Legal
Privacy Policy
How we handle personal data on the Auvia website.
Introduction
This Privacy Policy describes how Auvia ("we", "us", or "our") collects, uses, and shares information about you when you use our services. Effective Date: May 5, 2026. Version: d7789281.
If you have questions about this policy, please contact us at admin@auvia.io.
Information We Collect
We collect the following categories of personal data for the purposes described below. Under GDPR Article 6, we rely on the lawful bases shown for each processing purpose:
| Category | Fields collected | Purpose | Lawful basis |
|---|---|---|---|
| Contact Information | Name, Email address, Firm name | To respond to your enquiry, schedule a demonstration of the Auvia service, and follow up about the matter you raised. | Legitimate interests (Article 6(1)(f)) |
| Enquiry Details | Message content, Practice area of interest | To understand the context of your enquiry and tailor our response and demonstration to your firm. | Legitimate interests (Article 6(1)(f)) |
| Usage Data | Pages visited, Browser type, IP address, Referrer | To understand how visitors use the Auvia website and improve its content and performance. This usage data is captured automatically in our server logs in a cookieless way — it does not set cookies or store identifiers on your device, which is why no analytics cookies appear in the cookie table. | Legitimate interests (Article 6(1)(f)) |
Right to Withdraw Consent
Where we rely on your consent for any processing of your personal data, you have the right to withdraw that consent at any time by contacting us at admin@auvia.io. Withdrawing your consent does not affect the lawfulness of any processing we carried out before you withdrew it. Where consent is required to provide a particular feature or service, withdrawing it may mean we are no longer able to offer that feature or service.
Automated Decision-Making and Profiling
We do not engage in automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you within the meaning of GDPR Article 22.
Data Retention
We retain your data for the following periods:
| Category | Retention period |
|---|---|
| Contact Information | 24 months from your last contact with us |
| Enquiry Details | 24 months from your last contact with us |
| Usage Data | 12 months |
Whether You Are Required to Provide This Data
For each category of personal data we collect, we set out below whether you are required to provide it — by law, under our contract with you, or as a precondition to entering into a contract — or whether provision is voluntary, together with the consequences of failing to provide it.
| Category | Requirement | Consequences |
|---|---|---|
| Contact Information | Voluntary | You choose whether to contact us or book a demo; if you do, we need your contact details to reply. |
| Enquiry Details | Voluntary | You may leave the enquiry blank; we will follow up to clarify what you need. |
| Usage Data | Voluntary | This data is gathered automatically as you browse; the site functions normally and you can ask us to stop processing it. |
Third-Party Services
We share data with the following third-party services:
| Service | Purpose | Privacy policy |
|---|---|---|
| Google Fonts | Serving web fonts (Geist and Plus Jakarta Sans) used in the Auvia website typography. | View |
| Cal.com | Hosting the demo-booking page linked from our “Book a demo” button. When you book, Cal.com collects your name, email address and chosen time slot to schedule the meeting. Cal.com, Inc. is based in the United States, so booking a demo involves a transfer of your personal data outside the UK/EEA, made under appropriate safeguards (Standard Contractual Clauses / the UK Addendum). | View |
| Resend | Delivering our transactional and account emails (for example sign-in links and enquiry follow-ups), which involves processing your email address. Resend (Plus Five Five, Inc.) is based in the United States, so email delivery involves a transfer of your personal data outside the UK/EEA, made under appropriate safeguards (Standard Contractual Clauses / the UK Addendum). | View |
| Google Workspace | Hosting the admin@auvia.io mailbox. When you email us, or we email you, Google processes the content of that correspondence (including your name and email address) on our behalf. Google is based in the United States, so this involves a transfer of your personal data outside the UK/EEA, made under appropriate safeguards (Standard Contractual Clauses / the UK Addendum). | View |
| Plain | Our internal tooling for issue tracking, meetings and customer relationship management (CRM). Details of your enquiry and our correspondence with you may be stored here so we can manage and follow up on your request. | View |
| Railway | Hosting the Auvia website and the database that stores enquiry and account records. As our hosting provider, Railway processes your personal data (including server-log data such as your IP address) on our behalf. Railway (Railway Corp.) is based in the United States, so hosting involves a transfer of your personal data outside the UK/EEA, made under appropriate safeguards (Standard Contractual Clauses / the UK Addendum). | View |
Your Rights
You have the following rights regarding your personal data:
- Right to access your personal data
- Right to correct inaccurate data
- Right to request deletion of your data
- Right to receive your data in a portable format
- Right to restrict how we process your data
- Right to object to processing
GDPR Supplemental Disclosures
This section applies to individuals in the European Economic Area (EEA) under the General Data Protection Regulation (GDPR).
Data Controller: Paul O'Sullivan Sweeney, sole trader trading as Auvia, 31 Templeard, BT48 8FE, Derry
We have not appointed a Data Protection Officer. Our processing activities do not meet the thresholds in GDPR Article 37(1) that would require one. Auvia's processing does not meet the Article 37 thresholds that require a Data Protection Officer; data-protection enquiries are handled via admin@auvia.io.
You have the right to lodge a complaint with the data protection supervisory authority in your country of residence, place of work, or place of the alleged infringement. A list of EEA supervisory authorities is available at edpb.europa.eu/about-edpb/about-edpb/members_en.
Where we transfer your personal data outside the EEA, we rely on one or more of the safeguards permitted under Chapter V of the GDPR: (a) transfers to countries the European Commission has determined provide an adequate level of data protection (the current list is published at commission.europa.eu/.../adequacy-decisions_en); (b) Standard Contractual Clauses (SCCs) adopted by the European Commission under Article 46(2)(c); and (c) Binding Corporate Rules approved under Article 47 where applicable. You may request further information about the specific safeguards applied to a particular transfer by contacting us at admin@auvia.io.
UK Privacy Rights (UK-GDPR)
This section applies to individuals in the United Kingdom under the UK General Data Protection Regulation (UK-GDPR), as tailored by the Data Protection Act 2018.
Data Controller: Paul O'Sullivan Sweeney, sole trader trading as Auvia, 31 Templeard, BT48 8FE, Derry
We have not appointed a Data Protection Officer. Our processing activities do not meet the thresholds in GDPR Article 37(1) that would require one. Auvia's processing does not meet the Article 37 thresholds that require a Data Protection Officer; data-protection enquiries are handled via admin@auvia.io.
The supervisory authority for data protection in the UK is the Information Commissioner's Office (ICO). If you believe we have not handled your data in accordance with UK data protection law, you have the right to lodge a complaint with the ICO at ico.org.uk/make-a-complaint.
If we transfer your personal data outside the United Kingdom, we ensure appropriate safeguards are in place in accordance with the UK-GDPR, including the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses where applicable.
Contact Us
Contact us:
- Legal Name: Paul O'Sullivan Sweeney, sole trader trading as Auvia
- Address: 31 Templeard, BT48 8FE, Derry
- Email: admin@auvia.io