Data Privacy Policy


This policy explains how the Creative Aging International collects stores and handles your personal data with regard to Creative Brain Week. We are committed to respecting and protecting your privacy. We know that there’s a lot of information here, but we want you to be fully informed about your rights. If you still have questions after reading it, please do get in touch.

What is the Creative Aging International?

Established in 2013, Creative Aging International works creatively with communities, colleges, cities, civic bodies and creatives worldwide developing innovative programmes tailored to place and bringing together best practice for thought leadership on creative aging and how to live better, longer. Our work transforms for the better how we view and approach aging – as individuals, as artists, as companies, as governments and as societies.

For simplicity, when we say ‘we’ and ‘us’, we mean Creative Aging International and all its projects and festivals, including Creative Brain Week.

Why do we collect and process your data?

The law on data protection only allows us to process your data for specific reasons. This is what we do and the legal basis for doing it:

  • In specific situations, we can collect and process your data with your consent, for example when you tick a box or fill out a form to receive email newsletters. When we collect your personal data, we’ll always tell you which data we need for which particular service.
  • In certain circumstances, we need your personal data to comply with our contractual obligations, for example if you buy a ticket for an event, we’ll collect contact details through our ticketing system so we can deliver your ticket and get in touch with you if bad weather, say, means we have to cancel or move the event.
  • Legal obligations ​may mean we have to collect and process your data, for example, if we are contracting you for goods or services or we can pass on details of people involved in criminal activity affecting us to law enforcement.

In certain situations we may need your personal data for our own legitimate interest. We will only do this in a way which you might reasonably expect as part of running Creative Aging International and which does not impact on your rights. For example, we will use the data you have given us to suggest events and experiences we think might suit you. We will also use it to organise any activity you get involved with, for example arranging where and when to meet.

When do we collect your data?

  • When you participate in a project, event or activity;
  • When you get a ticket;
  • When you sign up to get our newsletter or opt-in to other information services we offer
  • When you attend an event or book an appointment with us;
  • When you ask us to send you information about any of our projects, events, activities or facilities;
  • When you contact us with queries, complaints etc., however you get in touch;
  • When you engage with us on social media;
  • When you choose to complete any of our surveys;
  • When you give us feedback on our events or activities;
  • When you’ve given a third party permission to share with us the information they hold about you;
  • We also collect data from publicly-available sources such as community directories and websites.


What sort of personal data do we collect?


When you participate in a project/event or activity 

We will collect your name, contact details and your access requirements, if any. If you are participating as part of a group or organisation, we will also collect its name and your role within it, if relevant. If you are under 18, we will collect the name of your parent or guardian and their permission for you to participate unless your school or group has already done this. We will keep details of what you have participated in.

When you book a ticket for an event. 

When you book a ticket, we will collect your name, email address, phone number and postcode, and, if there is payment involved and you pay by card, your postal address and payment card details. We will also collect details of what tickets you book and any access requirements you may have.

When you sign up to receive information 

We will collect your name and the contact details relevant to the type of communication you have asked for, for example your email address to get e-newsletters or your mobile phone number for SMS messages.

When you complete any of our online surveys

In certain circumstances, our online survey system may log your IP address so that we can see who has not responded and send a reminder. We will delete your IP address once the survey has closed.

When you engage with us on social media 

If you engage with us on social media, we will collect your username to help us respond to your feedback or questions.

When you visit our website 

Our system will log your IP address along with other information provided by your browser. This may include the name and version of the browser you are using, your operating system and any website address that referred you to our website.

Our system will only record personal information if you:

  • Provide information by filling in a form on our site;
  • Subscribe to or register for services that require personal information to be given;
  • Report a problem and give your contact details for us to respond;
  • Complete surveys that we use for research purposes.

When you visit our website pages, a small text file called a ‘cookie’, is downloaded onto your computer. This is called a session cookie. This will only remain on your computer until you close your browser.

In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised website statistics to third party applications like Google Analytics to collect aggregated website statistics that allow us to understand how visitors use our site.

A persistent cookie will be downloaded when you first visit the site. These remain in your browsers cookie store between sessions. This type of cookie will allow us to identify repeat visitors to the site. You may opt to view the site without cookies by adjusting your browser’s settings. If you do disable cookies some functions of the site may no longer work correctly. For more information on cookies see the All About Cookies website.

Our websites also use the Google Tag Manager and Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our sites. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve online advertising. We have no access to the information. You can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely by cookie settings.

We use other third-party tools on our websites for our main advertising partners – Facebook, Google and Twitter – to be able to create custom audiences of people who have expressed an interest in a particular event or service based on their behaviour on our sites. They can enhance that custom audience with a ‘lookalike’ audience where they use their own data to identify other people with similar characteristics or behaviours to the people identified from our site. This is all done without us having any access or control of that data – the third-party is the Data Controller in these situations.

We currently operate cookies on the basis of ‘consent by implication’. This means that once you are informed of our use of cookies, by continuing to use the website that you consent to the processing of data about you in the manner and for the purposes set out in this privacy policy.

The below list details the cookies used in our website.

wordpress_test_cookieThis cookie is used to check if the cookies are enabled on the users' browser.
cookielawinfo-checkbox-othersThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
viewed_cookie_policyThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
cookielawinfo-checkbox-necessaryThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-functionalThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-performanceThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
cookielawinfo-checkbox-analyticsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".


You can manage your cookies preferences by clicking on the “Settings” button and enabling or disabling the cookie categories on the popup according to your preferences.

Should you decide to change your preferences later through your browsing session, you can click on the “Privacy & Cookie Policy” tab on your screen. This will display the consent notice again enabling you to change your preferences or withdraw your consent entirely.

In addition to this, different browsers provide different methods to block and delete cookies used by websites. You can change the settings of your browser to block/delete the cookies. To find out more out more on how to manage and delete cookies, visit

Legal Obligation

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us. We have a data processing agreement in place with such third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

How do we use your data?

We combine the data we have about you to make sure the information we send you is as relevant as possible. The data privacy law allows this as part of our legitimate interest in understanding our participants and partners to provide the highest levels of service.

We also use your data to organise any activity you get involved with, for example arranging where and when to meet.

What if you don’t give us necessary data

If you want to change how we use your data, you’ll find details in the ‘What are your rights?’ section below. If you ask us not to contact you, we might not be able to provide some services you’ve asked for. For example, if you have asked us to tell you about the next seminar or festival, we won’t be able to do that if you have withdrawn consent for us to contact you.

How do we protect your data?

We will ensure that all personal data you give us is held securely, in a way that complies with the requirements of the relevant Irish legislation, namely the Irish Data Protection Act (1988), and the Irish Data Protection (Amendment) Act (2003). Access to your personal data is password-protected, and sensitive data like payment card information is secured and tokenised to ensure it is protected.

How long will we keep your data?

We will only keep your personal data for as long as is necessary for the purpose for which it was collected. For example, we will keep data collected when you attend or participate in a project, event or activity for three years after the end of the project or last contact with you so we can comply with our legal obligations if any questions arise.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and planning.

Who do we share your data with?

We often work with other cultural organisations to deliver activities and events. If you get involved in a project, we will share with the relevant partner organisations the bits of your personal data necessary to run that specific project, for example to allow you special access to a cultural building or save you a seat at an event. They may then ask you if you want to get information about their own activities.

We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, if they make a valid request.

What are your rights?

You have these rights in relation to the personal data we hold on you:

  • The right to be informed about the data we hold on you and what we do with it;
  • The right of access to the data we hold on you;
  • The right for any inaccuracies in the data we hold on you to be corrected;
  • The right to have data deleted in certain circumstances;
  • The right to restrict the processing of the data;
  • The right to transfer the data we hold on you to another party;
  • The right to object to the inclusion of any information;
  • The right to regulate any automated decision-making and profiling of personal data.

Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time. This means that we will stop processing your data.

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request. You can do this by:

  • Responding with STOP in the subject line to any email we send you
  • Texting STOP in response to an SMS communication
  • Contacting us through the contact form on the website with the subject line STOP

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

Getting a copy of the personal data we hold about you

To get a copy of the personal data we hold about you, write to our officer responsible for data protection through the contact form on our website with the subject line: Personal Data – Subject Access Request

This is known as a Subject Access Request and will be processed within 30 days.

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email.

Making a complaint to the regulator

If you think your data rights have been breached, you are able to raise a complaint with the Office of the Data Protection Commissioner.

You can contact the ODPC at:

Data Protection Commissioner

Canal House, Station Road, Portarlington, R32 AP23, Co. Laois

By telephone on +353 57 8684800 or +353 (0)761 104 800 or Lo Call 1890 252 231

By email to