← NCT Slot Alert

Privacy Policy

Last updated: 11 July 2026

1. Who is responsible for your data

NCT Alerts, email support@nct-alerts.ie ("we", "us"), is the data controller for the personal data described here.

This policy explains what we collect and your rights under the GDPR and the Irish Data Protection Act 2018.

2. Our data-minimisation principle

We are built to collect as little as possible. We do collect: your mobile phone number, the NCT centre you select, your consent record (that you opted in, and when), and payment confirmation metadata from Stripe (e.g. a payment reference and amount).

We do NOT collect or store: your vehicle registration, VIN, make/model, your name, your home address, or your payment-card details. Card data is handled entirely by Stripe; we never see it.

3. Why we use your data, and our legal basis

4. Who we share it with

We use a small number of processors who act on our instructions:

We do not sell your data or use it for third-party advertising.

5. International transfers

Some processors (e.g. Stripe, Meta) may process data outside the EEA, including in the United States. Where they do, transfers are covered by appropriate safeguards such as the EU Standard Contractual Clauses and/or the EU–US Data Privacy Framework.

6. How long we keep it

When your subscription ends (expiry or STOP), we deactivate your record immediately — monitoring and all messaging to you stop at once. Your phone number (encrypted) is retained for up to 180 days after that, solely so we can respond to payment disputes and prevent abuse, and is then automatically and permanently deleted. You can have it deleted sooner at any time by emailing support@nct-alerts.ie. Payment/accounting records are kept as required by law in redacted, non-identifying form.

7. How we protect it

Your phone number is encrypted at rest (AES-256) and indexed only via a one-way hash; encryption keys are held separately from the database. Access is restricted and traffic is encrypted in transit (HTTPS).

8. Your rights

Under the GDPR you have the right to: access your data; have it corrected or erased; restrict or object to processing; data portability; and to withdraw consent at any time (reply STOP, or email us). To exercise any right, contact support@nct-alerts.ie — we respond within one month.

You also have the right to complain to the Irish supervisory authority, the Data Protection Commission (dataprotection.ie), or your local authority.

9. Cookies

Our website uses only what is strictly necessary to function. If we add analytics or non-essential cookies, we will ask for your consent first via a cookie banner.

10. Children

The Service is not directed at anyone under 18 and we do not knowingly collect data from minors.

11. Changes

We may update this policy; the current version is always at nct-alerts.ie/privacy with the "last updated" date above. Material changes will be notified where appropriate.

12. Contact

Questions or requests: support@nct-alerts.ieNCT Alerts.

Terms of Service