Electropal
+353 857317051

Privacy Policy

How we protect your personal information and maintain the highest data security standards.

Last updated: March 15, 2024

1. Information We Collect

Personal Information

When you contact us, purchase our products, or use our services, we may collect the following personal information:

  • Full name and contact information (email address, phone number, postal address)
  • Payment information (processed securely through certified third-party payment providers)
  • Communication records (support tickets, phone calls, emails, chat logs)
  • Device registration information (for warranty coverage and technical support)
  • Account credentials (if you create an account for support or warranty services)
  • Shipping and billing addresses for order fulfillment
  • Product preferences and purchase history
  • Identity verification documents (for high-value transactions or regulatory compliance)

Technical Information

We automatically collect certain technical information to improve our services and ensure security:

  • Website usage data (pages visited, time spent, click patterns, referral sources)
  • Device information (IP address, browser type, operating system, device identifiers)
  • Cookies and similar tracking technologies (session cookies, preference cookies)
  • Log files and server data (access times, error logs, security events)
  • Geolocation data (country and city level for fraud prevention)
  • Network information (connection type, ISP, network security status)

Hardware Wallet Information

For our hardware wallet products, we may collect:

  • Device serial numbers and manufacturing information
  • Firmware version and update history
  • Device health and diagnostic information (for support purposes only)
  • Warranty registration details

2. How We Use Your Information

We use your personal information for legitimate business purposes, including:

  • Product Delivery and Support: Processing orders, shipping products, providing customer support, and handling warranty claims
  • Communication: Responding to inquiries, providing technical support, sending order updates, and communicating important product information
  • Legal Compliance: Meeting regulatory requirements, maintaining business records, and complying with Irish and European law
  • Security and Fraud Prevention: Protecting against fraud, unauthorized access, and ensuring the security of our systems and customer data
  • Service Improvement: Analyzing usage patterns to improve our products, services, and customer experience
  • Quality Assurance: Monitoring and improving the quality of our products and services
  • Research and Development: Developing new products and features based on customer needs and usage patterns
  • Marketing Communications: Sending relevant product updates and security advisories (with your consent)
  • Business Operations: Managing our business relationships, processing payments, and maintaining accurate records

3. Legal Basis for Processing

Under GDPR, we process your personal information based on the following legal grounds:

  • Contract Performance: Processing necessary to fulfill our contractual obligations to you
  • Legitimate Interests: Processing necessary for our legitimate business interests, balanced against your privacy rights
  • Legal Compliance: Processing required to comply with legal obligations
  • Consent: Processing based on your explicit consent (which you may withdraw at any time)
  • Vital Interests: Processing necessary to protect vital interests in emergency situations

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:

  • Service Providers: Trusted third parties who assist with shipping, payment processing, customer support, and other business operations under strict confidentiality agreements
  • Legal Requirements: When required by law, court order, government regulation, or legal process
  • Business Protection: To protect our rights, property, safety, or that of our customers, employees, or the public
  • Business Transfers: In connection with a merger, acquisition, sale of assets, or other business transaction
  • Regulatory Authorities: To comply with financial services regulations and anti-money laundering requirements
  • Professional Advisors: To lawyers, accountants, and other professional advisors under attorney-client or similar privilege
  • Emergency Situations: To prevent harm to individuals or property in emergency circumstances

5. Data Security Measures

We implement comprehensive security measures to protect your personal information:

  • Encryption: All sensitive data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
  • Access Controls: Strict role-based access controls limit who can view your information
  • Security Audits: Regular security assessments, penetration testing, and vulnerability scans
  • Employee Training: Comprehensive privacy and security training for all staff members
  • Incident Response: Established procedures for detecting, responding to, and reporting security incidents
  • Physical Security: Secure facilities with restricted access and environmental controls
  • Network Security: Firewalls, intrusion detection systems, and network monitoring
  • Data Backup: Secure, encrypted backups with regular testing and recovery procedures
  • Vendor Management: Due diligence and security requirements for all third-party service providers

6. Your Rights and Choices

Under GDPR and Irish data protection law, you have the following rights regarding your personal information:

  • Right of Access: Request a copy of the personal information we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal information (subject to legal requirements)
  • Right to Data Portability: Request transfer of your data to another service provider in a structured format
  • Right to Object: Object to certain types of processing of your information
  • Right to Restriction: Request restriction of processing in certain circumstances
  • Right to Withdraw Consent: Withdraw consent for processing based on consent
  • Right to Lodge a Complaint: File a complaint with the Irish Data Protection Commission
  • Right to be Informed: Receive clear information about how your data is processed

7. Data Retention Policies

We retain your personal information only as long as necessary for the purposes outlined in this policy:

  • Customer Records: Maintained for the duration of our business relationship plus 7 years for legal and tax compliance
  • Support Communications: Retained for 5 years to provide ongoing support and resolve disputes
  • Website Analytics: Anonymized after 26 months in accordance with data protection guidelines
  • Marketing Communications: Until you unsubscribe or withdraw consent
  • Financial Records: Retained for 7 years as required by Irish law
  • Security Logs: Retained for 2 years for security monitoring and incident response
  • Product Warranty Information: Retained for the warranty period plus 2 years

8. International Data Transfers

As an Irish company, we primarily process data within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries with European Commission adequacy decisions
  • Standard Contractual Clauses: Using European Commission-approved standard contractual clauses
  • Binding Corporate Rules: For transfers within multinational organizations
  • Certification Schemes: Transfers under approved certification schemes
  • Codes of Conduct: Adherence to approved codes of conduct with binding enforcement

9. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website:

  • Essential Cookies: Required for basic website functionality and security
  • Performance Cookies: Help us understand how visitors use our website
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Provide insights into website usage and performance

10. Children's Privacy Protection

Our services are not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take immediate steps to delete such information and terminate any associated accounts.

11. Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on our website with a new "Last Updated" date
  • Sending email notifications for significant changes
  • Providing prominent notice on our website
  • Obtaining your consent where required by law

Contact Information

If you have questions about this privacy policy or wish to exercise your rights, please contact us:

Email: privacy@electropal.ie

Phone: +353 857317051

Address: 27 Castlewood Avenue, Rathmines, Dublin 6, D06 E7T3, Ireland

Data Protection Officer: dpo@electropal.ie