Privacy Policy & Terms of Use
Your data protection rights and our commitment to GDPR compliance across all our training services.
Introduction to Our Privacy Policy
Auxo Training Ltd ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data when you interact with our website, enrol in our training courses, or communicate with us. We operate in full compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Data Protection Act 2018, and all applicable Irish data protection laws.
We are registered as a data controller with the Data Protection Commission (DPC) in Ireland. This policy applies to all personal data processed by Auxo Training Ltd in the course of providing health and safety training services, including Irish Heart Foundation certified courses, first aid training, and workplace safety programmes across the Republic of Ireland.
By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy. We encourage you to read this document carefully to understand our practices regarding your personal data and how we will treat it.
Data Controller Information
Data Controller: Auxo Training Ltd
Address: 39 G D House, Whitestown Drive, Tallaght Business Park, Dublin, Ireland
Company Registration: Registered in Ireland
Contact Email: info@auxotraining.ie
Contact Phone: 087 755 2080
If you have any questions about this Privacy Policy or our data protection practices, please contact us using the details above. You also have the right to lodge a complaint with the Data Protection Commission (DPC), the Irish supervisory authority for data protection issues, at www.dataprotection.ie.
What Personal Data We Collect
We collect and process the following categories of personal data:
👤 Identity & Contact Data
- Full name (first name and surname)
- Email address
- Telephone number (mobile and/or landline)
- Postal address (home or workplace)
- Date of birth (for certification purposes)
- PPS Number (where required by certification bodies such as the Irish Heart Foundation)
📚 Training & Professional Data
- Course enrolment details and training history
- Certification records and expiry dates
- Assessment results and practical skills evaluations
- Employer or organisation details (if applicable)
- Job title or professional role
- Previous first aid or medical training qualifications
♿ Special Category Data
- Physical or learning disabilities (to ensure equality of opportunity)
- Medical conditions relevant to training participation
- Dietary requirements (for catered training sessions)
- Emergency contact information
We process special category data only with your explicit consent or where necessary for reasons of substantial public interest under the Data Protection Act 2018.
💻 Technical & Usage Data
- IP address and browser type
- Device information and operating system
- Website usage patterns and page interactions
- Cookies and similar tracking technologies
- Referral source (how you found our website)
How We Use Your Personal Data
We use your personal data for the following lawful purposes:
| Purpose | Legal Basis | Details |
|---|---|---|
| Training Delivery | Performance of Contract | To provide the health and safety training courses you have booked, including classroom instruction and practical assessments. |
| Certification | Legal Obligation & Legitimate Interest | To issue Irish Heart Foundation certificates and maintain records as required by certification schemes (retained for 2+ years). |
| Communication | Legitimate Interest | To send course confirmations, reminders, updates, and respond to your enquiries. |
| Marketing | Consent | To send promotional materials about new courses, special offers, or safety updates (only with your explicit opt-in). |
| Legal Compliance | Legal Obligation | To comply with health and safety regulations, tax laws, and other statutory requirements. |
| Website Improvement | Legitimate Interest | To analyse website usage and improve our online services and user experience. |
Data Retention Periods
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements:
- Training Records & Certificates: Retained for 6 months from the date of assessment/course completion, as required by the Irish Heart Foundation Quality Management System and other certification bodies.
- Financial Records: Retained for 6 years in accordance with Irish Revenue Commissioners requirements.
- Marketing Data: Retained until you withdraw consent or opt out, after which it is deleted within 30 days.
- Website Analytics: Retained for 26 months, after which data is anonymised or deleted.
- Enquiry Records: Retained for 1 year after last contact, then archived and deleted after 1 year total.
After the retention period expires, personal data is securely deleted, destroyed, or anonymised using industry-standard methods. Hard copy records are shredded, and electronic data is permanently erased from our systems.
Your Data Protection Rights
Under GDPR, you have the following rights regarding your personal data:
📋 Access & Portability
- Right to Access: Request a copy of the personal data we hold about you.
- Right to Data Portability: Receive your data in a structured, commonly used, machine-readable format.
- Right to Rectification: Request correction of inaccurate or incomplete data.
🗑️ Erasure & Restriction
- Right to Erasure ('Right to be Forgotten'): Request deletion of your data where there is no compelling reason for continued processing.
- Right to Restrict Processing: Request limitation on how we use your data.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
Exercising Your Rights
To exercise any of these rights, please contact us at info@auxotraining.ie or write to us at our registered address. We will respond to all legitimate requests within one month (or three months for complex requests). We may need to verify your identity before processing your request.
Please note that these rights are not absolute. We may need to retain certain information for legal compliance (such as certification records required by the Irish Heart Foundation) or for the establishment, exercise, or defence of legal claims.
Data Sharing & Third Parties
We do not sell your personal data to third parties. We may share your data with the following categories of recipients:
| Certification Bodies | Irish Heart Foundation (IHF) and other awarding bodies to process certifications and maintain training records as required by their Quality Management Systems. |
| Service Providers | IT service providers, email marketing platforms (e.g., Mailchimp), and cloud storage providers who process data on our behalf under strict data processing agreements. |
| Professional Advisers | Accountants, auditors, lawyers, and insurers where necessary for legal compliance or professional services. |
| Regulatory Authorities | Data Protection Commission, Health and Safety Authority, or other statutory bodies when legally required. |
| Employers | Where your employer has funded your training, we may share attendance and certification details with them. |
All third-party processors are bound by contractual obligations to keep your data secure and use it only for specified purposes. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses.
Cookies & Tracking Technologies
Our website uses cookies and similar technologies to distinguish you from other users, provide essential functionality, and help us improve our site. Cookies are small text files stored on your device that allow us to recognise your browser.
✅ Essential Cookies
- Session management and security
- Shopping cart functionality (if applicable)
- Load balancing and website performance
- User authentication (where applicable)
These cookies are strictly necessary and cannot be disabled.
📊 Analytics Cookies
- Google Analytics (usage statistics)
- Website performance monitoring
- Error tracking and debugging
- User journey analysis
These require your consent and can be disabled.
When you first visit our website, you will see a cookie banner allowing you to manage your preferences. You can change your cookie settings at any time by clicking the "Cookie Settings" link in the footer. For more information about cookies, visit www.aboutcookies.org.
Data Security Measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:
- Encryption: SSL/TLS encryption for all data transmitted via our website; encryption at rest for sensitive databases.
- Access Controls: Role-based access limiting data access to authorised personnel only; multi-factor authentication for systems containing personal data.
- Physical Security: Secure storage for paper records; locked filing cabinets and restricted access to training facilities.
- Regular Audits: Periodic security assessments and data protection impact assessments (DPIAs) where required.
- Staff Training: Regular data protection training for all employees handling personal data.
- Incident Response: Procedures in place to detect, report, and investigate personal data breaches within 72 hours as required by GDPR.
Terms of Use
By accessing and using this website, you accept and agree to be bound by the following terms and conditions:
Website Use
The content of this website is for general information and use only. It is subject to change without notice. We reserve the right to modify, suspend, or discontinue any part of the website at any time without liability.
Intellectual Property
All content on this website, including text, graphics, logos, images, and course materials, is the property of Auxo Training Ltd or its licensors and is protected by Irish and international copyright laws. Unauthorised use, reproduction, or distribution is strictly prohibited. You may not systematically extract or re-utilise parts of the contents of the website without our express written consent.
Course Bookings & Cancellations
All course bookings are subject to availability and confirmation. Payment terms will be specified at the time of booking. Cancellations made more than 7 days before the course date will receive a full refund. Cancellations within 7 days may be subject to a cancellation fee. We reserve the right to cancel or reschedule courses due to unforeseen circumstances; in such cases, alternative dates or full refunds will be offered.
Certification
Certification is awarded only upon successful completion of all course requirements, including practical assessments. Irish Heart Foundation certifications are valid for 2 years from the date of issue. We reserve the right to withhold certification if course fees remain unpaid or if fraudulent activity is suspected.
Limitation of Liability
Auxo Training Ltd shall not be liable for any direct, indirect, incidental, consequential, or punitive damages arising out of your access to, or use of, this website or our training services, except where such liability cannot be excluded by Irish law. This does not affect your statutory rights as a consumer.
Third-Party Links
This website may contain links to third-party websites (such as the Irish Heart Foundation). These links are provided for your convenience only. We have no control over the content of these sites and accept no responsibility for them or for any loss or damage that may arise from your use of them.
Governing Law
These terms and conditions are governed by and construed in accordance with the laws of Ireland. Any disputes arising under these terms shall be subject to the exclusive jurisdiction of the Irish courts.
Policy Updates
We may update this Privacy Policy and Terms of Use from time to time to reflect changes in our practices, legal requirements, or operational needs. Any changes will be posted on this page with an updated revision date. We encourage you to review this page periodically to stay informed about how we are protecting your information.
Last Updated: March 2025
Version: 1.0
Effective Date: March 2025