Privacy Statement

Privacy Statement

Privacy Statement:

GDPR Limited and the Data Protection Group are staffed by qualified
and experienced legal, Data protection and business professionals
who operate a Data Protection consultancy, remediation and training
business.

We wish to be clear about what data we collect and how it is used
when you visit our website and choose us to work with you in the area
of Data protection.

This statement tells you:

  • Why we collect your data
  • When we collect your data
  • How we collect your data
  • What we do with that data
  • What your rights are

If you wish to make any queries or exercise any of your data subject
rights under the GDPR please contact us on admin@gdpr.ie

Contact Form and Consent:
When you visit our site and fill out our contact form you consent to the
use of your information as described in this statement. If we make any
changes to our privacy policy we will communicate these changes to
you using the contact details you have given us. This will ensure you
are always informed about how your information is used and why.

Contact form and Training Booking Privacy Information and uses of your data:

We collect your information when you fill in our contact us/enquiry form
or purchase a training place on this website. This includes your name,
email address, phone number, company name (if provided) and any
comments you care to make in the notes section.

The lawful basis relied upon is that this processing is necessary for the
performance of a contract and/or legitimate interest.

We collect this information so that we can contact you and respond to
your query or provide you with additional information relevant to your
query or business.

We may also use this information for analysis and/or subsequent
marketing purposes for our services. We retain this information for no
longer than is necessary and use industry best practice and
methodologies to protect it.

We also obtain information on your IP address and what browser you
use and how you found our website. We use this information to
improve our website and help us direct and/or modify our services.
We will not sell, distribute or lease your personal information to third
parties unless we have your permission or are required by law to do
so.

Payment Information.
We use third-party providers for processing payments (Stripe and
Paypal) your financial data is securely collected and processed by
them and is not stored or accessed by us.
The lawful basis relied upon is that this processing is necessary for the
performance of a contract and/or legitimate interest.

Accounting and Financial data.
We collect financial and contact data for the purposes of paying and
sending invoices. We also collect financial data to comply with Irish tax
law for our customers and staff and this includes but is not limited to
PPS numbers, Bank account details, VAT numbers, personal contact
details, company contact details and next of kin details.

The lawful basis relied upon is that this processing is necessary for the
performance of a contract and/or legitimate interest.
We will not sell, distribute or lease your personal information to third
parties unless we have your permission or are required by law to do
so.

Training Courses and Seminars:
We provide a variety of direct training courses and seminars. In order
to deliver these the following categories of data are collected – Contact
details (attendee names, email addresses, phone numbers and
company contact details)

The lawful basis relied upon is that this processing is necessary for the
performance of a contract and/or legitimate interest.

Recipients:
We share your data with our payment providers and any providers with
whom we have a contractual relationship in order to deliver our services
to you through this website or professionally.

Under some circumstances, we are obligated to share personal data
with third parties with whom we have no contractual relationship.
Recipients of personal data may include: the Irish revenue commissioner
and also law enforcement should this be required for the investigation,
detection, or prosecution of criminal offences.

Your rights in relation to your personal data:
In line with Data Protection legislation, you have the following rights.
You can;

  • Request a copy of the data we hold on you
  • Request that we amend the data (rectify)
  • Request details on how we process your data
  • Request details with whom we may share your data ( or if we do)
  • Object to our use of your data or any use of your data.
  • Block any specific uses

Have your data erased or removed from our systems unless we
have to retain this data to comply with a legal obligation by
European or Member State law or unless we have an overriding
interest to retain it.

If you wish to exercise any of these rights please contact us
on admin@gdpr.ie

Data Retention

All data we collect in the course of normal business or of our
employees is retained for no longer than is necessary in line with
relevant legislation and our data retention policy.

Cookies:
If you leave a comment on our site you may opt-in to save your name,
email address and website in cookies. These are for your convenience
so that you do not have to fill in your details again when you leave
another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a
temporary cookie to determine if your browser accepts cookies. This
cookie contains no personal data and is discarded when you close
your browser.

When you log in, we will also set up several cookies to save your login
information and your screen display choices. Login cookies last for two
days, and screen options cookies last for a year. If you select
"Remember Me" your login will persist for two weeks. If you log out of
your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in
your browser. This cookie includes no personal data and simply
indicates the post ID of the article you just edited. It expires after 1
day.

Embedded content from other websites:
Articles on this site may include embedded content (e.g. videos,
images, articles, etc.). Embedded content from other websites behaves
in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed
additional third-party tracking, and monitor your interaction with that
embedded content, including tracking your interaction with the
embedded content if you have an account and are logged in to that
website.

Analytics are anonymised on google and stored for 14 months. Industry regulatory disclosure requirements.

YouTube
Our website uses plugins from YouTube, which is operated by Google.
The operator of the pages is YouTube LLC, 901 Cherry Ave., San
Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you're logged in to your YouTube account, YouTube allows you to
associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://policies.google.com/technologies/product-privacy

Website Security & Performance
Our server logs will contain IP addresses which are stored for a period in keeping with our day to day maintenance and backup of our website and its plugins. We Store backups for 1 week and have at least 3 backups on rotation in a 7 day period. This information is stored in a secure and encrypted environment. All data transmitted through our websites is done so using 2048-bit keys in secure SSL certificates. Credit card transactions are handled through our back office using Stripe Inc and PayPal Inc.

Contact Details

If you wish to exercise any of these rights please contact us on admin@gdpr.ie

Additional Contact Details

GDPR Limited t/a The Data Protection Group
Level 1, The Chase,
Carmanhall Road,
Sandyford,
Dublin. D18 Y3X2
Company Number: 598036
Company Registered Office: 7 Parklands Office Park, Southern Cross
Road, Bray, Co. Wicklow