Skip to content
IIESMS Logo

Privacy Policy


Last updated: 10 July 2026

1. Who we are

The data controller is the Institute of Industrial Engineers and Safety Management Systems CLG (IIESMS), Company No. 20594, 2 Georges Street, Waterford, Co. Waterford, X91 AH9K, Ireland. Data-protection enquiries and rights requests may be sent to info@iiesms.ie.

2. Personal data we collect

Depending on how you interact with IIESMS, we may collect:

Identity and contact data, including name, email, telephone number and postal address.

Membership application data, including requested grade, sector or regional route, employer, role, expertise and professional statement.

Professional evidence, including CV, completed qualifications, relevant experience, CPD, references and work examples where required by the selected grade.

Membership administration data, including membership number, grade, status, subscriptions, decisions, renewals, CPD and professional-standing records.

Optional communication and directory preferences.

Website and security data, such as IP address, device/browser information, essential cookies, access logs and form-submission metadata.

Most data is obtained directly from you. Data may also be supplied by a nominated referee, employer or professional body, or obtained from a source you ask IIESMS to verify. Where Article 14 GDPR applies, IIESMS will provide the required information unless a lawful exception applies.

3. Why we use personal data and our lawful bases

To assess an application, take steps at your request before membership and administer the membership relationship: GDPR Article 6(1)(b).

To meet legal, accounting, tax and regulatory obligations: Article 6(1)(c), where applicable.

For governance, professional standards, verification, security, fraud prevention and the establishment or defence of claims: IIESMS legitimate interests under Article 6(1)(f), balanced against your rights.

For optional newsletters, event promotion and an optional public directory listing: consent under Article 6(1)(a), together with applicable electronic-marketing rules.

4. Required and optional data

Fields marked required and the evidence specified for the selected grade are needed to assess and administer the application. If required information is not supplied, IIESMS may be unable to decide the application and will normally request the missing item. Marketing and optional public-directory choices are voluntary and do not affect a grade decision.

5. Recipients and service providers

Access is limited to authorised IIESMS administrators, Membership Committee members, appointed assessors and other authorised governance personnel. Contracted website, hosting, email, document-storage and administrative service providers may process data on documented instructions. Data may also be disclosed to professional advisers, insurers, auditors, law-enforcement bodies, regulators or courts where legally necessary. IIESMS does not sell membership data.

6. International transfers

Where a service provider processes personal data outside the European Economic Area, IIESMS will use an applicable GDPR transfer mechanism and safeguards, such as an adequacy decision or approved contractual clauses. Information about the relevant safeguard may be requested from the data-protection contact.

7. Retention

IIESMS retains data according to an approved retention schedule. Application evidence is kept for the assessment, decision, query or appeal period and any necessary legal period. Active membership, grade, CPD and professional-standing records are kept while required to administer membership and for an approved post-membership governance or legal period. Financial and tax records are normally retained for six years or longer where a live inquiry or legal requirement applies. Optional marketing data is kept until consent is withdrawn or the purpose ends, with minimal suppression data retained where needed to respect an opt-out. Expired data is securely deleted, anonymised or reduced to a justified minimal historical-status record.

8. Security

IIESMS applies technical and organisational measures appropriate to the risk, including access controls, confidentiality, secure systems, backups, provider oversight and breach procedures. Applicants should not send PPS numbers, bank or card details, medical information, passwords or unrelated sensitive personal data in a membership application.

9. Your rights

Subject to the GDPR conditions and exemptions, you may request access, correction, erasure, restriction or portability, and may object to processing based on legitimate interests. You may withdraw an optional consent at any time without affecting earlier lawful processing. Contact info@iiesms.ie. You may also complain to the Data Protection Commission at https://www.dataprotection.ie/.

10. Marketing and service messages

Required membership-service messages include application decisions, evidence requests, subscriptions and renewals, CPD or professional-standing notices and governance communications. These are not optional marketing. Optional newsletters and promotional messages are sent only under the applicable consent or limited existing-customer rules and always include an unsubscribe method.

11. Membership decisions

Membership and grade decisions are made by authorised reviewers applying the published criteria. IIESMS does not use solely automated decision-making to determine the membership grade.

12. Children and Student membership

The general website and membership process are intended for applicants aged 16 or over. IIESMS does not knowingly process an under-16 application through the standard process. If an under-16 Student route is introduced, IIESMS will publish a specific process and privacy information before collecting the data.

13. Cookies and third-party links

Essential cookies and security technologies are used to operate and protect the website. Non-essential cookies should be used only under the applicable preference or consent controls. External sites have their own privacy practices, which applicants should review.

14. Changes and contact

This policy may be updated when processing changes. The current version and date will be published on this page. Questions may be sent to IIESMS at 2 Georges Street, Waterford, Co. Waterford, X91 AH9K, by telephone at +353 (0)51 311134, or by email to info@iiesms.ie.

Frequently Asked Questions

What information does IIESMS require for a membership application?

IIESMS requires the fields marked as required and the evidence specified for the selected grade. Optional communication and directory choices are clearly marked and do not affect the grade decision.

Can I withdraw an optional consent?

Yes. Contact info@iiesms.ie or use the unsubscribe method in a promotional email. Withdrawal does not affect earlier lawful processing or required membership-service communications.

How can I exercise my GDPR rights?

Contact info@iiesms.ie or write to IIESMS at 2 Georges Street, Waterford, Co. Waterford, X91 AH9K, Ireland. You may also complain to the Data Protection Commission at https://www.dataprotection.ie/.