Privacy and Terms of Use

Introduction

This page sets out terms of use for the website www.riai.ie.
The terms of use are set out in two sections: Legal Disclaimer; Privacy Statement.

Legal Disclaimer

The Royal Institute of the Architects of Ireland (RIAI) is charged with various regulatory responsibilities under the Building Control Act 2007 in relation in the admission and professional conduct of architects and therefore cannot provide specific advice in relation to particular facts concerning complaints against architects. There are designated statutory bodies namely, the Professional Conduct Committee, the Appeals Body and the Registrar who have a role in relation to such matters. Accordingly, the Royal Institute of the Architects of Ireland is limited to assisting you in relation to your access to the services offered by these bodies.  Nothing said by or on behalf of the Royal Institute of the Architects of Ireland in doing so is to be taken as advice.

The RIAI is registered in Ireland.
Company Registration Number: 003498.
Company Registered Address: 8 Merrion Square, Dublin 2

The information contained in this Site is for general guidance on matters of interest only. The application and impact of laws can vary widely based on the specific facts involved. Given the changing nature of construction laws, rules and regulations, and the inherent hazards of electronic communication, there may be delays, omissions or inaccuracies in information contained in this Site.

Accordingly, the information on this Site is provided with the understanding that the authors and publishers are not herein engaged in rendering professional advice and services. As such, it should not be used as a substitute for consultation with competent professional advisers. Before making any decision or taking any action, you should consult a RIAI staff member.

While we have made every attempt to ensure that the information contained in this Site has been obtained from reliable sources, the RIAI is not responsible for any errors or omissions, or for the results obtained from the use of this information. All information in this Site is provided "as is", with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability and fitness for a particular purpose.

In no event will the RIAI, its related partnerships or corporations, or the partners, agents or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this Site or for any consequential, special or similar damages, even if advised of the possibility of such damages.

Certain links in this Site connect to other Web Sites maintained by third parties over whom the RIAI has no control. The RIAI makes no representations as to the accuracy of information contained in other Web Sites.

Privacy Statement

Introduction

The Royal Institute of the Architects of Ireland (the “RIAI”, “we”, “us”, “our”) of 8 Merrion Square, Dublin D02YE68 is a data controller for personal data provided by you. That means we are responsible for deciding how we collect, hold and use your personal data.

We have created this Privacy Statement to demonstrate our commitment to the privacy of your data, to inform you of the data that we collect and the uses we make of your data in the course of our day to day business and activities.

We collect and use your data in accordance with this Privacy Statement and in compliance with applicable data protection legislation.

Depending on your interaction with us the type of data we hold about you will vary. It is important that you read and retain this Statement when we are collecting your data, including any data you may provide through the RIAI website (‘our Website’), so that you are aware of who we are, how and why we collect your data and how you can exercise your rights in relation to our processing of your data.

It is important that the data we hold about you is accurate and current. Please keep us informed if your personal information changes

If you have any queries in relation to our use of your data you may contact dataprotection@riai.ie.

Data we may collect from you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed such as aggregated statistical or demographic date and anonymous data.

We may collect different types of personal data about you.

Identity data: First name; last name; organisation or employer; date of birth; gender; nationality; evidence of identity; signature; professional and academic qualifications; accreditations; evidence of CPD compliance; record of attendance at RIAI events.

Contact data: Postal address; eircode; phone number and email address.

Payment data: Bank account details (for the purpose of direct debit) and details of fees paid to us and how they are paid. Payment transactions are via a hosted payments service, which means that the payment card details are not processed or retained by us, and are encrypted using SSL technology.

Technical data: IP address of web server; login data; web browser type and version (Google Chrome, Microsoft Internet Explorer, Firefox, Safari and Opera); time zone setting; broad geographic location (country or city level); operating system and platform; internet service provider, top level domain name (.ie, .com, .org, .net) and other technology on the devices/software you use to access our Website.
The IP address is the identifying details for your device, or your internet company’s computer, expressed in "internet protocol" code (for example, 192.168.72.34). Every device connected to the web has a unique IP address, although the address may not be the same every time a connection is made.

Profile data: Your username and password for logging onto the membership section of our Website where we have given you (or where you have chosen) a password. You are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Traffic or user journey data: Includes information about how you use our Website.

Email data: Open rate/click rate data on emails sent from our email marketing platform.

Data that you provide to us when you interact with our Website

Our Website is operated by us. When you visit our Website we collect certain technical and traffic or user journey data automatically from your device. Collecting this information enables us to better understand your interaction with our Website and what content on our Website is of interest to you. We collect this data by using cookies or other similar tracking technologies across our Website.

We make no attempt to identify individual visitors to our Website, or to associate technical data with any individual visitor. We do not disclose technical data to any third party (apart from our internet service provider, which records the aggregated data on our behalf and which is bound by confidentiality provisions in this regard), unless obliged to disclose such information by law. The technical data is used only by us, and only for statistical analysis and other administrative purposes. Please note that we may implement IP Anonymization on our Google Analytics account.

How we use cookies

Cookies support the provision of information and resources on our Website and provide us with information about how our Website is used so that we can make sure the website is easier to use, up to date, relevant and error free.

A cookie does not provide us with access to your device or any information about you, other than the data you choose to share with us. We use traffic log cookies to identify which webpages are being used. This helps us analyse how you move around different sections of our Website for analytics purposes and how you use the information and resources on our Website. We use the aggregated technical data and the traffic or user journey data for statistical analysis purposes and then the data is removed from the system.

We may also avail of tracking pixels within emails from our email marketing platform. Such pixels are used to monitor click rate and your engagement with our correspondence. This allows us to tailor content for our marketing campaigns and evaluate members’ engagement more accurately.

Links to other websites

Our Website may contain links to other third party websites, plug-ins and applications of interest. Once you have used these links to leave our Website you should note that we do not have any control over other websites, plug-ins or applications and by clicking on those links or enabling those connections you may allow third parties to collect or share your data. Therefore, we cannot be responsible for the protection and privacy of any data which you provide whilst visiting such sites and such sites are not governed by this Privacy Statement.

For example, if you use the social media functions such as “like” or “share” button that are on our Website, or if you visit our social media page, you should note that your data will be processed by the social media platform. We ask you to read the privacy statement of the social media platform before visiting the social media items on our Website or our page on the social media platform.

For example, we may from time to time use Facebook Advertising, Facebook Pixel Re-Marketing, and communications. The data collected remains anonymous and we cannot access information about you. However, the collected data is saved and processed by Facebook. Facebook may be able to connect the data with your Facebook account and use the data for its advertising purposes in accordance with its data use policy. Facebook has ultimate control of the information gathered through Facebook Advertising, Facebook Pixel Re-Marketing, and communications. You can opt out of Facebook’s use of cookies and Facebook Pixel Re-Marketing through settings on your Facebook Account.

Data that you provide to us

Most of the personal data we collect is obtained when you provide it directly and voluntarily to us including, but not limited to the following scenarios:

  • By joining our mailing list or by signing up to receiving the RIAI Public Newsletter;
  • By filling in forms from our Website or registering for RIAI events;
  • By interactions with us, by phone, written correspondence, email or otherwise, including contact made with us in relation to administering our relationship with you, our membership functions and our regulatory functions;
  • By providing information relating to third parties which you may provide to us;
  • By participating in questionnaires and research surveys.

Data we receive from other sources

We receive data from third parties who we work closely with including our IT, payment and analytics service providers, universities, third level institutions and other competent authorities in the course of administering our relationship with you, and in the performance of our membership functions and our regulatory functions.

Why we use your data

We support the architectural profession and promote the value of architecture in improving the quality of the built environment and its public benefit as set out in our Constitution. We work to support sustainable careers for our members in the practice of architecture and architectural technology through advocacy, collegiality and professional development and education.

We are the registration authority and competent authority for architects in the state for the purposes of the Building Control Act 2007 and EU Directive 205/36/EC. We work to protect the public by maintaining the Register of Architects and the standards for the profession of architecture through accreditation of qualifications in architecture, the Code of Conduct, the fitness to practice complaints procedure and by maintaining standards of design and construction in the built environment.

Practice & Member Services: Develops the provision of services and resources to our members in the practice of architecture; Conducts and commissions research and development in architecture, conservation, construction, urban design, sustainability, the built environment and associated arts and sciences; Commissions research surveys to evaluate the quality and impact of services delivered to our members; Uses the aggregated statistical or demographic data devised from research surveys to inform our policies and strategy; Facilitates the provision of information and advice to members of the public.

Education: Accredits qualifications and examinations in architecture and architectural technology to ensure the training of architects in the state meets the requirements of EU Directive 205/36/EC; Ensures the proper management and functioning of CPD compliance; Develops and delivers professional development, education and accreditation through courses, resources, workshops and webinars Facilitates engagement with students of architecture and architectural technology.

Publications, Promotions & Marketing: Develops and promotes the work of our members and the value of architecture to the built environment; Maintains and administers our Website; Develops and delivers awards, competitions, publications, conferences and networking events; Records events and keeps a record of the history of the RIAI.

Registration: Maintains the Register for Architects; Delivers and manages the registration, admissions and membership functions; Delivers the fitness to practice complaints function; Manages consumer mediation procedures.

Administrative & Finance: Conducts our day to day business and ensures the proper management and functioning of the RIAI; Enables our Boards, Councils, Committees, Assessor Panels, Juries, Task Forces & Regional Groups to fulfil their functions; Manages and administers contracts and relationships including with third party suppliers and service providers, creditors and debtors; Complies with legal, accounting, regulatory and reporting obligations to which we are subject.

How we use your data

We collect and use your data in order to manage and administer our core business and activities namely but not limited to, supporting, promoting and regulating the architectural profession in the state for the purposes of:

  • To administer our Website and to enable your access to and use of our Website services;
  • To perform our functions and objectives as set out in our Constitution;
  • To provide information about our services, resources and activities that are beneficial to our members and in our legitimate interests;
  • To perform our contractual relationship with you when you register to attend RIAI events, to administer your event booking and to provide you with relevant information about the event.
  • To administer our relationship with you where you have joined our mailing list for the purposes of sharing information with you about our services, resources and activities. You are free to opt-out of this communication at any time and we will always provide you with a way of doing so;
  • To comply with our regulatory functions pursuant to the Building Control Act 2007;
  • To perform contracts we are about to enter into or have entered into with you;
  • To comply with legal obligations to which we are subject.

Purpose limitation

We will only use your data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

You should note that we may process your personal data without your knowledge or consent, in compliance with applicable data protection legislation, where this is required or permitted by law.

Legal basis

We collect and use your data on one or more of the following lawful grounds depending on the nature of the data and the purpose for which we collect it:

  • You have given your consent to the processing of your data for one or more specific purpose. You have the right to withdraw consent at any time. Under applicable data protection legislation consent must be freely given, specific and informed. We provide an opt-in tick box, or an explicit statement for signature. Consent must set out each processing activity/purpose with a number of opt-in tick boxes setting out primary and, if applicable, secondary purpose.
  • It is necessary to perform a contract we are about to enter into or have entered into with you;
  • It is in our legitimate business interests to process your data for the purpose of conducting our core business and activities and ensuring the proper management and functioning of the RIAI and we have ensured that there is fair balance between our legitimate interest and your fundamental rights and freedoms. Before we process your data in the exercise of our legitimate interests we assess any potential impact on your rights and interests and apply a balancing test to ensure we do not use your data for activities where our interests are overridden by the impact on you. We take into account your reasonable expectation in relation to the use of your data based on your relationship with us. Where the processing of the data is carried out for our legitimate interest you have the right to object to the processing.

For example, we may have a legitimate interest in providing your name and organisation (if provided) at a CPD or a networking event for the purpose of running such events in an efficient and productive way. We will only provide information about the event comprising attendees name and organisations (if provided) where we are satisfied that our legitimate interest is not outweighed by your rights or interests. We will consider if you may expect an attendee list to be provided and if you may find name badges useful. In this situation your legitimate interest may provide a basis to use your data in this way. We will ensure that your data is processed solely for the purpose of providing information about the event and is not repurposed and used for a marketing purpose unless consent was obtained at the outset.

For example, we may have a legitimate interest in engaging a market research provider to conduct market research on our behalf for the purpose of using the aggregated statistical and demographic data derived from the survey to evaluate the services delivered to our members and to inform our policies and strategy as set out in our Constitution. We will only provide limited data to a market research provider for the purpose of that provider inviting our members and stakeholders to participate in the survey on our behalf and for the purpose of weighting the survey data to ensure the survey results are representative of the total membership where we are satisfied that our interest is not outweighed by the interests or rights of our members. We will ensure that the data is processed solely for the purpose conducting the market research services on our behalf and for no other purpose;

  • It is necessary and proportionate for the performance of our regulatory functions pursuant to the Building Control Act 2007 and EU Directive 2005/36/EC and as set out in our Constitution;
  • It is necessary to comply with a legal obligation to which we are subject or where the processing is necessary for the establishment, exercise or defence of actual or prospective legal claims;
  • It is necessary and proportionate for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
  • Where the processing of special category data is necessary and proportionate for the performance of a function conferred by or under an enactment.

For example, you may provide health related information to us in the context of our evaluation of your annual charge and/or CPD requirements.

Data protection principles

We ensure that your data is:

  • processed lawfully, fairly and transparently;
  • processed for specific, explicit and legitimate purposes only, and not in any manner incompatible with those purposes and processed under the one or more of various legal bases depending on the purposes for which it is collected;
  • adequate, relevant and limited to what is necessary for the purposes for which it is collected;
  • accurate and, where necessary, kept up to date;
  • not kept in an identifiable form for longer than is necessary for the purposes for which it is collected;
  • processed in a manner that ensures appropriate security of the data.

Disclosure of your data

We may disclose your data to third party service providers working directly on our behalf such as providers of IT, communications, technical, payments, CRM, marketing, events, printing, security and administrative services, legal and professional advisors, auditors, insurers, market research providers, researchers and consultants.

In all instances we will ensure that your data is given the appropriate level of protection and that such processors are subject to a contractual arrangement to ensure that your data is processed for only the purpose of providing us with their services and no other purpose.

For example, when you register with an event partner to attend a specific partnership event we will ensure that your data is processed solely for the purpose of providing information about the event and is not repurposed and used for a marketing purpose unless your consent was obtained at the outset.

In certain circumstances we may be obliged to provide information to competent regulatory and supervisory authorities in the course of the exercise of our regulatory functions under the Building Control Act 2007  and EU Directive 205/36/EC or as required by law.

Transfer outside the European Economic Area

In certain circumstances we may utilise some products or services or parts of them that may be hosted or stored outside the European Economic Area (“EEA”) and may transfer your data to service providers or recipients outside the EEA including to a jurisdiction which is not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union.

We only transfer your data to recipients outside the EEA when it is necessary for the services we provide to you, and subject to safeguards that assure the protection of your data in accordance with applicable data protection legislation.

If and to the extent that we do so, we will ensure that appropriate measures are in place to comply with our obligations under applicable law governing such transfers. These may include entering into a contract governing the transfer that contains the ‘standard contractual clauses’ approved for this purpose by the European Commission to protect the privacy and security of your data. Such clauses impose strict obligations on recipients to handle your data in accordance with European standards. We may also rely on adequacy decisions of the European Commission to ensure such transfers are lawful.

Storage of your data

We use appropriate technical and organisational measures to protect your data from accidental or unlawful destruction, loss or alteration, and from unauthorised disclosure or access. Our security measures on our online systems include SSL, encryptions and restricted access.

Retention of your data

We will retain your data for as long as is necessary to fulfil the purpose for which it was collected and in accordance with our legal, accounting and reporting obligations and our regulatory functions. This means that the retention period for your data will vary depending on the nature of the data, the purpose for which it is processed, our relationship with you and how long we need to keep the data in order to meet our reasonable business purposes in the proper management and administration of our core business and activities.

  • Where you have contacted us with a request, query, complaint, or for any reason, we may keep a record of that correspondence for as long as it is necessary regarding the subject matter of your contact, and to ensure compliance with our legal obligations and regulatory functions.
  • Where you have consented to us using your data by joining our mailing list, we will keep such data until you notify us otherwise and/or withdraw your consent.
  • Where you have entered into a contract with us, we may hold some of your data for a period of seven years from the date of completion of the contact.
  • We have certain legal obligations to retain your data for set periods of time. When we assess how long we keep the data we take into account whether the data may be required for the establishment, exercise or defence of actual or prospective legal claims. If the data is required for this purpose, we may keep it until the statute of limitations runs out in relation to the type of claim that can be made.

Special categories of data

Owing to our legal obligations and our regulatory functions pursuant to the Building Control Act 2007 we sometimes need to process sensitive personal information (known as special category data). Where we collect such information, we will only request you to provide and process the minimum data necessary for the specified purpose.

Automated decision making and profiling

We do not use any personal data for the purpose of automated decision-making or profiling.

Your rights

You have rights in relation to your data, in certain circumstances and subject to certain exemptions.

Request access: You have the right to request a copy of the data that we hold about you, together with other information about our processing of that data.

Request rectification: You have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete data you may request that we update the information such that it is complete.

Request erasure: You have the right to request us to delete the data that we hold about you. This is sometimes referred to as the ‘right to be forgotten’.

Request restriction of processing or object to processing: You have the right to request that we no longer process your data for a particular purposes, or to object to our processing of your data for particular purposes.

Request transfer: You have the right to request us to provide you, or a third party, with a copy of your data in a structured, commonly used machine readable format.

If we receive a request from you to exercise any of the above rights, we will ask you to verify your identity to a varying degree based upon the information sought, before acting on the request. This is to ensure that your data is protected and kept secure.

You have the right not to be the subject of a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or significantly affects you.

Withdrawal of consent - If you have given your consent to the collection of your data for one or more specific purposes and we are relying on that consent to process your data you have the right to withdraw consent at any time and as easily as it was to give. You should note this does not affect the lawfulness of processing which took place prior to the withdrawal of consent or the lawful processing of your data on grounds other than consent.

If you are unhappy with how we process your personal data we ask you to contact us so that we can rectify the situation. If you would like to request access to your personal data or ask that we amend your data or seek an erasure of your data please do so by emailing dataprotection@riai.ie.

We hope you are happy with how we use your personal data but if you are not you may lodge a complaint with the Data Protection Commissioner. Details of how to lodge a complaint and online complaint form can be found at www.datapotection.ie and https://forms.dataprotection.ie/contact.

Last updated 13 June 2022