Privacy Policy

Last updated: 1st January 2026

1. Introduction

RapidApex Ltd ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website or use our services.

2. Data Controller Information

RapidApex Ltd is the data controller responsible for your personal data. Our contact details are:

3. Data Collection

We collect and process various types of personal data, including:

  • Contact Information: Name, email address, phone number, business address
  • Business Information: Company name, job title, industry details
  • Communication Data: Records of correspondence, enquiry details, service preferences
  • Technical Data: IP address, browser type, device information, website usage data
  • Marketing Data: Communication preferences, interests, and engagement history

The data we collect helps us provide personalised services and improve your experience with RapidApex.

4. How We Use Your Information

We process your personal data for the following purposes based on legitimate business interests and legal obligations:

  • Providing skincare technology consultation and training services
  • Responding to enquiries and managing client relationships
  • Processing service bookings and managing appointments
  • Sending relevant business communications and service updates
  • Improving our website functionality and user experience
  • Complying with legal and regulatory requirements

How we use your information depends on the services you request and your communication preferences. We always aim to be transparent about our data processing activities.

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Legitimate Interest: For business communications, service improvement, and client relationship management
  • Contract Performance: To deliver services you have requested or contracted for
  • Consent: For marketing communications and optional data processing activities
  • Legal Obligation: To comply with regulatory requirements and business record-keeping

6. Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our cookie usage, please see our Cookie Policy.

7. Data Sharing and Third Parties

We may share your personal data with trusted third parties in the following circumstances:

  • Service providers who assist with website hosting, email communications, and business operations
  • Professional advisors including lawyers, accountants, and consultants
  • Regulatory authorities when required by law
  • Business partners for joint service delivery (with your consent)

We ensure all third parties maintain appropriate data protection standards and use your data only for specified purposes.

8. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected:

  • Client records: 7 years after service completion for business and legal requirements
  • Marketing data: Until you withdraw consent or request deletion
  • Website analytics: 26 months for Google Analytics data
  • Correspondence: 3 years for general enquiries and business communications

Data retention periods may vary based on legal requirements and business needs. We regularly review and delete data that is no longer required.

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Access: Request copies of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data in certain circumstances
  • Restriction: Request limitation of data processing
  • Portability: Request transfer of your data to another organisation
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent for consent-based processing

Your rights may be subject to certain limitations and we will respond to requests within one month. To exercise any of these rights, please contact us using the details provided below.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes secure data transmission, access controls, regular security assessments, and staff training on data protection principles.

11. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. When this occurs, we ensure appropriate safeguards are in place, such as adequacy decisions, standard contractual clauses, or other approved transfer mechanisms under GDPR.

12. Contact Information

If you have any questions about this privacy policy, wish to exercise your rights, or have concerns about our data processing practices, please contact us:

For data protection matters, please contact us using the privacy email address above. We aim to respond to all enquiries within 48 hours during business days.

13. Complaints

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Irish Data Protection Commission (DPC) or your local supervisory authority. Contact details for the DPC can be found at www.dataprotection.ie.

14. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will notify you by email or through a prominent notice on our website. The "last updated" date at the top of this policy indicates when the most recent changes were made.