Privacy Policy

1. Who We Are

Assistance Dogs Ireland
Website: assistancedogsireland.com
Contact: info@assistancedogsireland.com

Assistance Dogs Ireland is operated by NS Design ID Cards, serving customers in the Republic of Ireland. Your privacy rights are governed by the EU General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018, under which we act as the data controller. Where we engage third-party services to process data on our behalf, those parties act as data processors under our instruction and under written data processing agreements.

2. What Personal Data We Collect and Why

2a. Registration Data

When you register an assistance dog with Assistance Dogs Ireland, we collect:

• Your information: full name, email address, telephone number, home address
• Animal information: animal name, species, breed, date of birth, assistance dog category
• Photographs: handler photo and animal photo,used on your NFC ID card and verification profile
• Health & wellbeing information (Special Category Data),completely optional: you may choose to include a brief note (e.g. anxiety disorder, PTSD, depression) to help others understand your need for an assistance dog. This is entirely voluntary,your registration is fully valid without it. If provided, it is stored securely and never shown publicly without your consent
• Emergency contact information: name and telephone number of a nominated contact
• Subscription & payment data: plan type and billing cycle. Card details are never stored by us,they are processed directly by Stripe (PCI-DSS Level 1 compliant) under their own privacy policy

Why we are allowed to process this: we need this data to provide the service you signed up for. Under the GDPR, the lawful basis is performance of a contract (Article 6(1)(b)); for health/wellbeing information, the lawful basis is explicit consent (Article 9(2)(a)) given at point of registration.

2b. Your Public Verification Profile

When your QR code or NFC card is scanned, a limited verification profile is displayed publicly. This shows only:

• Animal name, species and assistance dog category
• Handler's first name only
• Handler and animal photographs
• Registration status (Active / Expired / Suspended)
• Emergency contact QR (behind a confirmation barrier,for genuine emergency use only)

Emergency contact details, wellbeing information, home address and full handler name are not publicly visible. All assistance dog profile pages carry a noindex, nofollow directive and an X-Robots-Tag HTTP header,your profile cannot be indexed by Google, Bing or any major search engine.

Why we are allowed to process this: enabling third parties to verify assistance dog status is the core purpose of the service and is reasonably expected by registrants. Only the minimum data necessary is displayed. Under the GDPR, the lawful basis is legitimate interests (Article 6(1)(f)).

2c. Website Usage Data

We collect standard server logs (IP address, browser type, pages visited, timestamps) for security monitoring and to diagnose technical issues. Retained for 30 days and not linked to your registration data.

Why we are allowed to process this: security and fraud prevention. Under the GDPR, the lawful basis is legitimate interests (Article 6(1)(f)).

2d. Marketing Communications

If you opt in, we may send you service updates, renewal reminders, and information about new features. We use Mailchimp as our email processor. You can unsubscribe at any time via any email or by contacting us.

Why we are allowed to process this: your consent, which you may withdraw at any time. Under the GDPR, the lawful basis is consent (Article 6(1)(a)).

3. Sensitive Personal Information

Any health or wellbeing information you provide is special category data under the GDPR (Article 9). We apply the highest level of protection:

• Never displayed publicly on your verification profile
• Accessible only behind an explicit confirmation step for emergency use
• Stored encrypted at rest in our database
• Retained only for the duration of your active registration, plus a maximum of 12 months after expiry
• Deleted immediately upon request,see Section 7 (Your Rights)

4. How Long We Keep Your Data

5. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We share data only with the following service providers, all bound by data processing agreements:

• Stripe,payment processing (PCI-DSS Level 1). Data shared: billing name, email, transaction amount
• IONOS / 1&1,web hosting and server infrastructure (EU data centres)
• Mailchimp (Intuit),email marketing. Data: name, email, subscription status. Data may be stored outside the EEA under Standard Contractual Clauses
• Cloudflare,DNS, CDN and DDoS protection. Data: IP addresses in transit only; no registration data shared

We may disclose personal data to law enforcement or regulatory authorities if legally required.

6. International Data Transfers

Your data is primarily stored and processed within the European Economic Area (EEA). Our hosting provider (IONOS) uses EU data centres. Some processors, such as Mailchimp, may store data outside the EEA. Where data is transferred outside the EEA, we ensure an appropriate transfer mechanism is in place, specifically Standard Contractual Clauses (SCCs) approved under the GDPR.

7. Your Privacy Rights

To exercise any right, email us at info@assistancedogsireland.com with proof of identity. We will respond within one month.

7a. Your Rights Under the GDPR

As a data subject in Ireland, you have the following rights under the GDPR and the Data Protection Act 2018:

• Right of access,request a copy of all personal data we hold about you (Subject Access Request)
• Right to rectification,request correction of inaccurate or incomplete data
• Right to erasure ("right to be forgotten"),request deletion of your data. Note: we may retain certain data where required by law (e.g. financial records for 6 years)
• Right to restriction,request that we limit processing while a dispute is resolved
• Right to data portability,receive your data in a structured, machine-readable format
• Right to object,object to processing based on legitimate interests or for direct marketing
• Right to withdraw consent,where processing is consent-based (marketing, health data), you may withdraw at any time
• Rights related to automated decision-making,we do not use automated decision-making or profiling that produces legal or significant effects

8. Cookies

We use cookies to operate the website. See our full Cookie Policy for details. Strictly necessary cookies (session, CSRF security token) cannot be disabled as they are essential to the service. With your consent, we may also use functional and analytics cookies.

9. Security

We implement appropriate technical and organizational measures to protect your data:

• TLS encryption in transit (HTTPS) across the entire site
• Encryption at rest for special category (health/wellbeing) data
• Access controls limiting data access to those with a legitimate operational need
• All assistance dog profile pages carry noindex, nofollow directives,search engines cannot index your profile
• Regular security reviews and dependency updates

In the event of a personal data breach likely to result in risk to you, we will notify affected individuals and the Data Protection Commission within 72 hours as required by the GDPR (Articles 33-34).

10. Children's Data

Our registration service is intended for individuals aged 18 and over. We do not knowingly collect personal data from children under 13. If a registration is submitted for a handler under 18, a parent or guardian must provide consent. Contact us immediately if you believe we have inadvertently collected data relating to a child.

11. Changes to This Policy

We may update this policy from time to time. Material changes will be notified to registered users by email at least 14 days before taking effect. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact Us