Policies, checklists, and monitoring to keep your Wexford business on the right side of the DPC. Start in under 2 minutes.
Join 2,000+ Irish businesses already protected
GDPR applies to every training provider in Ireland, whether you're based in Wexford Town or anywhere across Wexford. With approximately 8,700 SMEs in the county, the DPC has made it clear that enforcement applies to businesses of all sizes.
Wexford has a diverse economy spanning agriculture, tourism, and manufacturing, with a particularly strong soft fruit and vegetable growing sector. Wexford Opera Festival and the county's extensive beaches drive a strong seasonal tourism economy. Enniscorthy and New Ross contribute manufacturing and food processing jobs, while Rosslare Europort provides direct European trade links. Training Providers in Wexford typically process learner names, addresses, dates of birth, and pps numbers and qqi learner numbers and certification records — both of which fall squarely under GDPR's definition of personal data. The risk of sharing learner data with qqi, solas, skillnet, or employer sponsors without clear documentation of lawful basis makes compliance particularly important for this sector.
Let's walk through what compliance looks like for your business, step by step.
Yes — it's a legal requirement. Any training provider in Wexford processing personal data must meet GDPR standards. This covers everything from customer names and emails to CCTV footage and HR files. The DPC enforces compliance across all Irish businesses regardless of size, with fines of up to €20 million.
RISK ASSESSMENT
Sharing learner data with QQI, SOLAS, Skillnet, or employer sponsors without clear documentation of lawful basis
Collecting PPS numbers for certification and funding claims and storing them alongside general learner records
Using online learning platforms that track detailed learner behaviour including login times, module completion, and assessment attempts
Retaining learner records from funded programmes for audit purposes without clear retention policies
Processing employer-provided employee data for corporate training without a data processing agreement
DATA INVENTORY
FREE ASSESSMENT
See exactly where your Training Provider in Wexford stands on GDPR compliance — no signup required.
REQUIRED DOCUMENTS
Every Training Provider in Ireland needs these documents to demonstrate GDPR compliance. ComplianceKit generates all 8 policy types with a living compliance score that tracks your progress.
STEP BY STEP
Provide every learner with a comprehensive privacy notice before enrolment, listing all organisations their data will be shared with — QQI, SOLAS, Skillnet, employers — and the lawful basis for each.
Store PPS numbers separately from general learner records in an encrypted system with strict access controls — not in general spreadsheets or enrolment databases.
Put data processing agreements in place with all online learning platforms, assessment tools, and cloud services that process learner data.
When delivering corporate training, establish a data processing agreement with the employer client clarifying roles — typically the employer is the controller and you are the processor.
Set retention periods aligned with QQI, SOLAS, and Skillnet audit requirements — these may require records to be kept for longer than standard business needs.
Review your online learning platform's data collection practices — understand what learner behaviour data it captures and ensure this is proportionate and disclosed in your privacy notice.
Conduct annual staff training on GDPR, particularly for administrative staff who handle PPS numbers, funding claims, and QQI submissions.
COMMON PITFALLS
Including PPS numbers in general learner spreadsheets shared across staff, rather than storing them in a secure, access-controlled system.
Delivering corporate training and processing employee data without a data processing agreement, leaving both the employer and training provider exposed.
Not informing learners that their data will be shared with QQI, SOLAS, or other funding bodies, which breaches the GDPR transparency principle.
Keeping detailed online learning analytics — login times, module attempts, time spent on each page — without disclosing this in the privacy notice or assessing whether it is proportionate.
FAQ
Everything you need to know about GDPR compliance for your business.
Contact usNEARBY COUNTIES
OTHER SERVICES
Every day your Training Provider in Wexford operates without proper GDPR compliance is a risk. The DPC is increasing enforcement across Ireland — get ahead of it today.
Join 2,000+ Irish businesses. No credit card required.