Data Protection Statement

 

Small Business Assistance Scheme for COVID (SBASC)

 

Your privacy is important to us and we are fully committed to keeping your personal information safe. This privacy statement is intended to provide you with information about the personal information we collect about you and how that information is used and shared. It also sets out your privacy rights. Please take a moment to familiarise yourself with our privacy practices so that you are fully aware of how and why we are using your personal data.

 

  1. Data Controller

The Minister for Enterprise, Trade and Employment (the “Department”) is the Data Controller for the Small Business Assistance Scheme for COVID ( the “SBASC”).

This means that we have certain responsibilities when we process or “use” your Personal Data. Part of these responsibilities include that we provide you with information about your personal data.  This information is set out in this Data Protection Statement.

 

  1. Our Data Protection Officer

We have appointed a Data Protection Officer, Ms. Celyna Coughlan for you to contact if you have any questions regarding this privacy statement, our privacy practices or if you wish to exercise your data rights.  Our Data Protection Officer can be reached by e-mail at: dataprotection@enterprise.gov.ie. We value your opinions. Should you have any questions or comments related to this privacy statement, please contact us at: dataprotection@enterprise.gov.ie.

 

  1. What is the Small Business Assistance Scheme for COVID (SBASC)?

The Small Business Assistance Scheme for COVID (the “SBASC”) is available to companies, self-employed, sole traders or partnerships, with a minimum turnover of €50,000 and are not owned and operated by a public body. The Scheme is open to firms that currently employ less than 250 and with current turnover of less than €25m. It is part of a number of supports being offered to businesses impacted by COVID-19.

 

Details of the SBASC include:

  • the business is not eligible for CRSS, the Fáilte Ireland Business Continuity Scheme, or the Department of Tourism, Culture, Arts, Gaeltacht, Sport and Media’s Live Performance Support
  • the business operates from a building, or similar fixed physical structure on which business rates are payable (mobile premises, or premises which are not permanently fixed in place, do not meet the definition of business premises nor do premises on which no rates are payable)
  • the business must have a current eTax Clearance Certificate from the Revenue Commissioners
  • the turnover of the business over the claim period is estimated to be no more than 25% of the average weekly turnover of the business in 2019; or the projected average weekly turnover of the business for 1 January to 31 March 2021, and 30 June 2021 where applicable, for businesses that commenced after 1 November 2019, and the financial plans as of end of 2019 should be uploaded with the application
  • the business intends to resume trading in full once government restrictions are eased
  • all eligible applications receive a first payment of €4,000
  • payments will be dispersed in the same format as rates refunds via bank transfer
  • applications should be made to your relevant Local Authority.

 

  1. Information we will collect in relation to the Small Business Assistance Scheme for COVID

In the context of this Scheme, we will collect personal data provided by you when you complete the Small Business Assistance Scheme for COVID application form. This personal data will include information such as your name, signature, address, eircode, contact details (e-mail address and phone number). We will also collect certain financial information and other information relating to your business that you have provided on the application form to the Local Authority as the Operator of the Scheme on behalf of the Minister (the “Department”).

 

  1. Why we are using your personal data?

The primary purpose for which we use your personal data is in relation to the submission and processing of your application for funding under the Small Business Assistance Scheme for COVID.

 

 

  1. What is our legal basis for using your personal data?

We are required by data protection law to indicate to you the legal basis which relates to our use of your personal data.  These are (as relevant):

 

 

  • Article 6(1)(c) GDPR – processing is necessary for compliance with legal obligations to which the Controller (i.e. the Minister; the “Department”) is subject.

 

  1. Who has access to the data?

Staff in the Department with responsibility for the oversight of the Scheme. The processing of information will be undertaken by the relevant Local Authority who will be required to share certain high level data sets with the Department for validation and reporting purposes. This information will be provided by the Local Authorities as the Operators of the Scheme on behalf of the Minister, (the “Department”). The source of this information will originate from the details that you have provided on your application form.

 

Your personal data may also be shared by us with third parties to meet our legal obligations (including audit requirements), applicable regulation or other lawful requests.

 

It is also important to note that information will be provided to the Revenue Commissioners by the Department and/or the relevant local authority via a secure file transfer mechanism. The purpose of this is to enable the Revenue Commissioners to confirm that I/we have not received a Covid Restrictions Support Scheme (CRSS) payment in Quarter 1 2021.

 

 

  1. Data storage and retention

We will not retain or use your personal information for any longer than is necessary.

 

Your personal data will only be retained for as long as it is needed to fulfil the purposes of the Small Business Assistance Scheme for COVID (the “SBASC”) and for a period of up to 5 years from the date of the closure of the Scheme in order to comply with legal and regulatory requirements.

 

  1. International transfers

We do not transfer your personal data outside the European Economic Area (EEA).

 

  1. Your data rights

You have certain rights under data-protection law in relation to how we use your personal information. You have the right, free of charge, to:

 

  • Request a copy of the personal information we hold about you. You can do this by completing a Subject Access Request (SAR) form. A copy of the form is available here.
  • *Rectify any inaccurate personal information we hold about you. If your personal data is incomplete, you have the right to have data completed, including by means of providing supplementary information.
  • Restrict processing of your personal information in certain limited circumstances (e.g. if you have contested the accuracy of your personal data, for a period enabling us to verify accuracy).
  • Not be subject to a decision which is based solely on automated processing where that decision produces a legal effect on you or otherwise significantly affects you. We do not make automated decisions of this nature.

 

We may take measures to verify your identity. We will do this by reference to copies of acceptable identification documentation supplied by you.

 

  1. Making a complaint

In the first instance, we would ask you to contact us directly if you have concerns about how we process your personal data. You can do this by e-mailing us at: dataprotection@enterprise.gov.ie.

 

You can also Make a complaint with the Data Protection Commission (DPC) if you have concerns about how we process your personal data.

 

  1. Changes to this privacy statement

We may update this privacy statement from time to time. If we make changes, we will notify you prior to the changes taking effect by posting a statement on our website.

 

 

 

11th March 2021