prodia.dev
Start Free
Prodia Systems Ltd

GDPR Statement

Last updated: 29 May 2026

Prodia Systems Ltd ("Prodia") is established in the Republic of Ireland and processes personal data in accordance with Regulation (EU) 2016/679 ("GDPR"), the Data Protection Act 2018, and the e-Privacy Regulations (S.I. 336/2011). The Data Protection Commission is the lead supervisory authority for Prodia under the one-stop-shop mechanism of Chapter VII GDPR.

1. Roles

  • Prodia acts as a controller for personal data of its prospects, customers' authorised users, website visitors and personnel.
  • Prodia acts as a processor for personal data contained in customer repositories, telemetry, prompts and outputs processed on the customer's instructions. The terms of that processing are set out in the Data Processing Addendum.

2. Lawful bases

Prodia relies on the lawful bases of contract (Art. 6(1)(b)), legal obligation (Art. 6(1)(c)), legitimate interests (Art. 6(1)(f)) and, where required, consent (Art. 6(1)(a) and Art. 9(2)(a)). The legitimate-interests assessment for each relevant processing activity is documented internally and available to supervisory authorities on request.

3. Data subject rights

  • Access, rectification, erasure, restriction, portability and objection under Articles 15 to 22 GDPR.
  • Right not to be subject to a decision based solely on automated processing producing legal or similarly significant effects (Art. 22). Prodia's platform is designed to keep a human in the loop for any decision capable of such effect.
  • Right to lodge a complaint with the Data Protection Commission or another competent supervisory authority.

Requests may be sent to privacy@prodia.dev. We respond within one month, extendable by two further months for complex or numerous requests, with reasons.

4. Accountability measures

  • Records of processing activities under Art. 30.
  • Data protection impact assessments under Art. 35 for higher-risk processing.
  • Privacy by design and by default under Art. 25.
  • Vendor due diligence and binding processor terms under Art. 28.
  • Personal data breach notification to the Data Protection Commission within 72 hours where Art. 33 is engaged, and to affected data subjects without undue delay where Art. 34 is engaged.

5. Data Protection Officer and EU representative

Privacy enquiries are handled by the privacy function reachable at privacy@prodia.dev. A formal Data Protection Officer is appointed where required by Art. 37 GDPR. As an Ireland-established controller and processor, Prodia is not required to designate an Article 27 representative within the Union.

6. International transfers

Transfers outside the EEA are governed by the International Data Transfer Statement.

Prodia Systems Ltd
27 Pembroke Street Upper, Dublin 2, D02 X361, Ireland
Contact: legal@prodia.dev