Privacy Policy

The Information We Collect

Thenet Ireland collect personally identifiable information about customers, employees, & suppliers.

We may collect personally identifiable information about you, our client, eg name, phone number, address, email address, payment method preferences and information, IP addresses and ID documents when you make an enquiry online, request a quote, place an order, create an account, etc.

(We do not collect sensitive personal data such as gender, marital, political, judicial or medical data etc.)

The purpose of this is to set up billing accounts for recurring payments to provide the services requested. We do not collect any data on individuals which is not for the provision of services we provide.

As a customer, you have access to an online client console via

When you access your account here, you act as data controller over your own personal data.

If you purchase any product or service from us, we or our third-party payment processors will collect and encrypt your payment information. Certain providers who offer bank processing may request identification to verify accounts. This data is removed from our system after account verification is complete by the third party provider.

We also, on request share contact information and also personal identification documents with certain domain name registrars and the IEDR in accordance with ICANN regulations and the IEDR registration rules. These (digital) documents are kept solely for the purpose of domain registrations and are removed from our systems once registration is complete.

Any email contact with us, initiated by you, generated via are on a double opt-in basis and are automatically unsubscribed on request.

Occasionally, account ownership disputes and other account management queries may arise. We may in this instance require identification from all parties engaged in the query in order to verify account ownership.

This information is removed once accounts are verified.

GDPR – Your Responsibilities

When you use our services to store or process your data, (including your customers and users data on your website, for instance) you are the data controller and we act as the data processor. You must, therefore, ensure that any data processor services you use to process personal data are GDPR compliant. You should carry out due diligence on our services and ensure certain contractual terms are in place.

This statement is to help you meet those GDPR regulatory requirements and assure that we take GDPR and the security and management of all personal data as paramount.

GDPR – Our Responsibilities

We have fully reviewed our GDPR compliance with regard to the services we offer our customers and also our internal operations.

We have implemented technical and personnel protocols to ensure the security of your data.

Security is paramount – as a matter, of course, our services are continually monitored.

We carry out ongoing due diligence against our sub-processors or other third party processors we use to ensure their GDPR compliance (data centres, domain registries, payment processors).

How we share your Information [Third Party Access]

a. Personally Identifiable Information: We will not rent or sell your personally identifiable information to others. We may store personal information in locations outside the direct control of TheNet Ireland ( eg on servers or databases co-located with hosting providers) Any comments containing personal data, posted by you on our blog, for example, will be available by others.

b. Non Personally Identifiable Information: We may share non-personally identifiable information ( such as anonymous usage data, referring/ exit pages and URLs, platform types, number of clicks etc) with interested parties, services and partners( eg Google, Realex) Our partners may publish purely anonymous non-personally identifiable data for use on reports etc.

How Information is Stored

We use externally contracted data centres in the following locations.

Dublin (Ireland) & London (UK) that are fully monitored 24/7/365 by dedicated monitoring service team.

These datacenters physical and environmental security systems are designed to meet the exacting standards required by HIPAA, PCI-DSS, GDPR and our customers.

How Information Is Protected.

We are concerned with protecting your privacy and data, but we cannot ensure the security or threat of breach of any information transmitted to us by you. No method of transmission over the internet is completely 100% secure. Therefore we cannot 100% guarantee its absolute security.

We do however comply with the EU Data Protection Directives95/46/EC.

Data Retention

We only retain personal data collected from clients for as long as the client's account is active, or otherwise for a limited period of time as long as we need it to fulfil its original intention.

We will retain certain data as necessary to comply with our legal obligations – for instance, we need to retain account information for a period of 7 years to comply with accounting, taxation and company law.

In addition, we adhere to strict governance and/or codes of conduct guidelines from bodies such as ICANN, NCSC, PCI, ISPAI, Irish Data Protection Authority etc.

Thenet Ireland as Data Controller

David Lawless T/A Thenet Ireland, process personal data both as a Processor and a Controller as defined in the GDPR Directive.

In addition, If you have an account with us, you have access to a console where you can control your own personal information.

This system is shared – you have full access at all times to all the information we have for you.

Whether you use data to make automated decisions

We do not use your personal data to make automated decisions of any kind.

You can visit our website without giving away any personal information.

We use Google Analytics and cookies in order to improve our service, user experience and analyse how the website is used.

Under the GDPR, you, our client, have the following rights:

1 The right to be informed 
2 The right of access 
3 The right of rectification
4 The right to erasure 
5 The right to restrict processing 
6 The right to data portability 
7 The right to object 
8 Rights of automated decision making and profiling

Is providing data mandatory?

While you can visit our website without telling us who you are, we do require certain information from you in order to communicate, provide services effectively, access your account with us and respond to queries, for instance.

Do we transfer data internationally?

Ordering certain products will result in your personal data being transferred internationally, specifically with regards to domain registrations via third-party registrars inside & outside Europe.

Your data is then controlled by these third-party providers GDPR Privacy policies – we can provide this information on request.

What’s our legal basis for processing your data?

It is generally assumed by us that you have given consent to the processing of your personal data for one or more specific purposes, if you contact us, request us to contact you, request a quote, order a service or make any such similar request.

Processing data is necessary to address any of the above situations.

Processing is also necessary to enable us to lawfully conduct business, for instance, to allow us to act as agents for the Revenue Commissioners.

Agreeing to the terms of this Privacy policy is regarded as receiving your consent.

Contact information for the Data Controller

You can contact us at any time to Request access to information we hold about you, correct any information that we hold about you, delete information we have about you.

If you have any additional questions about our collection and storage of data, please contact us at

Att: Data Protection Officer, Unit 4 Kinsealy Business park, Malahide, Co Dublin, 01 8284828.