This policy explains how we collect, use, disclose, and protect personal data when you visit our website, interact with us, or use our services.
We process personal data under applicable data protection laws, including GDPR.

We collect and process:

• Identity and contact data: name, job title, company, email, phone number, postal address.
• Business context data: your role, sector, service interests, project requirements, notes from calls/meetings.
• Account and authentication data (if you create an account): username, password, access logs.
• Usage and technical data: IP address, device identifiers, browser type, pages viewed, referral URLs, time zone, operating system, interactions with site features, collected via cookies and similar technologies.
• Payment/transaction data (if applicable): billing contact details, transaction references. We do not store full payment card numbers; our payment processor handles these securely.
• Public and third-party data: business contact details from publicly available sources (e.g., LinkedIn, company websites) and reputable data partners, where permitted by law.

We only process personal data when we have a lawful basis.
We use data to:

• Provide and operate our website and services; respond to enquiries; manage accounts and projects. Legal basis: performance of a contract or steps prior to entering into a contract; legitimate interests in operating our business.
• Communicate with you about features, updates, and service notices. Legal basis: performance of a contract; legitimate interests.
• Send marketing communications (including newsletters, event invitations, and insights) and tailor content. Legal basis: consent where required (e.g., email to non-customers); legitimate interests for B2B marketing to corporate subscribers where permitted. You can opt out at any time.
• Improve our website, services, and user experience; run analytics and measure performance. Legal basis: consent for non-essential cookies/analytics; legitimate interests for essential service analytics and site security.
• Safeguard our website, prevent fraud and abuse, and ensure network and information security. Legal basis: legitimate interests; legal obligations.
• Comply with legal and regulatory obligations; exercise or defend legal claims. Legal basis: legal obligations; legitimate interests.
• Process payments and invoicing (if applicable). Legal basis: performance of a contract; legal obligations (record keeping).

• We use cookies, pixels, and similar tools to operate the site, remember preferences, and analyse traffic. Non-essential cookies run only with your consent.
• For details on the cookies we use, purposes, and how to manage your choices, please see our Cookies Policy.

We share personal data only as needed and with safeguards:

• Service providers (processors) who support our operations (e.g., hosting, CRM, analytics, email distribution, payment processing, project management). They act under our instructions and appropriate contractual terms.
• Professional advisers (e.g., legal, accounting) and insurers under confidentiality obligations.
• Business partners and subcontractors to help deliver services to you, where appropriate.
• Authorities, regulators, courts, or law enforcement where required by law or to protect rights, safety, and security.
• Corporate transactions: if we undergo a merger, acquisition, or reorganisation, we may transfer data as part of that transaction, under confidentiality and with notice where required.

We do not sell personal data.

Your data may be transferred outside Ireland. When we transfer data internationally, we ensure appropriate safeguards, such as:

• Adequacy regulations/adequacy decisions (where applicable).
• Additional technical, contractual, and organisational measures as needed.
• You can contact us for copies of relevant transfer safeguards (with redactions where necessary).

We retain personal data only for as long as necessary for the purposes set out in this policy, including to meet legal, accounting, or reporting requirements.
Typical retention periods:

• Enquiries and correspondence: up to 24 months from last interaction if no contract is formed.
• Client and project records: contract term plus 6–7 years for legal and tax purposes.
• Technical logs and security data: typically 12–24 months, unless needed longer for investigations.
• We will anonymise or securely delete data when it is no longer needed.

Your rights

Subject to applicable law, you have the right to:

• Access your personal data and receive a copy.
• Rectify inaccurate or incomplete data.
• Erase your data (“right to be forgotten”).
• Restrict processing of your data.
• Object to processing, including direct marketing (you can opt out at any time).
• Data portability, where processing is based on consent or contract and carried out by automated means.
• Withdraw consent at any time, where processing relies on consent (this does not affect processing prior to withdrawal).
• Lodge a complaint with a supervisory authority.

To exercise your rights, contact us using the details above. We may need to verify your identity and will respond within one month (or inform you if we need more time in complex cases).

We use appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit where appropriate, secure development practices, regular backups, and vendor due diligence.
No system is completely secure. If we become aware of a personal data breach that poses a risk to your rights and freedoms, we will notify you and the relevant authority as required by law.

We do not make decisions that produce legal or similarly significant effects based solely on automated processing.
We may use limited profiling for audience segmentation and to tailor marketing content, based on your interactions and preferences. You can object to this at any time.

Our website may link to third-party sites, plug-ins, or apps.
Those sites are not under our control, and their privacy practices are governed by their own policies.

We may update this policy from time to time. Material changes will be communicated through the website or by direct notice where appropriate.

• Privacy enquiries: contact@skyrain-ltd.com
• Postal address: 3rd Floor, Waterloo Exchange, Waterloo Road, Dublin 4, D04 E5W7, Ireland

We’re committed to openness, transparency, and collaborative problem-solving.
If you have questions about how we handle your data, get in touch—our team will be glad to help.