Eccles Electrical Ltd
GDPR Data Protection and Document Control Policy

1. Commitment to GDPR Compliance

Eccles Electrical Ltd is fully committed to protecting the privacy and personal data of our customers in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679. We recognise that personal data relating to Solar PV and NDMG projects must be handled with care, transparency, and accountability, and this policy has been circulated to all employees.

2. Purpose

This policy outlines how Eccles Electrical Ltd collects, processes, stores, secures, and disposes of personal information relating to Solar PV and NDMG projects.

3. Collection and Processing of Personal Data

We collect the minimum necessary personal information to deliver Solar PV and NDMG services. This may include:

  • Name

  • Address

  • Contact telephone numbers

  • Email address

  • Utility account information

  • SEAI grant application documentation

Personal data will only be used for the purposes of managing installations, applying for grants, providing customer support, or fulfilling legal obligations.

4. Data Storage and Backup

All customer data is securely stored using the following systems:

  • Customer Relationship Management (CRM) Software: Logs all customer enquiries and communications.

  • Secure Cloud Storage: All scanned documents, site surveys, and application paperwork are stored on encrypted cloud services with access controls.

  • Email Communications: Emails are encrypted in transit and stored on a secure, GDPR-compliant server.

Data is backed up daily via an encrypted backup solution to a secondary secure cloud environment to ensure business continuity.

5. System Infrastructure Overview

Systems Description:

  • Solus CRM System: Password-protected, access-limited to trained staff only, with full cloud back-up.
    The following systems are integrated with our CRM system, with full multi factor authentication protection.

  • Document Storage: Paperless files stored on GDPR-compliant cloud platforms with encryption at rest and multi-factor authentication (MFA).

  • Email Communications: Hosted through a secure Microsoft server with full encryption and MFA enabled.

  • Firewall Protection: Enterprise-grade firewalls are deployed to monitor and block any unauthorised access attempts.

  • Endpoint Protection: All staff devices are protected with anti-virus software and automatic security updates.

6. Data Retention Timelines

  • Customer contact details and installation documents: Retained for 7 years post-installation to satisfy SEAI audit and grant verification requirements.

  • Email correspondence: Retained for 7 years.

  • Call logs and notes: Retained for 2 years.

Upon reaching the end of the retention period, personal data is permanently deleted from all systems in a secure manner.

7. Data Disposal

When personal data is no longer needed:

  • Digital files are securely erased using certified data destruction software.

  • Paper files are shredded using a cross-cut shredding machine and disposed of securely.

8. Customer Rights

Customers have the right to:

  • Access their personal data.

  • Request correction of incorrect or incomplete data.

  • Request deletion of data where permissible.

  • Object to processing in certain circumstances.

  • Lodge a complaint with the Data Protection Commission.

Requests related to personal data can be submitted by emailing info@eccleselectrical.ie.

9. Review and Updates

This policy is reviewed annually or sooner if changes in legislation require. Latest update: April 2025.

Contact Information:
Eccles Electrical Ltd
Gleann Aibhinn, Buncrana, Co. Donegal
Phone: 087 171
Email: info@eccleselectrical.ie

This GDPR and Document Control Policy is available for public view on our website and reflects our commitment to safeguarding your personal information.