Who Are We?
Custom Keepsakes is a family run, Irish business operating under business number 716072.
What Is GDPR?
The introduction of GDPR introduces a legal framework that sets guidelines for the collection and processing or personal information of individuals within the European Union. It aims to improve your privacy and give you greater control over your personal data and how it is collected, processed and stored.
What Is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. This, in turn, covers any data held which may enable a person to be identified
How We Use Your Information And Our Legal Basis For Doing So
We use your data where this use is necessary in order to complete an order or because you have requested for something to be done so that you can enter into a contract with us (eg: provide information to us in order to receive a quotation or layout/design of a product).
In the event that you have subscribed to our mailing list, we also use your data to keep you updated on new products and promotional activities.
What Data Do We Collect?
CUSTOMER SERVICE AND ACCOUNT MANAGEMENT
We collect and retain data such as names, addresses, email addresses and phone numbers along with details of correspondence in order to maintain our customers accounts and manage invoicing and payment transactions.
INFORMATION PROVIDED TO US IN ORDER TO COMPLETE AN ORDER/PURCHASE
We collect and retain data that you provide to us such as photographs, names and other details in order for them to be incorporated into our personalised products. Personal data such as name, address, email address and phone number are collected in order for us to issue an invoice/receive payment and provide product delivery via courier service/An Post.
When someone visits www.customkeepsakes.ie, we use third party services, WordPress and Google, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow WordPress or Google to make, any attempt to find out the identities of those visiting our website.
Our website www.customkeepsakes.ie uses the following cookies in order to ensure the smooth running and functionality of our site:
User-input – this allows customers to shop online by storing product selection and checkout information necessary for the provision of our services.
Authentication – this allows the identity of a user to be confirmed
Custom Keepsakes does not rent or sell any of our customer details to any third parties.
As part of the registration process for our mailing list, we collect personal information such as a name and/or an email address. We use that information for a couple of reasons: to tell you about new products and ranges and to inform you of discounts and promotions. We don’t rent or trade email lists with other organisations and businesses.
We use a third-party provider, MailChimp, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our newsletters. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or emailing firstname.lastname@example.org.
Data Processors And Security
Whilst Custom Keepsakes is the data controller for the personal information you supply to us, there are Data Processors who process this data on our behalf. We commit to only using data processors who are GDPR compliant.
Facebook – our social media platform. See Data Policy
Instagram – our social media platform. See Data Policy
Electronic devices which contain the personal data of customers are password protected with the facility to remotely wipe in the event of theft. In addition to this our website is Hyper Text Transfer Protocol Secure (HTTPS).
Custom Keepsakes does not store any customer financial data such as credit cards or bank account details. Custom Keepsakes utilises Stripe for secure online transactions, Stripe being a certified PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.
Sharing Personal Data
We may in some instances share data with our carefully selected suppliers and service providers to enable us to carry out our services. Examples of this include our courier service. We will only share your details where necessary to provide our products/services or for legal/regulatory requirements and will only do so to GDPR compliant organisations.
We may share your data in the case that we are under a duty to disclose or share information. This may be in order for us to comply with any legal obligations or to protect our rights, property or the safety or our employees, customers or others.
We will not retain personal data for longer than is necessary for the purposes for which it was collected and in order to meet the legal and business requirements of managing your customer account.
- We will retain records of any financial transactions you enter into with us for a period of 7 years following the end of the year of said transaction.
- We will retain other personal data as necessary for as long as required in order for us to meet our legal and regulatory requirements.
What Are Your Rights?
Under GDPR Regulations, you have a number of rights regarding how your personal data is processed. There rights are summarised below:
RIGHT OF ACCESS
You have the right to access and receive a copy of personal information held by Custom Keepsakes. This may be requested via written request or via email, details for which can be found below.
You may have the right to change, restrict or delete personal data that we hold. Exception to this may be where data is required to be held for legal or regulatory reasons.
You may object to the processing of your personal data after providing consent for same. In this case, please contact us in writing or via email and data will be deleted as requested. Exception to this will be instances where data is required to be held for legal or regulatory reasons.
The above requests will be processed within 2 working days of request receipt.
How to contact us:
Unit 3, Site 31,
Duleek Business Park,
Duleek, Co. Meath