Privacy Policy

Last updated: December 2025

At Elephantfly, your privacy is of utmost importance to us. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, use our services, or interact with us. We are committed to complying with the General Data Protection Regulation (GDPR) and all applicable Irish and European data protection laws.

1. Who We Are

Elephantfly Ltd. (Company Registration Number: 775970) is a digital services provider based in Ireland. We offer web development, mobile app development, branding and design, AI and automation solutions, and cybersecurity services.

Data Controller: Elephantfly Ltd.
Contact: info@elephantfly.ie
Phone: 085 805 0909

2. Information We Collect

We may collect the following types of personal data:

2.1 Information You Provide

  • Name and contact details (email address, phone number)
  • Business name, job title, and company information
  • Project details, requirements, and specifications
  • Payment and billing information (processed securely through third-party providers)
  • Any other information you voluntarily provide through forms, emails, or communications

2.2 Information Collected Automatically

  • IP address and approximate location
  • Browser type, version, and device information
  • Website usage data (pages visited, time spent, click patterns)
  • Cookies and similar tracking technologies (see our Cookie Policy)
  • Referral sources and search terms used to find our website

2.3 Information from Third Parties

  • Social media profile information (if you interact with us via social media)
  • Publicly available business information
  • Analytics data from services like Google Analytics

3. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To respond to enquiries, provide quotations, deliver services, and communicate project updates
  • Business Operations: To manage client relationships, process payments, and maintain business records
  • Website Improvement: To analyze website usage, improve user experience, and optimize our services
  • Marketing: To send you relevant information about our services (only with your consent, and you can opt-out at any time)
  • Legal Compliance: To comply with legal obligations, tax requirements, and respond to legal requests
  • Security: To protect our website, services, and prevent fraud

Legal Basis: We process your data based on:

  • Your consent (for marketing communications)
  • Contractual necessity (to fulfill our services)
  • Legitimate interests (website improvement, security, business operations)
  • Legal obligations (tax, accounting, regulatory requirements)

We will never sell or share your personal data with third parties for marketing purposes without your explicit consent.

4. Data Sharing & Third Parties

We may share your data with trusted third-party service providers who assist us in operating our business, subject to strict confidentiality agreements:

  • Hosting & Infrastructure: Cloud hosting providers for website and data storage
  • Payment Processors: Secure payment processing services
  • Email Services: Email service providers for communications
  • Analytics: Google Analytics and similar tools (anonymized data)
  • Professional Services: Accountants, legal advisors (as required)

We only share data necessary for these services and ensure all third parties comply with GDPR requirements. We do not allow third parties to use your data for their own purposes.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure with regular security updates
  • Access controls and authentication measures
  • Regular security audits and vulnerability assessments
  • Staff training on data protection and security
  • Secure backup and disaster recovery procedures

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to using industry best practices.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law:

  • Client Data: Retained for the duration of our business relationship and for 7 years after project completion (for tax and legal purposes)
  • Marketing Data: Retained until you opt-out or withdraw consent
  • Website Analytics: Retained in anonymized form for up to 26 months
  • Legal Requirements: Some data may be retained longer if required by law or for legal proceedings

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policy.

7. Your Rights Under GDPR

Under the General Data Protection Regulation, you have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your data (subject to legal obligations)
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Request transfer of your data to another service provider
  • Right to Object: Object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
  • Right to Lodge a Complaint: File a complaint with the Data Protection Commission (DPC) if you believe your rights have been violated

To exercise any of these rights, please contact us at info@elephantfly.ie. We will respond within one month (may be extended to two months for complex requests).

8. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience, analyze website usage, and improve our services. For detailed information about our use of cookies, please see our Cookie Policy.

You can control cookies through your browser settings. However, disabling cookies may affect website functionality.

9. International Data Transfers

Some of our service providers may be located outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately and we will take steps to delete such information.

11. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any websites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on this page
  • Updating the "Last updated" date
  • Notifying existing clients via email (for significant changes)

We encourage you to review this policy periodically to stay informed about how we protect your data.

13. Contact Us

If you have questions, concerns, or wish to exercise your rights regarding this Privacy Policy or our data practices, please contact us:

Data Protection Commission (DPC):
If you are not satisfied with our response, you have the right to lodge a complaint with the Irish Data Protection Commission at www.dataprotection.ie