ICTC Ireland — GDPR Privacy Policy
Effective date: 22/08/2025
Who we are: ICTC Ireland (“ICTC”, “we”, “our”). Website: https://ictcireland.com
Contact: privacy@ictcireland.com, +353 061 574200, ICTC Ireland University Business Complex, National Technology Park, Co. Limerick Ireland.
Data Protection Lead (DPL):
Supervisory Authority: Data Protection Commission (Ireland), www.dataprotection.ie.
This notice explains how we collect, use, share, and protect personal data in line with the EU/UK GDPR and Irish law. It is general information, not legal advice.
1) Scope
Applies to website visitors, enquiry/applicant students, enrolled learners, alumni, and business contacts interacting with ICTC via our website, forms, payments, email, events, and learning platforms.
2) The data we collect
Website & enquiries (via Online Forms or Emails): name, email, phone, message, course of interest, page ID, consent preferences.
Applications & learning (Moodle): contact details, date of birth (if provided), prior education, submitted work, attendance, grades/assessments, learning analytics (e.g., activity logs).
Payments (PayPal Commerce): payer name, email, billing details, transaction IDs and amounts (card data is processed by PayPal; we do not store full card numbers).
Operational data: communications, support tickets, survey results, incident logs.
Technical data: cookies/identifiers, device, browser, IP (see Cookie Policy).
3) Purposes & lawful bases
| Purpose | Examples | Lawful basis |
|---|---|---|
| Enquiries & admissions | Responding to requests, pre-contract information | Legitimate interests / pre-contract |
| Course delivery | Creating accounts, teaching, assessment, certification | Contract |
| Payments & finance | Processing fees, tax records | Contract / legal obligation |
| Student support & safety | Reasonable accommodations, wellbeing | Legitimate interests / vital interests (where applicable) |
| Communications & marketing | Updates about courses (opt-in) | Consent (you can withdraw anytime) |
| Service improvement & security | Troubleshooting, analytics, fraud prevention | Legitimate interests |
4) Sharing your data (processors/partners)
We use trusted providers under data-processing agreements:
Moodle (learning platform)
WPForms (enquiry/application forms)
PayPal Commerce (payments)
Email & hosting (e.g., web host, email/SMS provider)
Cookie consent/analytics tools (if enabled)
We do not sell personal data.
5) International transfers
Some providers may process data outside the EEA/UK. Where they do, we rely on adequacy decisions or Standard Contractual Clauses (SCCs) plus supplementary safeguards.
6) Retention
| Data set | Typical retention |
|---|---|
| Enquiries (no enrolment) | 12–24 months |
| Application records (unsuccessful) | 24 months |
| Student records & assessments | For the duration of studies plus 6 years (or as required by awarding bodies) |
| Payment/finance records | 6–7 years (statutory) |
| Marketing preferences | Until you opt out or request deletion |
| Technical logs (security) | 6–12 months |
7) Your rights
You can request access, rectification, erasure, restriction, portability, and objection, and withdraw consent at any time. You can also lodge a complaint with the Data Protection Commission (Ireland). We will respond within GDPR timelines.
8) Security
We apply appropriate technical and organisational measures: access controls, encryption in transit, least-privilege access, regular updates, and vendor due diligence.
9) Children
Ireland’s digital age of consent is 16. Where consent is required for those under 16, we seek guardian consent. Some programmes may have additional age requirements.
10) Automated decision-making
We do not conduct automated decisions that produce legal or similarly significant effects.
11) Updates
We may update this notice to reflect services or legal changes. We’ll post the latest version on our website.