Privacy policy.

Date last updated: 15 August 2025
Controller: Dublin Area Plumbers (“we”, “us”, “our”)
Contact: 01 675 0941 · info@dublinareaplumbers.ie

This Privacy Policy explains how we collect and use personal data when you visit our website, contact us, or use our plumbing and heating services. We are the Data Controller for this processing.

1. Categories of personal data we process

Identity & contact data – name, phone, email, service address, Eircode.
Service data – enquiry details, job notes, photos/videos you provide, service history, parts used, warranties.
Billing data – quotes, invoices, payment status/amounts, tax/VAT records (we do not store full card numbers).
Communications – emails, call notes, messages.
Website/device data – IP address, pages viewed, limited device and interaction data (essential cookies); optional analytics/advertising cookies only with your consent (see Cookies).

We do not intentionally collect special-category data. Please avoid sending such data to us unless strictly necessary.

2. Sources of data

Directly from you when you call, email, submit a form, or book work.
Generated by us during diagnosis, repair, installation, and aftercare.
Public/third-party sources where appropriate (e.g., publicly available address/Eircode verification; manufacturers for warranty checks).

3. Purposes and lawful bases

  
    Purposes and lawful bases for processing personal data
    
        Purpose
        Examples
        Lawful basis (GDPR Art. 6)
      
        Provide quotes, accept bookings, perform works
        Scheduling, site visits, installations/repairs, customer service
        Contract (Art. 6(1)(b))
      
        Billing and accounting
        Issuing invoices, processing payments, VAT records
        Legal obligation (Art. 6(1)(c))
      
        Service updates & aftercare
        Appointment confirmations, changes, safety/warranty notices
        Legitimate interests (Art. 6(1)(f))
      
        Website operation & security
        Essential cookies, security logs
        Legitimate interests (Art. 6(1)(f))
      
        Analytics/advertising (non-essential)
        Measuring site performance, remarketing
        Consent (Art. 6(1)(a))
      
        Marketing by email/SMS
        Tips, offers, service reminders (limited)
        Consent (Art. 6(1)(a)); unsubscribe anytime

Where we rely on legitimate interests, we balance our interests with your rights and expectations and limit data to what’s necessary.

(For the information we must provide under GDPR Articles 13/14—identity, purposes, bases, recipients, storage periods, transfers, rights, and complaint details—see this policy’s corresponding sections. gdpr-info.eu GDPRhub)

4. Cookies

We use essential cookies for core site functions.
With your consent, we may use analytics and/or advertising cookies. You can withdraw consent at any time via our cookie banner or browser settings.
See our separate Cookie Policy (linked in the footer) for details of cookie types, lifespans, and vendors.

5. Recipients and disclosures

We share data only as needed and under contracts requiring confidentiality and data protection:

Website platform/hosting: Squarespace (as processor) and related infrastructure/sub-processors. Squarespace supports international transfers using the European Commission’s Standard Contractual Clauses (SCCs). Squarespace Squarespace Help
Operational providers: email, productivity, secure storage/backup, job management, mapping/routing, SMS/email delivery.
Payments: third-party payment processors (we do not store full card details).
Professional advisers & authorities: accountants, legal advisers, insurers, Revenue or the Data Protection Commission where required by law.

We typically describe categories of recipients; specific providers are available on request.

6. International transfers

Some providers may transfer data outside the EEA/UK. Where this occurs, we rely on appropriate safeguards, typically EU SCCs (and UK addendum where relevant) or an adequacy decision, to protect your rights. European Commission

7. Retention periods

We keep personal data only as long as needed for the purposes above, and to meet legal duties:

  
    Retention periods for personal data
    
        Record type
        Examples
        Typical retention
        Notes / lawful basis
      

    
        Account & project files
        Briefs, design assets, deliverables, approvals, change logs
        Subscription term + up to 24 months
        Queries/disputes; Contract & Legitimate interests
      

        Invoices & tax records
        Invoices, credit notes, VAT records, payment confirmations
        6 years
        Legal obligation (Irish Revenue)
      

        Contracts & service agreements
        Service terms, MSAs, Statements of Work
        Agreement term + 6 years
        Defence of claims; Legitimate interests
      

        Support tickets & correspondence
        Emails, messages, call notes
        Up to 24 months after last interaction
        Customer care & quality; Legitimate interests
      

        Marketing contact data
        Name, email for newsletters/updates
        Until you unsubscribe or withdraw consent
        Consent (minimal suppression kept to honour opt-outs)
      

        Consent records (cookies/marketing)
        Cookie banner choices, marketing opt-in logs
        Duration of consent + 24 months
        Accountability; Legal obligation/Legitimate interests
      

        Analytics data (GA4)
        Event & user-level analytics
        2 or 14 months (configurable)
        Consent. Longer periods require GA4 360
      

        Website security logs
        Access logs, firewall events, IP data
        90 days (extended if under investigation)
        Security & abuse prevention; Legitimate interests
      

        Backup archives
        Encrypted platform backups
        30–90 days rolling
        Disaster recovery; auto-purged on rotation
      

  

8. Your rights

You can request: access, rectification, erasure, restriction, objection (to processing based on legitimate interests or direct marketing), and data portability. Where processing relies on consent, you can withdraw consent at any time (this won’t affect prior lawful processing).

To exercise a right, email info@dublinareaplumbers.ie. We aim to respond within one month; we may extend by up to two months for complex requests and will tell you if we do.

9. Children

We do not target our services at children. Where online services rely on consent, Ireland’s digital age of consent is 16. If we discover we have collected children’s data without appropriate authorisation, we will delete it. Citizens Information

10. Security

We implement appropriate technical and organisational measures, including role-based access, encryption in transit, least-privilege access to systems, and regular platform updates. No method is 100% secure; we continuously review and improve safeguards in line with risk.

11. Complaints

If you’re concerned about our use of your data, please contact us first at info@dublinareaplumbers.ie. You also have the right to complain to the Data Protection Commission (DPC):

Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Tel: (01) 765 0100 / 1800 437 737 · Email: info@dataprotection.ie · dataprotection.ie Data Protection Commission+2Data Protection Commission+2 gov.ie

12. Changes to this policy

We may update this notice to reflect changes in law or our services. We will post the updated version with a new “Effective date” and, where appropriate, notify you.

13. Contact

Questions about this policy or your data?
Phone: 01 675 0941 · Email: info@dublinareaplumbers.ie
Dublin Area Plumbers, 1 Saint, St Andrew's St, Dublin 2, D02 R856