GDPR Compliance Statement
Last updated: 6th January 2026
1. Introduction
MediaConsult (“we”, “us”, “our”) is an Irish public relations and communications consultancy. We are committed to protecting personal data and securing our information systems in accordance with:
The EU General Data Protection Regulation (GDPR)
Irish data protection law
This statement explains how we collect, use, protect, and secure personal data and business-critical information.
2. Data Controller
The data controller is:
Company Name: MediaConsult Ltd
Registered Address: 7 Fair Street, Drogheda, Co Louth, A92 YDR7
Email: info@mediaconsult.ie
Phone: +353 41 9846111
3. Personal Data We Process
In the course of providing PR and communications services, we may process the following categories of personal data:
Clients & Business Contacts
Names, job titles, company names
Email addresses and phone numbers
Contracts, briefing documents, and correspondence
Billing and invoicing information
Media & Stakeholders
Journalists’, editors’, and influencers’ professional contact details
Media preferences and engagement history
Publicly available professional information
Website & Digital Systems
IP addresses and device data
Website usage data and logs
Security and access records
We only process data that is necessary, relevant, and proportionate.
4. Purposes of Processing
Personal data is processed for the purposes of:
Delivering PR, media relations, and communications services
Managing client relationships and campaigns
Media engagement and stakeholder communications
Business administration, invoicing, and compliance
Maintaining the security, integrity, and availability of our systems
Detecting, preventing, and responding to cybersecurity incidents
5. Legal Basis for Processing
We rely on the following lawful bases under GDPR:
Performance of a contract
Legitimate interests, including business communications and system security
Consent, where required (e.g. marketing communications)
Legal obligations, including regulatory and tax requirements
Where legitimate interests are relied upon, these are balanced against individual rights and freedoms.
7. Incident & Breach Management
We maintain documented procedures for handling security incidents.
Personal data breaches are assessed and reported in accordance with GDPR requirements
Clients and authorities are notified where legally required
8. Data Sharing
We do not sell personal data.
We may share data with trusted third parties where necessary, including:
Cloud hosting, email, and IT service providers
Media monitoring and distribution platforms
Professional advisors (legal, financial, compliance)
All processors are subject to contractual data protection and security obligations.
9. International Transfers
Where personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are applied, including Standard Contractual Clauses or equivalent mechanisms.
10. Data Retention
Personal data is retained only for as long as necessary to:
Fulfil contractual and business purposes
Comply with legal, regulatory, and security obligations
Data is securely deleted or anonymised when no longer required.
11. Your Rights
Under GDPR, you have the right to:
Access your personal data
Rectify inaccurate or incomplete data
Request erasure
Restrict or object to processing
Data portability
Withdraw consent at any time
Requests can be made via info@mediaconsult.ie.
12. Data Security
We apply appropriate technical and organisational measures to protect data against unauthorised access, loss, or misuse, including secure systems, access controls, and regular reviews of our security posture.
13. Complaints
If you have concerns about how your data is handled, you may contact us directly. You also have the right to lodge a complaint with the Data Protection Commission.
14. Updates
This statement may be updated periodically to reflect legal, regulatory, or operational changes.