Privacy Policy
Last updated
Jan 19th 2026
Phone
Address
Penthouse Floor, Rivercourt HQ, River Court Business Centre, Cornmarket Row, Limerick, V94 FVH4, Ireland
Introduction
This Privacy Policy explains how Brainstorm* (David Curtin, sole trader) collects, uses, stores, and shares personal information when you visit our website, contact us, or engage our design and digital services. We take privacy seriously and aim to handle your information in a clear, respectful, and lawful way.
Information you provide
Personal Information
When you contact us or work with us, we may collect personal information such as your name, email address, phone number, business name, role, billing details, and payment-related information. We use this information to communicate with you, deliver services, and manage our business relationship.
Project Information
When you visit our website, we may automatically collect information such as IP address, browser type, device information, operating system, pages visited, time spent on pages, referring source, and the date and time of your visit. This helps us operate the site securely, understand usage, and improve performance and user experience.
Information automatically collected
Website Usage
When you visit our website, we automatically collect certain information about your visit including your IP address, browser type, device information, operating system, pages visited, time spent on pages, referring website, and the date and time of your visits. This information helps us understand how visitors use our website and improve user experience.
Cookies and Tracking
We use cookies and similar technologies to support core website functions and to understand how the site is used. Some cookies are essential for operation, while others support analytics and preferences. Where required, marketing or advertising cookies are only used with your consent, and you can manage cookie settings through your browser or any cookie controls provided on the site.
How we use your information
Service Delivery
We use your information to deliver the services you request, including responding to enquiries, preparing proposals, onboarding projects, managing communications, delivering work, issuing invoices, processing payments via providers, and providing support. This processing is necessary to perform our contract with you or to take steps you request before entering a contract.
Service Improvement
We may review site usage and service interactions to improve our processes, tools, and service quality. This can include diagnosing technical issues, improving site performance, refining our workflows, and developing better client experiences. Where analytics are used, we aim to minimise data and use settings that reduce unnecessary collection where possible.
Communication
We may use your contact details to send project updates, service communications, and administrative messages. If you opt in, we may also send marketing communications such as insights, announcements, or occasional updates about our services. You can unsubscribe at any time using the link provided in emails or by contacting us directly.
Data storage and security
Data storage
We store information using reputable service providers and systems designed to protect confidentiality and integrity. Access is limited to what is reasonably necessary to deliver and administer services. We take practical steps to protect client materials, including secure sharing methods and controlled access where available.
Data retention
We retain personal data for as long as needed to deliver services and meet legal, tax, and operational obligations. Project communications and records may be retained for a reasonable period after completion for reference, support, and the establishment or defence of legal claims. You can request deletion where appropriate, subject to legal requirements and legitimate business needs.
Security Measures
We use reasonable security measures designed to protect information, including encrypted transmission, secure hosting infrastructure, access controls, and account security practices. We apply routine updates and monitoring where available, and we handle client materials with care using trusted storage and sharing tools. No method of transmission or storage is completely secure, but we take security seriously and act promptly when we become aware of a risk or incident.
Information sharing
Third-Party Service Providers
We may share information with trusted third-party providers that help us operate and deliver services, such as website hosting, file storage, invoicing, payment processing, analytics (where enabled), and email delivery. These providers are only given the information needed to perform their function and are expected to protect it and process it responsibly.
Legal Requirements
We may disclose information if required to do so by law or where disclosure is reasonably necessary to comply with legal obligations, respond to lawful requests, protect rights and safety, prevent fraud, or enforce agreements. Where legally permitted, we will take reasonable steps to notify you about such disclosures.
Your rights and choices
Access Rights
You may request access to personal information we hold about you, ask for corrections, or request a copy of your information. Where applicable, you may also request restriction of processing, object to certain processing, or request deletion. We will respond within the timeframes required by applicable law.
Control Options
You can control marketing communications by opting out at any time. You can also control cookies through your browser settings and any site cookie controls provided. If you want us to delete or return project materials or personal data, you can contact us and we will assess the request in line with legal and operational requirements.
Childrens privacy
Our services and website are not intended for children, and we do not knowingly collect personal information from children. If you believe a child has provided personal data to us, please contact us and we will take appropriate steps to remove it.
International data transfers
We may use service providers that process data in different countries, depending on where you are located and which tools are used for delivery and administration. Where international transfers occur, we take reasonable steps to ensure appropriate safeguards are in place, consistent with applicable privacy laws.
Changes to privacy policy
We may update this policy to reflect changes in our practices, technologies, or legal requirements. We will update the “Last updated” date at the top of this page. If changes are material, we will take reasonable steps to provide notice through the website or by email where appropriate.
Specific rights by region
European users (GDPR)
If you are located in the European Economic Area or the United Kingdom, you may have rights including access, rectification, erasure, restriction, portability, objection, and rights relating to automated decision-making where applicable. You also have the right to lodge a complaint with your local data protection authority.
California users (CCPA)
If you are a California resident, you may have rights to know what personal information is collected and disclosed, request access or deletion (subject to exceptions), correct certain information, and opt out of certain data uses where applicable. We do not sell personal information in the ordinary course of business.
Other Regions
We aim to comply with privacy laws that apply to our work and our clients, and we adjust practices where required by local legislation. If you have a region-specific request, contact us and we will respond in line with applicable requirements.
Compliance and Certification
We design our privacy practices around recognised privacy principles, including data minimisation, purpose limitation, and appropriate security. Where GDPR, CCPA/CPRA, or other privacy laws apply, we aim to meet the relevant requirements. If you need further details about our data handling for vendor review purposes, contact us for a summary of the tools and safeguards relevant to your project.
General Policy
Last Updated: January 22, 2026
This Privacy Policy describes how Brainstorm ("Company," "we," "us," or "our") collects, uses, and protects your personal information when you use Brainstorm (the "Service").
Contact Information: If you have questions about this Privacy Policy, contact us at info@brainstorm.ie..
1. INFORMATION WE COLLECT
We collect the following types of personal information:
• **Contact Information:** Name, email address, phone number, mailing address • **Device Information:** IP address, browser type, device identifiers, operating system • **Location Information:** GPS coordinates, IP-based location data
How We Collect Information:
2. HOW WE USE YOUR INFORMATION
We use your personal information for the following purposes:
• Operate and maintain our Service • Send important service updates and notifications • Send marketing communications and newsletters (with your consent) • Analyze usage patterns and improve our Service • Provide personalized advertising and recommendations • Comply with legal obligations and ensure safety and security
3. HOW WE SHARE YOUR INFORMATION
We share your information only with trusted service providers who help us operate our Service under strict confidentiality agreements.
Service Providers: We share information with trusted service providers who help us operate our Service:
Analytics and Advertising:
**We Do Not Sell Your Data:** We do not sell, rent, or otherwise monetize your personal information.
Legal Requirements: We may disclose your information when required by law, court order, or to protect our rights and safety.
4. COOKIES AND TRACKING
**Essential Cookies:** We use cookies that are necessary for our Service to function properly, such as keeping you logged in and remembering your preferences.
https://brainstorm.ie/privacy-policy
**Do Not Track:** We respect Do Not Track browser settings for non-essential tracking.
5. YOUR PRIVACY RIGHTS
• **Right to Know:** Information about data collection and use **California Residents:** You have the right to: • Know what personal information we collect and how it's used • Delete your personal information • Opt-out of the sale/sharing of personal information • Correct inaccurate personal information • Non-discrimination for exercising your rights **EU/UK Residents:** You have the right to: • Access your personal data • Rectify inaccurate data • Erase your data ("right to be forgotten") • Restrict processing • Data portability • Object to processing • Withdraw consent at any time • **Canadian Residents:** Right to access and correct your personal information under PIPEDA
How to Exercise Your Rights:
6. DATA RETENTION AND SECURITY
Data Retention: We retain your personal information for as long as your account is active or as needed to provide our Service. After account deletion, we delete your data within 30 days except where retention is required by law.
Security Measures:
**Children's Data Protection:** If we discover we have collected personal information from a child under 13 without parental consent, we will delete that information promptly.
7. INTERNATIONAL DATA TRANSFERS
**Data Location:** Your personal information is stored and processed in ireland and is not transferred internationally.
8. CHANGES TO THIS POLICY
We may update this Privacy Policy from time to time. We will post the updated policy on our website and update the "Last Updated" date. Your continued use of our Service after changes constitutes acceptance.
9. CONTACT INFORMATION
Effective Date: January 22, 2026
By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy and how we handle personal information as described above.