Start Here

Πολιτική Απορρήτου – GDPR

Ηλεκτρονική Μάθηση

Last updated: 27 Μαρτίου, 2026

Houses4Autism Project Partners’ General Data Protection Regulation (GDPR) Policy Erasmus+ Project Number: 2023-1-IE01-KA220-ADU-000152794

1. Introduction

The partners in the Hiouses4Autism Project are committed to protecting the personal data of individuals in compliance with the General Data Protection Regulation (EU) 2016/679 (GDPR) and the Data Protection Acts 1988 to 2018 in Ireland. This policy outlines how we collect, process, store, and protect personal data to ensure transparency and accountability in our operations.

2. Purpose of the Policy

This policy aims to:

  • Ensure compliance with GDPR and Irish data protection laws.
  • Protect the rights and freedoms of data subjects.
  • Provide clear guidelines for the processing and protection of personal data.

3. Scope

This policy applies to all employees, contractors, partners, and third parties processing personal data on behalf of the partners in the Houses4Autism Project.

4. Key Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Subject: An individual whose personal data is processed.
  • Processing: Any operation performed on personal data (e.g., collection, storage, use, disclosure).
  • Controller: The entity determining the purposes and means of processing personal data.
  • Processor: The entity processing personal data on behalf of the controller.
  • Sensitive Data: Personal data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic or biometric data, or data concerning health or sexual orientation.

5. Principles of Data Protection

We adhere to the following principles:

  • Lawfulness, Fairness, and Transparency: Personal data is processed lawfully, fairly, and transparently.
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes.
  • Data Minimization: Data collection is limited to what is necessary.
  • Accuracy: Personal data is accurate and kept up to date.
  • Storage Limitation: Data is stored only as long as necessary.
  • Integrity and Confidentiality: Data is processed securely to prevent unauthorized access or breaches.

6. Legal Basis for Processing

Personal data is processed only when one or more of the following apply:

  • Consent is explicitly given by the data subject.
  • Processing is necessary for the performance of a contract.
  • Compliance with a legal obligation.
  • Protection of vital interests of the data subject.
  • Performance of a task carried out in the public interest or exercise of official authority.
  • Legitimate interests pursued by the controller or a third party.

7. Data Subject Rights

Data subjects have the following rights under GDPR:

  • Access: Right to request access to their personal data.
  • Rectification: Right to correct inaccurate or incomplete data.
  • Erasure: Right to request data deletion (“right to be forgotten”).
  • Restriction: Right to restrict processing under certain conditions.
  • Data Portability: Right to receive data in a structured, machine-readable format.
  • Objection: Right to object to processing based on legitimate interests or direct marketing.
  • Automated Decision-Making: Right not to be subject to automated decisions affecting them.

Data subjects can exercise their rights by contacting us at [Insert Contact Information].

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, in line with legal and contractual requirements. Specific retention periods are outlined in our [Data Retention Policy].

9. Data Security

We implement appropriate technical and organizational measures to protect personal data, including:

  • Encryption and pseudonymization.
  • Secure storage and access control.
  • Regular security audits and vulnerability assessments.
  • Incident response protocols.

10. Data Sharing and Third Parties

Personal data is shared only:

  • With data subjects’ explicit consent.
  • As required by law or regulatory obligations.
  • With trusted third parties (processors) under binding agreements ensuring GDPR compliance.

We ensure data transfers outside the EU comply with GDPR requirements, such as Standard Contractual Clauses or adequacy decisions.

11. Data Protection Officer (DPO)

Our appointed Data Protection Officer is responsible for ensuring compliance with GDPR. The DPO can be contacted at:
adam@insideeu.eu
Phone: +44 7308 138320

12. Breach Management

In the event of a data breach:
The DPO will investigate and document the breach.
Affected data subjects and the Data Protection Commission (DPC) will be notified within 72 hours if required.

13. Training and Awareness

All staff undergo regular GDPR training to ensure compliance and awareness of their responsibilities under data protection laws.

14. Updates to This Policy

This policy is reviewed annually or as necessary to reflect changes in legislation or organizational practices. Updates will be communicated to all stakeholders.

15. Contact Information

For queries or concerns about this policy or your data rights, please contact:

The Coordinator of the Houses4Autism Project is:
The Institute for Studies in Social Inclusion, Diversity and Engagement (INSIDE EU)
Address: 77 Camden Street Lower, Dublin, D02 XE80 Ireland
Email: adam@insideeu.eu

Approved by:
Raymond Patrick Sweeney – Company Secretary
Date of Approval: 01/01/2024
Version: 1.0

Signed:

Raymond Patrick Sweeney signature
Raymond Patrick Sweeney
Company Secretary INSIDE EU

How to contact us

Houses4Autism
Website: houses4autism.eu
Email: christian@insideeu.eu