Privacy policy

Morning Star Building & Energy Ltd, trading as Morning Star Projects

Last updated: 19th June 2026

This policy is a starting draft prepared for Morning Star Projects based on the information provided. Before publishing, please complete the bracketed placeholders below and consider having it checked by a solicitor or GDPR adviser, particularly given the client data retained for SEAI purposes.

1. Who we are

Morning Star Building & Energy Ltd (trading as Morning Star Projects) is the data controller for the personal data described in this policy.

•        Company: Morning Star Building & Energy Ltd

•        CRO number: 810123

•        Registered address: Bohernore, Knocklong, Kilmallock, Co. Limerick, Ireland

•        Contact email for data protection queries: [insert email address once set up]

If you have any questions about this policy or how we handle your personal data, please contact us using the details above.

2. What this policy covers

This policy explains how we collect, use, store and protect personal data when you visit our website, contact us, or engage us for BER assessment, Technical Advisor, heat pump installation, or mechanical services work. It applies to website visitors and to clients and prospective clients.

3. What personal data we collect

We collect personal data in the following ways:

Through our website contact form

•        Name

•        Email address

•        Phone number (optional)

•        The content of your message, including any details you choose to share about your home or project

When you become a client

•        Contact details (name, address, phone, email)

•        Property details relevant to the service provided (e.g. Building Energy Rating, Meter Point Reference Number, year of construction, floor area, heating system details)

•        Billing and payment details for invoicing purposes

•        Where relevant to SEAI grant schemes, information required for Technical Assessment Forms, BER assessments, and related SEAI documentation

Automatically, through our website

•        Standard technical information collected via cookies and analytics tools, such as pages visited, device and browser type, and approximate location. See our separate Cookie Policy for full details.

4. Why we process your personal data, and our legal basis

We process personal data for the following purposes:

•        To respond to enquiries made through our contact form (legal basis: legitimate interest in responding to enquiries, or steps taken at your request prior to entering a contract)

•        To provide quotations and carry out contracted services, including BER assessments, Technical Assessments, heat pump installation, and mechanical services (legal basis: performance of a contract)

•        To complete and submit statutory documentation required by SEAI as part of the Better Energy Homes programme, including Technical Assessment Forms and BER publications (legal basis: legal obligation, and performance of a contract)

•        To issue invoices and maintain financial records, including through our accounting software (legal basis: legal obligation, and performance of a contract)

•        To understand how visitors use our website and improve it, using analytics tools such as Google Analytics (legal basis: consent, obtained via our cookie banner)

•        To comply with our legal and regulatory obligations, including those arising from our SEAI registrations (legal basis: legal obligation)

5. Who we share your data with

We do not sell or rent your personal data. We share personal data only with the following categories of recipient, where necessary:

•        SEAI (Sustainable Energy Authority of Ireland), where required as part of BER publication, Technical Assessment submission, or grant application support

•        Our accounting software provider (Xero), for the purposes of invoicing and financial record-keeping

•        Our website hosting provider, for the purposes of operating our website

•        Analytics providers (such as Google Analytics), where you have consented to non-essential cookies

•        Professional advisers (such as our accountant or solicitor), where necessary and subject to confidentiality obligations

•        Other contractors involved in your project, only where necessary to deliver the service and only with relevant details

We do not transfer personal data outside the European Economic Area (EEA) except where a third-party service provider we use (such as a cloud or analytics provider) does so, in which case that provider is required to have appropriate safeguards in place, such as the EU Standard Contractual Clauses.

6. How long we keep your data

We keep personal data only for as long as necessary for the purposes described in this policy, taking into account our legal and regulatory obligations:

•        General enquiry data (where no service is subsequently engaged): retained for up to 12 months, then deleted

•        Client and project records, including invoicing data: retained in line with Irish tax and company law requirements, generally 6 years from the end of the relevant accounting period

•        BER assessment and Technical Assessment records, including supporting evidence and calculations: retained on file as required under SEAI's Quality Assurance and Disciplinary Procedure, as SEAI may request this data at any time

•        Website analytics data: retained according to the relevant tool's default retention settings, details of which are provided in our Cookie Policy

7. Your rights

Under the GDPR and the Irish Data Protection Act 2018, you have the right to:

•        Access the personal data we hold about you

•        Have inaccurate personal data corrected

•        Request erasure of your personal data, where applicable (this may be limited where we have a legal obligation to retain records, such as SEAI assessment data)

•        Restrict or object to certain processing of your personal data

•        Receive your personal data in a portable format, where technically feasible

•        Withdraw consent at any time, where processing is based on consent (such as analytics cookies), without affecting the lawfulness of processing carried out before withdrawal

To exercise any of these rights, please contact us at [insert email address]. You also have the right to lodge a complaint with the Data Protection Commission (DPC), the Irish supervisory authority, at www.dataprotection.ie.

8. How we protect your data

We take reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or misuse, including secure storage of client and project records and restricted access to financial and assessment data.

9. Cookies

Our website uses cookies. Full details of the cookies we use, their purpose, and how to manage your preferences are set out in our separate Cookie Policy.

10. Changes to this policy

We may update this policy from time to time to reflect changes in our practices or in the law. The date at the top of this page indicates when it was last revised. We encourage you to review this policy periodically.

11. Contact us

If you have any questions about this policy or about how we handle your personal data, please contact us:

•        By email: [insert email address once set up]

•        By post: Morning Star Building & Energy Ltd, Bohernore, Knocklong, Kilmallock, Co. Limerick, Ireland