Privacy Policy

1. Introduction

1.1    The Irish Payroll Association Ltd (IPASS) is incorporated in Ireland and is located at 9 Western Parkway Business Centre, Ballymount Drive, Dublin 12. When we say “IPASS”, “we”, “us” or “our”, we mean the controller of your personal data.

1.2    At IPASS we know that your privacy is important to you. This privacy notice (Notice) explains the types of personal data we collect and use, who that information relates to, how and why we use that information, who we share it with, your legal rights, and how you can contact us.

1.3    When we talk about information or personal data in this Notice, we mean any information or data relating to individuals, either directly or indirectly.

1.4    Unless indicated otherwise, this Notice applies to all our website, domains, apps, and to our provision of education, training, membership, consultancy, and related services.

2. What data do we collect?

2.1    IPASS collects both personal data and non-personal data. This can occur, for example, where you contact or request information from us, register as a student or member, register to attend any of our events, seminars, or courses, visit our website, or avail of any other goods and services offered by IPASS.

2.2    Personal Data means any data from which you can be directly or indirectly personally identified. The personal data that we process includes:

  • Basic personal information such as your name, surname, date of birth, employer, date of birth, nationality;
  • Contact information such as your home address, email address, mobile/telephone number;
  • Financial information such as your bank account details, credit / debit card details;
  • Student and membership information such as student numbers, exam scripts and results, educational details, membership numbers.

2.3    In order to process personal data, IPASS must have a legal basis for doing so. The lawful grounds for processing personal data are set out in Article 6 of the GDPR. We process your personal data based on one of the following

  • in the performance of a contract – where the processing of your data is necessary in order to perform our obligations under a contract, for example, to deliver training.
  • in compliance with a legal obligation – where IPASS is obliged to comply with a legal obligation, for example to comply with the Qualifications and Quality Assurance (Education and Training)  Act 2012 which requires us to send learners’ personal date to Quality and Qualifications Ireland (QQI) an to a third party such as an insurance broker for the purpose of complying with our Protection of Enrolled Learners (PEL) obligations.
  • with the consent of the individual – in some cases we will ask you for specific permission to process some of your personal data, and we will only process your personal data in this way where you agree to us doing so.
  • legitimate interests – we will process information about you where it is in our legitimate interest in running our business to do so in order to further that business, so long as it does not outweigh your interests. Legitimate interest includes to offer information and/or services to users of our Site, preventing fraud or criminal activity and to safeguard our IT systems, to customise user’s online experience and improve the performance usability and effectiveness and to conduct, and to analyse, our marketing activities.

2.4    Non-Personal Data primarily relates to data collected when you visit our website. This data is collected on aggregate and non-individual specific basis and is used for statistical and analytical purposes. It does not reveal any information about your identity. It includes information such as:

  • Number of visitors to our website
  • Pages visited
  • Dates and times of those visits
  • Website that referred you to our website
  • Files downloaded

3. How do we collect your data?

3.1    You provide us with most of the data we collect and process in order for you to avail of our goods and services. We collect and process data when you:

  • Use or view our website via your browser’s cookies – see below for more information on cookies
  • Register, or place an order, for any of our products or services
  • Communicate with us by phone, email, website, social media, or other means
  • Register for or subscribe for our services
  • Participate in discussion forums
  • Voluntarily complete a student, member or customer survey

3.2    IPASS may also receive your data indirectly from the following sources:

  • A third party such as your employer, a work colleague, or a family member who provides us with your personal data in order for you to avail of our goods and services. When providing your data, third parties should ensure you are made aware that they are doing so and that it may be
    processed in accordance with the terms of this Notice. Where necessary they should obtain your consent.

3.3    Where you provide us with personal data relating to other people, such as your co-workers, employees, family members, or other related persons, you represent and warrant that you will only do so in accordance with applicable data protection laws. You will ensure that before doing so, the individuals in question are made aware of the fact that we may retain and process the data in accordance with this Notice, and where necessary you will obtain their consent to our use of their information.

4. How will we use your data?

4.1    IPASS collects your data so that we can:

  • provide you with information, products and services that you request from us
  • to perform our obligations arising from any contracts entered into between you or your employer and us;
  • to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about or we think you might like, unless you have opted out of receiving such communications
  • to notify you about any changes to our goods or services
  • Comply with our statutory obligations under the Qualifications and Quality Assurance (Education and Training) Act 2012 as outlined above in Section 2.3

5. Security and storage of your data

5.1 IPASS takes its security responsibilities very seriously, using the most appropriate physical and technical measures and require our business partners to use the same standard of care. We will take all reasonable precautions to prevent the loss, misuse or alteration of your personal data.

5.2 Unfortunately, the electronic transmission of information via the internet, email or otherwise, is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your electronic transmission which is completed at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

5.3 The retention periods for personal data held by IPASS will depend on the type of data we hold. Your personal data shall only be obtained for the purposes set out in this notice and shall not be retained for longer than is necessary for the purpose it was given.

6. Marketing

6.1 Where you have given us your consent to do so, IPASS may also use your data to send marketing communications to you on occasion about upcoming goods or services, promotions, updates which may be of interest to you.

6.2 If you change your mind, you can withdraw your consent at any time to the processing of your personal data for such marketing purposes at by emailing [email protected] or if received by email, by unsubscribing when you receive an email marketing communication from us. The withdrawal of your consent will not impact upon the lawfulness of processing carried out prior to the withdrawal.

6.3 Some of our marketing communications may be sent by email. The servers and offices of these email marketing service providers may be located outside the EEA. If you choose to receive marketing communications from us by email, this means that your personal data may be transferred to, stored, or processed outside the EEA.

7. What are your data protection rights?

7.1    The Right of Access – You have the right to be informed whether or not your personal data is being processed, and if so, request a copy of your personal data. Any such request should be made by contacting us. There is no charge for making an access request, unless the request is deemed to be manifestly unfounded or excessive, in which case we may charge a reasonable fee for the costs of complying with the request.

7.2    The Right to be Informed (transparency) – Any processing of personal data should be lawful, fair, and transparent. It should be clear and transparent to individuals that personal data concerning them is collected or processed, and to what extent the personal data is, or will be, processed.

7.3    The Right to Rectification – You have the right to request that we correct any personal data you believe is inaccurate or out of date. You also have the right to request us to complete any personal data you believe is incomplete.

7.4    The Right to Erasure or to be Forgotten – You have the right to request that we erase your personal data, where any one of the following applies:

  • your personal data is no longer necessary in relation to the purpose for which it was collected or processed.
  • you withdraw your consent to the processing and there is no other lawful basis for processing the data.
  • you object to the processing and there is no overriding legitimate grounds for continuing the processing.
  • you object to the processing of your personal data for direct marketing purposes.
  • your personal data has been unlawfully processed.
  • Where your personal data has to be erased in order to comply with a legal obligation.

7.5    The Right to Object to Processing – You have the right to object to the processing of your personal data in certain circumstances such as in relation to direct marketing or where it is processed based on our legitimate interests.

7.6    The Right of Restriction – You have the right to request that we restrict the processing of your personal data, where:

  • you have objected to the processing of your personal data or you have contested the accuracy of the personal data we hold about you for a period of time to enable us to verify the accuracy of the personal data;
  • the processing of your personal data is unlawful and you request the restriction of use of the personal data instead of its erasure;
  • you require the data for the purpose of a legal claim.

7.7    The Right to not be subject to a decision based solely on automated processing, including profiling.

7.8    The Right to Data Portability – You have the right to request that we transfer your personal data to you, or another organisation of your choosing, in a format that makes it easier to reuse. This right only applies where processing of personal data (supplied by you) is carried out by automated (electronic) means, and where you have either consented to processing, or where processing is conducted on the basis of a contract between you and IPASS.

If you make a subject access request, or wish to exercise any of your rights outlined above, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.  A completed Subject Access Request Form and supporting documentation should accompany any access request.

Postal Address: Irish Payroll Association, Unit 9, Western Parkway Business Centre, Ballymount Drive, Dublin 12.

8. Disclosure of Personal Data

8.1 We may share your personal data with any subsidiary or holding company of IPASS within the meaning of the Companies Act 2014.

8.2 We may share you personal data with selected third parties including business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.

8.3 We will share your personal data with a third party where we have a legal obligation to do so, for example to comply with our obligations under the Qualifications and Quality Assurance (Education and Training) Act 2012.

8.4 We reserve the right to transfer information (including your personal data) to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all of our assets provided that the third party only uses your personal data for the purposes that you provided it to us.

9. International transfers

Personal Data may be transferred to our partners and service providers outside the EEA who maintain their servers outside of the EEA. Any transfer of personal data will be in accordance with Chapter V of the GDPR.

10. What are cookies?

A cookie is a small text file that may be stored on your computer or mobile device that contains data related to a website you visit. It may allow a website “remember” your actions or preferences over a period of time, or it may contain data related to the function or delivery of the site. Cookies can be set by the owner of the website or in some cases by third party services the website owner allows to present other information, run content or provide other functionality such as analytics. To learn more about cookies please visit

How do we use cookies?

We use cookies to track your usage of the website and help us remember and process the items in your shopping cart and compile anonymous data about site traffic and site interaction so that we can offer better site experiences and tools in the future. Our website uses Google Analytics to gather anonymous statistics about visitors to the site and which pages are visited.

11. What types of cookies do we use?

There are a number of different types of cookies, however our website uses:

Functionality: IPASS use these cookies so that we recognise you on our website and remember your previously selected preferences. These could include your geographical location.

Advertising: IPASS uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed, and information about your browser, device and your IP address. IPASS does not share this data with any third party.

12. How to manage your cookies

You can set your browser not to accept cookies, and the above website tells you how to remove cookies form your browser. However, in certain cases, some features of our website may not function as a result.

13. Privacy policies of other websites

This website may contain links to other third party websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy. Where IPASS provides links to third party websites, it does so for your convenience only, and the fact that IPASS provides any such links does not mean that IPASS endorses or authorises such websites. No other website is authorised to link to any part of this Website without the prior written permission of IPASS.

14. Changes to our privacy policy

We keep our data protection policy under regular review and any updates will appear on this page. This privacy policy was last reviewed on 1 July 2022.

15. How to contact us

If you have any questions about our privacy policy, the personal data we hold on hold, or you would like to exercise one of your data protection rights, please contact us.

Telephone:   00353 1 4089 100

Postal Address: Irish Payroll Association, Unit 9, Western Parkway Business Centre, Ballymount Drive, Dublin 12. D12 K259

16. How to contact the Data Protection Commission

If you wish to report a complaint, or if you feel that we have not addressed your concern in a satisfactory manner, you may contact the Data Protection Commission as follows:


Telephone:  00353 1 765 0100    or    1800 437 737

©2024 IPASS| Privacy Policy

Log in with your credentials

Forgot your details?