Privacy Policy

Last updated: 7/12/2025

1. Introduction

Seaduck Analytics (“we”, “our”, “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data when you visit our demonstration website at seaduck.ie.

We are a data controller under the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

2.1 Information You Provide Directly

• Contact Form Data: Name, email address, service interest, and message content
• Chat Interactions: Messages sent through our AI chatbot demonstration
• Project Generator Inputs: Business challenges, industry, company size, tech stack preferences, budget and timeline information
• Email Communications: When you request chat transcripts or project proposals to be emailed

2.2 Information Collected Automatically

• Usage Data: Pages visited, time spent, browser type, device information
• Cookies: As described in our Cookie Policy
• IP Address: For security and analytics purposes

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

• Consent: When you submit forms or interact with our AI demonstrations
• Legitimate Interests: To improve our demonstration services and respond to inquiries
• Performance of Contract: To fulfill requests for information or demonstrations

4. How We Use Your Information

We use your personal data for the following demonstration and business purposes:

• Responding to your inquiries and providing requested information
• Demonstrating our AI capabilities through chatbot and project generator features
• Improving our demonstration services and user experience
• Sending you project proposals or chat transcripts you've requested
• Following up on potential business opportunities
• Ensuring website security and preventing abuse

5. Data Security and Encryption

We take data security seriously and implement appropriate technical and organizational measures:

• Encryption: All personal data is stored encrypted using industry-standard encryption
• Access Controls: Limited access to authorized personnel only
• Secure Infrastructure: Hosted on secure, regularly updated systems
• Regular Security Reviews: Ongoing monitoring and security assessments

6. Data Retention

Automatic Deletion: All personal data collected through this demonstration website is automatically deleted after 3 months from the date of collection.

This includes:

• Contact form submissions
• Chat conversation logs
• Project generator inputs and outputs
• Email communications

Exception: If you enter into a formal business relationship with Seaduck Analytics, separate data retention terms will apply under a proper commercial agreement.

7. Data Sharing and Third Parties

No Data Sharing: We do not sell, rent, or share your personal data with third parties for their marketing purposes.

7.1 Necessary Service Providers

We may share data with essential service providers under strict data processing agreements:

• Email Service Provider (Resend): To send you requested information and auto-replies. Resend processes email content as necessary to deliver messages.
• AI Service Providers: To power our demonstration features. AI providers process inputs to generate responses but data is not stored permanently by these services.
• Hosting Providers: To maintain website infrastructure and security

7.2 Legal Requirements

We may disclose your data if required by law, court order, or to protect our legal rights.

8. Your Rights Under GDPR

As a data subject, you have the following rights:

• Right of Access: Request information about what personal data we hold about you
• Right to Rectification: Request correction of inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Request limitation of how we process your data
• Right to Data Portability: Request a copy of your data in a machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

9. International Data Transfers

Your data is primarily processed within the European Union. Where data is transferred outside the EU (such as to AI service providers), we ensure appropriate safeguards are in place through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Equivalent data protection measures

10. Children's Privacy

Our demonstration website is not intended for children under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

12. Contact Information and Data Protection Rights

For any privacy-related questions, to exercise your rights, or to make a complaint, please contact:

Seaduck Analytics
Email: web@seaduck.ie
Subject: “Privacy Policy Inquiry”
Location: Dublin, Ireland

Note: Website demonstration data is collected at web@seaduck.ie and automatically deleted after 3 months.

Data Protection Authority: You also have the right to lodge a complaint with the Irish Data Protection Commission (DPC) at www.dataprotection.ie