PRIVACY POLICY

1. Who We Are

At the Irish Centre for Diversity, we are committed to maintaining the trust and confidence of all visitors to our company and website. We support organisations across Ireland in achieving meaningful progress in Diversity and Inclusion (D&I), and we take the privacy and protection of personal data very seriously.

We do not share personal data with other companies or businesses for marketing or sales purposes. All information we collect is used solely to deliver our services, support D&I initiatives, and meet regulatory and contractual obligations.

2. Cookie Policy

Cookies are small data files stored on your device when you visit our website. We use cookies to improve your browsing experience, monitor website performance, and gather anonymous analytics.

You can manage your cookie preferences at any time using the Cookie Declaration on our website: https://irishcentrefordiversity.ie/cookie-policy.

3. Acess To Your Personal Information

Clients and survey participants have the right to request access to personal data we hold about them, and to request updates, corrections, or deletions. To make a request, please email: [email protected].

4. Changes to This Privacy Policy

We review this privacy policy every six months. Any updates to our processes or services that affect how we collect or use data will be reflected here. Please check back regularly to stay informed.

5. Privacy Statement

We are committed to protecting personal data in line with the Data Protection Act 2018 (DPA 2018) and the General Data Protection Regulations (GDPR).

We only collect personal data necessary for agreed purposes, and we ask clients and participants to share personal data only when required. Personal data is collected directly from clients or from third parties acting on their instructions.

The types of personal data we may collect include your name and job title.
Your contact details such as email address and phone number.
Demographic information such as age, gender or ethnicity.
Other relevant information needed for surveys, reports, or D&I initiatives.

Our legal basis for processing data may be to take steps before entering into a contract, to perform a contract, or based on your explicit consent. We do not use or disclose personal information for purposes other than those agreed without your consent.

6. Survey Data: Purpose, Storage, and Use

We collect personal data through surveys to help organisations understand workforce demographics, particularly across the nine grounds of discrimination. This allows for more informed, targeted, and meaningful D&I actions.

All survey responses are confidential and anonymised. No identifiable information such as names, email addresses, or IP addresses is linked to responses. Participants access surveys through a shared link and code, ensuring responses cannot be traced back to individuals.

Reports are provided in aggregate only, and each survey question includes a “Prefer not to say” option. By analysing trends rather than individual responses, we provide evidence-based recommendations to support fairer and more inclusive policies.

Our surveys are hosted on SurveyMonkey, which securely stores data in European data centres with full encryption. SurveyMonkey adheres to globally recognised security standards for governance, risk management, and compliance. Survey data is securely deleted 120 days after the survey closes.

The data collected is used exclusively to analyse workforce trends and produce Investors in Diversity Silver reports. All responses are anonymised and reported in aggregate.

7. Data Retention

Raw survey data is kept for 120 days for analysis purposes.
For Investors in Diversity Bronze, data is retained for three months after the report has been issued. Aggregated data is kept for one year for reassessment comparisons.
For Investors in Diversity Silver and Gold, aggregated data is kept for two years for reassessment comparisons.

8. Keeping Your Information Secure

We take the security of personal data seriously. Access is restricted to authorised staff only, and our systems use strong passwords, encryption, access logs, and secure deletion procedures.

We regularly review our security measures and provide staff training. We do not keep physical records, and we do not store data on mobile devices.

Please note that while we take all reasonable precautions, the transmission of data over the internet cannot be guaranteed to be completely secure, and any information you send to us is at your own risk.

9. Your Rights

Under GDPR, you have rights over your personal data.

You have the right to request a copy of your data.
You have the right to request corrections or updates.
You may withdraw consent for data processing where applicable.
You may request deletion of your data, restrict or object to processing, and in some cases exercise the right to data portability.

You also have the right to raise a complaint with the Data Protection Commissioner. For more information, visit https://dataprotection.ie.

10. Complaints

If you have concerns about our use of your data, please contact us with details of your complaint. We may ask you for further information to investigate properly.

11. Contacting Us

If you have any questions about this privacy statement or about how your personal data is processed, please contact:

Caroline Cummins
Irish Centre for Diversity
No 9 Wallace House, Maritana Gate, Waterford
T: 051 348340
W: www.irishcentrefordiversity.com
E: [email protected]

Last updated: 8th September 2025