Privacy Policy

How we collect, use and protect personal data across Taxworld Ireland.

Introduction

This Privacy Policy explains how Taxworld ("we", "our", "us") processes personal data when you use www.taxworld.ie, related landing pages, our enquiry and sign-up forms, and app.taxworld.ie.

It covers information you give us directly, information created when you use our services, and limited technical data we use to keep the site and application secure.

On the Irish marketing site, we currently use strictly necessary cookies only. We do not currently use analytics cookies on www.taxworld.ie.

1. Who We Are (Data Controller)

Taxworld
220 Capel Building, Mary's Abbey, Dublin 7, D07 XHK8, Ireland
Contact: online contact form

We determine the purposes and means of processing personal data for visitors of www.taxworld.ie and its subdomains.

2. Personal Data We Collect

Depending on how you interact with us, we may process:

  • Identity and contact data: name, email address, phone number, company name and job role.
  • Enquiry and form data: the details you submit in contact, membership or publication forms, including message content.
  • Address and billing data: postal address and, for Irish direct debit sign-up where relevant, account holder name and IBAN.
  • Account data: login details, password hashes, profile details and membership status for app.taxworld.ie.
  • Technical and security data: IP address, browser/device information, request logs and security events.

3. Data Collected via Website Forms

When you submit a form on www.taxworld.ie or a related landing page, we use that information to respond to your request, provide the product or service you asked for, and keep an internal record of the enquiry.

Depending on the form, this may include your name, email address, phone number, company, address details, publication or membership selections, and any message you send us.

Form submissions are delivered to our team through our email provider Resend and may also be added to our CRM provider EngageBay so we can manage follow-up communications and customer records.

4. User Accounts on app.taxworld.ie

If you register for access to app.taxworld.ie, we create and manage an account for you. We store your email address, password hash, profile/account details, membership status, and the records needed to operate and secure the service.

Passwords are not stored in plain text.

5. Payments (GoCardless)

For Irish membership sign-up and billing, we may collect account holder name and IBAN and transmit that information securely to GoCardless so a mandate or payment instruction can be set up and managed.

We do not use the marketing site to store full bank payment credentials beyond what is necessary for administration, audit and reconciliation.

We rely on the following lawful bases:

  • Contract (Article 6(1)(b) GDPR): to respond to requests, create accounts, supply products and services, and administer payments.
  • Legitimate interests (Article 6(1)(f) GDPR): to operate and secure the site, prevent misuse, respond to enquiries, maintain customer records and improve our services.
  • Consent (Article 6(1)(a) GDPR): for optional marketing communications and any other processing that depends on consent.
  • Legal obligation (Article 6(1)(c) GDPR): to keep records required for tax, accounting and regulatory compliance.

7. Service Providers and Security

We use service providers to operate our website and services. Depending on the activity, personal data may be processed by:

  • Cloudflare for site security, performance and traffic protection.
  • Resend for delivery of website form notifications to our team.
  • EngageBay for customer relationship management and follow-up.
  • GoCardless for direct debit and payment administration where relevant.
  • Hosting and infrastructure providers used to run our application and databases.

We require providers to handle personal data under appropriate contractual and security protections.

8. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy or as required by law. In general:

  • Form submissions and general enquiries: up to 3 years.
  • Account data: while the account is active and for a reasonable period afterwards to deal with queries, disputes and support.
  • Financial and invoicing records: for at least 6 years where tax or accounting rules require it.

9. International Transfers

Some of our service providers may process personal data outside the European Economic Area (EEA). Where this happens, we rely on appropriate safeguards such as:

  • European Commission adequacy decisions where available; and/or
  • EU Standard Contractual Clauses (SCCs) or equivalent contractual safeguards.

10. Your Rights Under GDPR

Under GDPR you may have the right to:

  • Request access to your personal data.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data in certain circumstances.
  • Request restriction of processing.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time where we rely on consent.
  • Request data portability.

You can exercise these rights by contacting us using the details below.

11. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland:

https://www.dataprotection.ie

12. Contact Us

For privacy enquiries, please contact us via our online contact form and mark your message for the privacy team.