Legal
Privacy Policy
How we collect, use and protect personal data on this website.
Last updated: 1 July 2026
Who we are
PurpleTree HR provides outsourced HR, employment law and health and safety support to Irish employers. For the purposes of the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, PurpleTree HR, 2 Springfield Place, Industrial Estate, Longford, Co. Longford, N39 YT53, is the controller of personal data collected through this website. You can reach us at hello@purpletree.ie or 1800 787 333.
The personal data we collect
Browsing this website does not require you to provide any personal data. We collect personal data only when you choose to send it to us through one of our forms, together with limited technical data needed to keep the site secure.
- Contact form: your name, email address, phone number, company name and message.
- Free HR Health Check: your name, email address, company, position and phone number, along with your answers to the questionnaire and the score we calculate from them.
- Quote requests: your name, work email address, phone number, company, sector and preferred contact time, the plan, headcount and add-ons you select, the indicative price calculated from them, and any message you include. If you go on to accept a quote, we ask for the company details needed to set up your engagement, such as your CRO number and registered address.
- Technical data: when you submit a form we record your IP address, browser type, the page you submitted from and, where present, the campaign parameters in the link you followed. We use this to prevent spam and misuse, including limiting the number of submissions from a single address.
Why we use it and our legal basis
- To respond to your enquiry, deliver your HR Health Check results, prepare quotes and set up engagements: Article 6(1)(b) GDPR, taking steps at your request before entering into a contract.
- To follow up on your enquiry or quote and keep a record of our correspondence: Article 6(1)(f) GDPR, our legitimate interest in managing prospective client relationships.
- To keep the website secure and prevent spam and misuse: Article 6(1)(f) GDPR, our legitimate interest in protecting our systems.
- To meet legal obligations that apply once you become a client, such as retaining business and tax records: Article 6(1)(c) GDPR.
Spam protection
Our forms are protected by Cloudflare Turnstile, which checks that a submission comes from a person rather than an automated script. To carry out this check, Cloudflare processes limited technical information about your browser and device, including your IP address. Turnstile is a verification tool, not an advertising tracker. You can read more in Cloudflare's privacy policy.
Analytics
We use Umami, a privacy-focused analytics tool hosted on our own infrastructure, to understand how the site is used in aggregate: pages viewed, referring site, browser type and country. It works without cookies, does not follow you across other websites and does not store information that identifies you personally.
Cookies
This website does not set advertising, analytics or cross-site tracking cookies, which is why you do not see a cookie banner. Our analytics runs without cookies and Cloudflare Turnstile completes its checks without setting tracking cookies.
Who we share it with
We share personal data only with the service providers that help us run this website and respond to you: the providers that host the website and store form submissions, our transactional email service, which delivers confirmation and notification emails, Cloudflare, which protects our forms, and the workflow tools we use to alert our team to new enquiries. Each provider processes data on our instructions. We do not sell personal data and we never share it with third parties for their own marketing. We may also disclose data where the law requires it, or to our professional advisers where necessary.
International transfers
Our website is hosted on servers in the European Union. Some providers, such as our email delivery service, may process data outside the European Economic Area. Where that happens, we rely on appropriate safeguards, including the European Commission's Standard Contractual Clauses.
How long we keep it
We keep enquiry, HR Health Check and quote records for as long as we need them to deal with your enquiry and for a reasonable period afterwards, so we can pick the conversation back up if you return to us. If you become a client, we keep engagement records for the duration of the relationship and for any period required by law, such as tax and company record-keeping rules. Records that no longer serve any purpose are deleted, and you can ask us to delete your details at any time.
Your rights
Under the GDPR you have the right to:
- access a copy of the personal data we hold about you;
- have inaccurate data corrected;
- have your data erased where there is no good reason for us to keep it;
- restrict how we use your data in certain circumstances;
- receive the data you gave us in a portable format;
- object to processing based on our legitimate interests, including any direct marketing.
To exercise any of these rights, email hello@purpletree.ie. We will respond within one month, as the GDPR requires, and we will not charge a fee unless a request is clearly unfounded or excessive.
Complaints
If you are unhappy with how we have handled your personal data, please contact us first so we can put it right. You also have the right to lodge a complaint with the Data Protection Commission, 6 Pembroke Row, Dublin 2, D02 X963, or online at dataprotection.ie.
Security
All traffic to and from this website is encrypted in transit. Form submissions are stored on access-controlled systems, and only the team members who need your information to deal with your enquiry can see it.
Changes to this policy
If we change how we handle personal data, we will update this page and revise the date at the top. Questions about this policy are welcome at hello@purpletree.ie or through our contact page.