ICDL FOUNDATION PRIVACY NOTICE
INTRODUCTION TO ICDL FOUNDATION AND THIS NOTICE
1.1 We are ECDL Foundation, using the registered business name ICDL Foundation, with company number 259212 and address at Level 1, The Chase, Arkle Road, Sandyford, Co. Dublin, D18 Y3X2, Ireland (“we”, “our” or “us”). We are the controller of, and responsible for, your personal data collected on our website.
1.2 We are committed to respecting privacy and complying with all applicable data protection and privacy laws.
COLLECTION AND USE OF PERSONAL DATA FROM WEBSITE
2.1 ICDL Foundation collects the following from this website:
2.1.1 Technical information:
Technical details are logged for statistical and other administrative purposes. No information that could be used to identify website visitors is collected or retained. The technical details logged are confined to the following items:
· the IP address of the visitor’s web server
· the top-level domain name used (for example .ie, .com, .org, .net)
· the address of the website that sent the visitor to our website, possibly including search terms used to find our website
· data that shows how users have moved around this website (for example, pages accessed, the order in which they were accessed, or documents downloaded)
· information about the type of computer that the website visitor used (for example, the operating system, web browser, or type of mobile device used)
ICDL Foundation will make no attempt to identify individuals, or to associate the technical details listed above with any individual.
2.1.2 Embedded content from other sites:
Articles on this website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
LEGAL BASES
3.1 We process your Personal Data in accordance with applicable data protection law. Based on the specific circumstances, the legal basis for our processing is one of the following:
3.1.1 Consent. In certain cases, where required under the law, we process your Personal Data based on your specific and informed consent. For example, where you have opted-in to receive our marketing information you have voluntarily submitted your information and will be asked for consent, we may use your information to send you news and newsletters, special offers, and promotions, or to otherwise contact you about our services, or provide you with information you have specifically requested.
3.1.2. Legal Obligation. We may process your Personal Data when we need to comply with a legal obligation, meet our on-going regulatory and compliance obligations, including in relation to recording and monitoring communications, and regulatory or governmental bodies, and to investigate security incidents and prevent crime.
3.1.3. Legitimate Interest. We process Personal Data where it is necessary for our legitimate interests (or those of a third party). This includes activities related to everyday business operations, such as administrative tasks like troubleshooting, data analysis, system maintenance, support, reporting and hosting. We also use data analytics to improve our website, marketing, client and customer relationships and experiences in order to develop our business and inform our marketing strategy
3.2. We only process your Personal Data in accordance with this Notice and applicable data protection law.
3.3 We may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using that data.
3.4 We will only use your Personal Data for the purposes for which we collected it, unless we believe that we need to use your Personal Data for another reason that is compatible with the original purpose. If we intend to process Personal Data for an unrelated purpose, prior to that processing we will explain the legal basis that allows us to do so.
THIRD PARTY DISCLOSURES
4.1. We will not disclose your Personal Data to third parties unless required by law to do so, or as otherwise set out in this Notice.
4.2. It is the policy of ICDL Foundation never to disclose technical information in respect of individual website visitors to any third party other than a web statistics service provider.
4.3. We may share your Personal Data with other companies in the ICDL Group to undertake consolidated group corporate services, reporting services and functions, or to provide us with administration and ancillary services.
4.4. We may also share information with our third party service providers who provide services to us. Categories of service providers include customer support service providers, data analytics providers, IT professional service providers, data hosting providers, and records-storage companies.
INTERNATIONAL TRANSFERS
5.1. ICDL Foundation operates on a global basis. As such, your Personal Data may be transferred and stored in locations outside the European Economic Area (“EEA”) that have different standards of data protection. We will take appropriate steps to ensure that the transfer of Personal Data is in accordance with applicable law and is managed carefully to protect your data protection rights. If we transfer your Personal Data outside the EEA, we will ensure a suitable level of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
5.1.1. we will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
5.1.2. we may use specific contracts approved by the European Commission that give personal data the same protection it has in Europe.
5.2 Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data outside the EEA.
SECURITY MEASURES
6.1. We follow industry practice and guidance to inform us of the ways we can maintain information security. We maintain Personal Data on secured servers and all user accounts are password protected. No security or safeguards can ever be completely effective, but we take commercially reasonable efforts to employ security measures to protect Personal Data. We do not knowingly disclose your Personal Data to third parties except as described in this Notice. Unfortunately, since data transmission over the internet cannot be completely secure, we cannot guarantee or warrant the security of any information transmitted to us.
RETENTION
7.1. We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes it is provided for. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of further communications or interaction.
7.2. To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data, whether we can achieve those purposes through other means, and the applicable legal, regulatory or other retention requirements.
7.3. You have the right to request deletion of your Personal Data. Please see “Your Legal Rights” below for further information.
YOUR LEGAL RIGHTS
8.1. If you are resident in the European Union, you will the following rights as a data subject under European data protection law.
8.1.1 right to access the data
8.1.2. right to rectification;
8.1.3 right to erasure;
8.1.4. right to restriction of processing or to object to processing;
8.1.5 right to data portability; and
8.1.6. right to withdraw your consent.
8.2. While some of these rights apply generally, certain rights apply only in specific circumstances and are subject to certain exemptions under applicable data protection law.
8.3. We will at all times endeavour to promptly respond to any request regarding your personal data but you may also contact our lead supervisory authority, the Irish Data Protection Commission (“DPC”) or exercise any of your other rights pursuant to data protection law. Information about how to do this is available on the DPC’s website at https://www.dataprotection.ie.
HOW TO CONTACT US
9.1. If you have any questions about this Notice or our data protection practices please contact us. You can send an email to dataprotection@icdl.org or write to us at: Data Protection Queries, ICDL Foundation, The Grange, Stillorgan Road, Blackrock, Co. Dublin, Ireland.
9.2 You will not have to pay a fee to access your Personal Data or to exercise any of the other data subject rights. However, if your request is clearly unfounded, repetitive or excessive we may charge a reasonable fee or we could refuse to comply with your request. We try to respond to all legitimate requests within one month. In some cases it could take us longer than one month if you have made a number of requests or if your query is particularly complex. In this case, we will let you know and update you regularly.
UPDATES TO PRIVACY NOTICE
10.1. We reserve the right to amend this Notice from time to time. We encourage you to visit and review this Notice periodically.
Copyright
© 1997 – 2020 ICDL Foundation SRL. All rights reserved.
ICDL Foundation, ICDL Europe, ICDL, ECDL and related logos are registered business names and/or trademarks of ECDL Foundation.