1. Data We Collect

We may collect personal data through our main website, membership and event activities, and participation in our forum.

1.1 Information you provide directly

• Name, address, email, and telephone number
• Date of birth (where required for events or safety reasons)
• Emergency contact information
• Membership details and payment information (where applicable)
• Forum registration data (username, email address, optional profile details)
• Forum posts, messages, uploaded photos or attachments
• Any other information you voluntarily provide (e.g. feedback, forms, surveys)

1.2 Information collected automatically

• IP address, browser type, and device information
• Operating system and referring URLs
• Access times, visited pages, and clickstream data
• Cookies and similar technologies (see below)

1.3 Cookies and tracking technologies

We use cookies to enable core site functionality and forum login sessions, remember your preferences (language, theme, viewing settings), and analyse usage to improve the Site and Forum. You can disable cookies in your browser settings, but this may limit functionality.

2. Legal Basis for Processing

We process personal data only when we have a valid legal basis under the General Data Protection Regulation (GDPR), including:

• Consent – when you voluntarily provide data or register an account.
• Performance of a contract – for membership or event participation.
• Legitimate interests – operating the Site, maintaining security, and preventing spam.
• Legal obligations – where required by Irish or EU law.

3. Purposes of Processing

Your data is used to:

• Operate and manage ISKA membership, events, and communications
• Run and moderate the ISKA Forum
• Provide and improve our online services
• Ensure site security and prevent spam or misuse
• Respond to your messages, questions, or feedback
• Comply with legal or safety requirements

4. The ISKA Forum (phpBB Software)

The ISKA Forum is powered by phpBB, an open-source forum platform. When you register or post on the Forum, phpBB stores:

• Your username, email address, and hashed password
• Your IP address at registration and when posting
• Optional profile fields you choose to complete
• Cookies to manage sessions and remember your login state

All passwords are encrypted and cannot be read by forum administrators.

4.1 StopForumSpam Anti-Spam Extension

To protect the Forum from automated spam and malicious registrations, we use the StopForumSpam extension integrated with phpBB.

When a new user registers or attempts to post, the following data is sent to the StopForumSpam EU endpoint at https://europe.stopforumspam.org/api for verification against known spammer databases:

• Username
• Email address
• IP address

This process helps prevent spam accounts and maintain a safe forum environment. No additional personal data is shared. Processing occurs under ISKA’s legitimate interest in protecting the integrity of its online community and preventing abuse.

For more information, see the StopForumSpam Privacy Policy.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share it only in limited situations:

• With service providers (e.g. hosting, email delivery, IT support) under data processing agreements
• With StopForumSpam (as described above) for anti-spam checks
• With event organisers or insurers, where relevant for participation and safety
• With public authorities if legally required
• In anonymised, aggregated form for analytics or reporting

Public forum posts are visible to other members or, if the forum is open, to all visitors.

6. International Data Transfers

Some technical service providers (including StopForumSpam) may operate outside the European Economic Area (EEA). When personal data is transferred internationally, we ensure compliance with GDPR safeguards, such as EU Standard Contractual Clauses or equivalent protection measures.

7. Data Retention

We retain personal data only as long as necessary for the purposes collected, or to comply with legal and safety obligations.

Forum account data is stored while your account remains active. If you request deletion, your account can be anonymised or removed; posts may remain (without identifying information) to preserve discussion context.

8. Your Rights

Under GDPR, you have the following rights:

• Access your data
• Request correction or deletion
• Restrict or object to processing
• Withdraw consent (where applicable)
• Data portability (in specific cases)
• File a complaint with the Data Protection Commission

To exercise your rights, contact us at info@iska.ie.

9. Data Security

We use technical and organisational measures to secure your data:

• HTTPS encryption
• Secure server hosting in the EU
• Regular software updates and security patches
• Encrypted passwords and database backups
• Limited administrative access

However, no online system is completely secure. You are responsible for maintaining the confidentiality of your password and account credentials.

10. Third-Party Links and Embedded Content

Our Site or Forum may contain links to other websites or embedded media (e.g. videos, maps). ISKA is not responsible for the privacy practices or content of those third parties. Please review their privacy policies before providing personal information.

11. Children’s Privacy

The Site and Forum are not intended for users under 16 years of age. If we learn that we have collected data from a minor without parental consent, we will promptly delete it.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our website, with the revision date noted above. Material changes will be communicated through the Site or Forum.

13. Contact Us

For questions or privacy requests, please contact:

Irish Sea Kayaking Association (ISKA)
Email: info@iska.ie
Website: https://www.iska.ie

You may also contact the Irish Data Protection Commission for guidance or complaints.