Privacy Statement

Cyber Skills Privacy Statement


This Privacy Notice sets out how Cyber Skills (referred to as “we”, “us” or “our” in this privacy notice), collect, store, and use information about you when you use or interact with our site, (our website) and where we otherwise obtain or collect information about you. This Privacy Notice is effective from 1 January 2022.

Identity of the Data Controller and Contact Details

We are committed to the highest degree of respect for the privacy of our members, visitors to our websites and attendees of our events. A data controller dictates how and why the data is going to be used by the organisation. Under GDPR, Cyber Skills is the data controller with regard to the Personal Data described in this Privacy Notice For any queries regarding data protection we can be contacted by sending an email to

Our full details are:

Full name of legal entity: Cyber Skills at Munster Technological University

Email address:

Postal address: Cyber Skills Munster Technological University, Rossa Ave, Bishopstown, Cork, T12 P928

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at



We collect Your Data in the following basic ways:

  • You give it to us when you register as a Cluster Member
  • If a Member or a Visitor registers for an event, signs up for our newsletter or makes a comment on a blog or social media;
  • You give it to us in email enquiries or in your public comments;
  • We automatically collect Technical Information when you visit our Sites; and
  • We obtain legally available information from outside sources, including commercially available geographic and demographic information along with other publicly available information, such as public posts to social networking sites.



On our website, we request certain Personal Data, for purposes such as registering to become a Member, renewing your membership, participating in working groups, submitting enquiries and comments, signing up to our mailing list, or registering for a webinar or our conferences or events. This may include name, title, company/organisation name, postal address, email address, work, home and mobile phone numbers.

We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary.

Technical Data ​that includes data about your use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access our website. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business and to decide our marketing strategy. 

Marketing Data. ​We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing. Where appropriate, you will be asked whether you wish to receive any marketing communications from us. Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests. 

Sensitive Data.​ We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences. We do not carry out automated decision making or any type of automated profiling. We may process your personal data without your knowledge or consent where this is required or permitted by law.



Credit card transactions are made using the Munster Technological University’s payment gateway (​​) and is entered directly into a third-party processor’s systems and is not transmitted through or stored by us. The card processor provides us with an authorisation code which is securely stored with the payment record.



We may use your Personal Data to provide you with important information about your Cyber Skills services

In addition, we will use your Personal Data to:

  • Provide information or a service requested or consented to by you.
  • Assist in the performance of our activities
  • Improve website performance and content, including trouble shooting and diagnostics.
  • Improve our engagement and interaction with you.
  • Confirm your identity.
  • Process a request or payment / donation submitted to us.
  • Comply with legal requests.


Who do you share my personal information with?

We'll never sell your personal information. We may however share it with trusted service providers who could be considered data processors, sub-processors or third parties. We require all third parties to have appropriate technical and operational security measures in place to protect your Personal Data, and to uphold the same standards of data protection we do. We use the following categories of service providers including data processors in the course of our business:

Cloud Web and App Hosting Services

Cloud Data Sources

One or More Contract Developers

Professional Service Providers such as Lawyers, Solicitors and Accountants

Financial Transaction Providers

Telecoms Service and Carrier Providers

Cloud platforms providing marketing and webinar solutions

This list may be updated from time to time and a full list of third party providers is available on request.

We might also share your information if we have to by law, or when we need to protect you or other people from harm.



Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria. Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place: We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or

Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe. 

If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.



We only hold your information for as long as we do the activities we told you about or have a valid reason to keep it. We think about what type of information it is, the amount collected, how sensitive it might be and any legal requirements. We design our services so that we don't hold your information any longer than we have to.



We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.



This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.


Cookies are data files which are sent from a website to a browser to record information about users for various purposes. 

We use cookies on our website, including essential, functional, and analytical cookies.



Under certain circumstances, by law you have the right to:

  • Request information about whether we hold personal information about you, and, if so, what that information is and why we are holding/using it.
  • Request access to your personal information (commonly known as a “Data Subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your personal information or profiling of you.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.


How do you exercise your rights? 

If you have any questions about this policy or about our data protection compliance, please contact us via email at

If you wish to exercise your rights please contact us and we will respond to the request within 30 days.


Your Right to Lodge a Complaint 

You as the Data Subject have the right to complain at any time to a data protection supervisory authority in relation to any issues related to our processing of your Personal Data. As our organisation is located in Ireland and we conduct our data processing here, we are regulated for data protection purposes by the Irish Data Protection Commissioner.

You can contact the Data Protection Commissioner as follows:


Phone: +353 57 8684800 or +353 (0)761 104 800


Address: Data Protection Office – Canal House, Station Road, Portarlington, Co. Laois, R32 AP23. Or 21 Fitzwilliam Square Dublin 2. D02 RD28 Ireland 



We update this policy sometimes. If we make important changes, like how we use your personal information, we'll let you know by email or on our website. If you don't agree to the changes, then you can always stop using our services, request we delete your data and stop giving us any more personal information.



Last updated