top of page

PRIVACY NOTICE 

Last update: 15 January 2024 

​

This privacy notice informs you how we collect, use, and disclose your personal data. It also describes the choices that you have with regard your personal data.  

Please read this privacy notice carefully before submitting any of your personal data to us. 

​

​

1. ABOUT US AND THIS PRIVACY NOTICE 

Here you can find some general information about us, our services, this website and privacy notice.  

 

1.1 About the notice. This Privacy Notice (the “Notice”) governs the processing of personal data collected from individual users and business entities (“you” and “your”) through the website https://www.three2e.com (the “Website”) and within the scope of consulting services provided by us (the “Services”) (the Website and the Services are further collectively referred to as “Three2E”). This Notice does not cover any third-party websites, applications, software, or services that integrate with Three2E or any other third-party products and services.  

1.2 Our role as a data controller. The Website is operated and the Services are provided by Three2E Limited having a business address at 26 Upper Pembroke Street, D02 X361, Dublin 2, Dublin, Ireland (“we,” “us,” and “our”). We act as a data controller with regard to your personal data that you provide to us. This means that we make decisions on the types of personal data that need we collect and the purposes for which we use the data. 

1.3 Our role as a data processor. We act in the capacity of a data processor in situations when, within the scope of the Services, our clients provide us with personal data for processing (the “Service Data”). The service Data may contain our clients’ personal data as well as other persons’ personal data. We do not own, control, or make decisions about the Service Data and such Service Data is processed only in accordance with our client’s instructions. Our clients act as data controllers and they are responsible for deciding what personal data should be collected from data subjects and how such data should be processed. In the situations when we act in the capacity of a data processor, we comply with our data processor’s obligations. In order to ensure that the Service Data is processed in accordance with the strictest data protection standards, we offer for conclusion a data processing agreement (the “DPA”) based on the Standard Contractual Clauses. Our clients can request a pre-signed copy of the DPA for consultation or conclusion purposes by contacting us (our contact details are available at the end of this Notice). 

1.4 Children. We do not knowingly collect personal data belonging to persons younger than 18, as Three2E is not intended for use by children. If you become aware a child has provided us with his or her personal data and you are a parent or a legal guardian of that child, please contact us immediately.  

1.5 Term and termination. This Notice enters into force on the effective date indicated at the top of the Notice and remains valid until terminated or updated by us. 

1.6 Amendments. We may change this Notice from time to time, if necessary to address the changes in our business practices, the Services, the Website, or laws, regulations, and industry standards applicable to us. The amended version of the Notice will be posted on this page and, if we have your email address, we will send you information about all the changes implemented by us. We encourage you to review our Notice regularly to stay informed. 

 

2. WHAT DATA DO WE COLLECT? 

Here we provide an overview on what personal data we collect from you, for what purposes we use it, what technical data is collected automatically when you use the Website, and how we communicate with you. We also explain how we process personal data on behalf of our clients as their data processor. 

 

2.1 We comply with data minimisation principles and use your personal data for limited purposes explained in this Notice. Below, you can find an overview of the types of personal data that we collect, the purposes for which we use it, and the legal bases on which we rely when processing it. 

2.2 Sources of personal data. We obtain your personal data from the following categories of sources: 

  • Directly from you. For example, if you submit your personal data when you order our Services or contact us; 

  • Directly or indirectly through your activity on the Website. When you use the Website, we automatically collect analytics information about your use of the Website; and 

  • From our clients and third parties. We may receive information about you from our clients and third parties to whom you have previously provided your personal data, if such third parties have a legal basis for disclosing your personal data to us. 

2.3 What personal data do we collect directly from you? 

  • Enquiries. When you contact us by email, we collect your full name, email address, and any information that you provide in you message. When you call us, we collect your phone number and any information that is relevant to your inquiry. We use such data to respond to your enquiries and provide you with the requested information. The legal bases on which we rely are ‘pursuing our legitimate interests’ (i.e., to build our client base, engage clients, and promote the Services) and ‘your consent’ (for optional personal data). We will store this data until you stop communicating with us, unless your data is necessary for further purposes like concluding a service contract, in which case it we will keep it is along as necessary for the intended purposes. 

  • Service agreement. If you decide to conclude a service agreement with us, we will collect your name, company name, address, email address, payment details, and any relevant business information, such as business plans, investment information, information about employees and your business, financial accounts, and other. We will use the said information to provide you with the requested Services, contact you, if necessary, issue invoices, and maintain our business records. The legal bases on which we rely are ‘performing a contract with you’ and ’pursuing our legitimate interests’ (i.e., operate, analyse, grow, protect, and administer our business). We will store this data until your service agreement is terminated, unless we are requested by law to store our business records longer.   

2.4 What personal data do we collect while you are using the Website? 

  • Analytics data. While you are browsing on the Website, we collect analytics data that allows us to see what kind of users access and use the Website, which parts of the Website you find interesting, improve our content, develop new products and services, and investigate and prevent security issues and abuse. When we process your analytics data that is personal data, we rely on the ‘legitimate interest’ (i.e., to analyse, improve, and protect our Website) and ‘your consent’ bases. The analytics data that we collect includes: 

  • Your activity on the Website (time of visit, pages visited, time spent on each page, clicks, scroll depth, interaction with widgets);  

  • URL addresses from which you access the Website; 

  • Your browser type and version; 

  • Your operating system; 

  • Your device details; 

  • Your IP address; and 

  • Your other online behaviour. 

  • Cookies. While you are browsing on the Website, we collect your cookie-related data. We use such information to analyse the technical aspects of your use of the Website, analyse your use of the Website, prevent fraud and abuse, and ensure the security of the Website. For more information on our use of cookies, please read our Cookie Policy. The legal bases on which we rely are ‘pursuing our legitimate interests’ (i.e., analyse our content and protect the Website) and ‘your consent’. We will store this data as long as analytics records are necessary for our activities or you withdraw your consent.  

  • Social media widgets. The Website may include social media features, such as link buttons or other interactive mini-programs. These features may collect your IP address, which pages you are visiting on the Website and the Internet, and may set a cookie to enable the feature to function properly. Social media features and widgets are provided by third-party social media providers and, therefore, your interactions with these features are governed by the privacy statement of those providers. 

2.5 Processing of personal data obtained from third parties. During the scope of the Services, we may receive from third-parties information that is relevant for the provision of the Services (e.g., your accounting records). We use such data (also referred to as the ‘Service Data’) to provide the Services. The legal basis on which we rely is ‘performing our contractual obligations to our clients’. We store this data as long as it is relevant to the specific service agreement with our clients.  

2.6 Sensitive data. We do not collect or have access to any special categories of personal data (“sensitive data”), unless you decide, at your own discretion, to provide such data to us. Sensitive data refers to your health, religious and political beliefs, racial origins, membership of a professional or trade association, or sexual orientation.     

2.7 Refusal to provide personal data. If you refuse to provide us with your personal data when we ask for it, we may not be able to perform the requested operation and you may not be able to use the full functionality of the Website, get the Services, receive the requested information, or get our response. Please contact us immediately if you think that any personal data that we collect is excessive or not necessary for the intended purpose.   

2.8 Your feedback. If you contact us, we may keep records of any questions, complaints, recommendations, or compliments made by you and the response. Where possible, we will remove all personal data that is not necessary for keeping such records.  

2.9 Newsletters. If you opt-in for our newsletter, subscribe to our newsletter, or order our Services, we may send you service-related tips and inform you about our new Services and special offers. The legal bases on which we rely are ‘your consent’ (if you opt-in) and ‘pursuing our legitimate business interests’ (i.e., promote Three2E). You can opt-out from receiving our commercial communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters or by contacting us directly. 

2.10 Transactional notices. If we have your email address and it is necessary to do so, we may send you important informational messages, such as information about the Services used by you, payment receipts, invoices, and other technical or administrative emails. Please note that such messages are sent on an “if-needed” basis and they do not fall within the scope of commercial communication that may require your prior consent. You cannot opt-out from our service-related notices.  

 

3. HOW LONG DO WE STORE YOUR DATA? 

Here we explain for how long we keep your data in our systems and how we delete it. 

 

3.1 Storage of personal data. We and our data processors store your personal data only for as long as such personal data is required for the purposes described in this Notice or until you request us to update or delete your personal data, whichever comes first. For more details about the period for which each type of personal data is stored, please refer to section 2. After your personal data is no longer necessary for its purposes and there is no other legal basis for storing it, we will securely delete it from our systems. 

3.2 Storage of non-personal data. We retain non-personal data pertaining to you for as long as necessary for the purposes described in this Notice. 

3.3 Storage as required by law. When we are obliged by law to store your personal data for a certain period of time (e.g., for keeping accounting records), we will store your personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires. 

 

4. HOW DO WE DISCLOSE YOUR DATA? 

Here you can find information about third parties that may have access to your personal data. 

 

4.1 Disclosure to data processors. If necessary for the intended purpose of your personal data, we will disclose your personal data to entities that provide services on our behalf (our data processors). Your personal data may be shared with entities that provide technical support services to us, such as hosting, payment processing, and email distribution services. 

4.2 List of data processors. The data processors that may have access to your personal data are:  

  • Our hosting service provider Wix.com located in the United States; 

  • Our cloud storage service provider Box.com located in the United States; 

  • Our mailing service provider Gmail located in the United States; 

  • Our analytics service provider Google Analytics located in the United States; and 

  • Our independent contractors and consultants. 

4.3 International transfers. Some of our data processors may be based outside the country where you reside. For example, if you reside in the UK or a country belonging to the European Economic Area (EEA), we may need to transfer your personal data outside the UK or the EEA. In case it is necessary to make such a transfer, we will make sure that the country in which our data processor is located guarantees an adequate level of protection for your personal data or we conclude an agreement with it that ensures such protection. 

4.4 Disclosure of non-personal data. Your non-personal data may be disclosed to third parties for any purpose as it does not identify you as a natural person. For example, we may share it with prospects or partners for business or research purposes, for improving Three2E, responding to lawful requests from public authorities or developing new products and services.  

4.5 Legal requests. If requested by a public authority, we will disclose information about clients to the extent necessary for pursuing a public interest objective, such as national security or law enforcement. 

4.6 Sale of personal data. We do not sell your personal data without your consent and do not intend to do this in the future.  

 

5. HOW DO WE PROTECT YOUR DATA? 

Here you can find information on how we protect your data against breaches. 

 

5.1 Security measures. We implement up-to-date industry appropriate technical and organisational information security measures that protect your personal data from loss, misuse, unauthorised access and disclosure. Our measures include: 

  1. Anonymising data, where reasonably possible;  

  1. Maintaining adequate access control mechanisms (e.g., two-factor authentication, password protection, and limited access); 

  1. DDOS mitigation; 

  1. Limiting access to personal data;  

  1. Conducting due diligence of our data processors; and 

  1. Conducting regular information security audits. 

5.2 Security breaches. Although we put our best efforts to protect your personal data, given the nature of communication and information processing technology and the Internet, we cannot and will not be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. Our liability will be limited to the highest extent permitted by the applicable law.  

 

6. HOW CAN YOU CONTROL YOUR PERSONAL DATA? 

Here you can find detailed information about the rights that you have with regard to your personal data and how to exercise those rights.  

 

6.1 The list of your rights. You have the right to control how we process your personal data. Subject to any exemptions provided by law, you have the following rights: 

  • Right of access: you can get a copy of your personal data that we store in our systems and a list of purposes for which your personal data is processed; 

  • Right to rectification: you can rectify inaccurate personal data that we hold about you; 

  • Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data from our systems; 

  • Right to restriction: you can ask us to restrict the processing of your personal data; 

  • Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format and move that personal data to another processor; 

  • Right to object: you can ask us to stop processing your personal data; 

  • Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or 

  • Right to complaint: you can submit your complaint regarding our processing of your personal data. 

6.2 How to exercise your rights? If you would like to exercise any of your legitimate rights, please contact us by using our contact details available at the end of the Notice and explain in detail your request. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we can identify you in our system. We will answer your request within a reasonable time frame but no later than 30 days. 

6.3 Requests submitted to us as data processors. If we receive a request from a data subject that is addressed to us as data processor, we will inform the respective data controller about the request. We do not take any action with regard to such requests, unless they pertain to the ‘unsubscribe’ functionality available in our emails.  

6.4 Complaints. If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. After you contact us, we will investigate your complaint and provide you with our response as soon as possible (no later than 30 days). If you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority. 

 

7. CONTACT 

If you have any questions about this Notice, your rights, or our data protection practices, please contact us by email at growth@three2e.com.  

Alternatively, you can send us a letter to: Three2E Limited, 26 Upper Pembroke Street, D02 X361, Dublin 2, Dublin, Ireland.  

bottom of page