EU GDPR PRVACY STATEMENT
NULTY PROVIDERS LIMITED
Nulty Providers Limited are committed to protecting and respecting your privacy. We wish to be transparent regarding how we process your personal information and demonstrate that we are accountable, in accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act 2018. It is the intention of this Privacy Statement to explain to you our privacy management practices in relation to the personal information that we collect and process.
The scope of this Privacy Statement extends to include all personal information which is collected through www.nultyproviders.ie. In addition, this Privacy Statement also extends to personal information which is processed through Software Applications, CCTV technology and email communication. This Privacy Statement does not relate to personal information which is collected and processed manually.
In accordance with the EU GDPR (2016/679) and the Data Protection Act 2018, we are identified as h a Data Controller, there may be circumstances where we are also identified as a Data Processor.
By willingly providing personal and other information, you consent to the terms and conditions of this Privacy Statement. Please read this statement carefully, as this document sets out the basis on how we collect and process the personal information you provide to us.
WHO ARE WE?
Nulty Providers Limited specialise in the design and installation of bespoke fireplaces and in the supply and fitting of stoves. We are based in Drogheda, Co Louth, Ireland and provide our services throughout Ireland. …………………………………………………………………………………..
HOW WE COLLECT PERSONAL INFORMATION ABOUT YOU
Personal information is collected when you register on www.nultyprovider.ie either by email, or when you complete and submit any of our online forms. The categories of personal information that we collect, and process include, your name, company name, email address, postal address, and contact telephone number.
HOW WE USE YOUR PERSONAL INFORMATION
We are legally mandated to identify the specific lawful bases which allow us to collect and process your personal information. In accordance with EU GDPR legislation, we rely on the following legal bases, Consent, Contractual Necessity, Legal Obligation, Legitimate Interest, Public Interest.
There may be occasions when it is necessary to engage with third-party stakeholders and working partners for the following purposes:
To facilitate the delivery of our products and services
To provide products and services on our behalf
To assist us in analysing how our products and services are used
We may process your personal information for more than one lawful basis depending on the specific purpose for which we are using your personal information.
The following table illustrates the various purposes that your personal information may be collected and processed and the legal bases for processing that personal information. Please note, however, that this is not an exhaustive list of our data processing activities.
|PURPOSE||CATEGORY OF DATA||LAWFUL BASIS|
|To register you as a customer.
To register you as an external Stakeholder/Supplier
|Name, address, phone no, email address||Contractual Necessity|
|To allow you to place a product order||Name, email address, postal address, phone no||Consent,|
|To allow you to make online payments||Name, email address||Contractual Necessity|
|To provide and deliver our products and services to you.||Name, address, phone no, email address||Contractual Necessity, Consent,|
|To allow us to issue invoices||Name, address, email address||Contractual Necessity, Legitimate Interest|
|To reply to your enquiries and emails.||Name, address, phone no, email address||Contractual Necessity, Consent|
|To manage and administer the use of our services & relationship with clients, suppliers, stakeholders.||Name, Address, Email address||Contractual Necessity/Legitimate Interest, Consent|
|For the prevention and detection of crime||Name, (possibly address & email address)||Public Interest, Legal obligation|
SOURCE OF COLLECTION
You provide personal information when you visit www.nultyproviders.ie. Personal information is also collected when you send an email and when you complete and submit any of our online forms.
We use the Social Media platforms of Facebook, and Instagram, personal information may be collected through these channels.
THIRD PARTY SITES
There may be occasions when www.nultyproviders.ie contain links to other sites. If you click on a third-party link, you will be directed to that site. Please be aware that these third-party sites are not operated by us, we strongly advise that you review the privacy statements of any third-party sites. We do not take any responsibility for the content of privacy statements or practices of any third-party sites or services.
We do not actively transfer personal information beyond European territories. However, personal information entered onto www.nultyproviders.ie may be transferred to a server in the United States of America and stored there.
Please note that outside the EU and the EEA different standards of data protection might apply. By completing and submitting any online forms on our website, you acknowledge and consent that data may be transferred across international borders, including to countries outside the EU and the EEA.
We will ensure that when personal information is transferred outside the EU and the EEA that local data protection standards meet EU GDPR requirements.
SECURITY OF PERSONAL INFORMATION
We are committed to the protection and security of your personal information. A variety of security technologies and procedures is used to protect your personal information from unauthorised use and access, accidental loss, unlawful destruction, alteration, unlawful disclosure. As effective as security practices are, no physical or electronic system is entirely secure. We cannot guarantee the complete security of databases, nor can we guarantee that information that you supply will not be intercepted while being transmitted to over the internet. Strict security controls have been implemented to ensure that your privacy is safeguarded at every level. We will continue to revise policies and procedures and review systems, and we will implement additional security features as new technologies become available. Any transmission of personal information is at your own risk. When we receive your personal information, we use appropriate security measures to prevent your personal information from being compromised in any way. When you contact us to ask about your personal information, we may ask you to identify yourself, this is to help protect your personal information.
RETENTION OF PERSONAL INFORMATION
Personal information is not retained for longer than is considered necessary to enable us to provide our products and services. Independent Statutory legislation, and Regulatory obligations will influence the retention period of various categories of personal information that we collect and further process. Further information regarding the retention of personal information is detailed in our separate EU GDPR Retention Policy, a copy of which is available upon request.
We do not collect or process personal information pertaining to children under the age of 16 years. If you are under 16, do not access, use, or provide and personal information on www.nultyproviders.ie or through any of their features. If we learn that we have collected or received personal information from a child under 16 without parental consent, we will delete that information.
DO WE SHARE YOUR PERSONAL INFORMATION?
There may be circumstances when we are legally mandated to share personal information, in accordance with Independent Statutory legislation and regulatory requirements. In addition, there may be circumstances where it is necessary to share personal information with our Working Partners and Stakeholders to enable us to provide our products and services efficiently. We will ensure that all Data Sharing Agreements and Contracts have been implemented prior to the sharing of any personal information. Access to personal information to external Stakeholders and Working Partners will only be afforded when a specific legal and lawful purpose (s) has been identified. Detailed below is a list of Stakeholders and Working Partners with whom personal information may be shared for the purposes of providing our services to our clients. This list is, however, not exhaustive:
- IT Provider/Support
- Web Hosting Co
- Business Partners/External Stakeholders
- Saas Providers, (Stripe)
DATA SUBJECT RIGHTS
In accordance with the EU General Data Protection Regulation (EU 2016/679) and the Data Protection Act (2018) you are afforded the following rights in certain circumstances.
Right of Access: You have the right to obtain confirmation whether personal information is collected and processed about you and where that is the case, access to the personal data, including the purposes of processing and the categories of personal data concerned. The recipients or categories or recipients to whom the personal information have been or will be disclosed. You may also submit a written request for a copy of personal information you believe is processed about you.
Right to Rectification: You have the right to the rectification of inaccurate personal information about you without undue delay.
Right to Erasure: You may request us to delete your personal information however, this is not an absolute right, and any such request will be considered in accordance with EU GDPR legislation and local legislation.
Right to Restrict & Object: You have the right to restrict and object to us collecting and further processing your personal information.
Right to Data Portability: Upon receipt of your written request, where possible, a digital copy of your personal information can be shared with you or another organisation.
HOW TO CONTACT US
Taking into consideration the nature of our data processing activities we are not mandated to appoint a designated Data Protection Officer. However, should you have any questions regarding how we collect and further process your personal information please send an email to:firstname.lastname@example.org
Contact Details for the Data Commissioners Office are as follows: 21 Fitzwilliam Square, Dublin 2. Telephone No (00 353 578684800)
CHANGES TO THIS PRIVACY STATEMENT
This Privacy Statement will be updated from time to time, particularly to reflect any changes made, regarding how we collect and process your personal information. Details of any changes made will be posted here. By continuing to use www.nultyproviders.ie after any changes are posted, you accept and agree to the privacy statement as modified.