At TechnicalSupport.ie ("we", "us", "our"), we are entirely committed to protecting the privacy and security of your personal and infrastructural data. As an enterprise Linux systems engineering and hosting provider operating strictly within the European Union, we adhere rigorously to the General Data Protection Regulation (GDPR).

This Privacy Policy outlines what data we collect, why we collect it, how it is secured, and your rights regarding your personal information.

1. Information We Collect

To provision, monitor, and secure our enterprise infrastructure, we collect specific categories of data:

1.1 Account & Billing Information

• Contact Details: Full name, corporate email address, and phone number.
• Corporate Identity: Company name, VAT registration number (if applicable), and billing address.
• Payment Data: We do not store full credit card numbers on our servers. Payment processing is handled entirely by PCI-DSS compliant third-party gateways (e.g., Stripe) or via SEPA Direct Debit.

1.2 Technical & Telemetry Data

• Access Logs: IP addresses, browser types, and authentication timestamps when you access our web portal or SSH gateways.
• Infrastructure Telemetry: For clients enrolled in our Managed SecOps or Monitoring tiers, our agents (e.g., Prometheus/Zabbix) collect aggregated system metrics including CPU load, memory usage, disk I/O, and service uptime.
• Security Intelligence (SIEM): We aggregate automated threat data (e.g., failed SSH login attempts, firewall drops) to power our global intrusion prevention networks (Fail2Ban).

2. How We Use Your Data

We process your data strictly to fulfill our contractual obligations and maintain absolute infrastructural security. Your data is used to:

• Provision, configure, and manage your Dedicated Servers, VPS instances, or bespoke web applications.
• Process payments and generate compliant B2B invoices.
• Monitor system health and dispatch engineers proactively in the event of an OOM (Out of Memory) crash or hardware fault.
• Send critical security advisories, zero-day vulnerability alerts, and network maintenance notifications.
• Comply with EU and Irish legal obligations.

3. Data Sovereignty & Hosting Locations

Data sovereignty is a core pillar of our architecture. We do not transfer your infrastructure or account data outside of the European Economic Area (EEA).

Our primary operational data centres, backup vaults, and disaster recovery environments are located exclusively in Dublin (Ireland) and Frankfurt (Germany). These facilities are ISO 27001 certified and SOC 2 Type II compliant.

4. Data Sharing & Third-Party Processors

We absolutely never sell your personal data to third parties. We only share data with trusted sub-processors strictly necessary for delivering our services. These may include:

• Payment gateways (for processing transactions securely).
• Datacentre partners (for physical hardware provisioning, though they do not have logical access to your OS).
• Legal authorities (only if presented with a legally binding court order or warrant issued by a competent Irish/EU jurisdiction).

5. Data Retention

We retain your personal and billing data only for as long as your account remains active, or as required by Irish Revenue Commissioners for tax and accounting purposes (typically 6 years). Server backups, LVM snapshots, and system logs are retained based on your specific Service Level Agreement (SLA), after which they are irreversibly destroyed using secure cryptographic wiping protocols.

6. Your GDPR Rights

Under the General Data Protection Regulation, you possess absolute rights over your personal data. You have the right to:

• Request Access: Obtain a copy of the personal data we hold about you.
• Request Rectification: Correct any inaccurate or incomplete data.
• Request Erasure (Right to be Forgotten): Request the permanent deletion of your account and personal data (subject to legal/tax retention requirements).
• Data Portability: Receive your data in a structured, machine-readable format.

To exercise any of these rights, please submit a request to our compliance team using the contact details below. We will execute your request within 30 days.

7. Cookies and Tracking

Our web portal relies primarily on essential, functional cookies required for session management (e.g., keeping you logged into the client area) and CSRF security token validation. We do not utilise intrusive third-party marketing trackers or ad-retargeting scripts on our core engineering platforms.

8. Policy Updates

We continually adapt our policies to align with evolving cybersecurity standards and EU regulations. We reserve the right to update this Privacy Policy at any time. Material changes will be communicated to active clients via email.