GDPR Compliance Statement

Last Updated: November 21, 2025

At GetYourselfOnline.ie, we take your privacy seriously. This GDPR Compliance Statement outlines the measures we take to protect personal data and comply fully with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and all relevant Irish and EU privacy laws.

Our mission is to provide free digital training while ensuring that all data is handled lawfully, fairly, transparently, and securely.

Collecting and Using Your Personal Data

Our GDPR Responsibilities

As a data controller, we are responsible for:

- Determining why and how personal data is processed

- Protecting users’ rights

- Ensuring the security of data systems

- Maintaining documentation of processing activities

- Being transparent about our data practices

We do not process data for advertising, behavioural profiling, or commercial resale.

Lawful Bases for Processing Personal Data

We rely on four key lawful bases under Article 6 of GDPR:

2.1 Contractual Necessity

To:

- Create and manage user accounts

- Deliver free online courses

- Track progress and issue certificates

- Provide user support

2.2 Legitimate Interests

For:

- Maintaining Site security (Wordfence)

- Improving usability and performance

- Preventing fraud and abuse

- Ensuring stable website operation

2.3 Consent

Used only when optional, such as:

- Newsletters

- Optional analytics cookies

- Non-essential tracking technologies

Consent can be withdrawn at any time.

2.4 Legal Obligations

To comply with:

- Irish and EU data protection law

- Requests from competent authorities (where legally required)

Principles of GDPR We Follow

We adhere strictly to the seven core GDPR principles:

1. Lawfulness, fairness, transparency

2. Purpose limitation

3. Data minimisation

4. Accuracy

5. Storage limitation

6. Integrity and confidentiality (security)

7. Accountability

Categories of Personal Data We Process

We process:

- Account information (name, email, username)

- Course activity (progress, quizzes, certificates)

- User-submitted content (assignments, uploads)

- Technical data (IP address, browser, device)

- Security logs (firewall & login attempts)

- Analytics data (anonymised)

We do **not** collect payment details.

Data Security Measures

We implement multiple layers of protection:

- SSL encryption

- Secure hosting environment

- Firewall protection (Wordfence)

- Regular security scans

- Access controls and user‑role permissions

- Data minimisation practices

- Monitoring for suspicious activity

International Data Transfers

If data is transferred outside the EEA, it is protected by:

- Standard Contractual Clauses (SCCs)

- Verified GDPR‑compliant service agreements

- Provider audits and risk assessments

- Transfer minimisation wherever possible

Retention of Personal Data

We only keep personal data for as long as required:

- Course data: while your account is active

- Security logs: per Wordfence retention periods

- Contact enquiries: until resolved

- Analytics data: anonymised with defined retention

When data is no longer needed, it is securely deleted.

Your Rights Under GDPR

You have the right to:

- Access your personal data

- Rectify incorrect details

- Request deletion (“right to be forgotten”)

- Restrict processing in certain cases

- Object to processing based on legitimate interests

- Withdraw consent at any time

- Request data portability

- Lodge a complaint with the Data Protection Commission (DPC)

We respond to GDPR requests promptly.

Data Protection Governance

We maintain:

- Data‑processing activity logs

- Security and firewall records

- Internal privacy procedures

- Documentation demonstrating GDPR compliance

All staff involved in content and site management receive privacy awareness guidance.

Contact Information

If you have any questions about this Cookie Policy, You can contact us:

By email: digitalinclusion@ancosan.ie