Data Compliance and GDPR are core to DataXcel
Dataxcel Ltd – Data Compliance Policy Updated May 2025
The Policy covers the collection and processing of data for our core data collection sites, Dataxcel.ie, ageverify.ie, Freeprizedraws.ie, Winnersville.co.uk., and our Landline Telephone Database and is focused on:
The Data Protection Acts 1988 to 2018, any other applicable law or regulation relating to the processing of personal data and to privacy legislation (including the E-Privacy Directive and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (“E-Privacy Regulations”), as such legislation shall be supplemented, amended, revised or replaced from time to time, including by operation of the General Data Protection Regulation (EU) 2016/679 (“GDPR”) (and laws implementing or supplementing the GDPR, and laws amending or supplementing the E-Privacy Regulations);
- Updated: January2026
- Author: Data Protection Officer at Dataxcel Ltd on behalf of the brands Freeprizedraws (fpd.ie) (Privacy Policy) Winnersville (winnersville.co.uk) (Privacy Policy), ageverify.ie(Privacy Policy)
- This policy is displayed in conjunction with our company Data Protection Handbook and Privacy Policy: Data Protection Compliance and the protection of the data subject’s privacy rights are at the very ethos of Dataxcel’s data processing policies.
- Background: We collect data online from our managed consumer facing websites, www.freeprizedraws.ie in Ireland and www.winnersville.co.uk.in the UK and our B to B sites dataxcel.ie and ageverify.ie. We have built and own the technology platform for all our sites with our data servers located in both Ireland and the UK, ensuring optimum data security controls at all times. Our registered address is Dataxcel Ltd, 29 Lower Patrick Street, Kilkenny, Co. Kilkenny. Dataxcel’s data protection officer is registered with the office of the Data Protection Commissioner in Ireland and is registered as a Data Controller and Data Processor with the office of the Information Commissioner’s office in the UK.
All data collected is compliant with the current Data Protection Act of 2018 and the Privacy and Electronic Communications Regulations of 2011, and our consent process both legacy and future data processing have been updated in line with GDPR requirements and further underpinned with a legal position benchmark from a leading Senior Counsel specialising in data compliance legislation across all data touch points in Ireland.
- DataXcel use consent in line with articles 4, 6 and 7 GDPR and in some cases legitimate interest under Article 6(1)(f) and recital 47 of the GDPR and Regulations 13(5), (6) and (10). of the e privacy regulations of 2011 as the legal basis for processing data. In processing any data using legitimate interest as the legal basis for processing such data, DataXcel carry out a three-part test, to ensure our processing is in line with current legislation and the following process is adhered too:
Purpose test – is there a legitimate interest behind the processing?
Necessity test – is the processing necessary for that purpose?
Balancing test – is the legitimate interest overridden by the individual’s interests, rights, or freedoms?Our consent statements and consent process have received guidance from external Data Protection Consultants, senior counsel to define our legal data processing position at each data touch point within the context of GDPR and e privacy and previously from the Office of the Data Protection Commissioner in Ireland.
- Our core consent statement at all data collection touch points focusses on the following statement where the tick boxes are optional allowing a data subject the choice to Freely Give consent without any pre – condition to join the database but with equal opportunity to engage and join our websites.
We offer FREE TO Enter Competitions and we have winners every week which we publish on the winner’s section of this site, by email and on our Facebook and Twitter pages.
Our FREE competitions are supported by our Competition sponsors.By ticking the box, you:
The words terms and conditions, privacy policy and Competitions Sponsors are all dynamic links explaining in a full and transparent format the use and sharing of the data subject’s data in order to meet the data subject contact expectations.
The dynamic link to competition sponsors lists by vertical sector the brand names we will share the data with in the future, providing the data subject the choice to opt in or not for third-party marketing offers.
Our consent process has been constructed with zero risk GDPR compliance in mind and is underpinned with the following context. Article 4(11) of the GDPR stipulates that consent of the data subject means any:
– freely given, specific, informed, and unambiguous indication of the data subject’s wishes Freely Given – Note the tick boxes in our consent process are optional and NOT mandatory.
The element “free” implies real choice and control for data subjects.As a general rule, the GDPR prescribes that if the data subject has no real choice, feels compelled to consent or will endure negative consequences if they do not consent, then consent will not be valid.
Withdraw Consent in one click:
Note: We communicate this both in the consent process, the welcome email which a data subject will receive within seconds of registering on our sites and in our regular communications with the data subject where we provide a real time process and/or offline process to withdraw consent or to update their preferred marketing contact channels (Article 29 committee state: Accordingly, consent will not be considered to be free if the data subject is unable to refuse or withdraw his or her consent without detriment.) We contact all active users every six months with a data compliance focussed communication setting out their rights and providing links to update their contact preferences or to inform us, the data controller, to cease processing of their personal data.
Specific:
Article 6(1a) confirms that the consent of the data subject must be given in relation to “one or more specific” purposes and that a data subject has a choice in relation to each of them. The requirement that consent must be ‘specific’ aims to ensure a degree of user control and transparency for the data subject. This requirement has not been changed by the GDPR and remains intricately linked to the requirement of ‘informed’ consent. At the same time, it must be interpreted in line with the requirement for ‘granularity’ to obtain ‘free’ consent.
Note: DataXcel provide the data subject with a consent choice for each level of data processing and requires the user to confirm by a specific action i.e. the user must tick a box as to their level of accepted consent by each data processing action. The user consent is recorded in real time and flagged accordingly on our database and the user can access their account at any time, once logged in, to alter or update their level of consent therefore giving full control back to the user around their consent levels. Consent options are communicated regularly to users.
Informed:
The GDPR reinforces the requirement that consent must be informed. Based on Article 5 of the GDPR, the requirement for transparency is one of the fundamental principles, closely related to the principles of fairness and lawfulness. Providing information to data subjects prior to obtaining their consent is essential to enable them to make informed decisions, understand what they are agreeing to, and for example exercise their right to withdraw their consent. If the controller does not provide accessible information, user control becomes illusory, and consent will be an invalid basis for processing.
Note: Our consent process is in plain English and explains our levels of data processing, is self-explanatory, is unbundled, is optional to consent and provides details as to who we will share the data with and the type of data we will share.
Our GDPR action plan has covered the following steps.
Data Protection Officer:
We have appointed a Data Protection Officer who has worked with industry governing bodies regulating best practice for data compliance within the Data Marketing Industry, who can be contacted as follows for any privacy related matters.
- By Email: datacompliance@dataxcel.ie
- By Phone: +353 56 7790295
- By Post: DataXcel Ltd, 29 Lower Patrick Street, Kilkenny, Co Kilkenny
Supervisory Regulator:
We operate in both the Irish and UK markets and given we are a registered trading corporate in the Irish geography we will report and adhere to the Irish supervisory regulator.