v1_0, last updated 23 June 2023
IMPORTANT: Please read this Privacy Policy as it applies to any personal data you provide us or we collect about you, for example if you access the website at houseofstyle.ie or any other website owned, operated, or provided by House Of Style, Blacklion Retail Center, Greystones, Co.Wicklow
WE DO NOT MARKET TO OR ENTER INTO CONTRACTS WITH CHILDREN NOR DO WE COLLECT PERSONAL DATA FROM ANY PERSON UNDER 18 YEARS OF AGE. PLEASE DO NOT ACCESS OR USE THE WEBSITE OR SERVICES IF YOU ARE UNDER 18 YEARS OF AGE.
This Policy
This Policy sets out what personal data we might collect, how we process and protect that data, the lawful grounds for that processing, and your related rights. We always seek to comply with the data protection laws applicable to our processing of personal data.
We use ‘GDPR’ to refer to either the EU or UK version as they’re almost identical. The GDPR is the world-standard for data protection laws, inspiring legal developments around the world.
‘Personal data’ is a defined term in EU and UK law. We also use it here to cover ‘personally identifiable information’ as defined in US law, and other similar legal definitions. Essentially ‘personal data’ means any information relating to an identified or identifiable natural person, namely one who can be identified, directly or indirectly from that information alone or in conjunction with other information.
In most cases, the lawful ground (or legal basis) for our processing will be that the processing is necessary: (i) for our legitimate interests in carrying out our business, including improving and marketing our products and services], provided those interests are not outweighed by your rights and interests (‘Legitimate Interests’), (ii) to perform a contract with you (‘Contract’), or (iii) to comply with our legal obligations (‘Legal Obligation’). Where processing is based on your consent (‘Consent’), we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent when we ask for your consent.
As data protection law and practice are constantly developing, we’ll need to update this policy from time to time, which we’ll do by posting a new policy on the Website that takes effect from the date stated. It is your responsibility to return to the Website from time to time and check for changes.
How Do We Obtain Personal Data?
We collect or are provided personal data in the normal course of business. For example:
In ‘GDPR-speak’, we are the ‘controller’ of Account, Marketing, Improvement and Recruitment Data as we determine the purposes (the ‘why’) and the essential means (the ‘how’) of the collection and processing. We are the ‘processor’ of Service Data as the customer remains the ‘controller’ of Service Data and we only process Service Data to fulfil our contract with the customer and on their instructions.
Your Provision of Personal Data
When you provide us with personal data about yourself or another person, for example a colleague or a contact, you are confirming to us that you have their consent or are otherwise authorised to provide us with that information and that any personal data you give us is accurate and up-to-date.
Provision of personal data to us is never a requirement, however if you do not provide us with the personal data necessary for us to carry out an action at your request or under a contract with or relating to you, for example to respond to your query or provide Services to you, we may not be able to respond to your query or provide Services to you.
How do we use personal data?
We use personal data in the normal course of our business, including to provide, secure, manage and improve our Services and to meet any binding contractual or legal obligations. This includes:
Electronic Direct Marketing
Where we carry out electronic direct marketing – including phone calls, automated phone calls, emails, SMS and IM – we will comply with the relevant, applicable laws including the EU e-Privacy Directive, which has been implemented by national laws across the EEA and in the UK. This means for example that we will, where required, check national do-not-call registers and obtain your prior specific and informed consent, particularly where you are acting as a consumer.
Sharing Data & International Transfers
We will not give, sell or rent your personal data to third parties so they can market their services to you. Nor do we accept advertising from third parties on the Website. We may share personal data in the following limited circumstances.
In each case, we share the minimum personal data necessary and we have written contracts in place incorporating relevant wording to safeguard that personal data and comply with applicable laws, and we will only share such data as is necessary for the purpose in question. Our starting position is always to keep personal data within the UK or European Economic Area (‘EEA’) where the UK GDPR or EU GDPR applies respectively. However, in order to carry out the above purposes, we may use third parties and their facilities outside the EEA. In all such cases we will ensure that appropriate security measures are in place to protect your personal data and a valid legal basis for the transfer applies.
Cookies
Our Website uses cookies and/or similar technologies. Please review our Cookie Policy which is part of (and incorporated into) this Privacy Policy for more information, including on how to refuse or selectively accept cookies and/or similar technologies.
Retention
As a default position, we will only retain personal data for any statutory retention period, then a reasonable period (if any) necessary for the above purposes. This is subject, for example, to any valid opt-out or withdrawal of consent where processing is based on consent, or other valid exercise of your data subject rights.
Security
The security of data is very important to our business. In accordance with our legal obligations, we take appropriate technical and organisational measures to protect your personal data and keep those measures under review. However, we can only be responsible for systems that we control and we would note that the internet itself is not inherently a secure environment.
Anonymised data
We may create anonymised data from personal data, and any anonymisation would be carried out in accordance with applicable law as well as relevant guidelines from regulators such as the UK Information Commissioner (‘UK ICO’). Anonymisation may, for example, be achieved by aggregating data to the point that no individual can be identified such as aggregating website use statistics to see which web content is working well and which could be improved. Anonymised data does not allow for the identification of any individual person and, as it is no longer personal data, neither data protection laws nor this Privacy Policy would apply to such data.
Third Party Services
If you access the services of another provider through our websites or services, for example through a link on the Website, your use of those services is entirely at your risk and governed by the terms and privacy policy of that third party provider. If we resell a service delivered or provided by a third party (‘Third Party Service’), including any software that is delivered or owned by a third party (‘Third Party Software’), it is that third party’s separate privacy policy that will apply to your personal data and your use of the Third Party Service and Third Party Software. Your use of a Third Party Service is not covered by this Privacy Policy. Please therefore review the privacy policy for any Third Party Service and Third Party Software before using it.
Your rights
Under the UK and EU GDPRs, you have the following rights (some of which may be subject to conditions set out in the relevant GDPR):
You have the right, at any time, to object to the processing of your personal data for direct marketing.
Contact Us
If you’ve any question you can always contact us at the address above or by email to info[AT]houseofstyle.ie.