Privacy Policy

1. Introduction

NorthBay Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal information when you visit our website northbay.world or use our services.

We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our registered office is located at Dame Street 144, Cork, T47 4720, Munster, Ireland.

2. Data We Collect

We may collect and process the following categories of personal data about you:

Information You Provide Directly

When you contact us through our website forms, subscribe to our content, or communicate with us, we collect information such as your name, email address, phone number, and any messages or enquiries you send to us. This data collection occurs when you voluntarily submit information through our contact forms or email communications.

Technical Information

We automatically collect certain technical information when you visit our website, including your IP address, browser type and version, operating system, referral source, length of visit, page views, and website navigation paths.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience. For detailed information about our use of cookies, please refer to our Cookie Policy.

3. How We Use Your Information

We use your personal data for the following purposes, based on the legal grounds specified:

Communication and Support

We use of your data to respond to your enquiries, provide customer support, and communicate with you about our services. This processing is necessary for the performance of our contract with you or based on our legitimate interest in providing effective customer service.

Website Improvement

We analyse website usage data to improve our website functionality, user experience, and content quality. This processing is based on our legitimate interest in operating and improving our business.

Legal Compliance

We may process your data to comply with legal obligations, such as responding to lawful requests from authorities or maintaining records as required by law.

4. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Contact form submissions: 3 years from the date of submission
• Email communications: 3 years from the last communication
• Website analytics data: 26 months from collection
• Cookie data: As specified in our Cookie Policy

After these retention periods, we will securely delete or anonymise your personal data unless we are required to retain it longer by law.

5. Your Rights

Under the GDPR and other applicable privacy laws, you have the following rights regarding your personal data:

• Right of Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can request that we correct any inaccurate or incomplete personal data
• Right to Erasure: You can request that we delete your personal data in certain circumstances
• Right to Restrict Processing: You can request that we limit how we process your personal data
• Right to Data Portability: You can request a copy of your data in a structured, machine-readable format
• Right to Object: You can object to our processing of your personal data based on legitimate interests
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time

6. Data Sharing and Transfers

We do not sell, trade, or rent your personal data to third parties. We may share your information in the following limited circumstances:

• With service providers who assist us in operating our website and business (under strict confidentiality agreements)
• When required by law or to protect our legal rights
• In connection with a business transfer, merger, or acquisition

Any international transfers of your data will be protected by appropriate safeguards in accordance with GDPR requirements.

7. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, secure servers, access controls, and regular security assessments.

8. Third-Party Services

Our website may contain links to third-party websites or services. This Privacy Policy does not apply to those external sites. We recommend reviewing the privacy policies of any third-party services you access through our website.

9. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such information, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date.

11. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us about privacy matters, please reach out to us:

You also have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have not handled your personal data in accordance with applicable law.

12. Legal Basis for Processing

Our processing of your personal data is based on the following legal grounds under GDPR:

• Consent: Where you have given clear consent for specific processing activities
• Contract Performance: Where processing is necessary to provide our services
• Legitimate Interests: Where we have a legitimate business interest that does not override your privacy rights
• Legal Obligation: Where we must process data to comply with legal requirements