Skip to content

Cart

Your cart is empty

Privacy Policy

Hanna Hats of Donegal Ltd

Privacy Notice

This is your guide to how personal data is managed by Hanna Hats of Donegal. It is important that you know what we do with the personal information you provide to us, why we gather it and what it means to you. This document outlines our approach to Data Privacy to fulfill our obligations under the General Data Protection Regulation (2018).

 Who We Are

Throughout this document, ‘we’, ‘us’ or ‘our’ refers to Hanna Hats of Donegal Ltd.

 We gather and process your personal information in accordance with this privacy notice and in compliance with the relevant data protection regulation and law. This notice provides you with the necessary information regarding your rights and obligations, and explains how, why and when we collect and process your personal data.

Information That We Collect

Hanna Hats processes your personal information to meet our legal, statutory and contractual obligations and to provide you with our products and services. We will never collect any unnecessary personal data from you and do not process your information in any way, other than that specified in this notice.

 We collect information in the following ways:

  • When you visit our website to browse or place orders
  • When you send us correspondence or products orders via email
  • When you telephone us with a product query or to place an order
  • When you attend at our physical store

 The information we collect falls into the categories outlined below:

  • Identity and contact information

Data to identify you, including your name, address, email address, telephone number.

  • Order information

Information associated with orders you initiate for our products including product style, quantity, date and time of purchase as well as any product reviews you submit.

  • Payment information

Information required facilitating purchase of our products including credit card details, product description, purchase amount, billing and shipping address.

  • Online information

Our website automatically collects information on your visit including your IP address, cookie identifiers, previous visits and orders, channels used to access our webpage, information about the device and browser you use as well as information on marketing emails opened and links used. Additional information on cookies is available below including how to manage and opt out.

  • CCTV

Your image may be captured when you visit our premises

 

How We Use Your Personal Data and the Legal Basis

Hanna Hats takes your privacy very seriously and will never disclose, share or sell your data without your consent, unless required to do so by law or in accordance with this notice. We only retain your data for as long as is necessary and for the purposes specified in this notice.

 The purposes and reasons for processing your personal data are detailed below:

  • You have agreed or explicitly consented to the using of your data in a specific way (you may withdraw consent at any time by contacting us using the details provided below).
  • We collect your personal data in the performance of a contract or to provide a service and to ensure that orders are completed and can be sent out to your preferred address.
  • To manage our business for our legitimate interests such as payment fraud analysis and for marketing purposes.

Sharing and Disclosing Your Personal Information – who we share your information with

Other than for the purposes specified in this notice or where there is a legal requirement we do not share or disclose any of your personal information without your consent. Hanna Hats uses Shopify Inc to host our online store, Mailchimp for our newsletter service and Loox Online for product reviews. We also use Google Analytics for analyisis of our website performance. Each act as data processors on our behalf and only process your data in accordance with instructions from us, the data protection laws and any other appropriate confidentiality and security measures.

We share your personal data with the following categories of service providers:

Our professional advisers including our accountants, auditors and insurers as well as our delivery providers and email service providers.

 Website Hosting

To provide our online store, we share your personal data with Shopify Inc. This includes your personal data from the contact, order, payment and online information categories outlined above. Additional information on how Shopify Inc. handles personal data is available from their privacy policy.

 Marketing Application

To provide our online newsletter service, we share your personal data with Mailchimp. This includes some items from the contact, order, payment and online information categories outlined above. Additional information on how Mailchimp handles personal data is available from their privacy policy.

 Product Review Application

To provide our product review service, we share your personal data with Loox Online Ltd. This includes some items from the contact, order and online information categories outlined above. Additional information on how Loox Online Ltd handles personal data is available from their privacy policy.

 Payment Application

To process payments for orders placed on our website, we share your personal data with Shopify and PayPal. The information includes some items from the contact, order, payment and online information categories outlined above. Additional information on how PayPal handles personal data is available from their privacy policy.

 Website Analytics

To help us understand how our customers use our website, we share your personal data with Google Analytics. This information is anonymised and we are not able to trace your browsing activity to you. The information includes some items from the order and online information categories outlined above. Additional information on how Google Analytics handles personal data is available from their privacy policy.

 Transfers Abroad (outside the European Economic Area)

We or our service providers may transfer your personal data outside of the European Economic Area.  Where personal data is transferred outside of the European Economic Area by our third party providers, we have confirmed appropriate safeguarding measures are in place including the EU-U.S. Privacy Shield Framework (for USA – Mailchimp, Loox Online, PayPal and Google) and Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) (for Canada – Shopify).

 Information from cookies and similar tracking technologies

Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by online service providers in order to (for example) make their websites or services work, or to work more efficiently, as well as to provide reporting information.

Why do we use cookies and similar tracking technology?

  • We use cookies to recognize your device and provide you with a personalized experience on our website. We also use cookies as part of the shopping cart for our website.
  • We also use cookies for advertising and analytics.
  • We also use web beacons, tracking technology and other automated tracking methods on our website, in communications with you, and in our products and services, to measure performance and engagement.

Additional information is available in the Shopify, Mailchimp, PayPal and Google Analytics cookie policies including how to manage and opt out.

Automated Decision Making

Automated decision making means making decisions about you using no human involvement e.g. using computerised filtering equipment. Some personal information is used by our online store hosting company Shopify, for services that include elements of automated decision-making to automatically block certain potentially fraudulent transactions for a short period of time.

Safeguarding Measures

Hanna Hats takes your privacy seriously and we take appropriate measures and precautions to protect and secure your personal data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction.

 f you provide us with your credit card information when purchasing our products directly with us, the payment is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. If when purchasing from our online store you choose a direct payment gateway, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

You should note however that the transmission of information via the internet is not 100% secure and we cannot guarantee that data you supply will not be intercepted while being transmitted to us over the Internet. 

Your Rights

You have the following rights in certain circumstances and subject to certain exemptions in relation to your personal data:

You have the right to access any personal information that Hanna Hats processes about you and to request information about:

  • what personal data we hold about you;
  • the purposes of the processing;
  • the recipients to whom the personal data has/will be disclosed;
  • how long we intend to store your personal data for;

You have the right to withdraw consent at any time where processing is based on consent.

If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to update/correct it as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.

You also have the right to request erasure (deletion) of your personal data that we hold about you.

You have the right to request that we restrict processing in accordance with data protection laws.

You have the right to object to our processing for particular purposes including a right to object to any direct marketing from us.

You have the right to be informed about any automated decision-making that we use.

Data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine readable format.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the relevant request; this is to ensure that your data is protected and kept secure.

If you wish to exercise any of the rights set out above, please contact us at info@hannahats.com

Children

We do not knowingly collect personal information from children under the age of 16. In the event you become aware that an individual under the age of 16 has submitted personal information to us without parental permission, please advise us immediately.

How Long We Keep Your Data

Hanna Hats retains your personal data for as long as necessary to provide you with our services as our customer and to satisfy associated financial, legal and regulatory obligations. We will not hold your data for longer than is necessary. As a general rule, we keep your data for a specified period after the date on which a transaction has completed which in most cases is six years.

Consequences of Not Providing Your Data

You are not obligated to provide your personal information to us, however, if you wish to purchase a product from us we require some information (your name and address for example) as this information is required for us to process and deliver your orders. If you do not provide this information, we will not be able to offer our products without it.

Lodging a Query or a Complaint

Hanna Hats only processes your personal information in compliance with this privacy notice and in accordance with the relevant data protection laws. If, however you wish to raise a query or a complaint regarding the processing of your personal data or are unsatisfied with how we have handled your information, you have the right to lodge a complaint with us. You also have a right to lodge a complaint with the supervisory authority. The Irish supervisory authority is the Data Protection Commission.

Hanna Hats of Donegal Ltd
Data Compliance Officer
Tirconaill Street, Donegal Town, Co. Donegal, Ireland
++353 (0) 74 9721084                 
info@hannahats.com

The Supervisory Authority 
Data Protection Commissioner
Canal House, Station Road, Portarlington, Co. Laois, Ireland
+353 (0) 57 8684800
info@dataprotection.ie

 

Changes to our privacy notice

Hanna Hats may change this notice from time to time. All changes will be posted and updated here. We advise you to check back frequently to review the most current version of this notice.

 

This notice was last updated on 9 July 2018.