Triskelion AI Systems emblemTriskelion AI Systems

Legal

Privacy and Cookie Policy

Last updated: 11 July 2026

This policy explains what personal data Triskelion AI Systems Limited collects when you use this website, why we collect it, who we share it with, and what rights you have over it. We have written it in plain language because we believe transparency is a prerequisite for responsible data handling.

1. Who we are

The data controller is Triskelion AI Systems Limited, a company incorporated in Ireland with its principal place of business in Galway, Ireland.

Company name
Triskelion AI Systems Limited
Address
Galway, Ireland

We do not have a Data Protection Officer. For any data-related query, contact us at the email address above with the subject line “Data Request” and we will respond within 30 days.

2. Data we collect

We collect personal data only when you voluntarily submit our contact form. We do not collect data through cookies, analytics tools, or any passive tracking mechanism. The categories of data we collect are:

  • Name (required)
  • Email address (required)
  • Company name (optional)
  • Area of interest (required): selected from a fixed list of service categories
  • Message (required): free text you provide
  • Submission timestamp (generated automatically)

We do not collect sensitive categories of personal data (health data, financial data, biometrics, and so on) and we ask that you do not include such information in your message.

Our website uses a honeypot field to detect and silently discard automated bot submissions. No personal data from bot submissions is stored.

3. Why we collect it and our legal basis

We collect and process contact form submissions for one purpose: to respond to your enquiry about our AI consulting services.

Our legal basis under the UK and EU General Data Protection Regulation (GDPR) is legitimate interests (Article 6(1)(f)). Our legitimate interest is handling inbound business enquiries efficiently. Because this website serves business-to-business prospects rather than consumers, and the data you provide is voluntarily submitted for the purpose of starting a business conversation, we consider this processing unlikely to override your fundamental rights and freedoms.

We do not use your data for marketing, profiling, automated decision-making, or any purpose other than responding to your specific enquiry.

4. Who we share your data with

We share contact form data with the following third-party processors acting strictly on our instructions:

Postmark (email delivery)
We use Postmark to send us a notification email when you submit the contact form. Your name, email address, company, interest area, and message are transmitted to Postmark for this purpose. Postmark is operated by ActiveCampaign, LLC. See section 5 for information about transfers outside the EEA.
Cloudflare Turnstile (bot protection)
We use Cloudflare Turnstile to distinguish human visitors from automated bots when you submit the contact form. Turnstile processes technical signals from your browser session; it does not use the personal data you type into the form. See section 5 for information about transfers outside the EEA.
PostgreSQL database (self-hosted)
Your submission is stored in our own database hosted on a virtual private server in the European Economic Area. No third-party cloud provider processes this data.

We do not sell, rent, or otherwise disclose your personal data to any other party. We do not share data with advertising networks, data brokers, or social media platforms.

5. International transfers

Postmark is operated by ActiveCampaign, LLC, a US-based company. When your contact form data is transmitted to Postmark for email delivery, it is transferred outside the European Economic Area. This transfer is governed by Standard Contractual Clauses (SCCs) approved by the European Commission, which provide an appropriate level of protection for your personal data.

Cloudflare, Inc., which operates Turnstile, is also a US-based company. Technical browser signals processed for bot protection may be transferred outside the European Economic Area, governed by Standard Contractual Clauses in the same way.

No other international transfers of your data take place.

6. How long we keep your data

We retain contact form submissions in our database for 24 months from the date of submission. After that period, the record is permanently deleted.

If you ask us to delete your data before the 24-month period expires, we will do so within 30 days of receiving your request (see section 7).

Notification emails sent via Postmark are subject to Postmark's own retention policy.

7. Your rights

Under the EU GDPR and UK GDPR you have the following rights in relation to personal data we hold about you:

Right of access (Article 15)
You can ask us to confirm whether we hold data about you and to provide a copy of it.
Right to rectification (Article 16)
You can ask us to correct inaccurate data or complete incomplete data.
Right to erasure (Article 17)
You can ask us to delete your personal data. We will do so unless we have an overriding legal obligation to retain it.
Right to restriction of processing (Article 18)
You can ask us to pause processing while a dispute about accuracy or lawfulness is resolved.
Right to data portability (Article 20)
You can ask us to provide your data in a structured, commonly-used, machine-readable format.
Right to object (Article 21)
You can object to processing based on legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests.

To exercise any of these rights, email info@triskelionaisystems.com with the subject line “Data Request”. We will acknowledge your request within 5 business days and respond in full within 30 calendar days.

You also have the right to lodge a complaint with a supervisory authority:

  • Ireland (EU): Data Protection Commission (DPC) at dataprotection.ie
  • United Kingdom: Information Commissioner's Office (ICO) at ico.org.uk

California residents (CCPA/CPRA)

If you are a California resident, you have the right to know what personal data we collect about you, the right to request deletion of that data, and the right to opt out of the sale or sharing of your personal data. We do not sell or share your personal data with third parties for their own marketing purposes. To exercise your California privacy rights, email info@triskelionaisystems.com with the subject line “California Privacy Request”.

8. Cookies

A cookie is a small text file stored in your browser when you visit a website. This section describes every cookie this website sets.

CookiePurposeSet whenExpiry
payload-tokenKeeps admin users logged in to the content management system at /adminOnly after logging in to /admin. Never set for public website visitors.Session
cf_clearance and related Turnstile cookiesSet by Cloudflare Turnstile to confirm the contact form is being submitted by a human rather than a botWhen you load the contact formUp to 30 days

The payload-token and Turnstile cookies are strictly necessary for administrator access and contact form security, and are exempt from consent requirements under the ePrivacy Directive and the UK Privacy and Electronic Communications Regulations (PECR).

We do not set any analytics or advertising cookies. We do not use Google Analytics, Meta Pixel, or any similar third-party tracking service. Because the only cookies we set are strictly necessary for security and administration, we do not display a cookie consent banner.

Our website uses the Geist typeface (published by Vercel). The font files are downloaded and bundled at build time, so your browser makes no request to any external font server when you visit the site.

If this changes in the future, we will update this policy and add a consent mechanism before deploying any non-essential cookies.

9. Children

Our services are directed at businesses and business professionals, not at children. We do not knowingly collect personal data from anyone under the age of 16. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

10. Changes to this policy

We may update this policy from time to time. The “Last updated” date at the top of this page will reflect any changes. We encourage you to review the policy periodically. For material changes, we will take reasonable steps to notify you.

11. Contact us

If you have any questions about this policy or about how we handle your personal data, please get in touch:

Post
Triskelion AI Systems Limited, Galway, Ireland

This policy applies to the website at triskelionaisystems.com. It does not apply to any third-party websites we may link to.