Terms of Service
This policy explains our data processing practices in line with GDPR compliance and your rights regarding the ways in which your personal data is used.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. The information you provide to us is stored on secure servers. We use Stripe, PayPal and Realex to process payments which are Payment Card Industry Data Security Standard (PCI DSS) compliant. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Irish Association of Cardiac Rehabilitation (IACR) located in the Irish Heart Foundation registered Head Office at 17-19 Lower Rathmines Road, Dublin, D06 C780 is committed to compliance with the new GDPR that came into effect on May 25th 2018 in order to protect the rights of the Data Subject.

This document explains our data processing practices in line with GDPR compliance and your rights regarding the ways in which your personal data is used.


    Under REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) you have the right to:

  • Information about the processing of your personal data.
  • Obtain access to the personal data held about you.
  • Ask for incorrect, inaccurate or incomplete personal data to be corrected.
  • Request that personal data be erased when it’s no longer needed or if processing it is unlawful.
  • Object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation.
  • Request the restriction of the processing of your personal data in specific cases.
  • Receive your personal data in a machine-readable format and send it to another controller (‘data portability’).
  • Request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.
  • You can exercise these rights at any time by contacting us via email at dpo@iacronline.ie or in writing at: The Data Protection Officer, IACR, 17-19 Lower Rathmines Road, Dublin, D06 C780. There is no fee for this service and in line with GDPR we will respond to you within one calendar month of receipt of the request. You will be required to provide legal proof of your identify and address (for e.g. passport or drivers license and utility bill). You have the right to object to the processing of your data and the IACR will respect that right but may need to continue to process your data where processing is necessary for the performance of a contract or for compliance with a legal obligation to which IACR as data controller is subject.

Application of Policy:

Information you give us

IACR collects details provided by you for the purposes of providing IACR membership and Cardiac Rehabilitation Co-Ordinators with relevant professional information, providing you with details of relevant professional events, providing details of IACR conferences and sharing information from members and other professionals.

Information we collect

We collect the following information:

  • Name
  • Profession
  • Email Address
  • Organisation
  • Work Address
  • Mobile Number
  • Photographs at IACR events
  • Dietary requirements for IACR events

Cookies are currently used on our site, but they are only "First Party" cookies, meaning they do not store any users data. They are purely used to make the users experience better.

Use of your information

We will use your contact details to communicate with you. We may use your information to send you news and latest updates about IACR products, events and services. We may contact you to share information from other sources that are relevant to cardiac rehabilitation professionals such as requests for information from other professionals; information on events provided by other organisations and information from other external organisations. We may contact you by post, email, telephone and SMS for these purposes.

How long will we keep your data?

The length of time we keep your data varies.

  • If you are Cardiac Rehabilitation Co-Ordinator we will keep your data as long as you are in post
  • If you are a member we will keep you data as long as your membership is current
  • If you are a lapsed member we will keep you data for two years after your membership expires

At the end of the retention period, we will delete the data we have collected.

Access Requests

You have the right to obtain access to the personal data held about you. You may make this request by post or electronically and we will respond by the same channel by which you have made the request. To make a Subject Access Request for your data please complete the request Form and we will respond to you within one calendar month. If this is your first request no fee is required. You will be asked to provide proof of your identify so that we can ensure we are providing data to the natural person making the request.

Access Request

When making your application please ensure the following is included

  • Full name and address
  • Appropriate Identification documents
  • Signed application
  • Additional agent’s authorisation if someone is acting on behalf of the applicant
  • Application provides enough information to identify the data that is being requested
If you have any requests concerning your personal information or any queries with regard to our processing please contact us at gdpr@iacronline.ie.