Data Policy

Data Processing Policy

Last Updated: March 24, 2025

At goStartup.ie, we are committed to protecting and respecting your data privacy rights. This Data Policy outlines how we collect, process, store, and protect your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Data Controller

For the purposes of data protection laws, goStartup.ie is the data controller of your personal information. If you have any questions about this Data Policy or our data practices, please contact us at info@gostartup.ie.

What Data We Collect

The only personal data we collect is information that you voluntarily provide to us through our contact form, which may include:

• Your name
• Email address
• Subject of your inquiry
• Message content
• Consent preference for marketing communications

Legal Basis for Processing

We process your data based on the following legal grounds:

• Legitimate Interest: Processing is necessary for our legitimate interests in responding to your inquiries and providing information about our services, provided that these interests do not override your fundamental rights and freedoms.
• Consent: Where you have given explicit consent for us to process your data for a specific purpose, such as to respond to your inquiry.
• Contractual Necessity: Where processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract.

How We Use Your Data

We use the data you provide solely for the purpose of:

• Responding to your inquiry or request
• Providing information or services that you have requested
• Managing our relationship with you
• Ensuring the security and proper functioning of our website

Data Retention

We retain your personal data for only as long as necessary to fulfill the purposes for which it was collected.

For contact form submissions and related correspondence, we will retain your information for 90 days after the last communication in the thread. After this period, your data will be permanently deleted from our systems.

Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Secure SSL encryption for data transmission
• Access controls and authentication measures
• Regular security assessments and updates
• Staff training on data protection and security

Your contact form submissions are processed through Brevo, our email marketing service provider. Brevo complies with GDPR and maintains appropriate security measures to protect your data.

Third-Party Data Processors

We may share your personal data with the following third-party service providers who assist us in delivering our services:

• Brevo: For processing contact form submissions and email communications
• Google Analytics: For website analytics (anonymized data only)
• Cookiebot: For cookie consent management

These third parties act as data processors on our behalf and are obligated to process your data in accordance with our instructions and this Data Policy. We have data processing agreements in place with all third-party processors to ensure the protection of your data.

International Data Transfers

Your personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA). We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Data Policy.

Where we transfer your data outside the EEA, we ensure that appropriate safeguards are in place, such as:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Binding corporate rules for transfers within a corporate group

Your Data Protection Rights

Under GDPR, you have the following rights regarding your personal data:

1. Right of Access

You have the right to request copies of your personal data that we hold.

2. Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

3. Right to Erasure

You have the right to request that we erase your personal data, under certain conditions.

4. Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

5. Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

6. Right to Data Portability

You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

To exercise any of these rights, please contact us at info@gostartup.ie. We will respond to your request within one month.

Changes to This Data Policy

We may update this Data Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Data Policy on this page and updating the "Last Updated" date.

We encourage you to review this Data Policy periodically for any changes. Changes to this Data Policy are effective when they are posted on this page.

Complaints

If you have a concern about our data practices or how we have handled your personal data, please contact us first so that we can try to resolve your concern.

You also have the right to lodge a complaint with the Data Protection Commission (DPC), the Irish supervisory authority for data protection issues. You can contact the DPC at:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

www.dataprotection.ie

Contact Us

If you have any questions about this Data Policy or our data practices, please contact us at:

Email: info@gostartup.ie