Realign

On this page

Privacy Policy

How we handle your data

Effective date: 6 February 2026

Overview

Realign ("we", "us", "our") is a sole trader strategic advisory practice operated by Ro Mascia, based in Cork, Ireland. We are committed to protecting your privacy and handling your personal data transparently, in accordance with applicable Data Protection Laws.

This Privacy Policy is the single authoritative source for all data collection, retention, rights, and processing details. The Terms of Service address contractual data processing obligations and cross-reference this policy for specifics.

In the event of conflict between this Privacy Policy and the Terms of Service or an applicable Statement of Work, the order of precedence set out in the Terms of Service applies.

Capitalised terms not defined in this Privacy Policy have the meanings given in the Terms of Service.

Data Controller

Ro Mascia, trading as Realign

Business Name Registration No. 779040

2 Connell Street, Lapps Quay

Cork, Cork, T12 WF82, Ireland

Email: legal@realign.ie

Data Protection Officer: Not required. Realign does not meet the thresholds for mandatory DPO appointment under GDPR Article 37. All data protection enquiries should be directed to the email address above.

What we collect

Information you provide directly:

  • First name, last name, and email address when you book a call
  • Company name, role, current situation, and challenges if you complete our optional pre-call form
  • Any information you include in emails, messages, or file attachments sent to our @realign.ie or @realign.fr addresses

Information collected automatically:

  • Basic server logs (IP address, browser type, pages visited), collected and stored by OVH (OVHcloud), the hosting provider

No analytics tools, third-party tracking cookies, or advertising pixels are used.

How we use your data

Personal data is processed only for the following purposes:

  • To respond to enquiries — when a message is sent (legal basis: legitimate interest in responding to business enquiries and evaluating potential engagements, Art 6(1)(f))
  • To facilitate a booked call — when a discovery or introductory call is scheduled (legal basis: pre-contractual steps, Art 6(1)(b))
  • To deliver services — managing engagements, communications, and deliverables (legal basis: contractual necessity)
  • To issue invoices and meet tax obligations — record-keeping required by Irish Revenue (legal basis: legal obligation)
  • To maintain website security and performance — basic server logs (IP address, browser type, pages visited) collected automatically by OVH (legal basis: legitimate interest in ensuring the security and availability of the website, Art 6(1)(f))

Providing your name and email address is necessary to book a call or engage services. If this information is not provided, Realign will be unable to schedule a call or enter into an engagement. No personal data is required to browse the website.

Third-party services

A limited number of third-party services are used to operate Realign. Data may be processed by:

  • Google Workspace (including Google Calendar) — email, calendar, and booking (name and email shared when scheduling a call)
  • OVH (OVHcloud) — website hosting and server log storage
  • Notion — optional pre-call form, if completed

Realign has Data Processing Agreements in place with all third-party service providers that process personal data on its behalf, in accordance with Article 28 of the GDPR.

Realign does not sell, rent, or trade personal data to any third party.

Where Realign processes personal data on behalf of a client as part of an engagement, a Data Processing Agreement will be agreed in accordance with the Terms of Service.

International data transfers

Some of the third-party services used may process data outside the European Economic Area (EEA). Where this occurs, appropriate safeguards are in place, such as the EU-US Data Privacy Framework or Standard Contractual Clauses approved by the European Commission, in accordance with Chapter V of the GDPR.

Data retention

Enquiry data: retained for up to 12 months after last contact, then deleted. Each new interaction resets the period.

Client engagement data: retained for 6 years from the end of the relevant tax year, as required by Irish tax law (TCA 1997 s.886). Deletion requests under GDPR are honoured subject to this legal retention obligation. Upon termination of an engagement, Personal Data is returned or deleted per the applicable DPA or within 30 days of written request, subject to legal retention obligations.

Server logs: retained by OVH (OVHcloud) for up to 12 months, per their data processing agreement.

Your rights

Under GDPR, data subjects have the right to:

  • Access — the personal data held
  • Rectification — correct inaccurate or incomplete data
  • Erasure — "right to be forgotten"
  • Restriction — restrict processing in certain circumstances
  • Object — to processing based on legitimate interest
  • Data portability — receive data in a structured format
  • Automated decision-making — not be subject to decisions based solely on automated processing with legal or significant effects

To exercise any of these rights, email legal@realign.ie. Realign will respond within 30 days.

Data breach notification

In the event of a personal data breach that is likely to result in a risk to rights and freedoms, Realign will notify the Data Protection Commission without undue delay and, where required, within 72 hours in accordance with GDPR Article 33. Where the breach is likely to result in a high risk, affected individuals will also be notified directly.

Automated decision-making

Realign does not use automated decision-making or profiling, as defined in GDPR Article 22, in relation to personal data.

Complaints

If data protection rights have not been respected, you have the right to lodge a complaint with the Irish Data Protection Commission:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28, Ireland

Website: dataprotection.ie (opens in a new tab)

Security measures

Realign implements appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include encrypted communications (TLS), access controls, secure hosting infrastructure provided by OVH, and regular review of data handling practices.

Cookies

This website does not use cookies. No analytics tools, third-party tracking cookies, or advertising pixels are used.

If this changes in the future, the policy will be updated and consent requested before placing any non-essential cookies.

Children's data

Realign's services are not directed at individuals under the age of 18. Realign does not knowingly collect personal data from children. If Realign becomes aware that personal data has been inadvertently collected from a child, it will take steps to delete that data promptly.

Changes to this policy

This Privacy Policy may be updated from time to time. Changes will be posted on this page with an updated effective date. Active SOW clients will receive 30 days' written notice of material changes. Periodic review is encouraged.

Survival

This Privacy Policy applies for as long as Realign holds personal data, regardless of whether any engagement has ended. Privacy obligations survive the termination or expiration of any engagement or Statement of Work.

Questions?

Contact: legal@realign.ie