This page explains how croiaireland.com ("We") collect personal data from you, why we collect it, how we process it and where we may disclose it to other entities.
We are committed to complying with the Data Protection Act 1998 and the EU General Data Protection Regulation for the purposes of data protection and privacy.
As from the 25th of May 2018, the EU General Data Protection Regulation replaces the Data Protection Act 1998. This gives you new rights in relation to the privacy of your personal information. In the case of any request involving one of your rights, we will respond to your request without delay and at most within one month of receipt of your request. We are permitted to extend this time period by up to two months if your request is particularly complex.
Right of Access
Subject Access Requests allow you the right to obtain a copy of the information that we hold about you. You have the right to ask us to provide you with this information free of charge. However, should the request be deemed to be manifestly excessive, manifestly unfounded or repetitive, then we are permitted to charge a reasonable fee for providing the information. In such circumstances, and as an alternative, we can refuse to comply with the request. If this is the case then we shall let you know the reasons for us refusing to comply. You have a right to appeal such a decision via the The Office of the Data Protection Commissioner (DPC). For further information visit www.dataprotection.ie
Subject access requests may be sent to the Data Controller at email@example.com
You are entitled to have the information that we hold about you rectified if it is inaccurate or incomplete.If you believe that the information that we hold about you is inaccurate, incomplete or out of date then please let the Data Controller know at firstname.lastname@example.org
We will also inform any third parties of the rectification in order that they can update their records too.
Right to Erasure
You have the right to request that we delete the personal information that we hold about you where we have no compelling reason for its continued processing. This right will apply:
- Where retention of the data is no longer necessary for the purposes that it was originally collected or processed
- Where you have withdrawn consent
- Where you object to us processing the data and there is no overriding legitimate interest for us to continue to do so
- When the personal data has to be erased for us to comply with a legal obligation
- When the data has been unlawfully processed
- Where the data relates to a child
This right shall not apply:
- Where we are exercising the right of freedom of expression and information
- Where we are complying with a legal obligation
- Where we are archiving data in the public interest, for scientific research or for statistical purposes
- When we need the data to exercise or defend a legal claim
Erasure requests may be sent to the Data Controller at email@example.com
We will also inform any third parties of the request in order that they can erase their records too.
Right to Restrict Processing
You can request that we restrict the processing of your information. This means that you may have requested one of your other rights, where until the request is concluded that we suspend the processing of your data. If we have passed your data to a third party, we will also inform them that they must restrict the processing of your data. This right will apply:
- Where you contest the accuracy of the information that we hold about you and you request that we restrict processing while we investigate
- You object to us processing your personal data, but we believe that processing is in the public interest or the performance of our legitimate interests and that these are legitimate grounds to override your interest
- Where you believe that processing is unlawful and you request restriction instead of deletion
- Where we no longer need that data, but you require the data stored in order to pursue a legal claim
Restriction requests may be sent to the Data Controller at firstname.lastname@example.org
Right to Data Portability
You have the right to request the information that we hold on you be supplied to you in a portable format. This allows you to take your information from our IT environment to another organisation’s IT environment. The format in which we supply your data will be a structured and machine readable CSV file.
Portable data requests may be sent to the Data Controller at email@example.com
Right to Object
You have the right to object to your personal information being processed by us. This means:
- If you object to us processing your data for marketing purposes then let us know and we will stop sending you marketing material.
- If you object to us processing your data at all (i.e. where you have an account with us) let us know and we will completely remove your personal information from our marketing systems.
If you choose the second option and then change your mind at a later date, then you will need to set up a new account to resume shopping with us.
Requests for either of these options may be sent to the Data Controller at firstname.lastname@example.org
We use data profiling in order to make the content of our communications to you more interesting and relevant. This means that you will only receive details of our very best offers that have been tailored with you in mind. It also allows us not to waste your time by sending offers that are unlikely to be of interest.
You have the right not to be subject to a decision based solely on automated processing. This includes decisions based on profiling. If you choose to exercise this right, then you will no longer receive offers from us as we base our mailing list on our customers’ purchase history.
If you object to such automated decisions making being made based on your personal data, then please inform the Data Controller at email@example.com and we will ensure that is not done by us.
Information we may collect from you
We use the EU General Data Protection Regulation definition of personal data. This is any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We may collect and process the following data about you:
- Information that you provide by filling in forms on the website at www.giftfairy.ie, information provided via live chat and information provided via email. This includes information provided at the time of registering to use the website, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with the website
- If you contact us, we may keep a record of that correspondence
- Details of transactions you carry out through the website and of the fulfilment of your orders
- Details of your visits to the website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access
- We may also receive your information from another organisation that you have consented for them to share your data
We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies and other such software on our website contain information that is transferred to your computer's hard drive. They help us to improve the website and to deliver a better and more personalised service.
This includes, but is not limited to:
- Your IP address
- Your operating system
- Your browser type
- The name of your internet service provider
- The date, time and duration of your visit
- The name and URL of pages you access
The purpose of this is for system administration and to report aggregate information for advertising. This contains statistical data about our users' browsing actions and patterns, and does not identify any individual.
The website may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Use of our Services by Children
Our website is not intended for the use of children under the age of eighteen. We ask that children do not provide personal information through our website. If we become aware that we have collected personal information from a child under the age of eighteen, then we will delete that information from our records.
Where we Store your Personal Data
The data that we collect from you may be transferred to, and stored at, a destination inside & outside the European Union ("EU"). It may also be processed by staff operating inside & outside the EU who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the appropriate EU General Data Protection Regulation Article, including Article 45 - Adequacy Decision, Article 46 - Appropriate Safeguards, Article 47 - Binding Corporate Rules, Article 49 (1) - Specific Situation Exemption or Article 49(2) - Transfer to the Data Subject.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We use physical, technological and administrative safeguards to protect your personal information against loss, misuse or alteration. All your personal information is stored securely and may only be accessed by employees with a legitimate business need to access the information. Unfortunately, the transmission of information from you to us via the internet is not completely secure and we cannot guarantee the security of your data transmitted by you to the website. Any transmission from you to us is at your own risk.
How we use your information
We use information held about you in the following ways:
- To ensure that content from the website is presented in the most effective manner for you and for your computer
- To carry out our obligations arising from any contracts entered into between you and us
- To allow you to participate in interactive features of our service, when you choose to do so
- To notify you about changes to our service
Direct Marketing Communications
We may use your data to enable us to send you post, SMS, telephone and emails with information about our goods and services that we believe may be of interest to you.
You have the right to withdraw from or amend the receipt of direct marketing communications. If you would like to do this then simply contact the Data Controller firstname.lastname@example.org and let us know. If you do decide to do this then you will miss out on news of the fantastic offers that we would like to make you aware of. There is also an option on all of our marketing emails to unsubscribe.
Disclosure of your information
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce other agreements; or to protect the rights, property, our customers, or others
In addition to the information that we share in order to comply with our legal obligations, we also may share or disclose the information:
- To third parties that process data on our behalf. This includes but not limited to DHL, An Post, Shopify , PayPal & Realex.
We may also exchange your information with other companies and organisations for the purposes of fraud protection and credit risk reduction. Where false information or fraud is suspected, we may pass this information to fraud prevention and law enforcement agencies.
Retention of Data
We retain your information for as long as you hold an account with us. This enables us to maintain an ongoing relationship with you and allows us to service the orders that you place with us. We follow a data retention schedule; this has been put in place to ensure that we retain the minimum amount of personal data about you.
We ask that you not send or disclose any sensitive personal information to us either through our website, post, email, text message, live chat, telephone call or by any other method. For clarity, sensitive personal information means information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership.
In the unlikely event that information that you have supplied us is compromised then we shall notify The Office of the Data Protection Commissioner and you that this is the case. This notification will be made without due delay.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes, and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Cookies also enable us to learn about what ads you see, what ads you click, and other actions you take on our sites and other sites. This allows us to provide you with more useful and relevant ads. For example, if we know what ads you are shown we can be careful not to show you the same ones repeatedly.
We do not provide any personal information to advertisers or to third party sites that display our ads. However, advertisers and other third-parties (including the ad networks, ad-serving companies, and other service providers they may use) may assume that users who interact with or click on a personalised ad or content are part of the group that the ad or content is directed towards. Our personalized or targeted ads, are displayed to you based on information from activities such as purchasing on our sites, use of devices, apps or software, visiting product pages and browsing our site.
- Delivering content, including advertisements, relevant to your interests.
- Keeping track of items stored in your shopping basket.
- Conducting research and diagnostics to improve our content, products, and services.
- Preventing fraudulent activity.
- Improving security.
- Remember your preferences such as language and currency and make it easier to find your recently viewed products.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Cookies you may see used on croiaireland.com
|COOKIE name||COOKIE Description|
|CART||The association with your shopping cart.|
|CATEGORY_INFO||Stores the category info on the page, that allows to display pages more quickly.|
|COMPARE||The items that you have in the Compare Products list.|
|CURRENCY||Your preferred currency|
|CUSTOMER||An encrypted version of your customer id with the store.|
|CUSTOMER_AUTH||An indicator if you are currently logged into the store.|
|CUSTOMER_INFO||An encrypted version of the customer group you belong to.|
|CUSTOMER_SEGMENT_IDS||Stores the Customer Segment ID|
|EXTERNAL_NO_CACHE||A flag, which indicates whether caching is disabled or not.|
|FRONTEND||You sesssion ID on the server.|
|GUEST-VIEW||Allows guests to edit their orders.|
|LAST_CATEGORY||The last category you visited.|
|LAST_PRODUCT||The most recent product you have viewed.|
|NEWMESSAGE||Indicates whether a new message has been received.|
|NO_CACHE||Indicates whether it is allowed to use cache.|
|PERSISTENT_SHOPPING_CART||A link to information about your cart and viewing history if you have asked the site.|
|POLL||The ID of any polls you have recently voted in.|
|POLLN||Information on what polls you have voted on.|
|RECENTLYCOMPARED||The items that you have recently compared.|
|STF||Information on products you have emailed to friends.|
|STORE||The store view or language you have selected.|
|VIEWED_PRODUCT_IDS||The products that you have recently viewed.|
|WISHLIST||An encrypted list of products added to your Wishlist.|
|WISHLIST_CNT||The number of items in your Wishlist.|
|Affiliate||Allows us to identify how you found our site and optimize your personal experience.|
|showSignup||Information whether you have opted in to receive emails from us or not if you have visited our site before.|
|Google Analytics||Google Analytics cookie that allows us to understand how you use the site to keep constantly improving your experience. Google Analytics may set a number of cookies depending on your session. You can find the list of all cookies set by Google Analytics here: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage?csw=1|
|Cloudflare||Cloudflare __cfduid cookie allows to improve website security. It does not store any personally identifiable information. For more details please see: https://support.cloudflare.com/hc/en-us/articles/200170156-What-does-the-Cloudflare-cfduid-cookie-do-|
|Google Adwords||All cookies beginning with "_ut" are set by Google Adwords which we use for online advertising programs. This lets us to keep track of how many users click on our advertisments and measure the success of our marketing campaigns. Adwords cookies expire after 30 days and are not used for personal identification.
|Facebook Business||We're using Facebook Business for marketing and online advertising programs.|
Changes to Privacy Notice
We review this notice at least annually or after any significant change to our website, processes, systems or because of government regulations. Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by email. We recommend that you visit this page from time to time to view any changes that we may have made.
Date of Last Review: September 2022
The Data Controller
Our Data Controller may be contacted in writing at email@example.com
If you have a complaint relating to our data protection or data privacy then please email the Data Controller.
If you are unhappy with the final response that you receive from us in relation to a complaint, then you have the right to complain to our supervisory authority, The Office of the Data Protection Commissioner. For further information, please visit www.dataprotection.ie