Get in touch →

Privacy Policy

1. Who We Are

Mitros (“we”, “us”, “our”) is an Irish renewable-energy engineering company and the data controller for personal data collected via this website (“Website”), our online forms, and our service interactions. For privacy enquiries or to exercise any of your rights under the GDPR, contact us at info@mitros.ie.

2. What Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data:

  • Contact and enquiry data — your name, company, job title, email address, telephone number, service of interest, postal address (if provided), and the contents of any project details or notes you submit via our quote or enquiry forms.
  • Career-application data — your name, contact details, the role you are applying for, your CV or resume, any cover-letter content, and any further information you provide via the Careers form.
  • Site survey and project data — for projects engaged with us, technical and operational data necessary to deliver the work (e.g., property address, electricity-supply information, roof / structural data, energy-usage profiles).
  • Technical and usage data — IP address, browser type and version, operating system, device identifiers, time of access, pages visited, referring website, and similar information gathered automatically via cookies and server logs.
  • Consent and compliance records — your cookie preferences, form-acceptance ticks, and a record of when these were provided.

3. How and Why We Use Your Data (Legal Bases)

We process personal data on one or more of the following legal bases under Article 6 of the GDPR:

  • Consent (Art. 6(1)(a)) — when you tick a consent or acceptance box, accept cookies, or subscribe to communications.
  • Performance of a contract or pre-contractual steps (Art. 6(1)(b)) — to respond to your enquiry or quote request, prepare a proposal, deliver a project you have engaged us for, and manage post-handover service.
  • Legitimate interests (Art. 6(1)(f)) — to operate, secure and improve the Website, respond to general business enquiries, prevent fraud or abuse, and manage our day-to-day commercial relationships.
  • Legal obligation (Art. 6(1)(c)) — to comply with tax, accounting, health-and-safety, electrical-safety, and other statutory record-keeping requirements applicable to our business.

4. Cookies and Tracking Technologies

The Website uses cookies and similar technologies to:

  • Enable essential site functions (session management, security);
  • Protect against spam and abuse (e.g., Google reCAPTCHA);
  • Measure usage and improve content through analytics;
  • Record your cookie preferences via our consent banner.

You can manage your cookie preferences at any time via the cookie consent banner displayed when you first visit the Website. Disabling certain non-essential cookies may affect some Website functionality.

5. Sharing Your Data

We share personal data only where necessary and on a controlled basis:

  • With trusted service providers acting as processors on our behalf — including Website hosting, transactional email delivery, form-submission processing, CRM, cloud storage, marketing-automation, and analytics tools — all bound by appropriate data-processing agreements;
  • With our professional advisers (accountants, auditors, insurers, legal counsel) where strictly necessary and under confidentiality obligations;
  • With regulatory or governmental authorities where required by Irish or EU law (e.g., Revenue, SEAI, ESB Networks for grid-connected projects);
  • With successors in connection with a corporate transaction such as a merger, acquisition, or restructuring.

We do not sell personal data to third parties. We do not engage in automated decision-making with legal or similarly significant effects.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting requirements:

  • General website enquiries: typically up to 24 months from last contact;
  • Career applications: typically up to 12 months from submission, unless you ask us to retain your CV for longer for future opportunities;
  • Contract, project and accounting records: retained for the periods required by Irish law (commonly six years);
  • Server logs and security records: typically up to 12 months.

7. Your Rights Under the GDPR

Subject to applicable limitations, you have the right to:

  • Access the personal data we hold about you;
  • Rectification of inaccurate or incomplete personal data;
  • Erasure (“right to be forgotten”) where applicable;
  • Restrict or object to certain types of processing;
  • Data portability — to receive your data in a structured, commonly used, machine-readable format;
  • Withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal;
  • Lodge a complaint with the Irish Data Protection Commission at www.dataprotection.ie.

To exercise any of these rights, please email info@mitros.ie. We will respond within the timeframes set by the GDPR (typically within one calendar month).

8. International Transfers

Where personal data is transferred outside the European Economic Area (for example, to cloud-infrastructure or email-service providers based in the United Kingdom or the United States), we ensure that appropriate safeguards are in place, including European Commission adequacy decisions, Standard Contractual Clauses, or equivalent recognised mechanisms.

9. Security

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include encryption in transit, restricted access controls, secure password practices, regular software updates, and ongoing review of our service providers. While we take security seriously, no system is completely immune from risk and we cannot guarantee absolute security.

10. Children

The Website is intended for use by adults and is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can promptly remove it.

11. Marketing Communications

Where you have given consent, we may send you marketing communications about our services, case studies, regulatory updates, or industry insights. You can opt out at any time via the unsubscribe link in any marketing email or by emailing info@mitros.ie. We will continue to send service-related communications (e.g., transactional emails about your project) regardless of marketing preferences.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. The current version is always available on the Website with the “last updated” date below. Material changes will be communicated through the Website or, where appropriate, by direct notice.

13. Contact

For any privacy-related enquiry, please contact: Mitros, Tipperary, Ireland — info@mitros.ie.

Last updated: November 2025.

Commercial Solar
Residential Solar