Privacy Policy

1. Introduction

This Privacy Policy explains how BL Digital Studio ("we", "us", "our") collects, uses, and protects your personal information when you use our website and services. We specialize in providing website design, hosting, maintenance, and compliance services specifically for Irish solicitors, barristers, and legal professionals.

We are committed to protecting your privacy and maintaining the highest standards of data protection, particularly given our work with legal professionals who handle sensitive client information. We fully comply with the General Data Protection Regulation (GDPR), Irish Data Protection Act 2018, and all applicable data protection laws.

Data Controller: BL Digital Studio is the data controller for all personal information collected through our website and services.

2. Information We Collect

2.1 Information You Provide Directly

• Contact Information: Name, email address, phone number, practice address
• Professional Details: Law firm name, practice areas, professional registration details (when relevant to compliance services)
• Service Inquiries: Details about your website requirements, compliance needs, hosting preferences
• Website Audit Information: Current website URL, compliance concerns, technical requirements
• Booking Information: Consultation preferences, availability, specific service requests
• Payment Information: Billing details (processed securely through third-party payment processors)

2.2 Information Collected Automatically

• Technical Data: IP address, browser type and version, operating system, device information
• Usage Data: Pages visited, time spent on pages, referral sources, navigation patterns
• Performance Data: Website loading times, error reports, technical diagnostics
• Security Data: Login attempts, security events, access logs (for hosted websites)

2.3 Client Website Data (For Hosting & Maintenance Services)

• Website Content: Text, images, documents uploaded to hosted websites
• Form Submissions: Contact forms, consultation requests submitted through client websites
• Analytics Data: Website traffic patterns, user behavior on client websites (when analytics are enabled)
• Backup Data: Regular backups of website content and databases for security purposes

3. How We Use Your Information

3.1 Service Delivery

• Providing website design, development, and hosting services
• Conducting website compliance audits and assessments
• Performing ongoing website maintenance and technical support
• Monitoring website performance and security
• Processing payments and managing billing

3.2 Communication and Support

• Responding to your inquiries and consultation requests
• Scheduling appointments and consultations
• Providing technical support and troubleshooting
• Sending service updates and security notifications
• Sharing relevant legal compliance updates and guidance

3.3 Business Operations

• Improving our services and developing new offerings
• Conducting internal analytics and research
• Ensuring compliance with LSRA, GDPR, and accessibility standards
• Managing our business relationships and contracts
• Protecting against fraud and security threats

4. Legal Basis for Processing

We process your personal data based on the following legal grounds:

5. Data Sharing and Third-Party Services

We do not sell your personal information to third parties. We may share your information only in specific circumstances with trusted service providers:

5.1 Essential Service Providers

• Web Hosting Services: Secure Irish and EU-based hosting providers for website infrastructure
• Payment Processors: Stripe and other PCI-compliant payment providers for billing
• Email Services: Professional email providers for communication and support
• Backup Services: Secure cloud backup providers for data protection
• SSL Certificate Providers: For website security and encryption

5.2 Analytics and Improvement (With Consent)

• Website Analytics: Google Analytics (when consent is given) for understanding website usage
• Performance Monitoring: Technical monitoring tools to ensure website uptime and performance

5.3 Legal and Compliance

• When required by law or court order
• To protect our rights, property, or safety
• In connection with legal proceedings or regulatory investigations
• With your explicit consent for specific purposes

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience and provide our services effectively. Our cookie banner allows you to control your preferences.

6.1 Cookie Categories

You can manage your cookie preferences at any time using our cookie preference center or through your browser settings. Disabling certain cookies may affect website functionality.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill our service obligations and comply with legal requirements:

8. Your Data Protection Rights

Under GDPR and Irish data protection law, you have comprehensive rights regarding your personal data. We are committed to facilitating the exercise of these rights:

9. Data Security Measures

We implement comprehensive technical and organizational security measures to protect your personal information, reflecting our expertise in legal website security:

9.1 Technical Security

• Encryption: All data transmission uses SSL/TLS encryption (minimum 256-bit)
• Access Controls: Multi-factor authentication and role-based access to client data
• Data Backup: Automated, encrypted backups with secure off-site storage
• Infrastructure Security: Firewalls, intrusion detection, and regular security monitoring
• Vulnerability Management: Regular security assessments and prompt patch management

9.2 Organizational Security

• Staff Training: Regular data protection and security awareness training
• Access Policies: Strict need-to-know access policies for all team members
• Incident Response: Documented procedures for handling potential data breaches
• Vendor Management: Due diligence and contractual data protection requirements for all suppliers

9.3 Professional Standards

Given our specialization in serving legal professionals, we maintain security standards that recognize the sensitive nature of legal practice data, even though we do not process client-lawyer privileged communications directly.

10. International Data Transfers

We prioritize keeping your data within the European Economic Area (EEA) and have structured our operations accordingly:

11. Children's Privacy

Our services are designed for legal professionals and are not directed toward children under 16 years of age. We do not knowingly collect personal information from children under 16.

If we become aware that we have collected personal information from a child under 16, we will take immediate steps to delete such information from our systems.

12. Policy Updates and Notifications

We review and update this Privacy Policy regularly to ensure it remains current with our practices and applicable law. The "Last Updated" date at the top of this policy indicates when the most recent changes were made.

How We Notify You of Changes

• Material Changes: Email notification to all active clients and prominent website notice
• Minor Updates: Website posting with updated date stamp
• Legal Changes: Direct communication for any changes required by new legislation or regulations

Continued use of our services after policy updates constitutes acceptance of the revised terms, unless the changes require explicit consent under applicable law.

13. Contact Information and Complaints

If you have any questions about this Privacy Policy, wish to exercise your data protection rights, or need to report a privacy concern, please contact us:

14. Additional Commitments for Legal Professionals

Recognizing our specialization in serving Irish solicitors and barristers, we maintain additional privacy and confidentiality commitments: