🇮🇪 Privacy Policy

⚖️ Legal Basis for Processing

We process your personal data under Article 6(1)(b) GDPR - Contract. Processing is necessary for the performance of our VAT compliance services contract with you.

📊 Data We Collect

• Account Data: Email address, company name, VAT number
• Transaction Data: VAT transactions, amounts, categories, dates
• Technical Data: Login timestamps, session data
• Consent Records: GDPR consent date and preferences

🎯 Purpose of Processing

Your data is processed exclusively for:

• VAT return preparation and compliance management
• Irish Revenue Commissioners reporting requirements
• Account management and authentication
• Legal compliance with Irish tax law

⏰ Data Retention

7 years - In compliance with Irish Revenue Commissioners requirements for tax record retention. Data is automatically deleted after this period via DynamoDB TTL.

🇪🇺 Data Location

All data is stored in AWS EU (Ireland) - eu-west-1 region, ensuring data remains within the European Union.

🛡️ Your Rights Under GDPR

• Right to Access: Request a copy of your data via dashboard export
• Right to Rectification: Update incorrect data through your account
• Right to Erasure: Delete your account and all associated data
• Right to Data Portability: Export your data in JSON format
• Right to Object: Object to processing (may affect service provision)

🔒 Data Security

• Passwords are SHA-256 hashed
• HTTPS encryption for all data transmission
• AWS security controls and monitoring
• Session-based authentication

🔗 Data Sharing

We do not share your personal data with third parties except:

• When required by Irish Revenue Commissioners
• AWS as our data processor (covered by AWS GDPR compliance)
• When legally required by Irish or EU authorities

📧 Contact & Complaints

Data Protection Officer: privacy@gaeltax.ie

Supervisory Authority: Data Protection Commission (Ireland)
Website: dataprotection.ie

✏️ Changes to This Policy

We will notify users of material changes via email and update the "Last Updated" date above.