Effective date: 01/05/2020
Last update: 17/06/2020
We are a Veranda Retailer based in Co. Kildare, Ireland. Our offices are based at M7 Business Park, Naas, Co.Kildare.
To contact us, our email is firstname.lastname@example.org
What personal data do we process?
We process the following data:
- Names, addresses and telephone numbers and photographs of property relevant to our construction processes and client contract.
- E-mail addresses
- Text submitted via forms on our website (which may or may not include names, e-mail addresses and telephone numbers)
- IP addresses
Why do we process it?
We process data to perform our contracts with our customers.
Who do we share it with, and why?
We also share your data with our agents, staff, contractors and accountant to perform our contract.
To exercise the following rights, please send an e-mail to email@example.com You may be asked for additional data to verify your identity as part of processing the requests to exercise your rights. We will endeavour to respond to all requests within 30 days of receiving the initial request. If we are unable to complete the request within the 30 day limit, we will notify you within the required time limit.
You have the following rights:
1. Right to be Informed:
You will be provided with “fair processing information”, which will be completely transparent about how we gathered and will use your data. We will also notify you about any third party processors with whom we share your Personal Data, along with the reason for doing so. But you’re pretty much already reading it all in this policy anyway.
2. Right of Access:
You have the right to confirmation that your personal data are being processed and get access to a copy of your personal data and any other supplementary information.
3. Right of Rectification:
You have the right to have your personal data corrected if it is inaccurate or incomplete.
4. Right to Erasure:
You have the right to have your personal data deleted from our systems in the following situations:
- When you withdraw consent
- Data deletion is to comply with a legal obligation
- Where the data was unlawfully processed
- Where it is no longer necessary
- Where you object to the processing
- Where the personal data is processed to offer “information society services” to a child
We may have grounds to refuse such deletion requests for the following reasons:
- Exercise the right of freedom of expression
- For public health purposes in the public interest
- To comply with legal obligations
- The exercise or defence of legal claims
- Archiving purposes in the public interest
5. Right to Restrict Processing:
You can request that we no longer process your data, but that we can still store it.
6. Right to Data Portability:
You can obtain and reuse your personal data for your own purposes, without hindrance. We will provide the data to you in a structured and widely used machine readable form. We will also, at your request, pass your information directly to a competitor of ours, but we cannot be expected to provide it as a specific direct input to their electronic processing systems.
7. Right to Object:
You have the right to object to any direct marketing from us. We will immediately cease any such marketing upon request (via an unsubscribe link at the bottom of the direct marketing e-mail).
A cookie is a small text file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
You can find information on how to use browser settings to stop unwanted cookies in Chrome, Firefox, Opera, Safari and Internet Explorer. For other spurious browsers, please consult the help menu for that product.
We use Google Analytics on our website to improve our service to you.
We take appropriate measures to ensure the security of personal data under our control and to prevent unauthorized access, disclosure, modification, or destruction of data.
We retain data for 10 years to allow us to fulfill our contract and warranty obligations and to also allow us to offer appropriate after-sales service to clients.
Cross-border Data Transfer
Our use of Mailchimp means that the names and e-mail addresses of our newsletter subscribers are stored on servers hosted in US based data centres. Full details of Mailchimp’s security set-up is available on their website here https://mailchimp.com/about/security/
Our unstructured data (documents, spreadsheets, etc.), which may occasionally contain personal data, is stored on a server at our premises and we also use Dropbox, G Suite and Basecamp which is a project management software for cloud storage. We also use G Suite from Google and office 365 for our e-mail provision. The data on our internal server is regularly backed up our Google Drive and to Dropbox. Any personal data stored in our Google Drive, Dropbox, Basecamp or e-mail accounts are covered by our contract with Google, Dropbox, Basecamp and Office 365.
Details of Google’s G Suite security set-up is available here https://gsuite.google.com/intl/en_ie/faq/security/
Details of Dropbox security set-up is available here
Details of Basecamp security set-up is available here
Details of Office 365 security set-up is available here
Our website is hosted in Ireland and we do not use any other service that is outside of the EU for processing of Personal Data.
Updates or Questions
It would also be reviewed each time we add functionality to our website.