Privacy Notice

Who we are

The Irish Association of Snowsport Instructors Limited CLG (the “Association”, “IASI”, “we”, “us” or “our”) is a Company Limited by Guarantee (CLG) registered in Ireland, registration number 337593, and is committed to protecting and respecting your privacy and adhering to all relevant Data Protection Legislation.

In this Notice, “Data Protection Legislation” means all applicable legislation which relates to the protection of individuals with regards processing personal data, including the General Data Protection Regulation (EU) 2016/679 and the Irish Data Protection Acts 1988 to 2018.

We are the data controller of any personal data that you provide to us (unless we indicate that we are collecting it on behalf of someone else, for example a regulatory body).

This notice (and any other documents referred to in it) sets out the basis on which any personal data we collect from you, or that you provide to us (or to a third party on our behalf for example to an Educator or a course service provider), will be processed by us by you visiting our website, iasisnowsports.ie (“Website”) or by you otherwise providing personal data to us or by us collecting personal data from you, to become a member of IASI, undertaking any training course organised by IASI or accredited by IASI or otherwise being involved with IASI.

Please read the following carefully to understand our use of your personal data.

Why we collect your personal data – our lawful basis

When you contact us we need to collect your personal data in order to answer any queries you have or to contact you.

When you visit our Website we may need to collect certain personal data to answer any query or comment you submit, to renew your membership, to processing training courses and exam results.

In order to become a member of IASI we need to collect personal data from you (for example your name, address, start date as a member and we also record the date you cease to be a member) and to administer your membership we need to process your personal data (for example your previous experience and other accreditations or examinations undertaken) and confirm that you have paid your membership fee.

In order to undertake any of our training course and to provide you with any accreditation we need to collect personal data from you and process that personal data.

You must join IASI as an associate member before you book your first IASI snowsports course or to have your existing qualifications from another association recognised by IASI. You must apply to become a full IASI member before applying for an IASI licence. We will only use your personal data when we have a lawful basis to do so as outlined in this notice.

Most commonly our lawful basis includes, we will use your personal data in the following circumstances:

• Where we have to process your personal data in order to fulfil the contractual obligations we have with our members or to take steps to enter into a contract with you (for example for a training course or to administer your membership);
• Where necessary for our legitimate interests (or those of a third party) in cases where your interests and fundamental rights do not override those interests (for example to notify you of upcoming training and assessment courses or events like Interski and for direct marketing purposes);
• Where we need to comply with a legal or regulatory obligation (for example legal obligations under company law or to regulators or our insurers) or where the processing is required or permitted by law; and
• Where you provide your consent (for example in relation to sending third party or IASI direct marketing communications to you via email, SMS or text message). You have the right to withdraw consent to marketing at any time by contacting us. We also require your consent for the medical information you provide to IASI.

We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

Personal Data we may collect from you

We will collect and process the following personal data about you:

• Personal Data you give us, we collect or we receive from others

You may give us personal data about yourself by signing up for a training or assessment course and joining or renewing as a member of IASI, by filling in forms on our Website or in any other forum, or by corresponding with us by phone, e-mail, SMS, text, letter or otherwise. This includes personal data you provide when you register to use our Website, use our Member Area (on the Website), subscribe to our services e.g to receive a membership newsletter, search for a service on our Website (including any courses listed on our Website) or carry out a transaction with us, post or contribute to our Website, participate in, or interact with official IASI social media functions on our Website or elsewhere, enter a competition, promotion or survey or when you report a problem with our Website.

The personal data you give us (or we may otherwise acquire) may include:

• your name;
• address;
• date of birth;
• qualifications;
• e-mail address;
• phone number;
• financial and credit card information;
• member number;
• photograph(s);
• Examination results;
• Video recordings;
• Course history;
• Course report(s);
• Log sheets (shadowing hours, teaching hours and tours);
• Correspondence (email and hard copy);
• Application forms;
• First Aid certificates;
• Safeguarding / Child Protection certificates;
• External CPD certificates;
• Records of telephone or video conferencing calls;
• Videos of candidates that are used for training purposes;
• Payment notifications;
• Direct debit mandates;
• IASI invoices;
• Written projects;
• Alerts;
• Investigations;
• Complaints / Grievances processes and records;
• Disciplinary processes and records.

The special category of personal data you give us (or we may otherwise acquire) may include:

• medical information.

With regard to each of your visits to our Website we may automatically collect the following information:

• • technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time); products or services you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

• Personal Data we receive from other sources

We are also working closely with third parties (including for example, partner organisations, our Educators, service providers and sub-contractors, payment and delivery services) and may receive personal data about you from them.

Examples:

• Attendance sheets at training or assessment courses
• Course results
• Course reports
• Photograph(s)
• Video recordings
• Accident/incident records

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations.

For special category personal data our lawful basis is your express consent when you provide us with medical information e.g. on an accident/incident report.

Uses made of the personal data

We use personal date held about you in the following ways:

• to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
• to manage your membership of IASI;
• to provide you with information about IASI, other goods and services you have asked to receive through your communication preferences;
• to respond to any of your comments and queries;
• to ensure that the content from our Website is presented to you in the most effective manner for you and for your device;
• to allow you to participate in interactive features of our Website if you choose to do so;
• to keep and maintain the IASI organisational records and databases;
• to notify you about changes to any of our services;
• to supply to partner organisations, governing bodies, Educators and sub-contractors as outlined under ‘Disclosure of your personal data’ below.
• to administer our Website, our membership data and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• as part of our efforts to keep our Website safe and secure.

Personal Data we receive from other sources

We may combine this personal data with personal data you give to us and personal data we collect about you.  We may use this personal data and the combined personal data for the purposes set out above.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Membership communications

As a member of IASI we will communicate with you in that capacity, in accordance with the law and the constitution of IASI.

Marketing communications

For marketing purposes, you may notify us of which communications you would like to receive and how you would like to receive them.

In accordance with your communication preferences (where applicable) we will communicate with you by telephone, letter, texts, emails or other reasonable means with updates and information about goods and services which were the subject of a sale to you or an enquiry from you. For example, if you participated in a training course or purchased an IASI branded product, and did not opt out of our marketing list, we may communicate with you about other similar goods and services.

Disclosure of your personal data

We may share your personal data with selected third parties including but not limited to:

• Service providers to IASI, such as technology providers (including Drop Box and Google, Mailchimp);
• Volunteers who assist IASI in providing support services for the purposes of maintaining your IASI record or liaising with governing bodies, e.g. setting up and maintaining an ISIA profile for a Level 3 or Level 4 member;
• Educators, licence course providers (LCPs), suppliers and sub-contractors for the fulfilment of any contract we enter into with them or you;
• Stripe Technology Europe Ltd, (STEL) (or any successor organisation or any other payment service provider) so that they can process a payment transaction on our behalf. This means that your credit/debit card details are provided directly to Stripe Technology Europe Ltd, (STEL) and are never stored by us;
• Analytics and search engine providers that assist us in the improvement and optimisation of our Website;
• As we deem necessary to assist us in managing IASI;
• As required by law

In addition we may disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our constitution,

Members Charter and Terms and Conditions , or in order to enforce or protect any of our rights, property or safety (or those of our members). This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store your personal data

The personal data that we collect from you may be transferred to, and stored at, a destination inside the European Economic Area (“EEA“).

Transfers of data outside the European Economic Area

It may also be processed by service providers, as well as LCPs and Educators operating inside and outside the EEA who work for one of our suppliers.

For activities (for example a course) run by a Europe based LCP outside of the EEA, for example, in Japan, New Zealand or China, personal data for attendees will be shared with local providers or educators (i.e. outside the EEA).

In the event that we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it. This may involve implementing one or more of the following safeguards:

• Transferring your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: International Dimension of Data Protection;
• Using specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Standard Contractual Clauses (SCC) for the data transfers between EU and non-EU Countries; and/or
• Transferring data to providers based in the US that are part of the Privacy Framework which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Framework.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

Data processors will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

All personal data which you provide to us is stored on secure servers and any payment transaction with us (via our third party payment provider) will be encrypted.

Where you have been given (or you have chosen) a password which enables you to access parts of our Website, then you are responsible for keeping that password confidential. We would ask that you not share or disclose a password with any third party.

How long we store your data

We will retain your personal data in identifiable form for as long as is necessary for the purposes of providing services to you and as required by law and in accordance with our statutory requirements.

Unless you request otherwise or we are legally required to maintain personal data (for example your membership records – names, address, start date as a member and cessation date):

We will store the following personal data for 20 years after your membership ends in our database in order to identify members wishing to rejoin and reactivate their IASI qualification/licence after a prolonged lapsed

period. We will contact you prior to deleting this data to ensure you have no need for us to retain this personal data:

• Date of Birth
• Email address
• Qualification(s)
• Course history
• Course report(s)
• Log sheets (shadowing hours, teaching hours and tours)
• Projects

We will store the following personal data for 10 years

• Notes
• Membership payments/subscription history;
• Videos of candidates on the course taken by the Educator for individual feedback

We will store the following personal data for 6 years:

• Payment notiications;
• invoices;
• any complaints from or about our members.

Automated decision-making and profiling

You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you. You will not be subjected to profiling.

Your rights Under the General Data Protection Regulations, you have the right in certain circumstances to:

• Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you. We may request proof of your identity to verify your request.
• Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).  If we have no lawful basis to retain your personal data your personal data will be deleted.
• Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
• Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal data to another party. This is subject to limitations as this right only applies to information processed based on consent or under a contract and the processing is carried out by automated means. You have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine-readable format.
• Withdraw your consent to the processing of your personal data at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.

You also have the right to complain to the Data Protection Commissioner, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland in relation to our use of your personal data.

Changes to our privacy notice

We reserve the right to change this Privacy Notice from time to time in our sole discretion. Any changes we may make to this privacy notice will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this privacy notice. By continuing to use our services after we post any such changes, you will be subject to this Privacy Notice as modified.

This notice is effective from 25 May 2018.

Contact

Our data protection representative is our Secretary.

You can contact us at this address by post or by email. The Secretary, Irish Association of Snowsports Instructors CLG, 9 Exchange Place, International Financial Services Centre, Dublin 1, D01 X8H2, Ireland. Alternatively, you can email us at secretary@iasisnowsports.ie.

Review of Policy

This Privacy Notice for Members will be reviewed every two years, or sooner if required.

This Privacy Notice was last updated and approved by the Board on the 22 May 2025.