Privacy Policy

Introduction

UrbanFlowes Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website or use our services. As a company registered in Ireland and operating within the European Union, we comply with the General Data Protection Regulation (GDPR) and all applicable data protection laws.

This policy applies to all personal data we collect through our website, services, and any other interactions you may have with UrbanFlowes.

Data Controller Information

UrbanFlowes Ltd is the data controller for the purposes of GDPR and other applicable data protection legislation. Our details are:

Data Collection

We collect and process personal data we collect from you in several ways, including when you visit our website, contact us, or use our services. The types of personal information we may collect include:

Information You Provide Directly

• Contact information (name, email address, phone number, postal address)
• Company information (company name, job title, business details)
• Communication preferences and enquiry details
• Information submitted through contact forms or email correspondence
• Project requirements and technical specifications

Information Collected Automatically

• IP address and location data
• Browser type, version, and settings
• Device information and operating system
• Website usage data and navigation patterns
• Referral sources and search terms
• Session information and timestamps

How We Use Your Information

We use of your data and personal information for legitimate business purposes and with appropriate legal basis under GDPR. Specifically, how we use your information includes:

Service Provision

• Responding to your enquiries and providing customer support
• Delivering IT services and managing client relationships
• Processing and fulfilling service requests
• Providing technical support and maintenance

Business Operations

• Managing contracts and billing
• Conducting business analysis and service improvement
• Ensuring compliance with legal and regulatory requirements
• Protecting our business interests and preventing fraud

Marketing and Communications

• Sending relevant business communications (with your consent)
• Providing information about our services and updates
• Conducting market research and analysis

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses various types of cookies and similar technologies to enhance your browsing experience and provide personalised content. These include:

• Essential cookies: Required for basic website functionality
• Analytics cookies: Help us understand how visitors interact with our website
• Marketing cookies: Used to deliver relevant advertisements and measure campaign effectiveness
• Functional cookies: Remember your preferences and settings

For detailed information about the cookies we use, please refer to our Cookie Policy.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract: Processing necessary for performing contracts or taking pre-contractual steps
• Legitimate interests: For business operations, security, and service improvement
• Consent: For marketing communications and non-essential cookies
• Legal obligation: For compliance with applicable laws and regulations

Data Sharing and Third Parties

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share your information with:

• Service providers and contractors who assist in our business operations
• Professional advisors (lawyers, accountants, consultants)
• Regulatory authorities when required by law
• Third parties in connection with business transfers or acquisitions

All third parties are required to maintain appropriate security measures and use your information only for specified purposes.

Data Retention

We retain personal data for as long as necessary to fulfil the purposes outlined in this privacy policy, unless a longer retention period is required by law. Our data retention periods vary depending on the type of information and purpose:

• Client data: Retained for the duration of the business relationship plus 7 years for legal and accounting purposes
• Marketing data: Retained until you withdraw consent or unsubscribe
• Website analytics: Typically retained for 26 months
• Contact enquiries: Retained for 3 years or until resolution of the enquiry

When data is no longer needed, we securely delete or anonymise it in accordance with our data retention policy.

Your Rights

Under GDPR, you have several rights regarding your personal data. Your rights include:

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data in certain circumstances
• Right to restrict processing: Request limitation of processing in specific situations
• Right to data portability: Request transfer of your data to another service provider
• Right to object: Object to processing based on legitimate interests or for marketing purposes
• Right to withdraw consent: Withdraw consent for processing based on consent

To exercise any of these rights, please contact us using the details provided in the contact section below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and monitoring
• Access controls and authentication measures
• Staff training on data protection and security
• Secure data backup and recovery procedures

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to protecting your data using industry-standard practices.

International Data Transfers

As an Irish company operating within the EU, we primarily process data within the European Economic Area (EEA). If we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Adequacy decisions by the European Commission
• Standard contractual clauses approved by the European Commission
• Binding corporate rules or certification schemes

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date.

We encourage you to review this privacy policy periodically to stay informed about how we protect your personal information.

Contact Information

If you have any questions about this privacy policy, wish to exercise your rights, or need to contact us regarding data protection matters, please contact us using the following details:

You also have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have not handled your personal data in accordance with applicable law. You can contact them at www.dataprotection.ie or by phone at +353 57 868 4800.