Privacy Policy

Last Updated: 18-11-2025

Radium Technologies Ltd ("Radium", "we", "us", "our") is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use and safeguard personal data when:

• you visit or interact with our website (radium.ie and related pages),
• you contact us or we contact you,
• you are an employee, contractor or contact person of one of our business customers, suppliers or partners.

It also explains how this Privacy Policy sits alongside our General Terms & Conditions of Service and Data Processing Addendum (DPA).

1. Who we are and how we act under data protection law

For most data we collect through our own website, marketing, sales and business operations, Radium acts as a "data controller" under applicable Data Protection Laws (including the EU GDPR and Irish data protection law).

When we provide managed IT services and MSSP / cyber-security services to business customers, we typically act as a "data processor" on behalf of those customers. In those circumstances:

• the customer is the data controller,
• Radium processes personal data only on the customer's documented instructions, and
• the detailed terms of that processing are set out in our Data Processing Addendum (DPA), which forms part of our General Terms & Conditions of Service.

If you have questions about how your employer or service provider uses your data where Radium is their processor, you should first refer to their privacy notice.

Our details:
Radium Technologies Ltd
9 The Business Centre, Fonthill Industrial Park,
Fonthill Road, Dublin, Ireland
Email: [email protected]

2. Personal data we collect

We may collect and process the following categories of personal data when you interact with us:

Contact and identity details

• Name
• Business email address
• Business phone number
• Job title and role
• Company name and related account/contact IDs

Business and account information

• Billing and payment details (e.g. invoicing address, bank/payment references – we do not generally store full card numbers)
• Records of services purchased and service usage
• Contract documents, Statements of Work and related correspondence

Technical and log data

When you visit our website or when you or your organisation use our services, our systems may automatically log:

• IP address
• Browser type and version
• Device and operating system details
• Referring pages / URLs
• Date/time of access
• Basic event information (e.g. login, error logs, security event logs)

Cookies and similar technologies

We may use cookies and similar technologies on our website to:

• make the site work correctly,
• remember your preferences,
• analyse website usage.

You can manage or disable cookies through your browser settings. If we use any non-essential cookies (e.g. analytics), we will ask for consent where required.

Information you provide to us directly

• Information you include in emails or web forms
• Support tickets and related screenshots or logs
• Feedback and survey responses
• Information provided in meetings, calls or demos

We do not intentionally collect special category data (e.g. health data, religious beliefs) through our website or standard service channels.

3. How we use personal data (purposes and legal bases)

We use personal data for the following purposes, relying on the legal bases indicated:

To provide our managed IT and MSSP services

• Setting up and administering customer accounts
• Delivering support, monitoring and cyber-security services
• Managing incidents, troubleshooting and service improvements

Legal basis: performance of a contract; our legitimate interests in operating our business; compliance with legal obligations.

To manage billing and payments

• Issuing invoices and collecting payment
• Handling queries and disputes about invoices

Legal basis: performance of a contract; compliance with legal and tax obligations.

To communicate with you about our services

• Responding to your enquiries
• Providing updates on projects and support tickets
• Sending administrative or service-related notices

Legal basis: performance of a contract; our legitimate interests in customer service and business operations.

To send marketing communications (B2B)

• Sending information about Radium services, events or offers that may be relevant to you in a business context
• You can opt out at any time by using the unsubscribe link in emails or contacting us at [email protected]

Legal basis: our legitimate interests in promoting our services, or consent where required by law.

To maintain and improve our website and services

• Analysing how our website and services are used
• Enhancing security, performance and user experience
• Developing new features and services

Legal basis: our legitimate interests in running, securing and improving our business and services.

To comply with legal and regulatory obligations

• Record-keeping and financial reporting
• Responding to lawful requests from courts, law enforcement or regulators

Legal basis: compliance with legal obligations; in some cases, the establishment, exercise or defence of legal claims.

When we act as a processor for our business customers, we only process personal data to provide the services and for the Business Purposes agreed in the contract and DPA, and only on the customer's instructions.

4. How we share personal data

We may share personal data with:

• Service providers and sub-processors who assist us in:
  • hosting and infrastructure,
  • monitoring and security,
  • ticketing and CRM,
  • billing and payment processing,
  • professional services (e.g. legal, accounting).
• Business partners and suppliers involved in delivering products or services you have requested (e.g. hardware, software, cloud vendors).
• Group companies or successors of our business (e.g. in a merger or acquisition), consistent with our contractual obligations.
• Regulators, law enforcement or other authorities where we are legally obliged to do so, or to protect our rights or the rights of others.

Where we appoint sub-processors in the context of customer services, we use contracts that require them to protect personal data to standards consistent with our DPA and Data Protection Laws.

We do not sell personal data.

5. International transfers

Some of our service providers or their systems may be located outside the European Economic Area (EEA). Where personal data is transferred outside the EEA, we will ensure that:

• the destination country benefits from an adequacy decision, or
• appropriate safeguards are in place (such as Standard Contractual Clauses), and
• additional technical and organisational measures are applied where appropriate.

6. Data security

We take appropriate technical and organisational measures to protect personal data against:

• unauthorised or unlawful processing, access or disclosure,
• accidental or unlawful loss, destruction, or damage.

These measures reflect the nature of the data, the risks involved and the state of the art, and are consistent with our obligations under our DPA and Data Protection Laws.

However, no online system or transmission is completely secure, and we cannot guarantee absolute security.

7. Data retention

We keep personal data only for as long as necessary to:

• fulfil the purposes described in this Privacy Policy,
• perform our contracts and services,
• comply with legal, accounting or reporting obligations, and
• resolve disputes and enforce our agreements.

For data we process as a processor for business customers, we will retain, return and/or delete data in accordance with:

• our contracts,
• our Data Processing Addendum, and
• the customer's documented instructions.

8. Your rights

Depending on your location and subject to certain conditions, you may have the following rights in relation to your personal data:

• Right of access – to obtain a copy of your personal data we hold.
• Right to rectification – to correct inaccurate or incomplete data.
• Right to erasure – to request deletion of your data where there is no good reason for us to keep it.
• Right to restriction – to ask us to suspend processing in certain circumstances.
• Right to data portability – to receive data you have provided to us in a structured, commonly-used, machine-readable format and/or to have it transmitted to another controller.
• Right to object – to object to processing based on our legitimate interests or to direct marketing.
• Right to withdraw consent – where we rely on consent, you can withdraw it at any time (this will not affect processing carried out before withdrawal).

If you wish to exercise any of these rights, please contact us at [email protected].

If we are processing your data on behalf of one of our business customers, we may need to refer your request to that customer (the data controller), and we will tell you if this is the case.

You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland or your local supervisory authority.

9. Children's privacy

Our website, services and offerings are not directed to children, and we do not knowingly collect personal data relating to children.

If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to delete such data.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements or other operational needs. When we do, we will:

• post the updated version on this page, and
• update the "Last Updated" date at the top.

We encourage you to review this Policy periodically.

11. Contact us

If you have any questions or concerns about this Privacy Policy or how we handle personal data, you can contact us at:

Radium Technologies Ltd
9 The Business Centre, Fonthill Industrial Park,
Fonthill Road, Dublin, Ireland
Email: [email protected]