Security & Privacy
GDPR UPDATE 2018
Carraig Donn operates a number of stores located around Ireland, as well as a wholesale and online retail sales channel. Our head office in located at the following address:
Carraig Donn collect personal data for the purpose of identification when logging in to the online store, we also collect your email address, delivery address and mobile phone number for the purpose of delivering any items purchased by you. Your email address is collected as a unique identifier and to allow for purchase information to be sent to you once your transaction has been completed. Your credit card details are not handled by Carraig Donn directly but by a dedicated specialist payments processor called Shopify Payments as Carraig Donn understand we do not specialise in this type of data collection and processing.
Right of Access
As a customer of Carraig Donn you have the right to access any personal data being held by us. This can be requested by sending an email to email@example.com. We may then contact you in relation to providing proof of identification to confirm your identity. We will then process your subject access request according to our policies and provide the information requested within a reasonable period of time. We aim to provide the data within 30 days, but sometimes this can take longer due to the type or complexity of request or the current volume of request.
Right of rectification or erasure
If you find or feel that the information we hold on you is excessive or inaccurate you have the right to have this information removed or rectified. Please send all these types of requests to firstname.lastname@example.org stating the information to be rectified or the data to be removed with the reason for this. Please be aware that Carraig Donn has a legal obligation to hold some types of personal data and may not be able to delete these types of data on request. We will however inform you of this along with the time period we have to hold this data on your request.
Carraig Donn takes the security of your personal data seriously and as such employ appropriate physical and technical measures, including staff training and awareness and that we review these measures regularly. This includes the use of SSL encryption of web traffic between you the customer and our website.
Accurate, complete and up-to-date
Carraig Donn understands the importance of holding only accurate, complete and up-to-date data. If you discover that we hold inaccurate information about you, you can request us to correct that information and Carraig Donn would very much encourage you to do so. Any such request must be in writing and should be transmitted to us either by post or by email at the addresses referred to above. We may require photo I.D. to confirm and fulfil the request. We will review permissions already given by you before any actions are taken in respect of any further processing and update these as required by contacting you.
Adequate, relevant, not excessive
Carraig Donn adheres to the principle that data gathered must be adequate, relevant and not excessive. It is important to note that laws, rules and practices can evolve or change, so this will be reflected in the application and the operative spectrum of the three guiding sub-principles below.
Adequate: To provide the services on offer, personal data must be gathered for the purpose of communication, information, administration and legal compliance.
Relevant: Only personal data which is germane, appropriate and necessary under law to the requirements of the services provided and legitimate interests of Carraig Donn are sought.
Not excessive: The necessity of having an ‘upper limit’ of personal data collection is acknowledged. Carraig Donn is mindful of the potential for ‘excessive data creep’.
Carraig Donn minimises the quantum of personal data held. To facilitate this, unnecessary and/or superfluous data will be deleted/discarded in a secure manner. Where information must be held e.g. under a legal obligation then the appropriate amount of time for that data to be held under the specific industry guidelines, will not be retained for any longer than this said period. All files (electronic and hard-copy) are protected securely by Carraig Donn.
Complaint resolution mechanism
If you have any queries or complaints about how Carraig Donn collects, processes or retains our customers’ personal data please email email@example.com.