Privacy Policy

Irish American Educational Exchange Ltd, trading as CIEE Dublin (“CIEE”, “we”, “us” or “our”) is responsible for and committed to protecting your personal information as the controller of it under GDPR. This Privacy Policy explains how and why we collect, use, and share personal information relating to: 

  • Individuals who explore our website (“Visitors”); 

  • Individuals who apply for eligibility in relation to one of more of our services (“Applicants”); and  

  • Individuals who successfully meet the eligibility criteria of their chosen programme and subsequently become a participant (“Participants”). 

Visitors, Applicants and Participants are together referred to as “you” and “your”. 

What Information We Collect and Receive About YouHow We Use Your Information 

CIEE collects and processes personal data for various purposes as described below. Depending on whether you are a Visitor, Applicant and Participant, and how you interact with our programs and services, we may use your personal information to: 

  • provide programs and services to you, such as [Camp USA, Congress–Bundestag Youth Exchange, Faculty-led and Custom, Flat Buddy, Future Leaders Exchange, Global Internship, Gap Year Abroad, Homestay, High School Abroad, High School Summer Abroad, International Faculty Development Seminars, Intern Trainee, Research Scholar, Study Abroad, Teach Abroad, Teach English as a Foreign Language, Work & Travel and Youth Exchange and Study]. 

  • process your application; 

  • assess your suitability for our programs;  

  • enrol you in our programs;  

  • act as an intermediary with partner organisations;  

  • sponsor your visa applications; 

  • keep record of your attendance or academic achievements and accomplishments;  

  • provide you with academic or health and safety support services while on our programs;  

  • correspond with you and answer your questions; 

  • conduct marketing surveys about your experience on our programs; 

  • promote our business and our programs;  

  • carry out marketing and advertising; 

  • administer and improve our website, and personalise your experience; 

  • analyse and understand your use of our website and engagement with our emails; 

  • comply with our legal and regulatory obligations; and 

  • establish, raise, preserve, or defend our rights or claims in court, to respond to law enforcement requests or discovery procedures. 

Our Lawful Basis 

CIEE's lawful basis for collecting and processing your personal information includes the following: 

Legitimate Interests: where necessary for the legitimate interests of direct marketing, customer service improvement, research and development, personalized advertising, debt collection, enforcing legal claims, ensuring the proper functioning of our website and CIEE program delivery,  pursued by CIEE or third parties in providing programs and services. 

Contractual Necessity:  for the performance of an agreement and/or contract with you, or to take steps at your request prior to entering into an agreement or contract. 

Service Improvement: CIEE processes the personal data of program participants to improve its internship placement process. This may involve analyzing feedback and matching trends from previous participants to identify the most suitable placements. While this activity involves processing personal data, it serves CIEE’s legitimate interest in delivering high-quality programs that meet the expectations of participants and partner organizations. 

Protection of Vital Interest:  necessary to protect your vital interests or the vital interests of another person, such as in cases of emergency. 

Legal Obligation: necessary for our compliance with obligations under applicable law. 

Consent: where you have given consent for the processing of your personal data for one or more specific purposes. Consent is obtained by requiring you to tick a checkbox that is not pre-checked, ensuring active participation in the decision. You can unsubscribe at any time by clicking the "unsubscribe" link in the emails, which is an easy and accessible way to withdraw consent. 

When And How We Share Your Information With Others 

The provision of our programs and services may require us to process and share your personal information with third-party partner organisations, such as academic institutions, recruiters, potential employers, agents, etc. or foreign government organisations to provide you with a wide range of our services.  

CIEE may disclose or share personal information with its international affiliates for various purposes, as permitted by law, including for its affiliates to provide services. 

CIEE may also share some personal information with certain local and foreign third parties and service providers who have a need to know and require your personal information within the scope of your agreement with CIEE. For example, we may share your personal data with local and foreign government officials, agencies, consulate or embassies to process and facilitate your visa, host families, accommodation or transportation providers to arrange for program stay and logistics, universities to enrol you in programs, or potential local or foreign employers to facilitate internships or jobs. 

In certain circumstances, we may disclose your information to courts, law enforcement, governmental or public authorities, if and to the extent we are required or permitted to do so by law or where disclosure is reasonably necessary to: (i) comply with our legal obligations; (ii) comply with a valid legal request, such as a subpoena or court order or respond to a valid legal request relating to a criminal investigation; (iii) respond to or address any other activity that may expose us, you, or others to legal or regulatory liability; (iv) enforce and administer our agreements; (v) respond to requests for or in connection with current or prospective legal claims or legal proceedings concerning CIEE and/or third parties, in accordance with applicable law; or (vi) protect the rights, property or personal safety of CIEE, its employees, or members of the public. 

Standard Contractual Clauses  

[You can request a copy of our Standard Contractual Clauses by emailing dataprotectionofficer@ciee.org.] 

Protection Of Personal Data 

We use security measures, in compliance with applicable law, to protect personal information from unauthorised access or use. 

To safeguard against unauthorised access to personal information by third parties, all electronic personal information held by CIEE is maintained on systems protected by secure network architectures that contain firewalls and intrusion-detection devices. The servers holding personal information are “backed up” (i.e., recorded) on a regular basis in an effort to avoid any inadvertent erasure or destruction of such personal information and are stored in facilities with appropriate security and fire-detection and response systems. 

 The safety and security of information also depends on you.  If we have provided you with (or you have chosen) a username and password for access to any of our online applications or websites, you are responsible for keeping such information confidential.  Please do not share your username and password with anyone. 

Your Rights 

You may be able to assert certain rights related to your personal information identified below.  

  • Access and portability. You can request that we provide you a copy of your personal information held by us. In certain circumstances, you can also request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another data controller. 

  • Rectification of incomplete or inaccurate personal information. You can request that we rectify or update any of your personal information held by CIEE that is inaccurate.  

  • Erasure. You can request that we erase your personal information, subject to applicable law. Please note that we may be required by law to retain your information.  

  • Withdraw consent. To the extent the processing of your personal information is based on your consent, you may withdraw your consent at any time. Your withdrawal will not affect the lawfulness of our processing based on consent before your withdrawal. 

  • Restriction of processing. You have the right to restrict our processing of your personal information under certain circumstances.  

  • Objection: You have the right to object to the way we use your data where our legal basis is legitimate interests. We may continue to process your personal information if it is necessary for the defence of legal claims, or where we have a compelling need to process it. 

All such requests may be made by submitting your request to our Data Protection Officer at dataprotectionofficer@ciee.org

To help protect your privacy and provide security, CIEE takes reasonable steps to verify your identity before taking action on your request. CIEE shall respond to your requests made within such time period as required under applicable law after your identity has been confirmed.  

You also have the right to complain to your local data protection supervisory authority. You can find the contact details here:  Data Protection Authorities 

Retention 

Your personal data is stored by CIEE on its servers, and on the servers of the cloud-based database management services CIEE engages, located in the United States  CIEE keeps your personal information for as long as it is necessary for the purposes set out in this Privacy Policy and as required or permitted by law (such as tax, accounting, or other legal requirements). The criteria used to determine the retention period we apply to your personal Information include:  

  • the duration of your relationship with CIEE,  

  • the nature of your use of our services and involvement in our programs;  

  • as required by a legal obligation to which we are subject; and 

  • as advisable in light of our legal position (such as due to applicable statutes of limitations, litigation, or regulatory investigations). 

For more information on where and how long personal data is stored, please contact CIEE’s data protection officer at dataprotectionofficer@ciee.org. 

Children's Privacy 

The programs that we offer are not intended for anyone under the age of 18, and we do not knowingly collect personal data from children. Please notify us if you believe that someone under the age of 18 is accessing or using our services.  

Changes to this Privacy Policy 

We may update this Privacy Policy from time to time.  The updated version will be indicated “Revised” date and the updated version will be effective as soon as it is accessible on our website www.ciee.org.  If we make material changes to this Privacy Policy , we will take steps to notify you, such as by prominently posting a notice of such changes or by directly sending you a notification.  We encourage you to review this Privacy Policy frequently.  

For further information or comments on our Privacy Policy, please contact our data protection officer at dataprotectionofficer@ciee.org, or contact CIEE at the following address: 

Irish American Educational Exchange Ltd, trading as CIEE Dublin   

Cg 45, Henry Grattan Building 
Dublin City University 
Collins Avenue Extension 
Dublin 9, D09 Y074 
 
Phone: 1.207.553.4000 
Fax: 1.207.553.4299 
E-mail: contact@cieeireland.ie 

EFFECTIVE:  16 December 2024