Sustainable Energy Authority of Ireland (SEAI)

Updated: February 2020

Does your organisation use the PPSN at present?

Yes

If so, for what purpose?

• as a grant-making Authority for processing some grant applications;
• as an employer for processing employee payroll, and pensions;
• to register certain suppliers for payment purposes; and
• as administrator of the BER programme, to process payments from BER Assessors.

Does your organisation exchange the PPS number with any other body? If so please name the relevant bodies and the purpose(s) of the exchange?

We exchange PPS numbers with the HSE for the joint administration of the Warmth and Wellbeing Scheme. Staff of the HSE assist the applicants to fill out application forms for the grant scheme, which include PPS numbers. SEAI receives and process these forms in order to arrange for the works to be carried out in the homes of the applicants.

We exchange PPS numbers with the Department of Communications, Climate Action & Environment and the Department of Expenditure & Reform for the administration of pension scheme data.

We use the Revenue online system (ROS) in order to validate PPS numbers for payment purposes

Core exchange PPS numbers for employees for processing employee payroll, and pensions

Does your organisation have any other plans involving the use of the PPS number?

No

There is a duty to ensure compliance with the principles of processing personal data which are set out in Article 5(1) and 5(2) of the GDPR. These principles are summarised as follows

• Process it lawfully, fairly, and in a transparent manner;
• Collect it only for one or more specified, explicit and legitimate purposes, and do not otherwise use it in a way that is incompatible with those purposes;
• Ensure it is adequate, relevant and limited to what is necessary for the purpose it is processed;
• Keep it accurate and up-to-date and erase or rectify any inaccurate data without delay;
• Where it is kept in a way that allows you to identify who the data is about, retain it for no longer than is necessary;
• Keep it secure by using appropriate technical and/or organisational security measures;
• Be able to demonstrate your compliance with the above principles; and
• Respond to requests by individuals seeking to exercise their data protection rights (for example the right of access)

Have you measures in place to ensure that the Public Service Identity data you hold/collect whether in electronic or written format is in line with the GDPR Principles described above?

Measures are in place. These measures have not yet been audited but are due to be considered as part of a GDPR compliance audit scheduled to begin in June 2020.