PRIVACY POLICY
Last Updated: March 25, 2026
1. INTRODUCTION
Mandy Bray Communications (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services. If you have questions or concerns about this Privacy Policy, please contact us at mandybray.comms@gmail.com.
2. INFORMATION WE COLLECT
2.1 Email and Contact Information
We collect email addresses and other contact information when you:
– Contact us with inquiries or requests
– Sign up for newsletters or communications
– Request our services
– Provide feedback or respond to surveys
2.2 Location Data
We may collect location information to:
– Provide location-based services
– Improve service delivery and performance
– Analyze geographic service usage patterns
– Comply with legal requirements
Location data may be collected through:
– IP addresses
– GPS or mobile device location services (with your permission)
– Information you voluntarily provide about your location
– Postal codes or addresses you provide
2.3 Browsing Behaviour and Analytics
We may collect information about how you interact with our website and services, including:
– Pages or features you access
– Time and duration of your visits
– Referring/exit pages
– Device and browser information
– Operating system
– Internet service provider (ISP)
– Click behavior and engagement metrics
– Search queries and navigation patterns
– Performance and error data
This information is collected using:
– Cookies and similar tracking technologies
– Analytics tools via Jetpack by Automattic
– Yoast SEO analytics
– Elementor page builder analytics
– Server logs
– Pixel tags and beacons
– Wordfence Security monitoring and logging
2.4 Form Submission Data
When you use our Contact Form 7 contact forms, we collect:
– Name and email address
– Company Name
– Message content
– Budget Range you’ve provided
– Submission date and time
– IP address
– User agent information
2.5 Security and Fraud Prevention Data
We collect and process data for security purposes through:
– Wordfence Security: IP addresses, login attempts, suspicious activity logs
– WP Armour Anti-Spam: Honeypot data to detect bot submissions
– Jetpack Security: Threat detection and security logs
3. HOW WE USE YOUR INFORMATION
We use the information we collect for the following purposes:
3.1 Service Delivery
– Providing, maintaining, and improving our services
– Processing your requests and transactions
– Sending service-related announcements and updates
– Responding to your inquiries and customer support
3.2 Analytics and Improvement
– Analyzing usage patterns and trends
– Identifying and fixing technical issues
– Optimizing website functionality and user experience
– Conducting research and development
3.3 Communications
– Sending newsletters and promotional materials (with your consent)
– Notifying you of changes to our services
– Conducting surveys and gathering feedback
3.4 Safety and Compliance
– Detecting and preventing fraud and abuse
– Protecting against malicious or illegal activity
– Enforcing our Terms of Service and other agreements
– Complying with legal obligations and court orders
3.5 Location-Based Services
– Providing services customized to your location
– Delivering location-relevant content and offers
– Analyzing geographic service usage and performance
4. COOKIES AND TRACKING TECHNOLOGIES
4.1 What Are Cookies?
Cookies are small files stored on your device that help us remember information about you and improve your experience.
4.2 Types of Cookies We Use
– Essential Cookies: Required for basic website functionality and security (Wordfence Security, WP Armour)
– Performance Cookies: Help us understand how you use our services (Jetpack, Yoast SEO, Elementor)
– Functional Cookies: Remember your preferences and choices (Elementor, Ally accessibility settings)
– Analytics Cookies: Collect data about your browsing behavior (Jetpack, Yoast SEO)
– Security Cookies: Used by Wordfence and Jetpack for security purposes
4.3 Cookies from Specific Plugins
– **Jetpack**: Uses cookies for analytics, security, and user authentication
– **Yoast SEO**: Uses cookies for analytics and performance tracking
– **Elementor**: Uses cookies for page builder functionality and analytics
– **Wordfence Security**: Uses cookies for security and threat detection
– **Contact Form 7**: Uses cookies for form functionality
4.4 Your Cookie Choices
You can control cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when a cookie is being sent. However, blocking cookies may affect your ability to use certain features of our services.
**EU/Ireland Residents**: Under GDPR, we obtain your consent before placing non-essential cookies on your device. You have the right to withdraw consent at any time.
4.5 Third-Party Tracking
Our website may include third-party services that use cookies and similar technologies to collect information about your browsing activities:
– Jetpack (Automattic)
– Yoast SEO
– Elementor
– Google Analytics (if enabled via Jetpack)
4.6 Cookie Consent
For users in the EU/UK, we are committed to obtaining proper consent before using non-essential cookies. You may be presented with a cookie consent banner on first visit. You can manage your cookie preferences at any time through your browser settings or by contacting us.
5. INFORMATION SHARING AND DISCLOSURE
5.1 Third-Party Plugins and Services
Our website uses the following WordPress plugins and third-party services that may process your information:
**Analytics & Performance:**
– Jetpack by Automattic: Tracks site analytics, performance monitoring, and security
– Yoast SEO: Collects analytics on site performance and search optimization
– Elementor: Collects page builder analytics and performance data
**Forms & Communications:**
– Contact Form 7: Processes and stores contact form submissions
– Essential Addons for Elementor: May track form interactions and engagement
**Security & Protection:**
– Wordfence Security: Monitors security threats, logs IP addresses, and scans for malware
– WP Armour Anti-Spam: Uses honeypot technology to detect and prevent spam submissions
– Jetpack Security: Provides threat detection and security monitoring
**User Experience & Accessibility:**
– Ally (Web Accessibility & Usability): Enables accessibility features and may track accessibility preferences
– Smart Custom 404 Error Page: Logs page errors and user navigation
**Other Services:**
– Elementor & Essential Addons: Page builder and design tools
– CMP (Coming Soon & Maintenance Plugin): Displays coming soon pages if needed
5.2 Data Processing by Third-Party Services
When you use our website, information may be shared with the following companies:
– **Automattic (Jetpack)**: For analytics, security, and performance monitoring
– **Yoast (Yoast SEO)**: For SEO analytics and site performance
– **Elementor**: For page building and analytics
– **Wordfence**: For security monitoring and malware scanning
– **Your Web Hosting Provider**: For server logs and basic site operations
These service providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain the confidentiality and security of your information.
5.3 International Data Transfers
Because we use plugins and services provided by companies based in the United States (such as Jetpack by Automattic and Elementor), your information may be transferred to, stored in, and processed in the United States. If you are located in the European Union or another jurisdiction with data protection laws, by using our website, you consent to the transfer of your information to jurisdictions that may not provide the same level of data protection. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses where necessary.
5.4 Service Providers (Continued)
If we are involved in a merger, acquisition, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will provide notice if such a change occurs.
5.3 Legal Requirements
We may disclose your information if required to do so by law or if we believe in good faith that such disclosure is necessary to:
– Comply with legal obligations or court orders
– Enforce our Terms of Service and other agreements
– Protect the safety, rights, and property of our Company, users, or the public
– Detect, prevent, or address fraud or security issues
5.4 Aggregated and De-identified Information
We may share aggregated or de-identified information that cannot reasonably be used to identify you without restriction.
5.5 With Your Consent
We may share your information for other purposes with your explicit consent.
6. DATA RETENTION
We retain your personal information for as long as necessary to:
– Provide our services
– Fulfill the purposes outlined in this Privacy Policy
– Comply with legal obligations
– Resolve disputes
When information is no longer needed, we will securely delete or anonymize it, unless we are required to retain it by law.
6. DATA SECURITY
6.1 Security Measures
We implement appropriate technical, administrative, and physical security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:
– Encryption of data in transit (SSL/TLS)
– Secure password protection
– Regular security audits via Wordfence Security
– Access controls and authentication
– Firewalls and intrusion detection systems
– Wordfence Security scanning for malware and vulnerabilities
– WP Armour honeypot anti-spam protection
6.2 Plugin Security
Our website uses Wordfence Security and Jetpack Security plugins that:
– Monitor for threats and malicious activity
– Log IP addresses and security events
– Scan for malware and vulnerabilities
– Protect against brute force attacks
– Maintain security logs for detection and prevention
6.3 Limitations
While we strive to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you use our services at your own risk.
8. YOUR PRIVACY RIGHTS
8.1 United States Residents
If you are a US resident, you have the right to:
– Know what personal information we collect, use, and disclose
– Delete personal information we have collected (with certain exceptions)
– Opt out of the “sale” or “sharing” of your personal information (where applicable)
– Non-discrimination for exercising your privacy rights
To exercise these rights, please contact us using the information in Section 12.
8.2 European Union (GDPR) Residents & Ireland-Based Operations
Since our business operates in Ireland and the EU, we are committed to full GDPR compliance. If you are located in the EU or UK, you have the following rights:
– **Right of Access**: You can request a copy of all personal data we hold about you
– **Right to Rectification**: You can request corrections to inaccurate or incomplete data
– **Right to Erasure (Right to be Forgotten)**: You can request deletion of your data (with certain exceptions for legal obligations)
– **Right to Restrict Processing**: You can request that we limit how we use your data
– **Right to Data Portability**: You can request your data in a structured, machine-readable format
– **Right to Object**: You can object to processing of your data for marketing, profiling, or other purposes
– **Right to Lodge a Complaint**: You have the right to lodge a complaint with the Irish Data Protection Commission (DPC) or your local data protection authority
– **Right to Withdraw Consent**: You can withdraw consent to data processing at any time
**GDPR Legal Basis:**
We process your personal data under the following legal bases:
– Consent (e.g., for marketing communications and optional analytics)
– Legitimate interests (e.g., security, website improvement, analytics)
– Legal obligations (e.g., fraud prevention, compliance with law)
– Performance of a contract (e.g., contact form submissions)
**Data Protection Impact:**
For residents in the EU, please note that some of our plugins (Jetpack, Elementor, Yoast SEO) are operated by US-based companies. We have ensured appropriate data transfer mechanisms are in place for any cross-border data transfers.
8.3 Opting Out of Marketing Communications
You can opt out of receiving promotional emails by clicking the “Unsubscribe” link in any email we send you or by contacting us directly.
9. THIRD-PARTY LINKS
Our website may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing your information.
10. CHILDREN’S PRIVACY
Our services are not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information and terminate the child’s account.
For users between 13 and 18, we provide additional protections and encourage parents or guardians to be involved in their online activities.
11. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by updating the “Last Updated” date at the top of this policy and, if required, by obtaining your consent.
Your continued use of our services following the posting of changes constitutes your acceptance of the updated Privacy Policy.
12. CONTACT US
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
Mandy Bray Communications
mandybray.comms@gmail.com
**For EU/GDPR Complaints:**
If you are not satisfied with our response to your privacy rights request, you have the right to lodge a complaint with:
Irish Data Protection Commission (DPC)
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Phone: +353 1 576 5000
Email: info@dataprotection.ie
Website: www.dataprotection.ie
You may also contact your local data protection authority in any other EU Member State.
13. ADDITIONAL INFORMATION FOR SPECIFIC REGULATIONS
13.1 California Consumer Privacy Act (CCPA)
If you are a California resident, you have the rights described in Section 8.1, plus:
– Right to know what personal information is collected, used, and shared
– Right to delete personal information (with exceptions)
– Right to opt out of the sale or sharing of your personal information
– Right to limit use and disclosure of sensitive personal information
– Right to correct inaccurate personal information
– Right to non-discrimination for exercising your rights
13.2 Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)
If you are a Canadian resident, you have the right to access, correct, and request deletion of your personal information.
14. ACCESSIBILITY
We are committed to ensuring this Privacy Policy is accessible to everyone. If you have difficulty accessing or understanding this policy due to a disability, please contact us, and we will work to provide an accessible version.
—
END OF PRIVACY POLICY