Your privacy matters to us. This policy explains how we collect, use, and protect your personal data in compliance with GDPR.
Last updated: [EFFECTIVE DATE]
Connect 4 Payments ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you visit our website ([WEBSITE URL]), use our services, or interact with us in any way.
We are the data controller for the purposes of the General Data Protection Regulation (GDPR) and the Irish Data Protection Act 2018.
Data Controller Details
We collect personal data in two ways: information you provide directly, and information collected automatically when you use our website.
Information You Provide
Collected Automatically
We process your personal data for the following purposes, each with a clear legal basis under GDPR:
| Purpose | Legal Basis |
|---|---|
| Respond to enquiries and provide rate check analysis | Legitimate interest / Contract |
| Provide and improve our payment comparison services | Legitimate interest |
| Send relevant service information (where opted in) | Consent |
| Analyse website usage and improve user experience | Legitimate interest |
| Comply with legal obligations | Legal obligation |
We may share your personal data with the following categories of recipients. We never sell your personal data.
Your personal data may be transferred to, and processed in, countries outside the European Economic Area (EEA). Where this occurs, we ensure appropriate safeguards are in place — such as Standard Contractual Clauses (SCCs) approved by the European Commission — to protect your data to the same standard as within the EEA.
We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:
Enquiry & rate check data
[RETENTION PERIOD, e.g. 24 months] from last interaction
Marketing communications
Until you unsubscribe or withdraw consent
Website analytics
[RETENTION PERIOD, e.g. 12 months]
Legal & compliance records
As required by applicable law
Under the GDPR, you have the following rights regarding your personal data:
Right to access
Request a copy of the personal data we hold about you
Right to rectification
Request correction of inaccurate or incomplete data
Right to erasure
Request deletion of your personal data (subject to legal obligations)
Right to restrict processing
Request that we limit how we use your data
Right to data portability
Request your data in a structured, machine-readable format
Right to object
Object to processing based on legitimate interests or direct marketing
Right to withdraw consent
Where processing is based on consent, withdraw it at any time
To exercise any of these rights, contact us at [DATA PROTECTION EMAIL]. We will respond within 30 days.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted data transmission (SSL/TLS), secure hosting infrastructure, and access controls limiting who within our organisation can access your data.
Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites. We encourage you to read the privacy policy of every website you visit.
Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.
If you have any questions about this Privacy Policy or how we handle your personal data:
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Data Protection Commission (DPC), Ireland's supervisory authority: