Effective date: 01/05/2018

Brightspace LTD trading as Conservatory Designs are Data Controllers.

We are a Conservatory and Sunroom installer, PVC window and Door installer and retailer of Garden Buildings in Ireland.

Our offices are based at Johnstown Garden Centre, Naas, Co. Kildare Ireland

  • you can contact us by phone on 045 844002


Personal Data is processed at our office at Johnstown Garden Centre, Naas, Co. Kildare and at other locations where staff are located on occasion

What personal data do we process?

We process the following data:

  • Names, addresses and telephone numbers and photographs of property relevant to our construction processes and client contract.
  • E-mail addresses
  • Text submitted via forms on our website (which may or may not include names, e-mail addresses and telephone numbers)
  • IP addresses

Why do we process it?

We process data to perform our contracts with our customers.

Who do we share it with, and why?

We use Mailchimp to produce our newsletter. This is a third-party service and you may have signed up for the monthly newsletter via a form on our website, which will have passed your name and e-mail address to Mailchimp via a secure channel. By virtue of them storing your Personal Data, Mailchimp are therefore considered a Data Processor. The Mailchimp privacy policy is available here

We also share your data with our agents, staff, contractors and accountant to perform our contract.

Your Rights

To exercise the following rights, please send an e-mail to You may be asked for additional data to verify your identity as part of processing the requests to exercise your rights. We will endeavour to respond to all requests within 30 days of receiving the initial request. If we are unable to complete the request within the 30 day limit, we will notify you within the required time limit.

You have the following rights:

1. Right to be Informed:

You will be provided with “fair processing information”, which will be completely transparent about how we gathered and will use your data. We will also notify you about any third party processors with whom we share your Personal Data, along with the reason for doing so. But you’re pretty much already reading it all in this policy anyway.

2. Right of Access:

You have the right to confirmation that your personal data are being processed and get access to a copy of your personal data and any other supplementary information.

3. Right of Rectification:

You have the right to have your personal data corrected if it is inaccurate or incomplete.

4. Right to Erasure:

You have the right to have your personal data deleted from our systems in the following situations:

  • When you withdraw consent
  • Data deletion is to comply with a legal obligation
  • Where the data was unlawfully processed
  • Where it is no longer necessary
  • Where you object to the processing
  • Where the personal data is processed to offer “information society services” to a child

We may have grounds to refuse such deletion requests for the following reasons:

  • Exercise the right of freedom of expression
  • For public health purposes in the public interest
  • To comply with legal obligations
  • The exercise or defence of legal claims
  • Archiving purposes in the public interest

5. Right to Restrict Processing:

You can request that we no longer process your data, but that we can still store it.

6. Right to Data Portability:

You can obtain and reuse your personal data for your own purposes, without hindrance. We will provide the data to you in a structured and widely used machine readable form. We will also, at your request, pass your information directly to a competitor of ours, but we cannot be expected to provide it as a specific direct input to their electronic processing systems.

7. Right to Object:

You have the right to object to any direct marketing from us. We will immediately cease any such marketing upon request (via an unsubscribe link at the bottom of the direct marketing e-mail).


A cookie is a small text file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

You can find information on how to use browser settings to stop unwanted cookies in Chrome, Firefox, Opera, Safari and Internet Explorer. For other spurious browsers, please consult the help menu for that product.

We use Google Analytics on our website to improve our service to you.

Google Analytics necessitates the transfer of some data to servers in the United States. The Google Analytics Privacy Policy is available here


We take appropriate measures to ensure the security of personal data under our control and to prevent unauthorised access, disclosure, modification, or destruction of data.

We retain data for 10 years to allow us to fulfil our contract and warranty obligations and to also allow us to offer appropriate after-sales service to clients.

Cross-border Data Transfer

Our use of Mailchimp means that the names and e-mail addresses of our newsletter subscribers are stored on servers hosted in US based data centres. Full details of Mailchimp’s security set-up is available on their website here

Our unstructured data (documents, spreadsheets, etc.), which may occasionally contain personal data, is stored on a server at our premises and we also use Dropbox, G Suite and Basecamp which is a project management software for cloud storage. We also use G Suite from Google and office 365 for our e-mail provision. The data on our internal server is regularly backed up our Google Drive and to Dropbox. Any personal data stored in our Google Drive, Dropbox, Basecamp or e-mail accounts are covered by our contract with Google, Dropbox, Basecamp and Office 365.

Details of Google’s G Suite security set-up is available here

Details of Dropbox security set-up is available here

Details of Basecamp security set-up is available here

Details of Office 365 security set-up is available here

Our website is hosted in Ireland and we do not use any other service that is outside of the EU for processing of Personal Data.

Updates or Questions

This Privacy Policy is reviewed annually to determine if it needs to be updated. If any update occurs, this will be communicated on our website’s front page

It would also be reviewed each time we add functionality to our website.

Please direct any questions you may have directly to