Privacy Policy (Ireland)

1. Who we are (Data Controller)

GreenHome Ledger Email: https://greenhomeledger.com/
Data Protection Officer (if appointed):

If you have questions about this Policy or how we handle your personal data, contact us at https://greenhomeledger.com/. You also have the right to contact or lodge a complaint with the Irish Data Protection Commission (details in Section 12).

2. What personal data we collect

We may collect and process the following categories of personal data:

• Account & profile data: name, email, role, organisation details, authentication credentials (hashed), user settings.
• Contact data: email address, phone (optional), correspondence.
• Usage & device data: IP address, device identifiers, browser type/version, pages viewed, timestamps, referral URLs, and interaction logs.
• Transaction/project data: information you submit or generate while using the Service (e.g., project metadata, documents, comments, attachments) which may include personal data of third parties that you provide.
• Support data: information you provide in tickets, chats, or feedback forms; diagnostic logs relevant to an issue.
• Cookie/consent data: your cookie preferences and identifiers (see Section 6).

We do not intentionally collect special category data (GDPR Art. 9) unless explicitly provided by you and strictly necessary for the Service, in which case we will apply additional safeguards.

3. How we use your personal data (purposes)

We use personal data to:

• Provide and secure the Service, create and manage accounts, authenticate users, prevent fraud/abuse, and ensure availability/performance.
• Operate core features you request (e.g., dashboards, collaboration, notifications).
• Support & communicate with you about the Service, including sending service, security or policy notices.
• Improve the Service, including analytics and research to understand usage and enhance features.
• Comply with legal obligations, respond to lawful requests from authorities, and enforce our terms.
• Marketing (optional): with your consent, send product updates, newsletters, or invites. You can opt out at any time.

4. Our legal bases (GDPR Art. 6)

We rely on one or more of the following legal bases:

• Contract: to provide the Service you requested and perform our agreement with you or your organisation.
• Legitimate interests: to operate, secure, and improve the Service; to prevent misuse; to defend legal claims. We conduct balancing tests where required.
• Consent: for non-essential cookies/trackers, certain marketing, and any processing where we ask for your clear, informed, freely given consent. You can withdraw consent at any time (see Section 11).
• Legal obligation: to comply with applicable laws and regulatory requirements.

5. Sharing your personal data

We may share personal data with:

• Service providers/processors (e.g., hosting, email delivery, analytics, customer support) under written contracts that require appropriate security and confidentiality.
• Other users/organisations only when you choose to share content or collaborate.
• Professional advisors (legal, accounting) where necessary.
• Authorities where required by law or to protect rights, safety, and security.

We do not sell personal data.

6. Cookies and similar technologies

We use strictly necessary cookies to run our site and optional cookies (e.g., analytics) with your consent. When you first visit, you will see a cookie banner that allows you to accept/reject non‑essential cookies and manage preferences. You can update your choices at any time via the Cookie Settings link in the footer.

• Essential cookies: required for login, load balancing, security, and core functionality.
• Analytics cookies (optional): help us understand usage to improve the Service.

For more details, please see our Cookie Policy (linked from the banner) which lists each cookie, provider, purpose, and retention period.

7. International data transfers

If we transfer personal data outside the EEA/UK, we will ensure appropriate safeguards, such as EU Standard Contractual Clauses (SCCs), and implement additional measures where necessary. Copies of relevant safeguards can be requested via https://greenhomeledger.com/.

8. Data retention

We keep personal data only as long as necessary for the purposes described in this Policy, including to comply with legal, accounting, or reporting requirements. Retention depends on the type of data and our relationship with you. We regularly review and de‑identify or delete data that is no longer needed. You may request deletion (see Section 11).

9. Security

We use technical and organisational measures appropriate to the risk, including encryption in transit, access controls, logging, secure development practices, and staff training. No system is 100% secure; if we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant authority as required by law.

10. Children

The Service is not directed to children under 16 (or the age defined by local law, if higher). We do not knowingly collect personal data from children. If you believe a child has provided personal data, please contact us so we can take appropriate action.

11. Your rights

Under the GDPR, you have the following rights (subject to conditions and exemptions):

• Right to be informed about how we process your data.
• Right of access to your personal data and to obtain a copy.
• Right to rectification of inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”).
• Right to restrict processing in certain circumstances.
• Right to data portability to receive your data in a structured, commonly used, machine‑readable format and transmit it to another controller.
• Right to object to processing based on legitimate interests or direct marketing.
• Rights related to automated decision‑making, including profiling.

To exercise your rights, contact us at https://greenhomeledger.com/. We may need to verify your identity. We will respond within one month, or notify you if additional time is needed in accordance with the GDPR.

12. Complaints – Irish Data Protection Commission (DPC)

13. Changes to this Policy

We may update this Policy from time to time. We will post any changes on this page and, if appropriate, notify you by email or in‑product notice. Please review this page periodically. The date at the top indicates when it was last updated.

14. Contact us