Website Privacy and Data Protection Policy


DEBRA Ireland (“we”, “us” or “our”), a registered charity, is committed to respecting your privacy and protecting any personal information we process in relation to individuals in line with our obligations under the General Data Protection Regulation (No. 2016/679) (“GDPR”), the Data Protection Act 2018 and any other laws which apply to us in relation to the processing of personal data (collectively referred to as “Data Protection Laws”).

In this Privacy Policy, “controller”, “personal data” and “process” (and its derivatives) have the meanings given to those terms in the Data Protection Laws. References to “we”, “us” or “our” refers to DEBRA Ireland.  The purpose of this privacy policy is to outline how we process personal data, including through use of this site, regardless of how you access or use our site (the “Site”) – whether via personal computers, mobile devices or otherwise. Our aim is to be transparent about what we do and to make it easy for you to control the use of your data based on your preferences.

The Site is not intended for, directed at, intended for or likely to be accessed by children.

DEBRA Ireland is the national charity established to provide patient support services to those families living with EB in Ireland and is the controller of personal data processed in connection with its services.

Please also see our Cookie Policy here ( for further details about the ways in which we collect and use your personal data.

Please note that this privacy policy is a dynamic document

From time to time, we may amend this Privacy Policy. Any changes to this Privacy Policy will be posted on the DEBRA Ireland website so that you are always aware of how any personal data is processed. If at any time we decide to process personal data in a manner significantly different from that stated in this Privacy Policy, or otherwise disclosed to you at the time it was collected, we will notify you by e-mail.

Whose personal data we collect

The list below outlines the types of ‘association’ an individual may have with DEBRA Ireland. This list is not exhaustive.

  • Current donors
  • Eventers
  • Corporates
  • Fundraising supporters
  • Service Users

The personal data we process may include:

Category Types of data processed
Demographic data
  • Title, Name
Contact details
  • Postal address, email address, contact phone numbers (home / work landline phone number, personal / work mobile number)
Financial data (to help the fundraising team to fulfil its function)
  • Donations made to DEBRA Ireland
  • Bank details for regular donors to DEBRA Ireland including account numbers
Employment information
  • Employer
  • Position
Special category data
  • Health information including medical condition information and dietary requirements
Other information
  • Such as attendance at DEBRA Ireland events

What we do with the information collected

We may use your personal data for the following purposes:

Purpose of the Processing Legal Basis for the Processing
Administration purposes Such processing is necessary for the performance of a contract with you, for our legitimate interests such as responding to queries and providing information which you request and where necessary for complying with our legal obligations.
Donations and tax relief purposes The processing is necessary to support our legitimate interests in managing the business of DEBRA Ireland as a charity, provided such interests are not overridden by your interests and rights.
DEBRA Ireland communications which may be sent via, telephone or electronically, which can include, but is not limited to, the following:

  • Information on fundraising events and activities
  • Information on our campaigns and advocacy work
  • Other relevant communications depending on your relationship with the Fundraising Team
The processing relies on your consent or is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights. 
DEBRA Ireland will contact you by post from time to time The processing is based on our legitimate interests in managing the business of DEBRA Ireland as a charity provided such interests are not overridden by your interests and rights. 
Service provision as well as event management purposes Explicit consent will typically be relied upon for the processing of special category data such as health data.
For fulfilling a contract that you have entered such as Contractual necessity.
Enforcing and defending our rights We have a legitimate interest in ensuring that our services and the Site are used in accordance with our terms and conditions of use and policies.

Where necessary for the purpose of complying with our legal obligations.

Where necessary for the purpose of establishing, exercising or defending a legal claim, a prospective legal claim, legal proceedings or prospective legal proceedings.

Site services, including for troubleshooting, data analysis, and survey purposes We have a legitimate interest in operating and maintaining the Site and for related purposes including improving our services.

Contact preferences

DEBRA Ireland use donor and supporter personal data for a number of purposes directly related to our fundraising to deliver our care, cure and advocacy services for families living with EB.  We are committed to only contacting you based on the contact preferences we hold for you, which you can amend at any time.

If you would like to opt out of any use of your data  at any time, you can do so by emailing [email protected]


Profiling and Data Analysis

We may use automated or manual analyses, profiling and screening techniques to analyse your personal information and create a profile about you, your interests and preferences from publicly available information. This helps us to ensure communications are relevant and we make appropriate requests for donations and other forms of support.

The types of information collected about you from the public domain could include:

(a) Your age;
(b) Your qualifications;
(c) A wealth band which will be an estimate of your wealth based on publicly available information;
(d) Your trusteeships and the type of charity which you are a trustee of i.e. grant making);
(e) Your company directorships;
(f) Your donation history;

We have a legitimate interest in seeking to maximise fundraising income to support our strategic goals.

Fundraising Campaigns

We conduct fundraising appeals throughout the year using various forms of communication, including mail, email, and social media.  If you provided us with your postal address, we may contact you by mail in relation to fundraising unless you opt-out.

We will only share fundraising and marketing communications with you by phone or email with your specific consent.  This consent may be given by way of a tick box on our website or an online or physical form, or by conversation with one of our team over the phone or in person.  You can opt-out of phone or email contact at any time either by following the instructions in the communication, or by emailing [email protected]

If you have given us your consent to use your email, we may also use it to match you against statistical profiles in Facebook or other services, so that you will be more likely to see information about DEBRA Ireland campaigns your social media timeline, and so that people who share your characteristics on those platforms will be more likely to see our campaigns as well.   DEBRA does not access or use any of your other personal data through Facebook.  To have your email address excluded from this processing, please email [email protected]

Who we share your information with

We would love to conduct all our fundraising and communications services ourselves.  However, as a charity we continuously strive to improve efficiencies and cost effectiveness, and so to ensure the right and best technology and expertise, at times DEBRA Ireland engage the services of third parties.  Your personal data may be disclosed to third parties if required for the purposes outlined in the table above. These may include (but are not limited to):

  • mailing service providers and email marketing platforms;
  • ground handlers managing certain DEBRA associated events (e.g. the Kerry Challenge)
  • data cleansing and data import service providers;
  • third parties who we engage to provide services to us, such as outsourced service providers, IT service providers, professional advisers and auditors;
  • payment service providers;
  • other public authorities and bodies where required or permitted by law, such as An Garda Síochána or other law enforcement authorities for the purposes of prevention, investigation or detection of crime; and
  • we may share data as required to comply with any applicable law or regulation, a summons, search warrant, court or regulatory order, or other statutory requirement.

If we appoint a processor to process your personal data, we will ensure that this arrangement is subject to a formal agreement with the selected service provider.

How your data is used online

The Internet is not a secure environment we cannot guarantee that the security of any information you transmit to us via the Internet to be 100% secure. While we take reasonable measures to keep your information secure, we cannot guarantee your online data security. However, once we receive your personal data we take all reasonable technical and organisational measures to protect personal data from loss, misuse, alteration, or destruction, and to prevent any unauthorised or unlawful disclosure or processing.

Details of transfers outside the European Economic Area (EEA) and safeguards

Some of our service providers are outside the EEA (e.g. email management service providers). Therefore, sometimes we transfer your data outside the EEA. We will ensure suitable safeguards are in place to affect such transfers such as transferring personal data to a country that has been deemed by the European Commission to offer an adequate level of data protection, or entering into the standard contractual clauses as approved under EU law from time to time.

Contact us

DEBRA Ireland’s full details are:

DEBRA Ireland, 8 Clanwilliam Terrace, Grand Canal Quay, Dublin 2, D02 R240

CHY: 8703

Email[email protected]

Phone: 01 412 6924

DEBRA Ireland’s Data Protection Officer may be contacted at the address above or by email at [email protected].

Social Media Sites

The Fundraising Team manage the below listed social media pages.  We are not responsible for the privacy practices of any external websites, device manufacturers or platforms which may be accessed or used in connection with a person’s use of the Site, our social media pages or apps. They are subject to their own privacy statements which may materially differ from those of DEBRA Ireland so users should review them for further information. Our social media sites (as listed below) may contain links to the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these third-party websites.


Our Facebook page ( is used to share news articles and both old and recent photographs. Our Facebook page is open to the public therefore comments made on our posts will be visible to the public. You are responsible for the privacy setting on your personal Facebook profile at all times. We moderate all comments made on our Facebook posts and may remove/hide a comment if we feel it is inappropriate.


Our Twitter page ( is used to share news articles and both old and recent photographs. If tweets directed to @debraireland are deemed inappropriate and do not follow twitter’s rules ( we may report such instances.


Our Instagram page ( is used to share news articles and both old and recent photographs. Our page is open to the public therefore comments made on our posts will be visible to the public. We moderate all comments made on our Instagram posts and may remove/hide a comment if we feel it is inappropriate.