Security when you order online
We have made security a priority for our customers. All transactions are made on a secure server, which will encrypt and protect your information.
Newbridge Silverware have adopted 3D secure, Mastercard Securecode and Verified by Visa for your additional protection.
These methods provide a simple and secure way to pay by verifying A private code known only to you and your bank.
This enhances your security by protecting you against unauthorized use of your card when shopping online at participating online retailers.
Newbridge Silverware does not hold credit card numbers when these are provided to our secure e-commerce link. Credit card numbers provided through our e-commerce facility are processed in an encrypted form (using SSL 128-bit encryption). This provides a high level of security protection for our customers.
This Privacy Statement (our Statement) sets out the basis on which any personal data within the meaning of the General Data Protection Regulation (GDPR) (EU) 2016/679 is collected and used by us. This Statement is drafted and operated in accordance with the GDPR and Data Protection Act (2018).
2. Who we are
We are Newbridge Cutlery Company UC trading as Newbridge Silverware ('We' and “Us”) of Cutlery Road, Newbridge, Co. Kildare, Ireland, a company registered in Ireland under company number 31783.
3. Who is the Data Controller
Newbridge Silverware is the controller of your data and is responsible for this website and this Statement. We are not required to have a Data Protection Officer but have taken the step to appoint a data champion who is responsible for overseeing questions in relation to this Statement. If you have any questions about this Statement, including any requests to exercise your legal rights, please contact the data champion using the details set out below. This data champion can be contacted at:-
Name: Martin Kilduff
Address: Cutlery Road, Newbridge, Co. Kildare, Ireland
You have the right to make a complaint at any time to the Data Protection Commissioner’s Office (www.dataprotection.ie) being the supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the Data Protection Commissioner’s Office so please email us at email@example.com
4. What is Personal data?
Personal data is information which relates to an identifiable natural person and is more particularly defined in the GDPR. It does not include data where the identity has been removed (anonymous data).
We process personal data relating to the following categories of data subject: our employees, our customers who are natural persons, our social media followers and third party employees and contractors who we do business with or who provide services to us.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, last name, date of birth.
- Contact Data includes address, email address and telephone numbers.
- Financial Data includes bank account or credit card information.
- Transaction Data includes details of products or services ordered from us, quotations issued, customer services interactions, payments to and from you.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
5. Do we collect other types of Data?
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
6. Do we collect sensitive personal data?
No. Sensitive personal data includes certain categories of personal information, such as that about race, ethnicity, religion or health, but to confirm, we do not collect any such information.
7. When do we collect personal Data?
- you opt in and provide consent to us to contact you via our website or through social media/email;
- you use your credit or debit card to pay for your purchases on our site;
- you interact with us via social media such as Facebook or Twitter or Instagram;
- you direct message us via various social media platforms;
- you make an enquiry with us;
- you create an account or profile on our website;
- you subscribe to our newsletter and/or other publications; and
- you communicate with us via post and other correspondence.
8. How do we use your data?
We use it in order to:
- provide products and services;
- process your payment for your purchase;
- protect both our interests;
- verify credit or other charge card details;
- manage your loyalty and reward/discount programme (if applicable);
- identify ways that we can improve our service;
- meet our legal and regulatory obligations;
- provide you with marketing content that you have consented to receive;
- answer your queries; and
- provide you with news updates and information that you have consented to receive.
9. Are we allowed to use your data?
Yes, provided we can identify a legitimate basis for doing so. To use your information lawfully, we rely on one or more of the following legitimate bases:
- that it is necessary for the performance of a contract to which you are party to with us;
- that it is necessary for purposes of the legitimate interests of our business (except where those interests are overridden by your interests or fundamental rights and freedoms);
- that it is in compliance with legal or regulatory obligations; and
- that it is necessary in protecting the vital interest of you or others.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
Generally we do not rely on consent as a legal basis for processing your data other than in relation to sending you direct marketing communications. We have ensured that you ‘Opt In’ to receive or continue to receive these services. You have the right to withdraw consent at any time by contacting us.
10. Our Security Measures
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Our security measures include the following:
- maintaining ongoing confidentiality, integrity, availability, access, and resilience of processing systems and services;
- restoring the availability of and access to personal data, in the event of a physical or technical security breach;
- maintaining robust security measures (both IT and physical);
- ensuring our staff are fully data security and GDPR trained;that our internal processes and procedures are reviewed and fit for purpose;
- that we conduct Data Risk Impact Assessments;
- that we test and evaluate the effectiveness of our technical and organisation measures; and
- that we ensure our third party service providers and/or contractors are GDPR compliant.
11. Do we share personal data with third parties?
Yes, we share personal data internally and also with third parties who provide services to us in the course of our business subject that we disclose only the personal information that is necessary for the purpose of the performance of their services and we have contracts in place that guarantee the security of your data and the integrity of our service providers’ systems.
These parties include:-
- software management services providers;
- payment processor service providers;
- ad-serving agencies and other advertising intermediaries;
- regulatory bodies, government and enforcement agencies, such as An Garda Síochána
- IT service providers; and
- data security consultants in the context of auditing our data security systems, policies and protocols.
12. Do we transfer your data outside of the EEA?
No, we do not transfer any personal data outside of the European Economic Area (the EEA).
We require your express consent if we wish to contact you for direct marketing purposes (by email or social media). You are entitled to withdraw your consent at any time at any time. To withdraw your consent you simply click the "unsubscribe" link in any communication that you receive from us via email. This will automatically unsubscribe you from that type of communication. Please note that you may continue to receive communications which are already on route to you for a short period of time while your relevant unsubscribe request is being processed. Alternatively, you can contact our contact firstname.lastname@example.org.
14. How long do we hold your data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
16. What are your data rights?
You have the following:
- A Right of Access. To request a copy of the information that we hold about you. If you would like a copy of some or all your personal information, please contact us using the contact details mentioned below. We will respond to your request within one month;
- A Right of Rectification. To ensure that your personal information held by us is accurate and up to date. If you would like us to correct or remove information you think is inaccurate please contact us using the contact details mentioned below;
- Right to Object. To object to the processing of your personal data on grounds relating your particular situation if we claim that the processing is carried out on the basis that it is necessary for the purposes of our legitimate interests or those of your employer or a third party. We can only deny your request if we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of a legal claims;
- Right to Restrict Processing. To ask us not to process your data for a period of time for a particular reason, for example if you have queried the accuracy of data we hold about you. Again, this is not an absolute right and it only applies in certain circumstances.
- Right to Data Portability. You have the right to receive the personal data which you have given to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without delay from the current controller if:
- the processing is based on consent or on a contract, and
- the processing is carried out by automated means.
- Right not to be subject to Automated Decision Making. You have the right to require that we no longer contact you for marketing purposes (by means of an ‘unsubscribe’ link or ‘Stop’ text message);
- Right of Erasure. Should you wish for us to completely delete all information that we hold about you please contact us using the contact details mentioned below; and
- Right to Complain. A right to lodge a complaint (concerning the manner and means of our processing of your personal data) with the Office of the Data Protection Commissioner (www.dataprotection.ie).
17. Changes to our Statement
Finally, please note that we may revise or update our Statement at any time subject that we will at all times comply with our obligations under the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Data Protection Acts. This Privacy Statement was updated 21 May 2021.
In order to be able to offer you Klarna's payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you.
19. Contact us
If you wish to contact us for any of the reasons set out above or you have any questions about our privacy Statement or you wish to make a complaint with regard to the manner and means in which your data is processed by us or with regard to any other matter in relation to your data, you can write, call or email us at email@example.com.