Unlock The Unique Potential of Every Student
Unlock The Unique Potential of Every Student
Athena Analytics Limited is committed to protecting and respecting your privacy. This Policy sets out how we, as a Data Controller, collect, use, process and disclose the personal data that we collect from you, or that you provide to us via our website, e-mail or other forms of communication. We will not pass it on to any third party, unless we are required to do so in order to comply with our legal obligations.
We use the words Personal Data to describe any information we hold relating to individuals, and from which they are identifiable. Our primary objective is to ensure that all Personal Data received and held by us is handled responsibly and this Policy describes how we use such data as part of our functions. This includes Personal Data obtained from a variety of sources listed in paragraph 3 below.
This Policy may be supplemented by other privacy notices tailored to specific activities. The purpose of this is to ensure that you are fully informed as to how we collect and use your Personal Data.
Personal Data about another individual will only be collected and accepted from you on the strict basis and understanding that you:
(a) inform the individual concerned about the content of this Policy and any other applicable privacy notices provided to you;
(b) obtain their permission to share their Personal Data with us in accordance with this Policy and other applicable privacy notices; and
(c) obtain any legally required consent, where applicable.
Athena Analytics cannot accept any responsibility or liability for any claims for any purported damages, losses, costs, expenses and payments whatsoever which are purported to have been sustained by any third parties arising from any unauthorised sharing by you of Personal Data with Athena Analytics. By agreeing to engage us to provide any of the business activities set out in our website, you agree to indemnify us against all claims, actions or demands made by any third parties arising from any such unauthorised sharing of Personal Data with us.
The Personal Data we hold about you and other individuals may differ depending on our relationship, including the type of communications between us and the services we provide. Personal Data we may hold and process includes:
• Contact information; and
• Academic records
3.1 We may obtain Personal Data from the following sources:
(a) uploads via the portal on our website [ www.athena.ie ]; and
(b) e-mail;
(c) telephone calls, directly or through third parties working on your behalf to update our databases; and
(d) individual teachers, schools or other educational bodies who have obtained your consent to use your Personal Data for educational purposes.
(e) From schools or education centres acting as Data Controllers under formal processing agreements.
We use Personal Data to carry out our business activities, further details of which are available on our websites, www.athena.ie. The purposes for which we use Personal Data may differ based on the services we provide.
The main purposes for which we use Personal Data are to enable us:
4.1 to provide predicted grades for individuals based on their previous academic record and Athena Analytics’ own algorithm, which has been built and tested using our database of results of other individuals;
4.2 track the exam results of individuals throughout their second level education using Athena Analytics web-based software; and
4.3 to provide reports and analysis for schools regarding their performance in the Junior and Leaving Certificate examinations relative to other institutions.
Where acting as a Data Processor, we only process data on behalf of and under the instructions of the relevant educational institution or body.
Athena Analytics is committed to the protection of your Personal Data in accordance with this Policy and has put in place strict and careful internal practices and procedures to ensure that same is handled in compliance with the requirements of data protection law. Unless we are required to do so by law or you have consented to us doing so, no Personal Data will be shared or made available to any third parties.
When processing data on behalf of schools, data is only shared in accordance with the controller’s written instructions and under a formal Data Processing Agreement.
Athena Analytics uses appropriate technical, physical, legal and organisational measures that comply with data protection laws to keep Personal Data secure.
As most of the Personal Data we hold is stored electronically we have implemented appropriate IT security measures to ensure this Personal Data is kept secure. For example, we use anti-virus protection systems, firewalls, and data encryption technologies. We have procedures in place at our premises to keep any hard copy records physically secure. We also train our staff regularly on data protection and information security.
Unfortunately, no data transmission over the Internet or electronic data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have sent to us has been compromised), please immediately notify us.
To comply with data protection law, we are required to inform you of the legal justification relied upon by us for using your Personal Data. While the legal basis for collecting and using the Personal Data will depend on the Personal Data concerned and the specific context in which it is collected, the principal legal justifications that apply to our purposes for using Personal Data are as set out below:
7.1 Justification for processing Personal Data:
(a) Where same is necessary for the performance of contract to which you are a party or to take steps at your request prior to entering into such contract;
(b) Your consent (where you voluntarily give consent to provide us or a third party with your Personal Data); and
(c) Where such processing is necessary for the purpose of our legitimate interests or those of a relevant third party.
7.2 Where we rely on our legitimate business interests or the legitimate interests of a third party to justify the purposes for using your Personal Data, our legitimate interests will usually be:
(a) the pursuit of our commercial activities and objectives;
(b) development of any guidelines, improvement and development of business operations and service offerings, to include the augmentation of existing databases to optimise and improve the accuracy of our software and algorithms; and
(c) conducting analytical and statistical research.
We monitor electronic communications between us (for example, emails) to protect you, our business and IT infrastructure, and third parties including by:
(a) identifying and dealing with inappropriate communications; and
(b) looking for and removing any viruses, or other malware, and resolving any other information security issues.
We will keep Personal Data for as long as is necessary for the purposes for which we collect it.
Where we hold Personal Data to comply with a legal or regulatory obligation, we will keep the information for at least as long as is required to comply with that obligation.
Where we hold Personal Data in order to provide a product or service to you as a client, we will keep the information for at least as long as we provide the product or service, and for 7 years thereafter.
In relation to names of individuals and their associated schools or educational bodies these are deleted once we have discharged our contractual obligations to you. Athena Analytics may retain such anonymous data for the purposes of augmenting its existing databases, on the basis that such data may be analysed by us without the ability to identify the individuals or schools or educational bodies to which such data relates.
For further information about the period of time for which we retain your Personal Data, please contact us using the details below.
The following is a summary of the data protection rights available to individuals in the EEA in connection with their Personal Data. These rights may only apply in certain circumstances and are subject to certain legal exemptions.
• Right of access to a copy of your Personal Data;
• Right to withdraw consent to processing of Personal Data (where we process on the basis of consent);
• Right to rectify any Personal Data we hold about you if it is inaccurate or incomplete;
• Right to have your Personal Data erased from our systems in certain circumstances e.g.
• Right to restrict (i.e. suspend) our processing of Personal Data (This may be requested while the accuracy of your Personal Data is being established by us in the event that we receive a rectification request or while we assess an objection received by you (see below);
• Right to object to our processing of your Personal Data on the basis of our legitimate interests (see paragraph 7.2 above) on grounds relating to your particular situation. However, we may continue to use your Personal Data, despite your objection, where there are compelling legitimate grounds to do so or if we need to use your Personal Data in connection with any legal claims or where we have one or more other legal basis to process your Personal Data (see paragraph 7 above);
• Rights relating to automated decision making and profiling having legal or similarly significant effects on you – Athena Analytics does not engage in such decision making or profiling on this basis and therefore these rights do not apply.
If you wish to exercise your rights, please contact us using the details below.
You also have a right to complain to the Irish Data Protection Commission if you think that we have processed your Personal Data in a manner that is not in accordance with data protection law.
If you have any questions or concerns about the way your Personal Data is used by us, you can contact us by e-mail at: info@athena.ie or by calling us on (066) 7165066.
We review this Policy regularly and reserve the right to make changes at any time to take account of changes in our business, legal requirements, and the manner in which we process Personal Data.
In addition to acting as a Data Controller for certain business activities, Athena Analytics also acts as a Data Processor when providing services to schools or education centres, such as through the Limerick Area Common Application System (CAS).
In these cases, the schools or education authorities are the Data Controllers, and Athena Analytics processes personal data solely on their instructions, as set out in a formal Data Processing Agreement (DPA).
When acting as a Data Processor, Athena Analytics:
Processes personal data only for the purposes defined by the school or authority
Implements appropriate technical and organisational measures to ensure data security and GDPR compliance
Ensures confidentiality and access controls for all staff involved
Uses sub-processors only with the prior written authorisation of the controller
Provides assistance to the controller in responding to data subject rights
Notifies the controller without undue delay in the event of a data breach
Deletes or returns all personal data to the controller after the end of the service provision, unless otherwise required by law
We provide schools with appropriate contractual assurances and are committed to maintaining compliance with Article 28 of the GDPR and guidance provided by the Data Protection Commission (DPC).
