This Privacy Policy applies to the vortexaiadvisory.com website. Our individual products (Speakify, ScheduleAI, etc.) are governed by their own separate privacy notices. This policy covers how we handle data collected through this corporate website and our agency and IT service engagements.
1. Who We Are
Vortex AI Advisory Ltd ("Vortex AI Advisory", "we", "us", "our") is a technology company registered in Ireland. We build AI-powered software products and provide digital marketing, IT consultancy and related services.
Data Controller: Vortex AI Advisory Ltd, Ireland
Contact: support@vortexaiadvisory.com
2. Applicable Law
We process personal data in accordance with the following legislation:
- General Data Protection Regulation (EU) 2016/679 (GDPR)
- Data Protection Act 2018 (Ireland) (DPA 2018)
- European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (ePrivacy Regulations, SI 336/2011)
- Consumer Rights Act 2022 (Ireland)
- EU AI Act (Regulation (EU) 2024/1689) — where applicable to our AI-enabled services
- European Union (Copyright and Related Rights in the Digital Single Market) Regulations 2021
3. Data We Collect and Why
3.1 Contact and Enquiry Data
When you email us or submit an enquiry, we collect your name, email address, and the content of your message. We use this to respond to you. Lawful basis: legitimate interests (Article 6(1)(f) GDPR) and, where a service contract is in view, performance of a contract (Article 6(1)(b) GDPR).
3.2 Service Delivery Data
For clients engaging our agency or IT services, we may process additional data (contact details, project materials, business information) necessary to deliver the agreed services. Lawful basis: performance of a contract (Article 6(1)(b) GDPR).
3.3 Analytics Data
We may use privacy-respecting analytics tools to understand how visitors use this website (e.g. page views, referral sources, geographic region). Where such tools use cookies or tracking technologies, your consent will be sought in advance in compliance with the ePrivacy Regulations 2011. No personally identifiable information is collected or linked for analytics purposes without consent.
3.4 Cookies
This website uses only technically essential cookies required for the site to function. We do not use advertising, retargeting, or third-party tracking cookies without your explicit prior consent. Under Regulation 5 of the ePrivacy Regulations (SI 336/2011), non-essential cookies require affirmative opt-in consent.
4. Direct Marketing
We will only send you marketing communications if you have specifically opted in to receive them. Under Regulation 13 of the ePrivacy Regulations 2011 and Article 21 GDPR, you have an unconditional right to object to your personal data being used for direct marketing at any time. To opt out, email support@vortexaiadvisory.com or use any unsubscribe link in our emails.
5. How We Use Your Data
- To respond to enquiries and provide customer support
- To deliver contracted agency and IT services
- To send service-related communications (e.g. project updates, invoices)
- To send marketing communications, where you have consented
- To improve this website and our services
- To comply with legal obligations
We do not sell, rent, or share your personal data with third parties for their own marketing purposes. We do not engage in profiling or automated decision-making that produces legal or significant effects without human oversight.
6. Legal Bases for Processing
We only process personal data where we have a lawful basis under Article 6 GDPR:
- Contract (Art. 6(1)(b)) — processing necessary to deliver our services to you
- Legal obligation (Art. 6(1)(c)) — where required by law (e.g. tax and accounting requirements)
- Legitimate interests (Art. 6(1)(f)) — responding to enquiries, improving our services, fraud prevention
- Consent (Art. 6(1)(a)) — for marketing communications and non-essential cookies
7. Data Sharing and Third Parties
We may share personal data with carefully selected third-party service providers (e.g. cloud hosting providers, payment processors, email infrastructure) who act as data processors on our behalf. All such processors are subject to data processing agreements under Article 28 GDPR, as required by Section 80 of the DPA 2018.
We do not transfer personal data outside the European Economic Area (EEA) except where adequate safeguards are in place (e.g. Standard Contractual Clauses, adequacy decisions).
8. Data Retention
We retain personal data only for as long as necessary for the purposes described, or as required by law:
- Contact / enquiry records: up to 2 years from last contact
- Client service records: up to 7 years (to meet Irish tax and accounting obligations under the Taxes Consolidation Act 1997)
- Marketing consent records: until consent is withdrawn, plus 1 year thereafter
9. Your Rights Under GDPR
As a data subject under GDPR, you have the following rights, exercisable free of charge:
- Right of access — request a copy of personal data we hold about you (Article 15)
- Right to rectification — request correction of inaccurate data (Article 16)
- Right to erasure — request deletion of your data ("right to be forgotten") (Article 17)
- Right to restriction of processing — request we limit how we use your data (Article 18)
- Right to data portability — receive your data in a machine-readable format (Article 20)
- Right to object — object to processing based on legitimate interests or for direct marketing (Article 21)
- Rights related to automated decision-making — not be subject to solely automated decisions with significant effects (Article 22)
To exercise any right, email support@vortexaiadvisory.com. We will respond within one calendar month as required by Article 12 GDPR.
10. Right to Lodge a Complaint
You have the right to lodge a complaint with the Data Protection Commission (DPC), the Irish supervisory authority:
Website: www.dataprotection.ie
Phone: +353 57 868 4800
Lo Call: 1800 437 737
11. AI-Powered Services
Some of our products and services incorporate AI technologies. Where AI tools process personal data as part of service delivery, we apply appropriate technical and organisational measures consistent with the requirements of the EU AI Act (Regulation (EU) 2024/1689) and GDPR. We maintain transparency with clients about the use of AI in their projects and do not use AI systems to make solely automated decisions with significant legal or equivalent effects on individuals without human review.
12. Security
We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, accidental loss, destruction, or disclosure, consistent with Article 32 GDPR. This website is served over HTTPS. Client data is stored on access-controlled, encrypted systems.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last updated" date at the top will reflect any changes. We will notify existing clients of material changes by email. Continued use of this website after changes are posted constitutes acceptance of the updated policy.
14. Contact
Vortex AI Advisory Ltd
Ireland
support@vortexaiadvisory.com