1. Who we are
INFOHAS Electronics LTD ("INFOHAS", "we", "us", "our") is a company registered in Ireland providing premium device repair and related services. This Privacy Policy explains how we collect, use, store and protect your personal data when you use our website (new.infohas.ie), our booking flow, our customer dashboard and our repair services.
This policy is written to align with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679) and Irish data protection law. The data controller is INFOHAS Electronics LTD.
2. What data we collect
We collect only what we need to deliver a repair or to keep your customer account working. Specifically:
- Contact details: name, email address, phone number, optional address (when arranging collection or shipping).
- Booking data: device category, brand, model, the fault you described, store you chose or shipping address you provided, and the appointment slot.
- Device data: brand, model and serial/IMEI if you choose to provide it. We do not access photos, messages, contacts or any user content stored on the device unless strictly required to reproduce a fault and only with your explicit consent.
- Repair history: lifecycle events (received, diagnosed, repaired, ready, delivered), warranty contracts created at completion, claims you submit, and outcomes.
- Authentication data: magic-link tokens (short-lived, single-use) and, if you connect Google sign-in, your Google account email and the basic profile fields Google returns.
- Analytics data: privacy-friendly, cookie-less page-view counts (no individual profiling). See our Cookie Policy.
- Technical data: IP address, user agent and request timestamps, used for security (rate limiting, intrusion detection) and fraud prevention.
3. Why we use it (legal basis)
- Contract (GDPR Art. 6(1)(b)) — to take your booking, perform the repair, manage warranties and provide your customer dashboard.
- Legitimate interest (Art. 6(1)(f)) — to operate the website securely (rate limiting, error monitoring) and to send you essential service updates about your repair.
- Consent (Art. 6(1)(a)) — for retention reminder emails (you can turn them on or off at any time in your profile) and for any non-essential cookies.
- Legal obligation (Art. 6(1)(c)) — to keep accounting records and respond to lawful requests.
4. Who has access
Your data is accessed only by:
- INFOHAS staff who handle the repair or your support request;
- Sub-processors strictly necessary to operate the service: email delivery provider (transactional emails such as magic-link, booking confirmations and warranty notifications), Google (only if you choose Google sign-in), our hosting provider, and our backup storage.
We do not sell your data. We do not share it with marketing networks. We do not use it to train third-party AI models.
5. How long we keep it
- Booking and repair records: while your account exists, plus the legally required accounting period.
- Magic-link tokens: deleted after use or expiry (minutes).
- Analytics: aggregated daily, no personal-level retention.
- Server logs: rotated by the operating system; not used for profiling.
6. Your rights
You have the right to:
- Access the data we hold about you (Art. 15);
- Correct inaccurate data (Art. 16);
- Request erasure (Art. 17) — your account and linked data are deleted, except records we must keep by law;
- Restrict processing (Art. 18) or object (Art. 21);
- Receive your data in a portable, structured format (Art. 20);
- Withdraw consent for retention emails or non-essential cookies at any time, with effect for the future;
- Lodge a complaint with the Irish Data Protection Commission (dataprotection.ie) if you believe your rights have been breached.
7. Security
We protect your data with HTTPS everywhere, secure cookies, rate limiting on sensitive endpoints, encrypted backups, and a strict least-privilege access model. We do not store passwords (we use magic-link or Google sign-in only). If a breach affects your personal data, we will notify you and the Data Protection Commission as required by law.
8. International transfers
Where a sub-processor operates outside the European Economic Area, we rely on Standard Contractual Clauses or equivalent safeguards. Most of our processing happens inside the EU.
9. Children
Our service is for customers aged 16 and over. We do not knowingly collect data from anyone younger.
10. Changes to this policy
We may update this policy when our service changes. We will indicate the "Last updated" date at the top of the page. Material changes will be notified through the website or via email.
11. Contact
Reach us through your repair request, your customer dashboard, or via the contact methods published on the INFOHAS website.