Last updated: January 2026
We process personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This page explains how we comply with your rights under these regulations.
We process your personal data under the following legal bases:
Under the GDPR, you have the following rights regarding your personal data:
You may request a copy of the personal data we hold about you, along with information about how it is processed.
If your personal data is inaccurate or incomplete, you have the right to request correction or completion.
In certain circumstances, you may request deletion of your personal data. This right is not absolute and may be limited by legal obligations to retain certain information.
You may request that we limit how we use your personal data in specific situations, such as when you contest the accuracy of the data.
Where technically feasible, you may request that we provide your personal data in a structured, commonly used, machine-readable format or transfer it to another controller.
You may object to processing based on legitimate interests or for direct marketing purposes. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.
Where processing is based on consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
For questions about data protection or to exercise your rights, contact [email protected]. We will respond to verified requests within one month, with possible extensions for complex requests.
We retain personal data only as long as necessary for the purposes for which it was collected or as required by law. Inquiry data is typically retained for three years after last contact, while contract-related data may be retained longer to meet legal and tax obligations.
When we transfer personal data outside the European Economic Area, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.
We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.
You have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of your residence, workplace, or where an alleged infringement occurred. In Ireland, the supervisory authority is the Data Protection Commission.
In the event of a data breach likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within the timeframes required by GDPR.