Legal

PrivacyPolicy

Your privacy matters to us. This policy explains how we collect, use, and protect your personal data when you use our Irish travel expense management system.

GDPR Compliant • Updated January 2025

1. Who We Are

This privacy policy applies to expense.ie, the Irish travel and subsistence expense management platform. We are committed to protecting your personal data and respecting your privacy rights in accordance with the General Data Protection Regulation (GDPR) and Irish data protection laws.

For the purposes of data protection legislation, we are the data controller responsible for your personal data collected through our platform.

2. Personal Data We Collect

Account Information

  • • Full name and email address
  • • Company name and role within the organization
  • • Account credentials (encrypted passwords)
  • • Profile preferences and settings

Expense & Travel Data

  • • Travel expense details (dates, amounts, business purposes)
  • • Journey information (start/end locations, distances)
  • • Vehicle information (registration, make, model, engine details)
  • • Subsistence allowance calculations and claims
  • • Receipts and supporting documentation (when uploaded)

Technical Information

  • • Device information and browser type
  • • IP address and location data (for security purposes)
  • • Usage analytics and system performance data
  • • Session data and login history

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract Performance: To provide our travel expense management services and fulfill our contractual obligations to you and your organization
  • Legitimate Interest: To improve our services, ensure security, and provide customer support
  • Legal Obligation: To comply with Irish Revenue requirements for expense record-keeping and tax compliance
  • Consent: For marketing communications and optional analytics (where explicitly provided)

4. How We Use Your Data

Service Delivery

  • • Calculate Irish Revenue compliant expense amounts
  • • Generate expense reports and documentation
  • • Manage vehicle registrations and mileage tracking
  • • Process subsistence allowance calculations

Compliance & Security

  • • Ensure Irish Revenue regulation compliance
  • • Maintain audit trails for expense records
  • • Detect and prevent fraudulent activities
  • • Secure account access and data protection

5. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data. We only share your data in the following limited circumstances:

Service Providers

We use trusted third-party services including Neon (database hosting), Netlify (web hosting), and analytics providers. All providers are GDPR compliant and process data only as instructed.

  • Legal Requirements: When required by Irish or EU law, court orders, or regulatory authorities
  • Company Administrators: Within your organization, authorized personnel can access relevant expense data for approval and reporting purposes
  • Business Transfers: In the event of a merger or acquisition, with appropriate data protection safeguards

6. Data Storage and Security

Data Location

Your data is stored on secure servers within the European Union, ensuring compliance with GDPR data residency requirements.

Security Measures

We implement industry-standard encryption, access controls, regular backups, and security monitoring to protect your data.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Expense Records: 6 years from end of relevant tax year (Section 886 TCA 1997)
  • Account Information: Until account deletion or 3 years of inactivity
  • Technical Logs: 12 months for security and performance monitoring
  • Marketing Consent: Until consent is withdrawn or account deletion

8. Your Data Protection Rights

Right to Access

Request a copy of all personal data we hold about you

Right to Rectification

Correct any inaccurate or incomplete personal data

Right to Erasure

Request deletion of your personal data (subject to legal requirements)

Right to Portability

Receive your data in a structured, machine-readable format

How to Exercise Your Rights: Contact us using the details below. We will respond to your request within 30 days and may require identity verification for security purposes.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for authentication and core functionality
  • Performance Cookies: Help us understand how you use our service to improve performance
  • Preference Cookies: Remember your settings and preferences

You can manage cookie preferences through your browser settings. Note that disabling essential cookies may affect service functionality.

10. Policy Updates

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or through our platform. Continued use of our service constitutes acceptance of the updated policy.

Last Updated: January 2025

11. Contact Us

Data Protection Queries

If you have any questions about this privacy policy or wish to exercise your data protection rights, please contact us:

Email: [email protected]

Subject Line: Data Protection Request

Response Time: Within 30 days as required by GDPR

You also have the right to lodge a complaint with the Irish Data Protection Commission if you believe your data protection rights have been violated.

Ready to Automate Your Travel Expenses?

Stop calculating manually. Our platform automatically applies the correct Irish Revenue rates, manages your records, and helps ensure compliance with every expense claim.

Create AccountTry Free Calculator