Currently Empty: €0.00
Privacy & Cookie Policy
Travelling Languages — Think Ahead Ltd T/A Travelling Languages — Last updated: March 2026
This Privacy & Cookie Policy explains what personal data we collect when you use this website, how we use it, how long we keep it, and what rights you have under the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
1. Who We Are
This website (www.tl.ie) is operated by Think Ahead Ltd T/A Travelling Languages, a private limited company registered in Ireland (Company Registration Number: [INSERT COMPANY REGISTRATION NUMBER]), trading as Travelling Languages.
We are an English language education provider based in Dublin, Ireland.
| Company | Think Ahead Ltd T/A Travelling Languages |
| Address | Docklands Innovation Park, Unit U14, 128–130 East Wall Road, Dublin, D03 A0X4 |
| sf@tl.ie | |
| Website | www.tl.ie |
We are the Data Controller for all personal data collected through this website. Our Data Protection Officer is Salvatore Fanara, contactable at sf@tl.ie.
2. What Personal Data We Collect and Why
2.1 Enquiry and Contact Forms
When you submit an enquiry or contact form on our website, we collect your name, email address, phone number (if provided), your message, and your nationality or country of residence (if relevant to your enquiry). We use this to respond to your enquiry and follow up with information about our programmes. Your enquiry data may also be entered into our marketing platform (Mautic) to manage follow-up communications.
2.2 Course Purchases
When you purchase a course through our website, we collect your name and billing address, email address, phone number, payment information, and your order details. Payment card details are processed directly by PayPal and are never stored on our website or servers. Order data is stored in WooCommerce and transferred to our internal management system (MYTL) to process your enrolment.
2.3 Marketing Communications
If you submit an enquiry or sign up for information, your contact details may be added to our self-hosted marketing platform (Mautic, hosted on a dedicated EU server). Initial enquiries may also receive an initial response from an AI-assisted service (Buongiorno Marya, operated by Buongiorno Docklands Ltd on EU infrastructure). We use Mautic to send follow-up information, newsletters (where you have consented), and to manage unsubscribe requests. You can unsubscribe at any time by clicking the unsubscribe link in any email we send, or by emailing sf@tl.ie.
2.4 Automatic Data Collection
When you visit our website, certain data is collected automatically — including your IP address, browser type, operating system, pages visited, time spent on pages, and referring website. See section 4 (Cookies) for full details.
2.5 Summary table
| What we collect | Why | Legal basis | Retention |
|---|---|---|---|
| Enquiry form data | Respond to enquiry; follow-up communications | Legitimate interests; Consent (for ongoing marketing) | 3 years from last contact, or until you unsubscribe |
| WooCommerce order data | Process course purchase and enrolment | Contract performance | 7 years (Irish tax and accounting obligations) |
| Payment data | Process payment — handled by PayPal | Contract performance (PayPal is the controller) | Not stored by us — see PayPal’s privacy policy |
| Mautic contact & behaviour data | Email marketing, lead nurturing, behaviour tracking | Consent (marketing); Legitimate interests (enquiry follow-up) | Until you unsubscribe or request deletion, max 3 years |
| Website analytics (Matomo) | Understand how visitors use our site; improve content | Consent (analytics cookies) | 26 months (Matomo default) |
| Website analytics (Google Analytics) | Understand visitor behaviour; measure site performance | Consent (analytics cookies) | Maximum 26 months |
| Facebook Pixel data | Measure ad campaign effectiveness; retargeting | Consent (marketing cookies) | As per Meta’s data retention policy |
3. Legal Bases for Processing
Under GDPR, we must have a lawful basis for processing your personal data. The bases we rely on are:
| Basis | When we rely on it |
|---|---|
| Consent (Article 6(1)(a)) | Non-essential cookies (analytics, marketing, advertising), email marketing communications, and Mautic behaviour tracking. You can withdraw consent at any time. |
| Contract performance (Article 6(1)(b)) | Processing your name, contact details, and order information to fulfil the contract when you purchase a course. |
| Legitimate interests (Article 6(1)(f)) | Responding to your enquiries, following up with prospective students who have expressed interest in our courses, and maintaining basic website security logs. |
| Legal obligation (Article 6(1)(c)) | Retaining financial and transactional records for 7 years to comply with Irish tax and accounting law. |
4. Cookies
4.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. Some are essential for the website to function; others analyse how visitors use the site or deliver targeted advertising. Under Irish and EU law (the ePrivacy Regulations), we must obtain your consent before placing non-essential cookies on your device.
4.2 Cookies We Use
| Cookie / tool | Provider | Category | Purpose | Consent required |
|---|---|---|---|---|
| WordPress session | Travelling Languages (self) | Strictly necessary | Keeps you logged in; remembers items in your shopping basket. Required for the site to function. | No — essential |
| WooCommerce | Travelling Languages (self) | Strictly necessary | Manages your shopping cart and checkout session. | No — essential |
| Matomo | Travelling Languages (self-hosted, EU) | Analytics | Tracks pages visited, time on site, and traffic sources to help us improve the website. IP addresses are anonymised. Data stays on our EU server. | Yes |
| Google Analytics (_ga, _gid) | Google Ireland Ltd | Analytics | Tracks visitor behaviour across the site. Data is processed by Google and may be transferred outside the EEA. | Yes |
| Facebook Pixel | Meta Platforms Ireland Ltd | Marketing / advertising | Tracks actions taken on our site to measure Facebook and Instagram advertising effectiveness and enable retargeting. | Yes |
| Google Fonts | Google Ireland Ltd | Functional | Loads web fonts used in the site design. Your IP address is sent to Google servers when fonts load. | Yes |
| Google Maps | Google Ireland Ltd | Functional | Displays a map of our location. Your IP address is sent to Google when the map loads. | Yes |
| YouTube | Google Ireland Ltd | Functional / marketing | Loads embedded video content. YouTube may set cookies and collect data even before a video is played. | Yes |
| Mautic tracking | Travelling Languages (self-hosted, EU) | Marketing | Tracks website visitor behaviour (pages viewed, form submissions) to enable lead scoring and personalised follow-up. | Yes |
Non-essential cookies (analytics, marketing, Mautic tracking, Google Fonts, YouTube, Facebook Pixel) are loaded only after you actively accept them via the cookie consent banner on this website.
4.3 Managing Cookies
You can control and manage cookies in the following ways:
- Cookie consent banner: when you first visit our website, you will be asked for your consent for non-essential cookies. You can change your preferences at any time by clicking the cookie settings link in the footer of our website.
- Browser settings: most browsers allow you to refuse or delete cookies. Disabling cookies may affect site functionality. For guidance, visit www.aboutcookies.org.
- Google Analytics opt-out: install the opt-out add-on at tools.google.com/dlpage/gaoptout.
- Facebook ad preferences: manage at facebook.com/ads/preferences.
5. Third Parties We Share Data With
We do not sell your personal data. We share data with the following third parties only where necessary to operate our website and deliver our services:
| Third party | Role | Data shared and safeguards |
|---|---|---|
| PayPal (PayPal Europe S.a.r.l. et Cie, S.C.A.) | Independent data controller for payment processing | Name, billing address, email, payment card details. PayPal processes payment data under its own privacy policy and is subject to EU GDPR. Data may be processed in the US under Standard Contractual Clauses. |
| Google Ireland Ltd | Analytics (Google Analytics), fonts, maps, and video (YouTube) | Anonymised IP address and browsing behaviour (analytics); IP address (fonts, maps, YouTube). Google is subject to GDPR. Data may be transferred to the US under Standard Contractual Clauses. |
| Meta Platforms Ireland Ltd | Advertising measurement (Facebook Pixel) | Anonymised browsing behaviour and conversion events. Meta Ireland is the EU data controller. Data may be transferred internationally under Standard Contractual Clauses. |
| Mautic (self-hosted) | Marketing automation and lead nurturing | Contact details and browsing behaviour. Self-hosted on our own EU server (Hetzner). No data leaves our infrastructure. |
| Matomo (self-hosted) | Website analytics | Anonymised browsing behaviour. Self-hosted on our own EU server. No data is shared with any third party. |
| Hetzner Online GmbH | Infrastructure / web hosting | All website and form data is stored on servers hosted by Hetzner in EU data centres. Hetzner acts as a data processor under a Data Processing Agreement. |
6. International Data Transfers
Our own systems — including our website server, Matomo analytics, and Mautic marketing platform — are hosted on servers within the European Union (Hetzner, Germany). Personal data you submit to us is stored and processed within the EU.
Some third-party services we use may transfer data outside the EEA:
- Google (Analytics, Fonts, Maps, YouTube) may transfer data to the United States, relying on Standard Contractual Clauses approved by the European Commission.
- Meta (Facebook Pixel) may transfer data internationally. Meta Ireland acts as the EU data controller and relies on Standard Contractual Clauses for transfers to the US.
- PayPal may process data in the United States, relying on Standard Contractual Clauses and applicable transfer frameworks.
Where data is transferred outside the EEA, we ensure appropriate safeguards are in place in accordance with Chapter V of the GDPR.
7. How Long We Keep Your Data
| Data type | Retention period |
|---|---|
| Enquiry / contact form data | 3 years from the date of your last contact, or until you request deletion — whichever comes first |
| WooCommerce order records | 7 years from the date of purchase (Irish tax and accounting obligations) |
| Mautic contact records | Until you unsubscribe or request deletion, and in any case no longer than 3 years from last engagement |
| Matomo analytics data | 26 months (rolling), after which data is automatically deleted |
| Google Analytics data | Maximum 26 months (as configured in our Google Analytics property) |
| Facebook Pixel data | As per Meta’s data retention policy (typically up to 180 days for event data) |
| WordPress / WooCommerce logs | 90 days for server access logs; customer account data retained for the duration of the account plus 7 years for order records |
When data reaches the end of its retention period it is deleted or anonymised. You may also request earlier deletion — see section 8.
8. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights:
| Right | What it means |
|---|---|
| Right of access | You can request a copy of the personal data we hold about you (a Subject Access Request). We will respond within one calendar month. |
| Right to rectification | You can ask us to correct any inaccurate or incomplete personal data we hold about you. |
| Right to erasure | You can ask us to delete your personal data in certain circumstances. Note that some data must be retained to comply with legal obligations (e.g. financial records). |
| Right to restrict processing | You can ask us to pause processing of your data in certain circumstances while a dispute is resolved. |
| Right to data portability | Where we process your data on the basis of consent or contract, you can receive a copy of your data in a structured, machine-readable format. |
| Right to object | You can object to processing based on legitimate interests, and to direct marketing at any time. |
| Right to withdraw consent | Where we rely on your consent, you can withdraw it at any time. Withdrawal does not affect the lawfulness of processing before withdrawal. |
To exercise any of these rights, please contact us at sf@tl.ie. We will respond within one calendar month. If you are not satisfied with our response, you have the right to lodge a complaint with the Data Protection Commission (DPC) at dataprotection.ie.
9. How We Protect Your Data
Our security measures include:
- All data transmitted between your browser and our website is encrypted using TLS (HTTPS). Plain HTTP connections are redirected to HTTPS.
- Our website and servers are hosted with Hetzner (EU), which operates ISO 27001-certified data centres with physical access controls.
- Access to our website’s administrative backend is restricted to authorised staff only, protected by strong passwords.
- Our internal systems are protected by firewall controls, SSH key authentication, and mandatory two-factor authentication for all staff users.
- We do not store payment card details on our systems. All payment processing is handled by PayPal.
In the event of a personal data breach likely to result in a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours and, where required, notify affected individuals without undue delay.
10. Children’s Privacy
Our website is not directed at children under the age of 16. We do not knowingly collect personal data from children under 16 without verifiable parental consent. If you believe a child under 16 has provided us with personal data without appropriate consent, please contact us at sf@tl.ie and we will delete the data promptly.
Adults enrolling on behalf of a minor student should contact us directly rather than completing an online form.
11. Links to Other Websites
Our website may contain links to third-party websites. This privacy policy applies only to www.tl.ie. We are not responsible for the privacy practices of other websites and encourage you to read their privacy policies before providing any personal data.
12. Changes to This Policy
We review this Privacy & Cookie Policy at least annually and whenever we make significant changes to how we collect or process personal data. The current version and its effective date are shown at the top of this page. Where changes are material, we will take reasonable steps to bring them to your attention — for example by displaying a notice on our website or, where we hold your email address, by sending you a notification.
13. Contact Us and How to Complain
13.1 Contact
If you have any questions about this policy, wish to exercise your data rights, or have a concern about how we handle your personal data, please contact:
| Data Protection Officer | Salvatore Fanara |
| sf@tl.ie | |
| Postal address | Docklands Innovation Park, Unit U14, 128–130 East Wall Road, Dublin, D03 A0X4 |
13.2 Complaints
If you are not satisfied with our response, you have the right to lodge a complaint with the Irish supervisory authority:
| Authority | Data Protection Commission (DPC) |
| Website | www.dataprotection.ie |
| Phone | +353 (0)761 104 800 |
| Post | Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28 |
Travelling Languages — Think Ahead Ltd, Docklands Innovation Park, Unit U14, 128–130 East Wall Road, Dublin, D03 A0X4 — Version 1.0 — March 2026
