This document explains how we collect and process your personal data. When you've read this, you should be able to understand how and why we collect your personal data on this website, how long we keep it and your rights with respect to any personal data that we hold.

If you have any questions, or want to exercise your rights under the GDPR, please refer to the email/physical address supplied at the end of this document.

How and why we collect Personal Data

We collect personal data via various forms and the shopping cart on the website. Should you email us directly, we will be provided with any personal data that you supply.

Enquiry Forms

We have several enquiry forms on our website dealing with general enquiries, product enquires and requests for training in your area. All our enquiry forms will request your name, email address and contact number in order to facilitate communication with you. Our request for training form also asks for your county so that we can determine demand in your area for the courses requested.

Login form

In order to login, you must already have an account on our website. Your login details (username and password) are simply checked against what we already have on record.

Shopping Cart

The personal data we request and store includes your name, company name and physical address. This is so that we can create a legal invoice. We also ask for two means of contact - email address and phone number, so that we can contact you quickly if the need arises (eg if a course is suddenly cancelled). We optionally ask for the name of the candidate who is to undergo training so that our instructors know who to expect on the day and for online courses, who to issue certificates to. When you make a purchase, you are given a choice to 'opt in' to email marketing campaigns which you can opt out of any time. Please note that we do not store your credit card details.

Fraud Detection

We collect and store the IP address of any visitor whose actions triggers our Firewall software. Typical examples include multiple failed login attempts and the crafting of hacker-style urls designed to elicit server information. Any IP address collected due to suspicious activity is used by us for the sole purpose of preventing illegal access to the website.

Non Personal Data Collection

We use Cookies for various tasks on the website. Some of these are essential to allow for registering an account, site security and purchasing courses, but all other non-essential cookies (functional, statistical and marketing) can be turned on/off as you wish. Please refer to our Cookie Policy for more details.

How long we keep your Personal Data

Email Campaigns

Your name and email address are kept on our Email Campaign system until you unsubscribe. Once you unsubscribe, this data is deleted. However, we may still hold your personal data from emails, or on other systems - eg Database and Accounting software.

Enquiry Forms

If you are not a client, we routinely delete all email and personal data collected from Contact forms two years after your last communication with us. If you are a client, this data is held indefinitely. Otherwise we delete data collected via enquiry forms after 2 years. Bear in mind, we may hold your personal data in other systems such Database, Email Campaigns and Accounting software.

Purchases on the website

If you have made a purchase on the website, we keep the data you submitted (except for credit card details which we don't store) indefinitely if you are an existing client, or for 6 years following your last transaction for revenue and auditing purposes. Dormant accounts (no activity for 6 years) will be requested to re-activate their account. On failure to do so, the account and all records of transactions will be completely deleted.

Fraud Detection

We retain the IP address of any visitor whose behaviour triggers our Firewall software for up to 12 months.

Non personal data

The anonymised data collected for our use via Google Analytics is kept for 36 months. For more details please see our Cookie Policy.

Who we share your data with

Your name, address, transaction and credit card details will be shared with our payment gateway but only for the purposes of processing your payment, or in the event of a dispute with the payment processing. To understand more about Stripe's Data Protection policies please refer to

Our Email Campaigns are held on secure servers in the European Union by Zoho who act on our behalf and will not share your data unless they are required to do so by law. To understand more about Zoho's Data Protection policies please refer to:

Please note that while we will never share your data unless we have to, we will only do so if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order other statutory requirement.

Your personal data may also be provided to relevant third parties in the case of our business being sold, merged or made insolvent.

Is your Personal Data secure?

Your personal data resides in the EU and is secured using the most up to date and modern technology. Bear in mind that no system is foolproof. If there's ever a breach, and we hope that never happens - you'll be notified by us in 72 hours.


We will never share your personal data with anyone for the purposes of them marketing to you. And we will only market to you if you have explicitly consented for us to do so.


You must be 17 years or older to purchase courses or products from our website. If you are under 17, you must get your parent's or guardian's permission before submitting personal data via enquiry forms on our website.

Your Rights under the General Data Protection Rules (GDPR)

  • You have the right to retrieve a copy of your personal data in machine readable format
  • You have the right to transfer your data to another provider
  • You have the right to request the removal of your data ("right to be forgotten")
  • You have the right to request a restriction from processing your data
  • You have the right to withdraw your consent to our use of your personal information at any time
  • You have the right to have your request dealt in 30 days of receipt

If you wish to exercise your rights please send details of your request along with 2 photocopies of recent bills (or similar) which show your name, your address and a date no later than 3 months from the date you sent your request to:

Or by post to:

Office Manager
CB & Associates
Kingfurze House
Old Lucan Road
Dublin D20 KR60

In case of a dispute you have the right to contact the Data Protection Authority, please see: