Book a call

Privacy Policy

How Dark Oak handles your personal data.

Dark Oak is committed to protecting your privacy. This policy explains what data we collect when you use our website or engage us for work, how we use it, and the rights you have over it.

1. Information we collect

Enquiry data. When you contact us — through the website form, by email, or by phone — we collect the details you provide: name, email address, company, the type of work you’re enquiring about, an indicative budget band, and a description of the problem.

Engagement data. Once we’re working together, we hold the materials needed to deliver the work: briefs, requirements, access credentials you share with us, source code, and project documentation.

Website usage data. We collect basic technical information about visits to the site (pages viewed, approximate location, device type). The site uses minimal cookies — what’s required to make it work, plus aggregate analytics. No advertising trackers.

2. How we use your information

We use your information to:

  • Respond to enquiries and arrange discovery calls
  • Scope, deliver, and maintain the work you engage us for
  • Send invoices and operate the commercial side of the engagement
  • Improve the website and our service over time
  • Meet our legal and regulatory obligations

We do not sell your data, and we do not share it with third parties for marketing.

3. Data location and transfers

Our default is EU data residency. Personal data and engagement materials are held on infrastructure inside the EU, and we choose EU regions on the third-party tools we use (hosting, email, payments) wherever they’re offered.

Some operational tools we rely on are headquartered outside the EU. Where data leaves the EU, we rely on Standard Contractual Clauses and the additional safeguards each provider offers. We can list the specific processors on request.

4. Data retention

We keep enquiry data for as long as the conversation is live, plus a reasonable follow-up window. We keep engagement records for as long as the work is active and for the period afterwards that we’re required to — typically seven years for accounting and tax records under Irish law. You can ask us to delete data sooner where it isn’t legally required.

5. Your rights

Under the GDPR you have the right to:

  • Access the personal data we hold about you
  • Have inaccurate data corrected
  • Have your data deleted, where we aren’t legally required to keep it
  • Restrict or object to specific processing
  • Receive your data in a portable format
  • Lodge a complaint with the Irish Data Protection Commission (dataprotection.ie)

To exercise any of these rights, email us at the address below.

6. Cookies

The site uses a small number of cookies — strictly what’s needed to make it work, and a privacy-respecting, aggregate measure of which pages get visited. You can clear or block cookies in your browser at any time; the site will still work.

7. Third-party services

We use a small set of trusted services to operate: EU-region hosting, email, payments, and analytics. Each one has access only to what it needs to do its job and is bound by its own data-processing agreement with us. We’re happy to share the list on request.

8. Changes to this policy

If we update this policy, we’ll change the date below and post the revised version here. Where the change is material, we’ll flag it to clients who have an active engagement with us.

9. Contact

Any question about how we handle your data — including any request to access, correct, or delete it — please email [email protected].

Last updated: 3 June 2026