Privacy Policy

1. Who we are

Hadudu Dapolu ("we," "us," "our") operates the website at hadudu-dapolu.info. Our registered address is Unit 27/28, Fashion City, M50 Business Park, Ballymount, Dublin, D24 KX58, Ireland. We are the data controller for any personal data collected through this website.

This privacy policy explains how we collect and process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") as retained and applied in Ireland, and the Data Protection Acts 1988 to 2018 as amended by the Data Protection Act 2018, which gave domestic effect to the GDPR in Irish law. Our supervisory authority is the Data Protection Commission of Ireland.

2. What personal data we collect and why

We collect personal data only in the following circumstances:

Contact form submissions. When you use the contact form on this website, you provide your name, email address, phone number, and the content of your message. We use this information solely to respond to your enquiry. The legal basis for this processing is our legitimate interest in communicating with people who contact us (Article 6(1)(f) GDPR).

Website analytics. If you consent to analytics cookies, we collect anonymised data about how you navigate the site, including pages visited, time spent, and referral source. This data is processed on the basis of your consent (Article 6(1)(a) GDPR). You may withdraw consent at any time through the cookie preference tool on this site.

Technical data. Our web server automatically logs IP addresses and browser type for security and operational purposes. This data is retained for a maximum of 30 days and is processed on the basis of legitimate interest in maintaining website security.

3. How long we keep your data

Contact form data is retained for a maximum of 12 months from the date of your enquiry, after which it is deleted. If your enquiry results in an ongoing correspondence, data may be retained for the duration of that correspondence plus 6 months.

Analytics data, where you have consented to its collection, is retained in aggregated and anonymised form for up to 26 months. Individual session data is not retained beyond 90 days.

We do not retain personal data for longer than is necessary for the purpose for which it was collected, in line with the data minimisation and storage limitation principles of the GDPR.

4. Sharing of personal data

We do not sell personal data. We do not share personal data with third parties for marketing purposes.

We may share data with the following categories of processor, all of whom are bound by data processing agreements:

Hosting providers: Our website is hosted on servers within the European Economic Area. Our hosting provider processes technical log data as a data processor on our behalf.

Analytics providers: Where you have consented, anonymised analytics data may be processed by a third-party analytics service. We have ensured that any such service is configured to anonymise IP addresses and to comply with GDPR.

We may disclose personal data to competent authorities where required by law or by a legally binding court order.

5. International transfers

We aim to keep all personal data processing within the European Economic Area. Where any service provider is located outside the EEA, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission under Article 46 GDPR, or that the recipient country benefits from an adequacy decision under Article 45 GDPR.

6. Your rights under the GDPR

As a data subject under the GDPR and the Data Protection Act 2018, you have the following rights:

Right of access (Article 15 GDPR): You may request a copy of the personal data we hold about you.

Right to rectification (Article 16 GDPR): You may ask us to correct inaccurate or incomplete personal data.

Right to erasure (Article 17 GDPR): You may ask us to delete your personal data where there is no longer a lawful basis for processing it.

Right to restriction of processing (Article 18 GDPR): You may ask us to limit how we use your data in certain circumstances.

Right to data portability (Article 20 GDPR): Where processing is based on consent or contract, you may request your data in a structured, machine-readable format.

Right to object (Article 21 GDPR): You may object to processing based on legitimate interest at any time.

To exercise any of these rights, contact us at [email protected]. We will respond within one calendar month as required by Article 12 GDPR.

7. Cookies

This website uses cookies. A full description of the cookies we use and how to manage your preferences is set out in our Cookie Policy. We use a cookie consent tool to obtain your consent before setting any non-essential cookies.

8. Children's data

This website is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete that data without delay.

9. Complaints

If you have a concern about how we handle your personal data, you have the right to lodge a complaint with the Data Protection Commission of Ireland at www.dataprotection.ie, or by post at 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland. We would, however, appreciate the opportunity to address any concern directly before you contact the Commission.

10. Changes to this policy

We may update this privacy policy from time to time. When we do, we update the "Last Updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of the website after any update constitutes acceptance of the revised policy.