GDPR Policy for CEPA.ie

At CEPA.ie, we are committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR). This GDPR Policy outlines how we collect, process, and protect your personal information in accordance with GDPR requirements.

1. Lawful Basis for Processing:
  - We will only process your personal data when we have a lawful basis to do so, such as when you have provided consent, when processing is necessary for the performance of a contract, or when processing is necessary for our legitimate interests.

2. Transparency and Fairness:
  - We will be transparent about how we collect and process your personal data. We will provide you with clear and concise information about our data processing activities through this GDPR Policy and any additional notices or disclosures provided at the time of data collection.

3. Purpose Limitation:
  - We will only collect and process your personal data for specified, explicit, and legitimate purposes. We will not process your personal data for purposes that are incompatible with the purposes for which it was originally collected.

4. Data Minimization:
  - We will only collect and process personal data that is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

5. Accuracy:
  - We will take reasonable steps to ensure that the personal data we hold about you is accurate, complete, and up-to-date. We encourage you to notify us of any changes to your personal data so that we can update our records accordingly.

6. Storage Limitation:
  - We will only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.

7. Security:
  - We will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage of personal data.

8. Data Subject Rights:
  - You have the right to access, rectify, erase, restrict processing, and portability of your personal data. You also have the right to object to the processing of your personal data in certain circumstances.
  - If you wish to exercise any of these rights, please contact us using the contact information provided below.

9. Data Transfer:
  - If we transfer your personal data to third parties or service providers outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your personal data in accordance with GDPR requirements.

11. Contact Us:
  - If you have any questions or concerns about our GDPR compliance or our data processing practices, please contact us at info@CEPA.ie

By using our website and providing your personal data, you consent to the collection, processing, and transfer of your personal data in accordance with this GDPR Policy.