Ireland's Autism Charity
Contact Our Autism Information Line Monday - Thursday 10am to 3pm
Donate Now

ID Cards Privacy INformation

Privacy Notice – AsIAm Autism ID Card Service

Last updated: June 2026

1. Who We Are

AsIAm is the data controller responsible for your personal data in relation to the AsIAm ID Card service.

2. What Data We Collect

We collect and process the following categories of personal data:

  • Identity and contact data: name, address, email and phone number.
  • Application data: information required to assess eligibility for the ID Card and to produce the ID Card, including name and photograph of ID Cardholder.
  • Billing data: payment and transaction information.
  • Health data (special category data): proof of diagnosis.

3. How We Use Your Data

We use your personal data solely for the purposes of:

  • Assessing eligibility for the AsIAm ID Card.
  • Processing payments.
  • Producing and issuing ID Cards.
  • Delivering ID Cards to applicants.
  • Maintaining financial records as required by law.

4. Legal Basis for Processing

We process your personal data under the following lawful bases in accordance with the General Data Protection Regulation (GDPR):

  • Article 6(1)(b) – Contract: Processing is necessary for the performance of a contract, including:
    • Processing your application.
    • Managing billing and payments.
    • Producing and delivering your ID Card.
  • Article 6(1)(c) – Legal obligation: Retention of billing information for financial and tax compliance purposes.
  • Article 9(2)(a) – Explicit consent (special category data): Processing of health data, including proof of diagnosis, is carried out only with your explicit, informed consent.

5. Sharing Your Data

We may share your personal data with trusted third-party processors only where necessary to deliver the service. All third parties are contractually bound to process your data securely and only on our instructions. Relevant data processors include:

  • Card Logic – AsIAm’s partner company for producing and posting the ID Cards. Card Logic only receive cardholder name, ID number, photograph, applicant name and postal address.
  • Jotform – online application form provider.
  • Stripe – facilitates secure online payment processing.

6. Data Retention

We only retain your data for as long as necessary.

  • AsIAm will delete your application data within 60 days of your card being posted.
  • Card Logic will delete the ID Card information within 7 days of your card being posted.
  • Billing/financial data is retained securely for 7 years in line with legal and financial best practice requirements.

Please note: If you require a new ID Card, whether because your card has expired or been lost, you must submit a new application form. We do not retain your information.

7. How We Protect Your Data

We implement appropriate technical and organisational measures to ensure your personal data is protected in accordance with GDPR requirements.

8. Your Rights

Under GDPR, you have the following rights:

  • Right of access – request a copy of your data.
  • Right to rectification – correct inaccurate or incomplete data.
  • Right to erasure – request deletion of your data.
  • Right to restrict processing – limit how your data is used.
  • Right to object – object to certain types of processing.
  • Right to data portability – where applicable.
  • You also have the right to withdraw consent at any time where processing is based on consent. This will not affect processing already carried out. Withdrawal of consent may affect your ability to obtain an ID Card.

9. Supervisory Authority

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Irish supervisory authority: Data Protection Commission (DPC) .

10. Contact Us

If you have any questions about this privacy notice, would like further information, or wish to exercise your data protection rights, please contact us at: dpo@asiam.ie