GDPR Privacy Policy

Windmill Healthcare respects your right to privacy and comply with current Data Protection Act 2018. This Privacy Policy is to outline how we deal with any Personal Data you provide. This page informs you of the Windmill Group website policy regarding the collection, use, and disclosure of personal data when you use the website and the choices you have associated with that data. This notice applies to prospective residents, residents, prospective staff, staff and visitors to Windmill Healthcare facilities.

Controller name: Windmill Healthcare, Market House, Churchtown, Mallow, Co Cork. Telephone 022 34693

Windmill Healthcare is dedicated to the privacy of those who engage with us and our privacy policy details our approach. If there is anything in this privacy notice that is unclear or you wish to query, please contact our Data Protection Office at

Principles of Data Protection

Under the Data Protection Act 2018 (GDPR), all personal data obtained and held by Windmill Healthcare must be process according to a key set of core principles. In accordance with these principles – we will ensure the following:

  • data is collected for specific, explicit, and legitimate purposes
  • data is processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisational measures
  • processing is fair, lawful and transparent
  • data is not kept for longer than is necessary for its given purpose
  • data is kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay

Personal Data & Usage Data

While using the website, you may be asked to provide certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally, identifiable information may include, but is not limited to include your name, address, location, email address, user IP address in circumstances where they have not been deleted, clipped or anonymised. “Personal Data” is only collected from you if you voluntarily submit it to us.

“Non-Personal Data”
Like other websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding, for example, user IP addresses where they have been clipped or anonymised, browser types and other anonymous statistical data involving the use of our website.

Use of Data

Windmill Healthcare uses the collected data for various purpose in which it was provided to us as expressed at the point of contact or obvious in the content of collection. Generally, information is collected by us to:

  • To allow you to participate in interactive features of the website when you choose to do so (eg. Enquiry Form)
  • Register on our site for events or training
  • Communicate with you for marketing purposes
  • To gather analysis or valuable information so that the website can be improved and maintained
  • To provide you with requested information or materials
  • For general admin purposes that are in our legitimate business interests including marketing purposes, communication in the course of a contract and monitoring for spam.

Retention of Data

Windmill Healthcare will retain personal data you submit to us only for as long as it is necessary and for the purpose for which it was obtained, or as required under the current Data Protection Act 2018.

Consent for Children

Windmill Healthcare does not knowingly collect personal data from children under the age of 16. We do not provide services, nor do we market to children. If you are under the age of 16, please do not submit any personal information through our website. We strongly recommend that parents and legal guardians monitors children’s Internet usage and assist in enforcing our privacy policy.

Disclosure of Information to Third Parties

We take all reasonable measure to protect your personal information while it is in our possession. We may provide “non personal data” to third parties service providers who will process this information on behalf on Windmill Healthcare’s behalf. For example, we might inform third parties regarding the number of unique users who visit our website, the demographic breakdown of our community users of our website, or the activities that visitors to our website engage in while on our website.

We do not disclose your “personal data” to third parties unless you have consented to this disclosure or unless the third party is needed to fulfil your query. In this care, the third party is bound by the same data protection requirements. We will disclose your “personal data” if are required to do so to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other statutory requirement.

Confidentiality & Security

Your “personal data” is held by Windmill Healthcare on secure servicers, hosted by our Internet Service Provider. Windmill Healthcare has implemented a high standard of technology and operational security to protect personal data from alteration, unauthorised disclosure or destruction, and from use for unauthorised purposes. The nature of the internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the internet. No data transmission over the internet can be guaranteed to be 100% secure. However, we will take all steps that our IT systems are protected against unauthorised access with various level of controlled and password protected access rights. Where personal records are kept in paper format these are stored securely with controlled access. We have implemented procedures to deal with any actual or suspected data security breach and will notify you and any applicable authority about a breach where we are legally required to do so.

Your Rights

Windmill Healthcare aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data. You have the following rights under GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:

  • You have the right to request access to the data. You have the right to receive a copy of the personal information we hold about you together with other information about our processing of that personal data
  • You have the right to amend the “personal data” that we hold about you or if we have incomplete information you may request that we update the information such that it is complete
  • You have the right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten
  • You have the right to object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your situation which makes you want to object to processing on this ground
  • You have the right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine-readable format
  • You have the right to lodge a complaint to the supervisory authority

In order to exercise any of the rights set out above, please contact us by email at or by post to Windmill Healthcare, Market House, Churchtown, Mallow, Co Cork. You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commission.


We use a number of different cookies on our site and we operate an ‘implied consent’ policy, meaning that we assume you are happy with this usage. This can be changed by disabling or deleting the cookies, or using your browser’s anonymous usage setting (e.g. “Incognito Mode” in Google Chrome).

First Party Cookies:

These cookies are set by this website directly and include web analytics tools like Google Analytics which are used to collect anonymous information about how users browse the site. This cannot be used to identify personal information (e.g. name or address). Certain cookies are deemed strictly necessary to the working of the website. For brochure sites and ecommerce sites a session cookie is necessary for remembering your log-in for you, whether you are a registered user or not or remembering what has been put in the shopping basket. If this cookie is disabled it will disrupt the functionality on the site.

Third Party Cookies:

These cookies are set on your machine by external websites whose services are used on this site. Cookies of this type include the social network content sharing buttons across the site (e.g. YouTube and Facebook). To facilitate the implementation of these buttons and connect them to the relevant social networks and external sites, there are scripts from domains outside of our website which we do not control and cannot access. You should check the third-party websites for more information about these cookies.

Changes To This Privacy Policy

This Privacy Policy may be updated from time to time, with the new Privacy Policy being posted on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Last Updated: February 2024