Brain Wise
Brain Wise

Privacy Policy

    

  

PRIVACY POLICY

Republic of Ireland — GDPR Compliant

Effective Date: 11 April 2026

1. Introduction

This Privacy Policy explains how Brain Health Literacy, CLG acting as Brain-Wise (“we”, “us”, or “our”) collects, uses, and protects information in connection with your use of our website located at www.brain-wise.org (the “Website”). This Website is operated as an information-only resource. We do not offer goods or services for sale, we do not require user accounts or registration, and we do not actively solicit personal data from visitors. Any data processing that does occur is limited to what is inherently generated by standard web-server and analytics operations, as described below.

We are committed to complying with the General Data Protection Regulation (EU) 2016/679 (201cGDPR201d), as retained and applied in Ireland, the Data Protection Acts 1988–2018, and any related guidance issued by the Data Protection Commission of Ireland (201cDPC201d).


2. Who We Are (Data Controller)

For the purposes of applicable data protection law, the data controller is:

Organisation: Brain Health Literacy, CLG

Registered Address: 20 Upper Mount St. Dublin 2, Co. Dublin, D02WV56

Company Registration No.: 795105

Email: Director@brainhealthliteracy.ie

Phone: +353 870928406

If you have any questions about this Privacy Policy or about how we handle your data, please contact us using the details above.


3. What Data We Collect and Why

3.1 Automatically Collected Technical Data

When you visit our Website, our web server and analytics tools may automatically collect the following categories of technical data:

· Internet Protocol (IP) address (typically anonymised before storage)

· Browser type and version

· Operating system

· Referring URL (the page you visited before arriving at our Website)

· Pages viewed and time spent on each page

· Date and time of your visit

· Approximate geographic region (derived from anonymised IP — country or region level only)

This data is collected in aggregate and is not used to identify individual visitors. It is used solely for the following purposes:

· Monitoring website performance and availability

· Understanding how visitors navigate and use the Website

· Diagnosing technical errors or security incidents

· Improving the content and usability of the Website


3.2 Cookies and Similar Technologies

Our Website may use a small number of cookies or similar technologies. A cookie is a small text file placed on your device. We use only the following categories of cookies:

Strictly necessary cookies: Strictly necessary cookies:

These are essential for the Website to function correctly (e.g., maintaining session state, load balancing). These cookies do not track you across other websites and do not require your consent under Irish ePrivacy law.

Analytics cookies (where used): Analytics cookies (where used):

If we use a third-party analytics tool (such as Google Analytics with IP anonymisation enabled, or a privacy-focused alternative such as Matomo or Plausible), analytics cookies may be set. These are used only to generate anonymised, aggregate statistics about Website usage. Where analytics cookies are employed, we will seek your prior consent via a cookie notice on your first visit.

We do not use advertising, tracking, or profiling cookies. We do not sell or share cookie data with third parties for commercial purposes.

You can control or disable cookies through your browser settings at any time. Please note that disabling strictly necessary cookies may affect the functioning of the Website. Guidance on managing cookies is available from your browser provider and from www.allaboutcookies.org.


4. Legal Basis for Processing

Under Article 6 of the GDPR, we rely on the following lawful bases for processing:

Legitimate interests (Article 6(1)(f)): Legitimate interests (Article 6(1)(f)):

Processing of technical/server-log data is necessary for our legitimate interests in operating a secure and well-functioning website. This processing does not override your rights and freedoms, given that no individual profiling takes place and data is anonymised wherever technically possible.

Consent (Article 6(1)(a)): Consent (Article 6(1)(a)):

Where non-essential cookies (e.g., analytics) are placed on your device, we will first obtain your freely given, informed, specific, and unambiguous consent via our cookie notice. You may withdraw consent at any time by adjusting your browser settings or cookie preferences.


5. How Long We Keep Your Data

We retain automatically collected technical data for the minimum period necessary for the purposes described above:

· Raw server logs (where retained): no longer than 30 days, after which they are deleted or anonymised.

· Aggregated, anonymised analytics data: retained for up to 26 months to allow year-on-year comparison of website performance.

· No identifiable personal data is retained beyond these periods.


6. Who We Share Your Data With

We do not sell, rent, or trade personal data. We may share anonymised or aggregated technical data with:

Hosting and infrastructure providers: Our web hosting service processes server logs on our behalf as a data processor under an appropriate Data Processing Agreement.

Analytics providers (if applicable): Where a third-party analytics tool is used, it acts as a data processor operating under our instruction, with IP anonymisation enabled and data retention restrictions applied. Where such a provider is located outside the European Economic Area (EEA), we ensure appropriate safeguards are in place (e.g., EU Standard Contractual Clauses).

Competent authorities: We may disclose data where required to do so by law, court order, or at the request of a regulatory authority such as the Data Protection Commission.

All third-party processors are required to handle data in accordance with GDPR and to provide sufficient guarantees as to their technical and organisational security measures.


7. International Data Transfers

We endeavour to ensure that personal data is processed within the EEA. Where any transfer of data to a third country is necessary (for example, due to our use of a cloud-hosted analytics platform), we will ensure that such transfers are governed by appropriate safeguards as required by Chapter V of the GDPR, including:

An adequacy decision issued by the European Commission; or

Standard Contractual Clauses (SCCs) as approved by the European Commission; or

Another appropriate transfer mechanism recognised under applicable data protection law.


8. Your Rights as a Data Subject

Under the GDPR and the Data Protection Acts 1988–2018, you have the following rights in relation to any personal data we hold about you:

· Right of access (Article 15): You may request a copy of any personal data we hold about you.

· Right to rectification (Article 16): You may ask us to correct inaccurate or incomplete data.

· Right to erasure / 'right to be forgotten' (Article 17): You may ask us to delete your personal data where there is no compelling reason for its continued processing.

· Right to restriction of processing (Article 18): You may ask us to restrict the processing of your data in certain circumstances.

· Right to data portability (Article 20): Where processing is based on your consent or a contract, you may request that we provide your data in a structured, machine-readable format.

· Right to object (Article 21): You may object to processing based on legitimate interests; we will cease processing unless we can demonstrate compelling legitimate grounds.

· Right to withdraw consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

· Right not to be subject to automated decision-making (Article 22): We do not carry out any automated decision-making or profiling that produces legal or similarly significant effects.

To exercise any of the above rights, please contact us at Director@brainhealthliteracy.ie. We will respond within one calendar month of receiving a valid request. We may ask you to verify your identity before processing your request.

If you are not satisfied with our response, or believe we are processing your data unlawfully, you have the right to lodge a complaint with the Data Protection Commission of Ireland:

Data Protection Commission: 

Website: www.dataprotection.ie

Phone: +353 57 868 4800

Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland


9. Security of Your Data

We implement appropriate technical and organisational measures to protect any data processed in connection with the Website against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures include:

HTTPS encryption for all Website traffic (TLS 1.2 or higher)

Access controls restricting server-log access to authorised personnel only

Regular review and testing of security configurations

Data minimisation — we collect only what is strictly necessary

No method of electronic transmission or storage is 100% secure. However, we take reasonable precautions to protect the information we hold.


10. Children's Privacy

This Website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe that a child has provided us with personal data, please contact us and we will take steps to delete such data promptly.


11. Links to Third-Party Websites

Our Website may contain links to external websites or resources operated by third parties. We are not responsible for the privacy practices of those websites and encourage you to review their respective privacy policies. The inclusion of a link does not constitute an endorsement by us.


12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our operational practices. When we do so, we will revise the effective date at the top of this document. We encourage you to review this page periodically. Continued use of the Website following any update constitutes your acknowledgement of the revised Policy.


13. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

Data Controller: Brain Health Literacy, CLG

Email: Director@brainhealthliteracy.ie

Post: 20 Upper Mount St. Dublin 2, Co. Dublin D02WV56

We aim to respond to all enquiries within 10 working days.

This document was prepared in accordance with the GDPR (EU) 2016/679 and the Data Protection Acts 1988–2018. Effective: 11 April 2026.

Copyright © 2026 Brain-Wise, Brain Health Literacy, CLG.  All Rights Reserved.


  • Privacy Policy

Powered by

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept