Trust, Data & Compliance

ASR Web Services is built on clear, careful handling of data. This page explains how we approach privacy, security, and continuity — both for visitors to this website and for clients whose projects we build and maintain.

Our approach

ASR is a small, Cork-based studio. That means your data is not travelling through a sprawling chain of anonymous departments — it is handled directly by the person who builds your site.

We follow GDPR principles as standard: data minimisation, clear consent, lawful processing, and limited retention.

Two roles we play

Depending on context, ASR may act as:

  • Controller – for data collected through this website (e.g. contact form messages sent to ASR).
  • Processor – when we host, build, or maintain a site on behalf of a client, and handle data on their instructions.

In both roles, we take confidentiality, security, and clear documentation seriously.

Hosting, email & third-party services

Most ASR projects are hosted with reputable providers based in the EU or with strong GDPR-aligned practices. Exact providers may vary depending on your needs (for example: hosting, email, payments, or analytics).

When we recommend or configure third-party services, we:

  • choose providers with clear privacy and security documentation;
  • use encrypted connections (HTTPS/SSL) wherever possible;
  • document which services are in use and what they do;
  • encourage you to keep admin access within your own control.

Backups & continuity

As part of each project, we encourage a simple but reliable backup rhythm. That may include:

  • scheduled backups of code and content to secure locations;
  • clear notes on how to restore from a backup;
  • a minimal “what to do if…” plan in case a site is compromised;
  • handover documents so another developer can step in if needed in future.

For larger projects, we can extend this into a fuller Business Continuity and Disaster Recovery plan on request.

What data we see as your developer

When we work on your site, we may temporarily access:

  • hosting and domain dashboards;
  • content management systems or admin panels;
  • limited samples of user data (for testing forms, bookings, etc.), where necessary and agreed.

Access is limited to what is needed to do the work. Credentials should be shared securely, and can be rotated / revoked at the end of a project or when our role changes.

Retention & minimisation

We do not keep project data longer than necessary. In practice, this means:

  • contact form submissions sent to ASR are retained only as long as needed to handle your enquiry, plus any legally required record-keeping;
  • access credentials for client systems are stored securely and can be deleted or rotated on request;
  • test data used during development is removed as part of project closure.

Your rights

Under GDPR, you have rights over your personal data, including the right to:

  • access the data we hold about you;
  • request corrections to inaccurate information;
  • request deletion where appropriate;
  • object to certain types of processing;
  • withdraw consent where processing is based on consent.

To exercise any of these rights in relation to ASR, you can email admin@asrweb.ie. For sites we maintain on behalf of clients, we may direct you to contact the relevant organisation first, as they are usually the data controller.

Cookies, analytics & third-party embeds

This website may use a small number of functional cookies (for example, to remember basic settings) and privacy-respecting analytics to understand how the site is used.

Full details, including the specific cookies and tools in use, are set out in our Cookie Policy and Privacy Policy.

Questions or concerns?

If you have any questions about how ASR handles data, backups, or security, or if you’d like help strengthening these areas on your own website, you’re very welcome to reach out.

Email: admin@asrweb.ie

Talk about your site’s safety