Last Updated: March 15, 2026
1. Introduction
This Privacy Policy explains how [Website Name] (“we”, “us”, “our”) collects, uses, stores, shares, and protects personal data when you visit [website URL], contact us, download materials, sign up for emails, place an order, submit forms, or otherwise interact with our website and services.
Under GDPR, a privacy notice is intended to help data controllers meet transparency obligations and inform people how their data is processed. Individuals also have a range of rights in relation to their personal data.
2. Who We Are
For the purposes of data protection law, [Insert Legal Name / Sole Trader Name / Company Name] is the data controller of personal data collected through this website unless this policy states otherwise.
Controller Name: [Insert Name]
Trading Name: [Insert Website/Brand Name]
Registered Address: [Insert Address]
Email: [Insert Contact Email]
Website: [Insert URL]
If you have questions about this Privacy Policy or how your data is handled, please contact us using the details above.
3. What Personal Data We Collect
We may collect and process the following categories of personal data:
3.1 Information you provide directly
This may include:
your name;
email address;
phone number;
postal address;
organisation or club name;
billing information;
account information;
messages, enquiries, or support requests you send to us;
survey responses, testimonials, reviews, or feedback;
any information you provide when downloading content, filling in a form, joining a waiting list, or subscribing to a newsletter.
3.2 Transaction and order data
If you buy a product or service from us, we may collect:
order details;
billing details;
purchase history;
payment status;
VAT-related details where relevant.
We generally do not store full card details ourselves where payments are handled by a third-party payment provider.
3.3 Technical and usage data
When you use the website, we may automatically collect:
IP address;
browser type and version;
device type;
operating system;
referring URLs;
pages viewed;
dates and times of access;
clickstream and interaction data;
approximate location derived from IP;
cookie identifiers and similar online identifiers.
Irish guidance notes that online identifiers can constitute personal data and that cookie rules can apply even where the technology does not obviously store traditional personal details.
3.4 Marketing and communications data
This may include:
your preferences for receiving marketing from us;
your communication preferences;
records of consent or unsubscribe choices.
4. How We Collect Personal Data
We collect personal data:
directly from you when you complete forms, subscribe, order, contact us, or otherwise interact with us;
automatically through cookies, logs, analytics tools, and similar technologies;
from service providers such as payment processors, email marketing platforms, website hosts, analytics providers, or anti-spam/security tools;
from publicly available sources where relevant and lawful.
5. Why We Use Personal Data
We may process personal data for the following purposes:
to operate, maintain, secure, and improve the website;
to respond to enquiries and provide support;
to send requested downloads, templates, updates, or information;
to process purchases and deliver products or services;
to manage subscriptions, accounts, and customer relationships;
to send newsletters or marketing communications where lawful;
to monitor website performance, usage, and security;
to prevent fraud, abuse, or unauthorised access;
to comply with legal, tax, accounting, or regulatory obligations;
to establish, exercise, or defend legal claims.
6. Legal Bases for Processing
Under GDPR, personal data processing must be based on a valid legal basis. The Irish Data Protection Commission provides guidance on selecting the correct legal basis for processing.
Depending on the context, we rely on one or more of the following legal bases:
6.1 Consent
We may rely on your consent for:
sending certain marketing communications;
placing non-essential cookies or similar tracking technologies;
processing data where consent is specifically requested.
You can withdraw consent at any time, but this will not affect processing carried out before withdrawal.
6.2 Contract
We may process your data where necessary to:
provide requested downloads, products, or services;
manage your account;
process payments and fulfil orders;
take steps at your request before entering into a contract.
6.3 Legitimate interests
We may process data where necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests may include:
operating and improving the website;
responding to queries;
understanding website usage;
securing the site and preventing abuse;
administering our business;
maintaining records;
marketing similar products or services where lawful.
6.4 Legal obligation
We may process personal data where necessary to comply with legal obligations, including tax, accounting, consumer, and regulatory requirements.
6.5 Legal claims
We may process personal data where necessary to establish, exercise, or defend legal claims.
7. Cookies and Similar Technologies
We may use cookies, pixels, tags, scripts, local storage, and similar technologies on the website.
These technologies may be used for:
strictly necessary website functionality;
remembering user preferences;
security and fraud prevention;
analytics and performance measurement;
advertising, remarketing, and campaign measurement.
In Ireland, consent is normally required before using non-essential cookies or similar technologies, while strictly necessary cookies may be used without consent. Consent must be clear, informed, and affirmative.
You can manage your cookie preferences through our cookie banner or settings tool, and through your browser settings. Disabling some cookies may affect site functionality.
7.1 Strictly necessary cookies
These are required for core website functions such as security, network management, and basic operation.
7.2 Analytics cookies
These help us understand how visitors use the website so we can improve performance and content.
7.3 Functional cookies
These remember choices you make, such as preferences and settings.
7.4 Advertising or targeting cookies
These may be used by us or third parties to deliver relevant advertising or measure campaign effectiveness.
8. Direct Marketing
Where lawful, we may send newsletters, updates, offers, or similar communications by email or other electronic means.
Irish rules on direct electronic marketing require consent or another lawful basis depending on the circumstances, and recipients must generally have a way to opt out.
You can unsubscribe from marketing emails at any time by:
clicking the unsubscribe link in the email; or
contacting us directly.
We may still send non-marketing communications where necessary, such as service emails, transactional messages, account notices, or legal updates.
9. How Long We Keep Personal Data
We keep personal data only for as long as reasonably necessary for the purposes for which it was collected, including to satisfy legal, accounting, tax, reporting, or dispute-resolution requirements.
Retention periods may vary depending on the type of data and the reason we collected it. For example:
contact form enquiries: [insert period, e.g. 12–24 months];
customer/order records: [insert period, e.g. 6 years where needed for tax/accounting];
newsletter subscriber data: until unsubscribe or suppression-list retention as needed;
analytics data: [insert period];
account data: until the account is closed, plus a reasonable retention period.
When data is no longer needed, we will delete it, anonymise it, or securely archive it where appropriate.
10. How We Share Personal Data
We may share personal data with trusted third parties where reasonably necessary, including:
website hosting providers;
email and newsletter service providers;
payment processors;
analytics providers;
cloud storage or software providers;
security, anti-spam, fraud-prevention, and backup providers;
professional advisers, including lawyers, accountants, auditors, and insurers;
regulators, public authorities, courts, law enforcement, or other bodies where required by law.
We do not sell personal data to third parties.
Where third-party service providers process personal data on our behalf, they may act as processors. Irish guidance distinguishes between controllers, who decide the purposes and means of processing, and processors, who handle data on behalf of a controller.
11. International Transfers
Some of our service providers may process personal data outside the European Economic Area.
Where personal data is transferred outside the EEA, we will take appropriate safeguards where required, such as:
an adequacy decision;
Standard Contractual Clauses;
or another lawful transfer mechanism recognised under data protection law.
You may contact us for further information about relevant safeguards.
12. Data Security
We take reasonable technical and organisational measures designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or unauthorised access.
These measures may include:
secure hosting;
SSL/TLS encryption where appropriate;
access controls;
software updates;
security monitoring;
limited access to personal data;
backup and recovery measures.
No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
13. Your Data Protection Rights
Under GDPR, individuals have a number of rights in relation to their personal data, including the right to access, rectify, erase, restrict processing, object in certain circumstances, and request data portability, subject to legal limits and conditions.
Depending on the circumstances, you may have the right to:
request access to your personal data;
request correction of inaccurate or incomplete data;
request erasure of your personal data;
request restriction of processing;
object to certain processing, including certain processing based on legitimate interests and certain direct marketing;
request portability of data you provided to us, where applicable;
withdraw consent where processing is based on consent;
lodge a complaint with a supervisory authority.
To exercise your rights, contact us using the details in this policy.
14. Complaints
If you are unhappy with how we process your personal data, we would appreciate the chance to address your concerns first.
You also have the right to lodge a complaint with the Irish Data Protection Commission. The DPC is Ireland’s supervisory authority for GDPR-related matters.
15. Children’s Privacy
This website is not intended for children under [13/16/18 — choose appropriate age for your use case], and we do not knowingly collect personal data from children without appropriate lawful basis and, where required, parental or guardian involvement.
If you believe that a child has provided personal data through the website, please contact us so we can review and, where appropriate, delete the information.
16. Third-Party Websites
Our website may link to third-party websites, plugins, embedded content, or services. We are not responsible for the privacy practices of those third parties.
You should read their privacy notices before submitting personal data to them.
17. Embedded Content and External Services
Pages on our site may include embedded content or integrations such as videos, maps, social media feeds, forms, payment tools, fonts, captcha tools, or analytics scripts. These services may collect data about you, use cookies, and monitor your interaction with embedded content, subject to their own policies and settings.
18. Automated Decision-Making and Profiling
Unless explicitly stated otherwise, we do not make decisions about you based solely on automated processing that produce legal or similarly significant effects.
If this changes, we will update this Privacy Policy accordingly.
19. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in law, guidance, technology, our services, or our data practices.
Any updated version will be posted on this page with a revised “Last Updated” date.
20. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact: