Privacy Policy
This Privacy Policy explains what personal data drivingtest.irish collects, why, how we protect it, who we share it with, and the rights you have over it under the EU General Data Protection Regulation (GDPR) and Irish data-protection law. It applies to the drivingtest.irish website and apps.
Scope and who is responsible
This policy covers the personal data we process when you use drivingtest.irish — when you create an account, practise, take mock exams, buy Pro, or contact us.
drivingtest.irish is responsible for ("controls") that data and decides how it is used. If you have any question about this policy or your data, contact us at [email protected].
Data we collect
We collect only what we need to run the service:
- Account data: your name, email address and chosen interface language.
- Learning data: your practice answers, mock-exam attempts and scores, bookmarks, streaks and progress statistics.
- Payment data: which plan you bought and whether the payment succeeded. Your card number is entered directly on our payment provider's systems and is never seen or stored by us.
- Support data: the messages and details you send us when you ask for help or request a refund.
- Technical data: IP address, browser and device type, approximate region, and basic activity logs, used to keep accounts secure and prevent abuse. This includes two short device codes ("dt_fp", "dt_dc", see the Cookie Policy) calculated from your browser and device settings and stored with your account, plus a simplified form of your email address (for example ignoring dots and any "+" suffix). We use these three only to protect the Service — to apply the one-free-trial-per-person rule and to detect repeat or bulk sign-ups — and never for advertising, profiling, or tracking you across other websites.
- Diagnostics data: if something breaks on your device — for example a question image fails to load — we record a short technical report (the affected question, your browser and device type, screen size and connection type) so we can find and fix the problem. Reports you send us through the "suggest a fix" form also include your browser type. Diagnostics data is deleted automatically after 30 days.
- Analytics data: only if you accept analytics cookies, Google Analytics collects usage statistics (pages visited, device type, approximate region) to help us improve the site. See the Cookie Policy.
If you sign in with Google, we receive only your name and email address from your Google account.
Why we are allowed to use your data (legal bases)
Under the GDPR we rely on:
- Performance of a contract — to create and run your account and provide practice, exams and progress tracking.
- Legitimate interests — to keep the service secure, prevent fraud and abuse, fix problems and improve the product, in a way that does not override your rights.
- Legal obligation — to keep records of payments for tax, accounting and consumer-law purposes.
- Consent — where we specifically ask for it (for example optional emails). You can withdraw consent at any time, without affecting processing already carried out.
How we use your data
We use your data to: create and secure your account; provide practice, mock exams and progress tracking; remember your language and settings; process your Pro purchase and handle refunds; answer your support requests; detect and prevent fraud, abuse and technical problems; and meet our legal obligations.
Some abuse checks run automatically. When you register, we compare the device codes and the simplified form of your email address against recent sign-ups to work out whether the free trial has already been claimed by the same person. This decides one thing only — whether that account receives the free trial. It never blocks your account, never restricts the rest of the Service, and you can ask us to look at it again at [email protected].
We do not sell or rent your personal data, and we do not share it with third parties for their own marketing. We do not make decisions with legal effects about you by purely automated means.
Who we share data with
We share data only with the service providers that help us run drivingtest.irish, and only as far as each one needs it. They act on our instructions under contracts that require them to protect your data:
- Hosting and database — our servers and database are hosted in the European Union (Hetzner, Germany).
- Payments — Stripe and Revolut process card payments and handle the card data we never see.
- Sign-in — Google, only if you choose to sign in with your Google account.
- Email delivery — Resend sends transactional emails such as password resets.
- Analytics — Google Analytics (Google Ireland Ltd) processes usage statistics for us, only if you accept analytics cookies in the cookie banner.
We may also disclose data if the law requires it, to enforce our Terms, or to protect the rights, safety and security of our users or the service. If the service is ever transferred to a new owner, data may transfer with it under this policy.
International data transfers
Our hosting and database are in the European Union. Some providers (for example payment, sign-in and email services) may process limited data outside the European Economic Area. Where that happens, we rely on appropriate safeguards — such as an EU adequacy decision for the destination country, or the European Commission's Standard Contractual Clauses — so your data keeps an equivalent level of protection.
How long we keep your data
We keep your account and learning data for as long as your account is active. You can delete your account at any time from Settings; when you do, we erase your personal data within 30 days, except where we are required to keep some of it longer.
We keep records of payments — without your account email, which is removed when you delete your account — for as long as tax, accounting and consumer-protection law requires (generally up to 6 years).
The security data stored with your account — the two device codes, the IP address you registered from, and the simplified form of your email address — is kept for as long as your account exists and is erased when you delete it. Other security and abuse logs are kept for a short period and then deleted.
Diagnostics data (technical error reports such as failed image loads, and the browser details attached to feedback) is deleted or anonymised automatically after at most 30 days.
How we protect your data
We take reasonable technical and organisational measures to protect your data: traffic is encrypted in transit with HTTPS, passwords are stored only as salted one-way hashes (never in readable form), payment-card data is handled by certified payment providers and never touches our servers, and access to our systems is restricted and logged.
No online service can be guaranteed completely secure, but we work to detect, contain and respond to security problems, and we will notify you and the relevant authority of a personal-data breach where the law requires it.
Your rights
Under the GDPR you have the right to: be informed about how your data is used; access a copy of your data; have inaccurate data corrected; have your data erased; restrict or object to certain processing; data portability; and withdraw consent where processing is based on it.
To exercise any of these rights, email [email protected]. We will respond within one month. Using your rights is free, and we will never penalise you for it.
If you believe we have not handled your data properly, you have the right to complain to the Irish Data Protection Commission (www.dataprotection.ie), or to the data-protection authority in your own EU country.
Cookies
We use essential cookies that are necessary for the site to work — to keep you signed in, remember your language, and store your cookie choice. With your consent (the cookie banner) we also use Google Analytics cookies to understand how the site is used; the site works fully if you decline. We do not use advertising or cross-site tracking cookies. Full details are in our Cookie Policy.
Children
drivingtest.irish is intended for people preparing for the driver theory test and is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.
Changes to this policy
We may update this Privacy Policy from time to time — for example if we add a feature or change a provider. When we make a material change we will update the "last updated" date below and, where appropriate, tell you. Continued use of the service after an update means you accept the revised policy.
How to contact us
For any privacy question, or to exercise your rights, contact us at [email protected].
Last updated: 2026-07-16