1. Data Controller
The data controller responsible for your personal data is:
IrelandRoots.com
Email: [email protected]
Website: irelandroots.com
For the purposes of the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Data Protection Act 2018 (Ireland), and any other applicable data protection legislation, IrelandRoots.com is the data controller in respect of the personal data collected through this Website.
If you have any questions about how we process your personal data, or if you wish to exercise any of your data protection rights, please contact us at [email protected].
2. What Data We Collect
We collect and process the following categories of personal data:
2.1 Data You Provide Directly
- Contact form submissions: When you use our contact form, we collect your name, email address, enquiry category, subject, and message content.
- Email correspondence: If you email us directly, we collect your email address, name (if provided), and the content of your communication.
- Data subject requests: If you submit a GDPR data request, we may collect additional information necessary to verify your identity and process your request.
2.2 Data Collected Automatically
When you visit our Website, we automatically collect certain technical and usage data through cookies and similar technologies:
- IP address: Your Internet Protocol address, which may be truncated or anonymised depending on our analytics configuration.
- Browser and device information: Browser type and version, operating system, device type (desktop, mobile, tablet), screen resolution, and language preference.
- Usage data: Pages visited, time spent on each page, referring URL (how you arrived at our site), exit pages, and navigation paths through the site.
- Location data: Approximate geographic location derived from your IP address (country and region level only; we do not collect precise geolocation).
- Cookie identifiers: Unique identifiers stored in cookies on your device, as described in our Cookie Policy.
2.3 Data from Third Parties
We may receive limited data from third-party services that we use:
- Analytics providers: Aggregated and anonymised data about how users interact with our Website (e.g., Google Analytics).
- Affiliate networks: Confirmation data relating to referrals (typically limited to click identifiers and conversion status; we do not receive your personal details from casino operators).
3. How We Use Your Data
We use the personal data we collect for the following purposes:
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Responding to your enquiries and contact form submissions | Name, email, message content | Legitimate interest / Contract performance |
| Improving our Website content and user experience | Usage data, device data, page analytics | Legitimate interest |
| Analysing Website traffic and usage patterns | IP address, browser data, pages visited | Legitimate interest / Consent (cookies) |
| Tracking affiliate referrals and calculating commissions | Click identifiers, referral source | Legitimate interest |
| Ensuring Website security and preventing abuse | IP address, access logs | Legitimate interest |
| Complying with legal obligations | Any data as required by law | Legal obligation |
| Processing data subject requests (GDPR) | Identity verification data | Legal obligation |
4. Legal Basis for Processing
Under the GDPR, we must have a lawful basis for processing your personal data. We rely on the following legal bases:
- Consent (Article 6(1)(a) GDPR): Where you have given us clear, affirmative consent to process your data for a specific purpose — for example, by accepting non-essential cookies. You may withdraw your consent at any time.
- Legitimate Interest (Article 6(1)(f) GDPR): Where processing is necessary for our legitimate interests (or those of a third party), provided that those interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include operating and improving our Website, analysing traffic, and maintaining affiliate relationships.
- Contract Performance (Article 6(1)(b) GDPR): Where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract — for example, responding to your contact form enquiry.
- Legal Obligation (Article 6(1)(c) GDPR): Where processing is necessary to comply with a legal obligation to which we are subject — for example, responding to a valid data subject access request.
5. Cookies & Tracking Technologies
We use cookies and similar tracking technologies on our Website. Cookies are small text files stored on your device that help us provide and improve our services.
For detailed information about the specific cookies we use, their purposes, and how to manage your cookie preferences, please see our comprehensive Cookie Policy.
In summary, we use the following categories of cookies:
- Essential cookies: Required for the basic functionality of our Website (e.g., remembering your cookie consent preferences).
- Analytics cookies: Used to understand how visitors interact with our Website, helping us improve content and user experience.
- Affiliate tracking cookies: Used to track referrals from our Website to casino operators, enabling us to receive commissions for qualifying referrals.
- Preference cookies: Used to remember your preferences and settings (e.g., mobile menu state).
6. Third-Party Services
We use the following categories of third-party services, each of which may process your personal data in accordance with their own privacy policies:
6.1 Analytics
We use web analytics services to understand how visitors use our Website. These services collect information about your use of the Website, including the pages you visit, the time you spend on each page, and how you navigate through the site. This data is typically aggregated and anonymised.
Analytics providers may set their own cookies on your device. You can opt out of analytics tracking through your cookie settings or by using browser extensions designed for this purpose.
6.2 Affiliate Networks
As an affiliate website, we participate in affiliate programmes operated by various casino operators and affiliate networks. When you click on an affiliate link on our Website, a cookie may be placed on your device by the affiliate network to track the referral. This cookie typically contains a unique click identifier and does not contain your personal information.
We do not share your personal data with casino operators. The affiliate tracking process is limited to recording that a click originated from our Website and whether it resulted in a qualifying action (e.g., registration or deposit) at the casino.
6.3 Hosting and Content Delivery
Our Website is hosted on infrastructure that may process technical data (such as IP addresses and access logs) as part of delivering web pages to your browser. This processing is necessary for the operation of the Website.
7. Affiliate Tracking
As disclosed in our Terms and Conditions and throughout our Website, IrelandRoots.com earns revenue through affiliate commissions. When you click on an affiliate link (such as a "Visit Casino" or "Claim Bonus" button), the following occurs:
- You are redirected to the casino operator's website via an affiliate tracking link.
- A cookie is placed on your device by the affiliate network to record the referral source.
- If you register and/or make a deposit at the casino within the cookie's validity period, the affiliate network records a qualifying action.
- We receive a commission from the casino operator based on the qualifying action.
We do not have access to your personal details at the casino, your account information, your deposit amounts, or your gambling activity. The data we receive from affiliate networks is limited to aggregated reports showing click counts, registration counts, and commission amounts.
8. Data Sharing
We do not sell, rent, or trade your personal data to third parties. We may share your data in the following limited circumstances:
- Service providers: We may share data with trusted service providers who assist us in operating our Website (e.g., hosting providers, analytics services). These providers are bound by contractual obligations to process data only on our instructions and in accordance with the GDPR.
- Legal requirements: We may disclose personal data if required to do so by law, regulation, court order, or governmental request, or if we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others.
- Business transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction. We will notify you of any such transfer and any changes to applicable privacy terms.
9. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law:
| Data Category | Retention Period | Reason |
|---|---|---|
| Contact form submissions | 24 months from submission | To respond to and follow up on enquiries |
| Email correspondence | 24 months from last communication | To maintain correspondence records |
| Analytics data | 26 months (aggregated) | To analyse traffic trends over time |
| Server access logs | 12 months | Security monitoring and troubleshooting |
| Cookie consent records | 12 months | To demonstrate GDPR compliance |
| Affiliate click data | As per affiliate network policies | Commission tracking and reconciliation |
After the relevant retention period expires, personal data is securely deleted or anonymised so that it can no longer be associated with you.
10. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using SSL/TLS (HTTPS)
- Regular security updates and patching of our systems
- Access controls limiting data access to authorised personnel only
- Regular review of our data processing practices and security measures
However, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of any credentials you use to interact with our services.
11. Your Rights Under GDPR
Under the GDPR and Irish data protection law, you have the following rights in relation to your personal data:
| Right | Description |
|---|---|
| Right of Access (Article 15) | You have the right to request a copy of the personal data we hold about you, along with information about how we process it. |
| Right to Rectification (Article 16) | You have the right to request correction of inaccurate personal data or completion of incomplete data. |
| Right to Erasure (Article 17) | You have the right to request deletion of your personal data in certain circumstances (e.g., when the data is no longer necessary for the purpose for which it was collected). |
| Right to Restriction (Article 18) | You have the right to request restriction of processing of your personal data in certain circumstances (e.g., while we verify the accuracy of contested data). |
| Right to Data Portability (Article 20) | You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller. |
| Right to Object (Article 21) | You have the right to object to processing of your personal data based on legitimate interest, including profiling. You also have the right to object to direct marketing at any time. |
| Right to Withdraw Consent (Article 7(3)) | Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal. |
| Right to Lodge a Complaint | You have the right to lodge a complaint with the Data Protection Commission (DPC), Ireland's supervisory authority: www.dataprotection.ie |
To exercise any of these rights, please email us at [email protected]. We will respond to your request within 30 days, as required by the GDPR. In certain circumstances, we may extend this period by a further 60 days, in which case we will inform you of the extension and the reasons for it.
We may need to verify your identity before processing your request to ensure the security of your personal data. We will not charge a fee for processing your request unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request.
12. Children's Privacy
Our Website is not intended for children under the age of 18. We do not knowingly collect, use, or disclose personal data from anyone under 18 years of age. Online gambling is restricted to adults aged 18 and over under Irish law and the regulations of the Gambling Regulatory Authority of Ireland (GRAI).
If we become aware that we have inadvertently collected personal data from a child under 18, we will take immediate steps to delete that data from our systems. If you believe that a child under 18 has provided personal data to us, please contact us immediately at [email protected].
13. International Data Transfers
Your personal data may be transferred to and processed in countries outside Ireland and the European Economic Area (EEA), particularly in connection with third-party services such as analytics and hosting.
Where such transfers occur, we ensure that appropriate safeguards are in place to protect your data in accordance with the GDPR, including:
- Transfers to countries recognised by the European Commission as providing an adequate level of data protection (adequacy decisions)
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Other appropriate safeguards as required by applicable law
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this page.
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data. Material changes will be communicated through a notice on our Website. Your continued use of the Website after any changes constitutes your acceptance of the updated Privacy Policy.
15. Contact for Data Requests
For all privacy-related enquiries, data subject access requests, or complaints about our data processing practices, please contact us:
Data Protection Contact
IrelandRoots.com
Email: [email protected]
Supervisory Authority
Data Protection Commission (DPC)
21 Fitzwilliam Square South, Dublin 2, D02 RD28
Website: www.dataprotection.ie
Phone: +353 (0)1 765 0100 / 1800 437 737
We are committed to resolving any concerns you may have about our processing of your personal data. If you are not satisfied with our response to your enquiry or complaint, you have the right to lodge a complaint with the Data Protection Commission.