Effective date: 2022-11-09. Updated on: 2024-11-09
Privacy Policy (Redacted version for Public Distribution)
1. Introduction
SolutionOut Limited ("SolutionOut," "we," "us," or "our") is committed to protecting the personal data of our clients ("you" or "the Client") in accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018). This Privacy Policy outlines how we collect, process, store, and protect personal data in the course of providing our professional services.
2. Roles and Responsibilities
Data Controller: The Client
Data Processor: SolutionOut Limited
A Data Processing Agreement (DPA) is in place between the Client and SolutionOut to define our respective data protection responsibilities in compliance with GDPR.
3. Personal Data We Collect
We collect only the personal data necessary for the agreed-upon services, including:
Personal Identifiable Information (PII):
Full names of clients and their representatives
Business email addresses
Phone numbers
Business Contact Information:
Job titles
Company names
Business addresses
Communication Records:
Emails and meeting notes related to services
Contractual Information:
Details of agreements and terms of service
We do not collect or process special category data, such as racial or ethnic origin, political opinions, religious beliefs, genetic data, or health-related data.
4. Legal Basis for Processing
We process data under the following legal bases:
Contractual Necessity: Data processing is required to fulfill our contractual obligations.
Legal Compliance: Certain records must be retained for regulatory purposes.
Legitimate Interests: For business communication and operational needs.
5. Data Retention Policy
Personal data is retained as follows:
General business communication records: Up to 6 years
Financial and contractual records: As required by law
Client data related to service delivery: Until contract termination, unless required by law
Upon contract termination, data is deleted or anonymized unless required for legal compliance.
6. Data Security Measures
We implement industry-standard security measures to protect personal data, including:
Encryption of data at rest and in transit
Role-based access controls and multi-factor authentication
Network security through firewalls and VPNs
Regular security audits and staff training
For security reasons, specific internal security configurations are not disclosed in this document.
7. Use of Sub-Processors
SolutionOut may engage sub-processors to assist in providing our services. We ensure that:
Sub-processors are contractually obligated to comply with GDPR and maintain data security standards.
A list of sub-processors is available upon request.
Clients will be notified of any changes to sub-processors where required by law.
We remain responsible for the performance of our sub-processors in relation to personal data processing.
8. Third-Party Data Sharing
We do not share data with third parties except:
When required by law or regulatory authorities
With service providers (e.g., cloud storage providers) under GDPR-compliant agreements
With explicit Client authorization
We do not transfer personal data outside the EU unless necessary, in which case we use Standard Contractual Clauses (SCCs) or equivalent safeguards.
9. Data Subject Rights
Under GDPR, you have the right to:
Access your data
Rectify inaccurate data
Request data deletion (subject to legal obligations)
Restrict or object to data processing
Data portability
Withdraw consent where applicable
Requests can be made by contacting us at the details below.
10. Incident Response and Data Breach Notification
If a data breach occurs, we will:
Notify the Client within 24 hours
Provide details on the breach, affected data, and mitigation steps
Cooperate fully in resolving the incident
11. Contact Information
If you have any questions or wish to exercise your rights, please contact:
Michael O'Grady
SolutionOut Limited
CourtHouse Road, Kinvara, Co. Galway, Ireland, H91Y5W0
Phone: +353 86 200 7252
Email: Michael@solutionout.com