Privacy Policy
This website is owned and operated by Maurice Galway, with its registered office at Garraun, Firies, Killarney, Co. Kerry, V93 WN23. We are committed to protecting and respecting your privacy. This policy explains how we collect, use, and disclose your personal data when you visit our website or use our services.
What personal data do we collect?
We may collect and process the following types of personal data:
- Identity data, such as your name, username, password, and email address.
- Contact data, such as your address, phone number, and social media accounts.
- Transaction data, such as your payment details, order history, and invoices.
- Technical data, such as your IP address, browser type, device type, operating system, and location.
- Usage data, such as your browsing activity, preferences, feedback, and survey responses.
- Marketing data, such as your subscription status, preferences, and interests.
We do not collect any special categories of personal data, such as your race, ethnicity, religion, health, or biometric data.
How do we collect your personal data?
We may collect your personal data in different ways:
- Directly from you, when you provide it to us by filling out forms, registering an account, placing an order, contacting us, or subscribing to our newsletter.
- Automatically from our website, when you visit or use our website or services. We may use cookies or similar technologies to collect technical and usage data. You can find out more about how we use cookies in our cookie policy.
- From third parties, when we receive it from other sources, such as payment providers, delivery services, analytics providers, social media platforms, or public databases.
Why do we use your personal data?
We may use your personal data for various purposes, depending on the type of data and the legal basis for processing. We may use your personal data to:
- Provide our website and services to you, such as fulfilling your orders, delivering your products, responding to your queries, or sending you newsletters. The legal basis for this is the performance of a contract with you or taking steps at your request before entering into a contract.
- Improve our website and services, such as analysing usage data, conducting research, testing features, or soliciting feedback. The legal basis for this is our legitimate interest in enhancing our business operations and customer satisfaction.
- Market our products and services to you, such as sending you promotional offers, newsletters, or surveys. The legal basis for this is either your consent (if you have opted in) or our legitimate interest in growing our business and informing you of relevant products and services.
- Comply with our legal obligations, such as keeping records, reporting taxes, or cooperating with authorities. The legal basis for this is the compliance with a legal obligation to which we are subject.
How do we share your personal data?
We may share your personal data with third parties in certain circumstances:
- With our service providers, who help us with various aspects of our business operations, such as payment processing, delivery, hosting, analytics, marketing, or customer support. We only share the personal data that is necessary for them to perform their services and we require them to respect the security and confidentiality of your personal data.
- With our business partners, who may offer products or services that are complementary to ours or that may interest you. We only share your personal data with your consent or if you have opted in to receive marketing communications from them.
- With other users of our website, if you choose to interact with them through our website features, such as comments, reviews, forums, or social media. Please note that any personal data that you disclose in these public areas may be visible to other users and may be collected and used by them. We are not responsible for the privacy practices of other users and we advise you to exercise caution when sharing your personal data online.
- With law enforcement or regulators, if we are required to do so by law or if we believe that it is necessary to protect our rights, property, or safety or those of others.
How do we protect your personal data?
We take appropriate technical and organisational measures to protect your personal data from unauthorized access, use,
or disclosure. Some of the measures that we use include:
- Encryption, which means that we use secure protocols and algorithms to encrypt your personal data when it is stored or transmitted.
- Access control, which means that we limit the access to your personal data to only those employees, contractors, or service providers who need it for their legitimate business purposes and who are bound by confidentiality obligations.
- Firewalls and antivirus software, which means that we use software and hardware devices to prevent unauthorized access or attacks to our systems and networks.
- Backup and recovery, which means that we regularly backup our data and have procedures in place to restore it in case of a loss or damage.
However, please note that no method of transmission or storage is 100% secure and we cannot guarantee the absolute security of your personal data. You are responsible for keeping your password and account details confidential and for notifying us immediately if you suspect any unauthorized access or use of your account.
How long do we keep your personal data?
We only keep your personal data for as long as it is necessary for the purposes for which it was collected or as required by law. The retention period may vary depending on the type of data and the legal obligations that apply to us. When we no longer need your personal data, we will delete it or anonymize it so that it can no longer be linked to you.
What are your rights regarding your personal data?
You have certain rights regarding your personal data under the data protection law, such as:
- The right to access, which means that you can request a copy of the personal data that we hold about you and check that we are processing it lawfully.
- The right to rectification, which means that you can request us to correct any inaccurate or incomplete personal data that we hold about you.
- The right to erasure, which means that you can request us to delete or remove your personal data when there is no good reason for us to continue processing it.
- The right to restrict processing, which means that you can request us to suspend the processing of your personal data in certain situations, such as when you want us to verify its accuracy or the reason for processing it.
- The right to data portability, which means that you can request us to transfer your personal data to another organisation or to you in a structured, commonly used, and machine-readable format.
- The right to object, which means that you can object to us processing your personal data for direct marketing purposes or for our legitimate interests, unless we have compelling reasons to override your interests, rights, and freedoms.
- The right to withdraw consent, which means that you can withdraw your consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
- The right to lodge a complaint, which means that you can lodge a complaint with the Data Protection Commission if you are unhappy with how we handle your personal data.
If you wish to exercise any of these rights, please contact us using the details below. We may ask you to provide proof of your identity and some information about your request. We will respond to your request within one month, unless it is complex or we have multiple requests, in which case we may extend the response time by another two months. We will inform you of any extension and the reasons for it. We will not charge you any fee for exercising your rights, unless your request is manifestly unfounded, repetitive, or excessive, in which case we may charge a reasonable fee or refuse to act on your request.
How do we update this policy?
We may update this policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website or by sending you an email. The date at the top of this policy indicates when it was last updated. We encourage you to review this policy periodically to stay informed about how we collect, use, and share your personal data.
How do you contact us?
If you have any questions or comments about this policy or our privacy practices, please contact us by:
- Email: mauricegalway@gmail.com
- Phone: +353 (0) 87 9139962
- Post: Garraun, Firies, Killarney, Co. Kerry, V93 WN23
We will do our best to resolve any issues or concerns that you may have.