This is the Data Privacy notice of the CBAssociates website. This document explains how we collect and process your personal data.
When you've read this, you should be able to understand how and why we collect your personal data on this website, how long we keep it and your rights with respect to any personal data that we hold.
If you have any questions, or want to exercise your rights under the GDPR, please refer to the email/physical address supplied at the end of this document.
How and why we collect Personal Data
We collect personal data via various forms and the shopping cart on the website. Should you email us directly, we will be provided with any personal data that you supply.
We have several enquiry forms on our website dealing with general enquiries, product enquires and requests for training in your area. All our enquiry forms will request your name, email address and contact number in order to facilitate communication with you. Our request for training form also asks for your county so that we can determine demand in your area for the courses requested.
In order to login, you must already have an account on our website. Your login details (username and password) are simply checked against what we already have on record.
The personal data we request and store includes your name, company name and physical address. This is so that we can create a legal invoice. We also ask for two means of contact - email address and phone number, so that we can contact you quickly if the need arises (eg if a course is suddenly cancelled). We optionally ask for the name of the candidate who is to undergo training so that our instructors know who to expect on the day and for online courses, who to issue certificates to. When you make a purchase, you are given a choice to 'opt in' to email marketing campaigns which you can opt out of any time. Please note that we do not store your credit card details.
We collect and store the IP address of any visitor whose actions triggers our Firewall software. Typical examples include multiple failed login attempts and the crafting of hacker-style urls designed to elicit server information. Any IP address collected due to suspicious activity is used by us for the sole purpose of preventing illegal access to the website.
Non Personal Data Collection
How long we keep your Personal Data
Your name and email address are kept on our Email Campaign system until you unsubscribe. Once you unsubscribe, this data is deleted. However, we may still hold your personal data from emails, or on other systems - eg Database and Accounting software.
If you are not a client, we routinely delete all email and personal data collected from Contact forms two years after your last communication with us. If you are a client, this data is held indefinitely. Otherwise we delete data collected via enquiry forms after 2 years. Bear in mind, we may hold your personal data in other systems such Database, Email Campaigns and Accounting software.
Purchases on the website
If you have made a purchase on the website, we keep the data you submitted (except for credit card details which we don't store) indefinitely if you are an existing client, or for 6 years following your last transaction for revenue and auditing purposes. Dormant accounts (no activity for 6 years) will be requested to re-activate their account. On failure to do so, the account and all records of transactions will be completely deleted.
We retain the IP address of any visitor whose behaviour triggers our Firewall software for up to 12 months.
Non personal data
Who we share your data with
Your name, address, transaction and credit card details will be shared with our payment gateway but only for the purposes of processing your payment, or in the event of a dispute with the payment processing. To understand more about Stripe's Data Protection policies please refer to https://stripe.com/ie/privacy
Our Email Campaigns are held on secure servers in the European Union by Zoho who act on our behalf and will not share your data unless they are required to do so by law. To understand more about Zoho's Data Protection policies please refer to: https://www.zoho.com/privacy.html
Please note that while we will never share your data unless we have to, we will only do so if we believe in good faith that we are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order other statutory requirement.
Your personal data may also be provided to relevant third parties in the case of our business being sold, merged or made insolvent.
Is your Personal Data secure?
Your personal data resides in the EU and is secured using the most up to date and modern technology. Bear in mind that no system is foolproof. If there's ever a breach, and we hope that never happens - you'll be notified by us in 72 hours.
We will never share your personal data with anyone for the purposes of them marketing to you. And we will only market to you if you have explicitly consented for us to do so.
You must be 17 years or older to purchase courses or products from our website. If you are under 17, you must get your parent's or guardian's permission before submitting personal data via enquiry forms on our website.
Your Rights under the General Data Protection Rules (GDPR)
- You have the right to retrieve a copy of your personal data in machine readable format
- You have the right to transfer your data to another provider
- You have the right to request the removal of your data ("right to be forgotten")
- You have the right to request a restriction from processing your data
- You have the right to withdraw your consent to our use of your personal information at any time
- You have the right to have your request dealt in 30 days of receipt
If you wish to exercise your rights please send details of your request along with 2 photocopies of recent bills (or similar) which show your name, your address and a date no later than 3 months from the date you sent your request to:
Or by post to:
Old Lucan Road
Dublin D20 KR60
In case of a dispute you have the right to contact the Data Protection Authority, please see: https://www.dataprotection.ie