Privacy Policy

Last updated: 30th June 2026 

This Privacy Policy explains how Byrne Ventures Limited trading as Acton BV / CreateSend collects, uses and protects personal data in connection with the CreateSend website and email marketing service. 

CreateSend is committed to respecting your privacy and protecting personal data in accordance with applicable data protection laws. 

1. Who We Are

CreateSend is provided by Byrne Ventures Limited trading as Acton BV / CreateSend. 

Legal entity: Byrne Ventures Limited
Trading names: Acton BV / CreateSend
Company number: 403195
Registered office: Unit 9, Clare Technology Park, Ennis, Co. Clare, V95 YV78, Ireland
Email: [email protected]
Website: www.createsend.ie 

For the purposes of this policy, “CreateSend”, “Acton BV”, “we”, “us” and “our” refer to Byrne Ventures Limited trading as Acton BV / CreateSend. 

2. Scope of This Policy 

This policy applies to personal data we process in connection with: 

  • visitors to the CreateSend website; 
  • people who contact us with enquiries; 
  • clients and prospective clients; 
  • authorised users of CreateSend client accounts; 
  • people who receive marketing or service communications from CreateSend; 
  • subscriber and campaign data processed through CreateSend on behalf of our clients. 

In many cases, Acton BV is the Controller of the personal data described in this policy, for example when we process enquiry, account, billing, support or business contact information. 

Where a client uploads subscriber or campaign data to CreateSend, the client is normally the Controller of that data and Acton BV acts as Processor. In those cases, our processing is governed by our CreateSend Data Processing Agreement with the client. 

3. Personal Data We Collect 

Depending on how you interact with us, we may collect and process the following personal data: 

Website and enquiry data 

  • name; 
  • email address; 
  • phone number; 
  • organisation name; 
  • enquiry details; 
  • website usage information; 
  • IP address; 
  • browser and device information; 
  • cookie and analytics data, where applicable. 

Client and account data 

  • client contact names; 
  • job titles; 
  • business email addresses; 
  • business phone numbers; 
  • organisation details; 
  • billing and payment records; 
  • service correspondence; 
  • support tickets and account administration records; 
  • account user details; 
  • security and access records. 

Subscriber and campaign data processed for clients 

Where we provide CreateSend services to a client, we may process personal data uploaded by or on behalf of that client, including: 

  • names; 
  • email addresses; 
  • organisation or company details; 
  • job titles; 
  • phone numbers, if uploaded by the client; 
  • location or country data, if uploaded by the client; 
  • custom fields created or uploaded by the client; 
  • subscription status; 
  • unsubscribe and suppression records; 
  • bounce and complaint records; 
  • campaign send history; 
  • open and click activity; 
  • IP address; 
  • browser, device, email client and related technical engagement data. 

The exact data processed depends on what the client uploads and how the client uses CreateSend. 

4. How We Use Personal Data 

We use personal data for the following purposes: 

  • to respond to enquiries; 
  • to provide and administer CreateSend services; 
  • to set up and support client accounts; 
  • to manage billing, contracts and service records; 
  • to provide customer support; 
  • to manage email campaigns where instructed by a client; 
  • to maintain suppression and unsubscribe records; 
  • to monitor service performance, security and deliverability; 
  • to send service updates and administrative communications; 
  • to send our own marketing communications where lawful; 
  • to comply with legal, accounting, regulatory and contractual obligations; 
  • to protect our rights, systems, clients and service users. 

5. Subscriber and Campaign Data 

Clients are responsible for the subscriber and campaign data they upload to CreateSend. 

Where we process subscriber or campaign data on behalf of a client, we do so under that client’s instructions and in accordance with our CreateSend Data Processing Agreement. 

Clients are responsible for ensuring that: 

  • subscriber data has been collected lawfully; 
  • they have a valid lawful basis and, where required, appropriate marketing permission; 
  • privacy notices have been provided to subscribers; 
  • unsubscribe and suppression records are respected; 
  • campaign content is lawful and accurate; 
  • tracking and reporting are properly disclosed where required. 

If you receive an email from one of our clients and wish to exercise your data protection rights in relation to that email, you should normally contact the client who sent the email. We may assist the client where required under our Data Processing Agreement. 

6. Legal Bases for Processing 

We process personal data only where we have a lawful basis to do so. 

Depending on the circumstances, we may rely on one or more of the following legal bases: 

  • Contract: where processing is necessary to provide services to a client or take steps before entering into a contract. 
  • Legitimate interests: where processing is necessary for our business operations, service administration, support, security, improvement, communication or relationship management, provided those interests are not overridden by individual rights. 
  • Consent: where a person has given consent, for example for certain marketing communications or non-essential cookies. 
  • Legal obligation: where processing is necessary to comply with legal, accounting, tax, regulatory or statutory obligations. 
  • Client instructions: where we process subscriber or campaign data as Processor on behalf of a client. 

7. Cookies and Website Tracking 

Our website may use cookies and similar technologies to operate the site, improve performance, understand visitor behaviour and support marketing or analytics activity. 

Some cookies are necessary for the website to work. Other cookies are used only where permitted by law and, where required, with your consent. 

You can manage cookie preferences through the cookie controls available on our website. 

For more information, please see our Cookie Policy, where available. 

8. Email Tracking and Reporting 

CreateSend may provide email campaign reporting and engagement tracking. 

This may include information about: 

  • email delivery; 
  • opens; 
  • clicks; 
  • bounces; 
  • complaints; 
  • unsubscribes; 
  • IP address; 
  • browser, device and email client information; 
  • similar technical data relating to campaign engagement. 

Where this tracking is used by a client, the client is responsible for ensuring that its own privacy notices and consent mechanisms properly explain and permit such tracking where required by law. 

9. Sensitive Personal Data 

CreateSend is not designed or intended for the processing of special category data or other highly sensitive personal data. 

Clients must not upload, store, send or otherwise process sensitive personal data through CreateSend unless this has been expressly agreed with us in writing. 

This includes health data, financial account data, cardholder data, government identifiers, children’s data, criminal offence data, trade union membership, religious or philosophical beliefs, racial or ethnic origin, political opinions, biometric data, genetic data or data concerning a person’s sex life or sexual orientation. 

10. Who We Share Personal Data With 

We may share personal data with trusted third parties where necessary to operate, secure, support, administer or improve CreateSend. 

These may include: 

  • email marketing platform providers; 
  • hosting and infrastructure providers; 
  • email delivery providers; 
  • security and monitoring providers; 
  • support desk and business administration providers; 
  • analytics providers; 
  • payment, accounting and billing providers; 
  • professional advisers; 
  • legal, regulatory or public authorities where required. 

Where we use third-party providers to process personal data on behalf of clients, those providers are subject to appropriate contractual safeguards. 

Details of relevant sub-processors are made available to clients through our Data Processing Agreement or on request. 

We do not sell personal data. 

11. International Transfers 

CreateSend may involve the processing or transfer of personal data outside the European Economic Area. 

Processing locations may include Ireland, the European Economic Area, the United Kingdom, the United States, Australia, the Philippines and other locations used by our authorised third-party providers and sub-processors from time to time. 

Where required by applicable data protection law, international transfers are supported by appropriate safeguards. These may include adequacy decisions, the 2021 European Commission Standard Contractual Clauses, the UK International Data Transfer Addendum, the EU-US Data Privacy Framework where applicable, or another lawful transfer mechanism. 

12. How Long We Keep Personal Data 

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, contractual, service, security and dispute resolution purposes. 

Retention periods may vary depending on the type of data: 

  • enquiry records are retained for as long as reasonably necessary to manage the enquiry and any follow-up; 
  • client account and contract records are retained for the duration of the client relationship and for a reasonable period afterwards; 
  • billing and accounting records are retained in line with legal and tax requirements; 
  • support records are retained for service administration, accountability and issue history; 
  • marketing contact data is retained until you unsubscribe or object, unless a longer period is required for suppression or compliance purposes; 
  • subscriber and campaign data processed for clients is retained in accordance with the applicable client agreement, Data Processing Agreement and platform retention processes. 

We may retain limited records where necessary to evidence compliance, maintain suppression lists, resolve disputes or comply with legal obligations. 

13. Security 

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. 

These measures may include access controls, confidentiality obligations, account security measures, support procedures, supplier safeguards, secure handling of data imports and exports, and incident response procedures. 

Clients are responsible for the secure use of their own CreateSend accounts, including managing authorised users, passwords, devices and exported data. 

No online service can be guaranteed to be completely secure. If you believe there has been unauthorised access to your CreateSend account or personal data, please contact us promptly. 

14. Your Data Protection Rights 

Depending on the circumstances and applicable law, you may have the right to: 

  • request access to your personal data; 
  • request correction of inaccurate personal data; 
  • request deletion of your personal data; 
  • request restriction of processing; 
  • object to processing; 
  • request data portability; 
  • withdraw consent where processing is based on consent; 
  • object to direct marketing; 
  • lodge a complaint with a supervisory authority. 

Where we process personal data as Controller, you can contact us using the details below. 

Where we process subscriber or campaign data as Processor on behalf of a client, we may need to refer your request to the relevant client, as they are normally responsible for deciding how that data is handled. 

15. Marketing Communications from CreateSend 

We may send marketing or service communications to clients, prospective clients or business contacts where lawful. 

You can opt out of marketing communications at any time by using the unsubscribe link in the email or by contacting us. 

We may still send service, billing, account administration or legal communications where necessary. 

16. Complaints 

If you have a concern about how we process personal data, please contact us first so we can try to resolve it. 

You also have the right to lodge a complaint with the Irish Data Protection Commission or another relevant supervisory authority. 

17. Changes to This Policy 

We may update this Privacy Policy from time to time. 

The latest version will be published on this page with the updated date shown above. 

Where changes are material, we will take reasonable steps to notify active clients. 

18. Contact Us 

For privacy queries, data protection requests or general enquiries about this policy, please contact: 

CreateSend / Acton BV
Byrne Ventures Limited trading as Acton BV / CreateSend
Unit 9, Clare Technology Park, Ennis, Co. Clare, V95 YV78, Ireland
Email: [email protected] 

Scroll to Top