GDPR Compliance

Last updated: May 15, 2026

1. Our Commitment to GDPR

breeze-motor is fully committed to compliance with the General Data Protection Regulation (GDPR). As an Irish company providing fraud prevention services, we understand the importance of protecting personal data and respect your rights under GDPR.

This page explains how we comply with GDPR requirements and outlines your rights as a data subject.

2. Data Controller Information

For the purposes of GDPR, breeze-motor is the data controller responsible for your personal information.

Data Controller: breeze-motor
Address: 47 Merrion Square East, Dublin 2, D02 VY96, Ireland
Email: [email protected]

3. Legal Basis for Processing

We process your personal data under the following legal bases as defined by GDPR:

Consent (Article 6(1)(a))

We process certain personal data based on your explicit consent, such as when you:

  • Submit a service request form
  • Subscribe to our communications
  • Accept cookies on our website

You have the right to withdraw consent at any time.

Contract Performance (Article 6(1)(b))

We process your data when necessary to fulfill our contractual obligations to you, including:

  • Providing fraud prevention services
  • Conducting security assessments
  • Delivering training and support

Legal Obligation (Article 6(1)(c))

We may process your data to comply with legal obligations, such as:

  • Tax and accounting requirements
  • Responses to lawful requests from authorities
  • Record-keeping obligations

Legitimate Interests (Article 6(1)(f))

We may process your data based on our legitimate interests, such as:

  • Improving our services and website functionality
  • Detecting and preventing fraud
  • Network and information security

We always balance our legitimate interests against your rights and freedoms.

4. Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

Right to Access (Article 15)

You have the right to obtain confirmation of whether we process your personal data and to access that data. You can request a copy of your personal information we hold.

Right to Rectification (Article 16)

You have the right to have inaccurate personal data corrected and incomplete data completed.

Right to Erasure (Article 17)

You have the right to request deletion of your personal data in certain circumstances, including:

  • The data is no longer necessary for the purposes collected
  • You withdraw consent and there is no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed

Right to Restriction of Processing (Article 18)

You have the right to request restriction of processing in certain situations, such as when you contest the accuracy of data or object to processing.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

Right to Object (Article 21)

You have the right to object to processing based on legitimate interests or for direct marketing purposes.

Rights Related to Automated Decision-Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you.

Right to Withdraw Consent (Article 7)

Where we process your data based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

5. How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us using the following methods:

Email: [email protected]
Subject Line: GDPR Request - [specify your right]
Postal Address: breeze-motor, 47 Merrion Square East, Dublin 2, D02 VY96, Ireland

When submitting a request, please include:

  • Your full name and contact information
  • A description of the right you wish to exercise
  • Any relevant details to help us locate your information
  • Proof of identity (if requested for security purposes)

Response Timeframe

We will respond to your request within one month of receipt. In complex cases, we may extend this period by two additional months, and we will inform you of any such extension.

6. Data Protection Measures

We implement appropriate technical and organizational measures to ensure GDPR compliance, including:

Technical Measures

  • Encryption of personal data in transit and at rest
  • Regular security testing and vulnerability assessments
  • Secure data backup and recovery procedures
  • Access controls and authentication mechanisms
  • Firewall and intrusion detection systems

Organizational Measures

  • Data protection policies and procedures
  • Staff training on GDPR and data protection
  • Data protection impact assessments for high-risk processing
  • Incident response and data breach procedures
  • Regular audits and compliance reviews

7. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Irish Data Protection Commission within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach poses a high risk
  • Provide clear information about the nature of the breach and recommended actions
  • Document all breaches, including facts, effects, and remedial actions taken

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including:

  • Service delivery duration plus applicable legal retention periods
  • Tax and accounting records: 7 years as required by Irish law
  • Marketing consent records: until consent is withdrawn
  • Website analytics data: 26 months maximum

After the retention period expires, we securely delete or anonymize personal data.

9. International Data Transfers

If we transfer your personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • European Commission adequacy decisions
  • Standard Contractual Clauses (SCCs)
  • Binding Corporate Rules
  • Certification mechanisms

10. Data Protection Officer

For questions or concerns about our data protection practices or GDPR compliance, you can contact our data protection officer:

Email: [email protected]
Subject: Attention: Data Protection Officer

11. Supervisory Authority

You have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have violated your data protection rights:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28
Ireland

Phone: +353 (0)761 104 800
Email: [email protected]
Website: www.breeze-motor.com

12. Updates to This Policy

We may update this GDPR compliance statement to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date.

13. Contact Information

For any questions about GDPR compliance or data protection, please contact us:

breeze-motor
47 Merrion Square East
Dublin 2, D02 VY96
Ireland

Email: [email protected]