Introduction
Gormley Ltd (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website or engage with our services.
We are registered in Ireland and operate in accordance with the General Data Protection Regulation (GDPR) and Irish data protection laws.
Information We Collect
We may collect the following types of personal information:
Information You Provide to Us
When you contact us through our website, request a quote, or engage our services, you may provide us with personal information including your name, email address, phone number, postal address, company name and position, and details about your project or enquiry.
Information Collected Automatically
When you visit our website, we may automatically collect certain information including your IP address, browser type and version, operating system, pages you visit on our website, time and date of your visit, time spent on pages, and referring website addresses.
Cookies
Our website uses cookies to improve your browsing experience. Cookies are small text files stored on your device. You can control cookie settings through your browser preferences. For more information, see our Cookie Policy below.
How We Use Your Information
We use your personal information for the following purposes:
We respond to your enquiries and provide you with information about our services. We prepare quotations and proposals for your projects. We communicate with you about your projects and provide updates. We fulfil our contractual obligations when you engage our services. We maintain records of our business interactions and correspondence. We comply with legal and regulatory obligations. We improve our website and services based on usage patterns. We send you marketing communications if you have opted in to receive them.
Legal Basis for Processing
Under GDPR, we process your personal information based on the following legal grounds:
Consent – You have given clear consent for us to process your personal information for specific purposes, such as receiving marketing communications.
Contract – Processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Legal Obligation – Processing is necessary for us to comply with the law (for example, tax or health and safety obligations).
Legitimate Interests – Processing is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not overridden by your rights and interests. This includes processing for business administration, maintaining records, and improving our services.
How We Share Your Information
We do not sell your personal information to third parties. We may share your information with:
Service Providers – We may share information with trusted third parties who provide services on our behalf, such as IT support, web hosting, or professional advisors. These parties are contractually obligated to protect your information.
Subcontractors and Suppliers – When delivering your project, we may share relevant information with subcontractors, suppliers, or other professionals involved in completing your work.
Legal Requirements – We may disclose your information if required by law, court order, or governmental authority, or to protect our legal rights.
Business Transfers – If our business is sold or merged, your information may be transferred to the new owners.
Data Retention
We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected:
Enquiry information is retained for up to two years if you do not proceed with our services. Client project information and correspondence is retained for up to seven years after project completion to comply with legal, accounting, and insurance requirements. Marketing consent records are retained until you withdraw consent. Website analytics data is retained for up to 26 months.
After these periods, we securely delete or anonymize your personal information.
Your Rights Under GDPR
You have the following rights regarding your personal information:
Right of Access – You can request a copy of the personal information we hold about you.
Right to Rectification – You can ask us to correct inaccurate or incomplete information.
Right to Erasure – You can request that we delete your personal information in certain circumstances.
Right to Restrict Processing – You can ask us to restrict how we use your information in certain circumstances.
Right to Data Portability – You can request a copy of your information in a structured, commonly used format.
Right to Object – You can object to our processing of your information in certain circumstances, including for marketing purposes.
Right to Withdraw Consent – Where we process your information based on consent, you can withdraw that consent at any time.
Right to Complain – You have the right to lodge a complaint with the Data Protection Commission if you believe we have not handled your information properly.
To exercise any of these rights, please contact us using the details provided at the end of this policy.
Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include secure servers and encrypted data transmission where appropriate, restricted access to personal information on a need-to-know basis, regular security assessments and updates, and staff training on data protection obligations.
However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.
International Data Transfers
Your personal information is stored and processed in Ireland. If we transfer information outside the European Economic Area, we ensure appropriate safeguards are in place to protect your information in accordance with GDPR requirements.
Children’s Privacy
Our website and services are not directed at children under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
Marketing Communications
If you have consented to receive marketing communications from us, we may send you information about our services, projects, and news by email or post.
You can opt out of marketing communications at any time by clicking the unsubscribe link in any marketing email, contacting us directly using the details below, or updating your preferences if we provide an online preference center.
Even if you opt out of marketing communications, we may still send you service-related communications regarding projects or enquiries.
Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party websites you visit.
Cookie Policy
Our website uses cookies to enhance your browsing experience and provide website analytics.
What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They help websites remember your preferences and understand how you use the site.
Types of Cookies We Use
Strictly Necessary Cookies – These cookies are essential for the website to function properly. They enable basic functions like page navigation and access to secure areas.
Analytics Cookies – These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. We use this data to improve our website.
Functionality Cookies – These cookies enable the website to remember choices you make (such as your language or region) and provide enhanced features.
We do not use advertising or tracking cookies.
Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or delete cookies already stored. Please note that disabling certain cookies may affect website functionality.
For more information about cookies and how to manage them, visit www.allaboutcookies.org.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post any changes on this page and update the “Last Updated” date at the top.
If we make significant changes, we may notify you by email or through a prominent notice on our website. We encourage you to review this policy periodically.
Contact Us
If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how we handle your personal information, please contact us:
Gormley Ltd
Castlereagh, Bruckless,
County Donegal
Ireland
Email: info@gormleyltd.com
Phone: 074-9737683
Data Protection Authority
If you are not satisfied with our response to your concerns, you have the right to lodge a complaint with the Irish Data Protection Commission:
Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Website: www.dataprotection.ie
Email: info@dataprotection.ie
Phone: +353 (0)761 104 800