Skip to content

Privacy Policy

Last Updated: 01 December 2025
Effective Date: 28 November 2025

Primary Immunodeficiency Support Ireland (IPIA) cares about your privacy and treats personal data with the strictest confidentiality and always in accordance with applicable legislation, including the General Data Protection Regulation (GDPR) and Irish Data Protection Acts.

The purpose of this privacy policy is to provide you with transparent information about the data we collect, the purpose, the way we use it, with whom we share it and the rights you have regarding the processing of such data.

This privacy policy is applicable to the processing of your personal data (i) when you use our website www.ipia.info (hereinafter the ‘Website’) and (ii) when you otherwise interact with IPIA including but not limited to when you register as a member, submit your story for publication, or contact us for support.

Please note that this Website may sometimes link to web pages of third parties. IPIA is not responsible for the processing of personal information by those third parties and you are advised to consult the privacy policy of such third parties prior to visiting such webpage.

It is important to read this privacy policy carefully. If you have any further questions, please do not hesitate to contact us by post at 31 Carrigmore Place, Saggart, Co. Dublin, D24PD35, Ireland or by email at info@ipia.info.

1. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR PERSONAL DATA?

Primary Immunodeficiency Support Ireland (IPIA), that has its address at 31 Carrigmore Place, Saggart, Co. Dublin, D24PD35, Ireland (hereinafter ‘IPIA’ or ‘we’) is responsible for the processing of personal data as described in this privacy policy.

2. HOW DO WE COLLECT YOUR PERSONAL DATA?

Primary Immunodeficiency Support Ireland (IPIA) is dedicated to improving awareness, access to early diagnosis and optimal treatments for primary immunodeficiency in Ireland. To achieve these objectives, we combine a wide range of activities, including the provision of membership support services, the collection and dissemination of information, awareness campaigns and advocacy. This may require the handling of personal data of individuals involved in these activities and hence IPIA collects personal data in several ways from various sources.

IPIA will collect your personal data in the following ways:

  • Directly from your written input, for example when you submit the registration form on the Website or when you contact us by email;
  • Indirectly through third parties, for example when we receive your personal data from partners or service providers;
  • Automatically when you visit our Website, for example through the use of cookies.

Your personal data are for instance collected:

  • When you register to become an IPIA member;
  • When you subscribe to our newsletters;
  • When you submit your story for potential publication;
  • When you contact us for support or information;
  • When you fill in our contact form or send us an email.

3. WHAT PERSONAL DATA DO WE PROCESS ABOUT YOU, ON WHAT LEGAL GROUND AND WHAT DO WE USE IT FOR?

3.1 Membership Registration and Support Services

3.1.1 Registration Information

IPIA processes the personal data you provide when you register for membership. The personal data we process in this context includes:

  • Your name
  • Your email address
  • Your mobile number
  • Your date of birth
  • Your residential address
  • Your diagnosis information
  • Your physician’s name
  • Your treatment information
  • Parent/caregiver details (where applicable)

IPIA uses this personal data for the following purposes:

  • To provide you with support services and resources
  • To connect you with our community
  • To communicate with you about matters relevant to your membership
  • To send you newsletters and updates about IPIA activities
  • To understand the needs of our community
  • To raise awareness about primary immunodeficiency conditions

IPIA processes the abovementioned personal data on the legal ground of your explicit consent (particularly for health data under GDPR Article 9(2)(a)).

Your personal data will be shared with our email service provider and website hosting provider to enable us to operate our services. All third parties are required to maintain appropriate data protection safeguards.

3.1.2 Special Category Health Data

IPIA collects and processes special category personal data including your diagnosis, physician information, treatment details and parent/caregiver information. This is sensitive health data that requires special protection under the General Data Protection Regulation (GDPR).

We process this special category data based solely on:

  • Your explicit consent (GDPR Article 9(2)(a)). You have the right to withdraw this consent at any time.

We collect and process this information for the following specific purposes:

  • To provide appropriate, tailored support services to members
  • To connect members with similar conditions (with your permission)
  • To internally understand the needs of our community to develop our services
  • To provide relevant information and resources
  • To inform our advocacy work and raise awareness about primary immunodeficiency conditions in Ireland using only anonymised or aggregated data, or individual stories/details where separate, signed consent for publication has been obtained

We implement appropriate security measures to protect your health data, including encryption during transmission and secure password-protected access controls. We will never sell your health data to third parties.

You have the right to withdraw your consent for processing this health data at any time by contacting us at info@ipia.info. Please note that withdrawal may affect our ability to provide certain support services to you.

3.1.3 Membership Communications

We use your email address and other contact information you provide us with in your registration to communicate with you, to send you information directly related to your membership and to send you newsletters and updates about IPIA activities, resources and awareness campaigns which we believe may interest you.

IPIA respects the privacy of personal email addresses. The objective is not to send you unwanted messages. All mailings sent to you offer the possibility to unsubscribe via the link provided in each email. You can also contact us at any time at info@ipia.info to update your communication preferences or unsubscribe.

IPIA processes the abovementioned personal data on the legal ground of your consent and our legitimate interest in keeping members informed about our activities and services. Your email address will be shared with Mailchimp, our newsletter service provider.

3.2 Testimonials and Story Submissions

If you choose to share your story with IPIA for publication on our website, social media, or in other promotional materials, we will collect additional information including your personal experience with primary immunodeficiency, your treatment journey, and any other information you choose to share.

Publication of your story requires separate explicit consent obtained through our story submission process. This consent is separate from your membership registration consent. You may choose to:

  • Use your full name
  • Use your first name only

We will clearly indicate your preference when publishing your story.

You have the right to withdraw consent for publication at any time, and we will remove your story from our website and future materials within 30 days of your request. Please note that stories already published in printed materials or shared on third-party platforms may not be immediately removable.

We process story submissions based on the legal ground of your explicit consent.

Your story will be reviewed by IPIA board members before publication and will be hosted on our website hosting provider. If published on social media, it will also appear on our social media platforms.

3.3 Newsletter Subscriptions

If you subscribe to our newsletters via the Website, we will use your personal data such as your name and email address to keep you informed about our activities, services, resources, and awareness campaigns.

IPIA respects the privacy of personal email addresses. The objective is not to send you unwanted messages. All mailings sent to you offer the possibility to unsubscribe via the link in each email. IPIA processes the abovementioned personal data on the legal ground of your consent.

Your email address will be shared with Mailchimp, our newsletter service provider.

3.4 Information We Collect Automatically via Our Website

When you visit our Website, information is collected in an automated manner about your computer or device, your IP address, the referring website, what pages you visit and the general use you make of the website. This information is collected using various technologies which includes saving cookies to your computer or device.

For more information on our use of cookies and the information we collect with them, please refer to our Cookie Policy.

IPIA processes the abovementioned personal data on the legal ground of your consent or the legitimate interest we have in providing you with a fully functional and optimized Website.

Your personal data will be shared with Hostinger, our website hosting provider, and Google Analytics, our website analytics service.

3.5 Contact Forms and Email Correspondence

When you fill in the contact form on our Website or contact us by email, we collect personal information about you such as your name, your email address and any other information you provide us with to answer your query and provide you with the support or information you request.

Incidentally, we may also process personal information to comply with our legal obligations, court orders or the request of an authority, to establish, exercise or defend legal rights, to protect the rights of third parties or to prevent or investigate fraudulent or criminal activities.

IPIA processes the abovementioned personal data on the legal ground of your consent and our legitimate interest in responding to inquiries and providing support, or where necessary, compliance with legal obligations or our legitimate interests in protecting our organization and the rights of others.

Your personal data will be shared with IPIA board members and volunteers who handle correspondence and support requests.

4. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will retain your personal data for as long as this is necessary to achieve the purposes set out in Section 3, or as long as you remain an active member of our community.

Specifically:

  • Active members: We retain your data as long as you remain engaged with IPIA or until you request deletion
  • Story submissions: If you have given consent for your story to be published, we will retain it until you withdraw your consent
  • Newsletter subscribers: We retain your email address until you unsubscribe

We will remove your personal data from our database as soon as we no longer need them to achieve these purposes or when you validly exercise the right to erase your personal data.

Should you wish to know how long your personal data will be kept for specific processes, please contact us at info@ipia.info.

5. WITH WHOM DO WE SHARE PERSONAL DATA AND HOW DO WE PROTECT YOUR PERSONAL DATA?

We do not sell or trade your personal data to others. We shall not disclose your personal data to third parties, unless it is necessary in the context of providing IPIA services or for the purposes as set out above in Section 3. In this respect, your personal data may be disclosed to:

  • Website hosting providers (Hostinger)
  • Email service providers (Mailchimp)
  • Analytics service providers (Google)
  • Social media platforms (only if you consent to story publication)

If it is necessary that IPIA discloses your personal data to third parties in this context, the third party in question is required to use your personal data in accordance with the provisions of this privacy policy. We have concluded or will conclude data processing agreements with the third parties concerned, which contain the necessary guarantees regarding confidentiality and privacy compliance of your personal data.

Notwithstanding the foregoing, it is however possible that IPIA discloses your personal data to the competent authorities (i) if IPIA is obliged to do so under law or under legal proceedings and (ii) to safeguard and defend our rights or those of third parties.

In certain limited cases, the third parties contemplated in this Section 5 to whom we share your personal information could be located in a country or territory not offering the same personal data protection as Ireland or the European Union. If we make such transfer, we will ensure that we have implemented appropriate organizational, contractual or technical measures to ensure your personal information is adequately protected, for example by concluding the standard contractual clauses of the European Commission with such third party or ensuring they participate in recognized data protection frameworks. If you would like to receive more information about how we protect your personal information in the event of transfers to another country or territory, please contact us at info@ipia.info.

5.1 Security Measures:

The security of your information is important to us and we use reasonable security measures to prevent the loss, misuse or unauthorized alteration of your information under our control. We take particular care with health-related data. These measures include:

  • SSL/HTTPS encryption for data transmitted to and from our website
  • Secure password protection for administrative access
  • Limiting access to personal data to authorized IPIA board members only
  • Using reputable, secure third-party service providers (Hostinger, Mailchimp, Google)

However, given the inherent risks of internet transmission, we cannot guarantee absolute security and consequently, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk.

6. WHAT ARE YOUR RIGHTS?

Under GDPR and Irish data protection law, you have the following rights regarding your personal data:

6.1. Right of Access

You have the right to request information on the data we hold about you from us at any time. This information includes, but is not limited to, the categories of data we process, the purposes for which it is processed, the source of the data if not collected directly from you, and, if applicable, the recipients with whom we have shared your data. You can obtain a copy of your data from us free of charge. If you require additional copies, we reserve the right to charge a reasonable administrative fee for these copies.

6.2. Right to Rectification

You have the right to request that we rectify inaccurate data relating to you. We will take appropriate steps to keep the data we store and process accurate, complete and current, based on the most up-to-date information available. You can update your information at any time by contacting us at info@ipia.info.

6.3. Right to Erasure (Right to be Forgotten)

You have the right to request that we erase your data, as long as the legal requirements for this are satisfied. This may be the case if:

  • The data is no longer required for the purposes for which it was collected or otherwise processed;
  • You withdraw the consent on which data processing is based, and there is no other legal basis for processing;
  • You lodge an objection to the processing of your data and there are no legitimate reasons for processing;
  • The data was processed unlawfully;

Provided that processing is not required:

  • To ensure compliance with a legal obligation that requires us to process your data;
  • Especially with regard to statutory retention periods;
  • To establish, exercise or defend legal claims.

6.4. Right to Restriction of Processing

You have the right to request that we restrict processing of your data if:

  • You dispute the accuracy of the data – in which case processing may be restricted during the time it takes to verify the accuracy of the data;
  • Processing is unlawful, and you reject erasure of your data, requesting that its usage be restricted instead;
  • We no longer need your data, but you need it to establish, exercise or defend your rights;
  • You have lodged an objection to its processing, as long as it is not certain that our legitimate reasons outweigh yours.

6.5. Right to Object

You have the right to object to the processing of your data at any time for reasons that arise from your particular situation, as long as data processing is based on your consent or on our legitimate interests or those of a third party. In this case, we will cease to process your data unless we can show that there are compelling legitimate grounds for processing that outweigh your interests, or if we need your data for the establishment, exercise or defense of legal claims.

You have an absolute right to object to processing of your personal data for direct marketing purposes at any time.

6.6. Right to Data Portability

You have the right to request that we transfer your data – if technically possible – to another responsible party. However, you may only enforce this right if data processing is based on your consent or is necessary for the performance of a contract. Rather than receiving a copy of your data, you may also ask us to submit the data directly to another responsible party specified by you.

6.7. Right to Withdraw Your Consent

If the processing of your personal information is based on the legal ground of your consent, you have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

You can withdraw consent by:

  • Clicking the unsubscribe link in any email we send you (for newsletter consent)
  • Contacting us at info@ipia.info (for any consent)
  • Requesting deletion of your story (for story publication consent)

6.8. How Can You Exercise Your Rights?

If you wish to exercise one of the above rights, you can send a written request:

  • By post to: 31 Carrigmore Place, Saggart, Co. Dublin, D24PD35, Ireland
  • By email to: info@ipia.info

We will respond to your request as soon as possible, at the latest one month after we have received your request. We make every effort to comply with all requests within one month. However, this period may be extended by up to two additional months for reasons relating to the specific right, complexity of your request, or the number of requests we are processing. We will inform you of any such extension within one month of receiving your request.

To protect your privacy and security, we may need to verify your identity before processing your request.

6.9. Right to Lodge a Complaint

Please note that you always have the right to lodge a complaint with the competent supervisory authority in relation to the processing of your personal data.

For Ireland, this is the Data Protection Commission, which can be reached:

You also have the right to seek judicial remedy if you believe your data protection rights have been violated.

7. THIRD PARTY LINKS & USE OF YOUR INFORMATION

The Website may contain links to other websites that are not operated by us, including links to social media platforms, healthcare information resources, and partner organizations. This Privacy Policy does not address the privacy policy and other practices of any third parties, including any third party operating any website or service that may be accessible via a link on the Website. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

8. COOKIES

To learn more about how we use cookies and other tracking technologies and your choices in relation to these technologies, please refer to our Cookie Policy.

9. CHANGES TO THIS PRIVACY POLICY

We reserve the right to revise this privacy policy or any part of it from time to time, particularly to comply with new applicable laws and/or regulations, the recommendations of the Data Protection Commission and the decisions of the courts in this area.

Any changes we make to this privacy policy will be posted on this page. Where appropriate, we will notify you by email of any significant changes. The “Last Updated” date at the top of this policy will be revised accordingly.

Please review this policy periodically for changes. Your continued use of our services after any changes indicates your acceptance of the updated privacy policy.

10. CONTACT US

If you have any questions about this Privacy Policy, our data practices, or wish to exercise any of your rights, please contact us:

Primary Immunodeficiency Support Ireland (IPIA)
31 Carrigmore Place,
Saggart,
Co. Dublin, D24PD35
Ireland

Email: info@ipia.info

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to lodge a complaint with the Irish Data Protection Commission using the contact details provided in Section 6.9.

This Privacy Policy was last updated on 01 December 2025.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from IPIA. We'll send you our newsletter every month with information, articles and videos related to Primary Immunodeficiency.

 

You can unsubscribe at any time.

You have Successfully Subscribed!