Our commitment to rapid response and transparency in the event of a security incident
CourseCompass commits to the following response timeline:
Within 72 hours of discovery:
Notify the Data Protection Commission (Ireland) of any confirmed personal data breach
Without undue delay:
Inform affected schools, students, and parents/guardians directly via email
Immediate containment:
Take all necessary measures to contain and mitigate the breach
Under GDPR, a personal data breach means a breach of security leading to:
🔓 Unauthorized Access
Any unauthorized person gains access to student data, assessment results, or personal information
🗑️ Accidental Deletion or Loss
Personal data is accidentally or maliciously destroyed or lost
📤 Unauthorized Disclosure
Data is shared with or disclosed to unauthorized recipients
✏️ Unauthorized Alteration
Personal data is modified without authorization
If you're affected by a data breach, we will send you clear, plain-language communication including:
📋 Nature of the Breach
What happened, when it was discovered, and what data was affected
⚠️ Potential Consequences
What risks you may face as a result of the breach
🛡️ Measures Taken
What we've done to address the breach and prevent recurrence
✅ Recommended Actions
Steps you should take to protect yourself (e.g., password changes)
📞 Contact Information
How to reach our Data Protection Officer for questions and support
🚨 Security Incident Reporting
If you believe you've discovered a security vulnerability or experienced unauthorized access to your account, please contact us immediately:
Email (Urgent):
info@coursecompass.ieGeneral Data Protection:
info@coursecompass.ieAll reports are treated with strict confidentiality and investigated immediately.