Privacy Policy

Introduction

VectorSmith PLC ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains the data we collect about you when you visit our website or use our services, how we use your information, and your rights regarding your personal data.

VectorSmith PLC is the data controller for the purposes of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Our company registration number is CRO642897, and we are registered in Ireland.

Data Collection

We collect and process various types of personal data when you interact with our website and services. The data we collect includes:

• Contact Information: Name, email address, phone number, postal address, and company details when you contact us or request our services.
• Technical Data: IP address, browser type, device information, operating system, and website usage data through cookies and analytics tools.
• Communication Data: Records of correspondence, consultation notes, and service-related communications.
• Business Information: Financial data, tax information, and business documentation necessary to provide our tax deduction services.
• Marketing Data: Preferences for receiving marketing communications and information about how you heard about our services.

How We Use Your Information

We use of your data is based on legitimate business interests, contractual necessity, legal obligations, and your consent where required. Specifically, we use your information to:

• Provide professional tax deduction advisory services and business consultations
• Process and respond to your enquiries and service requests
• Maintain accurate records for compliance with legal and regulatory requirements
• Improve our website functionality and user experience
• Send relevant service updates, newsletters, and marketing communications (with your consent)
• Protect our business interests and prevent fraud or misuse of our services
• Comply with legal obligations and regulatory requirements in the financial services sector

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

For detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy.

Data Sharing and Third Parties

We do not sell your personal data to third parties. We may share your information in the following circumstances:

• Service Providers: Trusted third-party providers who assist us in delivering our services, including IT support, analytics, and professional services.
• Legal Requirements: When required by law, regulation, or court order, or to protect our legal rights.
• Business Transfers: In the event of a merger, acquisition, or sale of our business assets.
• Professional Advisors: Lawyers, accountants, and other professional advisors who provide services to us under confidentiality agreements.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Our data retention periods are:

• Client Records: Retained for 7 years after the end of our professional relationship, in accordance with financial services regulations.
• Marketing Data: Retained until you withdraw consent or for 3 years from last engagement.
• Website Analytics: Anonymised data retained for 26 months (Google Analytics default).
• Communication Records: Retained for 3 years from the date of last communication.

Your Rights

Under GDPR and Irish data protection law, you have the following rights regarding your personal data:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete personal data.
• Right to Erasure: Request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: Request limitation of how we process your data.
• Right to Data Portability: Receive your data in a structured, commonly used format.
• Right to Object: Object to processing based on legitimate interests or for marketing purposes.
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us using the details provided below.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encrypted data transmission and storage
• Regular security assessments and updates
• Access controls and staff training on data protection
• Secure backup and disaster recovery procedures

International Data Transfers

We primarily process your data within the European Economic Area (EEA). When we use third-party services that may transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please reach out to us:

You also have the right to lodge a complaint with the Data Protection Commission (Ireland) if you believe we have not handled your personal data in accordance with applicable law.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the updated policy on our website and updating the "last updated" date. We encourage you to review this policy periodically to stay informed about how we protect your data.