaboration with INTERPOL and developed with funding from the European Union. Additionally, INHOPE establishes policies and best practice standards for hotline operations (e.g. technical safeguards) and ensures they are uniformly applied by existing and new member hotlines. INHOPE is also responsible for expanding the network of trust by supporting the establishment of new hotlines particularly in countries where there would appear to be a need for hotline service.

Further information about INHOPE and their Privacy Policy can be found on their website https://inhope.org.

Recruitment and employees

If you choose to apply for a role with Hotline.ie you will be asked to complete a standardised application form in addition to your CV. Within the application form you will be asked for your name and contact details. We will also ask for your prior employment experience, education, referees and we'll ask that you answer specific questions regarding the role you're applying for. All the information you provide during the recruitment process will only be used for the purpose of progressing your application or to fulfil legal or regulatory requirements if necessary.

The information will be accessible to our recruitment team and will not be made available to anyone outside of our recruitment team. Our recruitment team will be in touch with shortlisted applicants to make arrangements for any interviews and to discuss the format that these may take. We do not collect more information than we need to fulfil our stated purpose and will not retain it for longer than necessary. Successful candidates will be requested to provide the necessary information for payroll processing and payment purpose along with emergency contact details, so we know who to contact in case you have an emergency at work.

We retain data with respect to our current employees to allow us to fulfil our requirements of their employment contract and relevant legal obligations.

We retain data with respect to former employees for a period of six years following the end of their contract in case of reference requests. This information will subsequently be appropriately and securely disposed of, unless otherwise required for example details retained for pension purpose.

Personal information from unsuccessful candidates will be retained for a maximum of six months following closure of the job posting in case of queries after which time it will be appropriately and securely disposed of.

Communications

Our primary channel of communication with the general public, interested parties and stakeholders is our social media feed such as Twitter (@Hotline_ie), where we post articles, news, snippets of information that we feel could be of interest.

It is the responsibility of users of sites such as Twitter to maintain their own personal privacy settings. As the controller of our social media account(s) we reserve the right to have abusive or offensive content by users blocked or removed and will report any such behaviour to the social network at hand.

Where links to third party websites are provided we cannot be held responsible for the privacy of data collected by those sites. You should always consult each website's respective Privacy Notice or Policy if you have any concerns or would like further information.

Links to other websites

We do our utmost to protect user privacy through the appropriate use of security technology: we ensure that we have appropriate physical and technological security measures to protect your information; and we ensure that when we outsource any processes, the service provider has appropriate security measures.

Please note that our website contains links to other websites owned and operated by third parties. These third-party websites have their own Privacy Policy. We bear no responsibility or liability for the privacy practices of such third party websites and we urge you to review the Privacy Policy or Notice of any website you may access through our website.

Your rights

Subject to Section 60 of the Data Protection Act, 2018 and any associated Regulations, the GDPR specifies the following rights for data subjects:

  • right to be informed
  • right of access
  • right of rectification
  • right of erasure
  • right to restrict data processing
  • right to data portability
  • right to object to processing
  • right in relation to automated decision making and profiling [we do not undertake automated decision making or profiling]

If you make a request relating to any of the rights listed above, we will consider each request in accordance with all applicable data protection laws and regulations and respond in the first instance within one month of receipt.

No administration fee will be charged for considering and / or complying with such a request unless the request is deemed to be excessive in nature. If a complex request is received, we may need to extend the period to a further two months in order to respond appropriately. We will inform you of the reasoning behind any extension.

Upon successful verification of your identity you are entitled to obtain the following information about your own personal information:

  • the purposes of the collection, processing, use and storage of your personal data
  • the source(s) of the personal information, if it was not obtained from you
  • the categories of personal data stored about you
  • the recipients or categories of recipients to whom your personal data has been or may be transmitted, along with the location of those recipients
  • the envisaged period of storage for your personal data or the rationale for determining the storage period

Should you wish to exercise any of your rights please contact us at info@ispai.ie.

You have the right to lodge a complaint directly with the Data Protection Commission if you believe your data has not been processed in the stated way or in accordance with GDPR. You can contact the Data Protection Commission +353 (0)761 104 800 or +353 (0)57 868 4800. For more details on how to contact the Data Protection Commission please visit their website.

Links to other websites

We do our utmost to protect user privacy through the appropriate use of security technology: we ensure that we have appropriate physical and technological security measures to protect your information; and we ensure that when we outsource any processes, the service provider has appropriate security measures.

Please note that our website contains links to other websites owned and operated by third parties. These third-party websites have their own Privacy Policies. We bear no responsibility or liability for the privacy practices of such third party websites and we urge you to review the Privacy Policy or Notice of any website you may access through our website.

Personal data breaches

The GDPR defines a personal data breach as "a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed."

We take any suspicion of a personal data breach seriously and will fully investigate. In accordance with GDPR, the Data Protection Commission will be notified without undue delay where a breach is likely to result in a risk to the rights and freedoms of the data subject(s) involved. Where a high risk is identified those who may be impacted will be notified also.

Changes to this Privacy Statement

We reserve the right to make changes to this Privacy Statement. Therefore, you may wish to check for amendments any section that is important to you each time you visit our website. This Statement was last updated in May 2020.



Hotline.ie is a registered business name of Internet Service Providers Association of Ireland CLG, Registerd Company No. 285632

Copyright Internet Service Providers Association of Ireland © 2008—2020. All rights reserved. To protect your privacy this website does not use cookies.