Privacy Policy & GDPR

Last updated: 1 July 2026. This policy explains how WaveHost collects, uses, and protects your personal data in accordance with the EU General Data Protection Regulation (GDPR) and Irish data protection law.

1. Who We Are

WaveHost is a web design and hosting service based in Dublin, Ireland. We provide website design, hosting, and related digital services to small businesses across Ireland.

Data Controller: WaveHost
Location: Dublin, Ireland
Email: wavehostireland@gmail.com
Phone: 089 449 8828

2. What Data We Collect

We collect personal data when you:

  • Fill in our contact or order forms (name, business name, email, phone number)
  • Send us an email or WhatsApp message
  • Use our website (anonymised analytics data, cookies)

The types of data we may collect include:

  • Identity data: first name, last name, business name
  • Contact data: email address, phone number
  • Technical data: IP address, browser type, pages visited (via cookies)
  • Business data: information you provide about your business for website creation

3. How We Use Your Data

We use your personal data for the following purposes:

  • To respond to your enquiries and provide quotes
  • To process and fulfil website design orders
  • To communicate with you about your project
  • To send renewal reminders for hosting (existing clients only)
  • To improve our website and services using anonymised analytics
  • To comply with our legal obligations

We will never sell your personal data to third parties or use it for unsolicited marketing without your explicit consent.

4. Legal Basis for Processing

Under GDPR, we process your data on the following legal bases:

  • Contract: When you place an order, processing your data is necessary to fulfil our contractual obligations to you.
  • Legitimate interests: Responding to general enquiries and improving our services.
  • Consent: For optional communications such as newsletters (where applicable).
  • Legal obligation: Where required by Irish or EU law.

5. Cookies

Our website uses cookies — small text files stored on your device — to improve your browsing experience. We use:

  • Essential cookies: Required for the website to function correctly (e.g. remembering your cookie consent preference).
  • Analytics cookies: Anonymised data to understand how visitors use our site (only set if you accept cookies).

You can accept or reject non-essential cookies using the cookie banner shown when you first visit our site. You can also clear cookies at any time through your browser settings. Rejecting cookies will not affect your ability to use the website.

6. Third-Party Services

We use the following third-party services that may process your data:

  • FormSubmit (formsubmit.co): Processes contact and order form submissions and forwards them to our email. Their privacy policy is available at formsubmit.co.
  • Google Fonts: Used to load typography on our website. Google may collect limited technical data.

We only work with third parties who provide appropriate data protection guarantees and, where required, have GDPR-compliant data processing agreements in place.

7. Data Retention

We retain your personal data only for as long as necessary:

  • Enquiry data: up to 12 months if no order is placed
  • Client data: for the duration of our business relationship plus 7 years (for accounting and legal purposes)
  • Cookie consent records: 12 months

After the applicable retention period, data is securely deleted or anonymised.

8. Data Security

We take the security of your personal data seriously. We use appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. These include secure email handling, encrypted communications (HTTPS/SSL), and restricted access to client data.

9. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access: You can request a copy of the personal data we hold about you.
  • Right to rectification: You can ask us to correct inaccurate or incomplete data.
  • Right to erasure: You can request that we delete your personal data ("right to be forgotten"), subject to legal obligations.
  • Right to restriction: You can ask us to restrict processing of your data in certain circumstances.
  • Right to data portability: You can request your data in a machine-readable format.
  • Right to object: You can object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, contact us at wavehostireland@gmail.com. We will respond within 30 days.

10. Complaints

If you believe we have not handled your data correctly, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC):

  • Website: www.dataprotection.ie
  • Phone: +353 (0)57 868 4800
  • Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28

We would, however, appreciate the opportunity to address your concern directly before you contact the DPC.

11. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated date at the top. We encourage you to review this policy periodically.

12. Contact Us

For any questions about this privacy policy or how we handle your data, please contact us: