Privacy policy.

If you have any queries in relation to this Data Privacy Statement, or if you have any concerns as to how your data is processed, please email aislingkrealbeauty@gmail.com

 

About this privacy statement

Aisling K Real Beauty have created this Data Privacy Statement as the controller of personal data for visitors to this website, for prospects, clients and former clients. This notice aims to demonstrate our firm commitment to privacy and to inform people dealing with us about the information we collect and process in connection with such interaction.

 This privacy statement sets out an explanation of what personal data about you we process, why we process your personal data, with whom your personal data is shared and a description of your rights with respect to your personal data.

 

What personal data do we process?

We need to keep and process certain personal data about you to manage our business, for management purposes, to comply with our legal obligations and, where necessary, to protect our legitimate business interests. We will collect and process personal data from you during your visit on this website, during our contractual relationship and following the termination of our contractual relationship.

Without limitation, any of the following Data may be collected:

  • Name;

  • Date of birth;

  • Gender;

  • Contact information such as email addresses and telephone numbers;

  • Demographic information such as postcode, preferences and interests;

  • Financial information such as credit/debit card numbers;

  • IP address (automatically collected);

  • Web browser type and version (automatically collected);

  • Operating system (automatically collected);

  • A list of URLs starting with a referring site, your activity on this website, and the site you exit to (automatically collected); and

  • Cookie information

 

Personal data is normally obtained directly from you. In certain circumstances, it will, however, be necessary to obtain data from third parties, e.g. credit check references.

How do we use your personal data?

The information we hold and process will be used for management and administrative purposes. We keep it and use it to enable us to run our business, manage our contractual relationship with you effectively, lawfully and appropriately and protect your rights and interests. This includes using your information to enable us to manage contracts, comply with legal obligations, pursue our legitimate interests and protect ourselves in the event of legal proceedings against the company.

The uses we make of each category of your personal data, together with the lawful basis we rely on for those uses are set out in more details below.

 Where there is a need to process your data for a purpose other than those set out in the appendix or otherwise outlined to you, we will inform you of this.

 

How is your personal data shared?

Your personal data may be disclosed to third parties where we are legally obliged to do so or where our contract requires or permits us to do so. For example, we pass on certain information to our accountant to fulfil our legal obligations.

More detailed information on how we share your personal data is set out below.

Will your personal data be transferred abroad?

Our data-centre is located in Ireland, so generally, your personal data will not be transferred abroad.

 In limited and necessary circumstances, your personal data may be transferred outside of the EEA (newsletters, website statistics). Appropriate safeguards are in place to ensure the security of your personal data where it is transferred outside of the EEA.

 The transfer of personal data is explained in more detail below.

 

How long do we keep your personal data?

Any personal data processed about you on this website is retained in accordance to our record retention policy:

Website logs: 6 months or less;

Invoices: 6 years + current financial year;

Marketing opt-ins: until you opt-out.

Enquiries: Until the end of our relationship, anonymise thereafter;

What happens if you do not provide us with your personal data?

In some cases, you may decline to provide us with your personal data. If we believe that we require relevant personal data to effectively and properly manage our contractual relationship, we may not be able to continue our relationship with you.

 

Will you be subject to profiling or automated decision making?

You will not be subject to automated decision making or profiling.

 

What are your rights under the data protection law?

You have the following rights under data protection law:

Information Request: the right to receive a copy of and/or access the personal data that we hold about you, together with other information about our processing of that personal data;

Update Data: the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete;

Data Deletion: the right, in certain circumstances, to request that we erase your personal data;

Restrict Processing Object to Processing: the right, in certain circumstances, to request that we no longer process your personal data for particular purposes, or object to our use of your personal data or the way in which we process it;

Data Portability: the right, in certain circumstances, to transfer your personal data to another organisation;

Review Automated Decisions: the right to object to automated decision making and/or profiling; and

File a Complaint: the right to complain to the Data Protection Commissioner.

Please note that your ability to exercise these rights may be subject to certain conditions.

Secure Online Payments

We do not store any card information on our site. We do not ask you to input your card information on our site. All payment information is handled and processed by Stripe our Payment Service Provider.

Stripe uses a range of secure methods such as fraud screening, I.P. address blocking and 3D secure. Once on the Stripe system, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.

Stripe is a secure payment gateway and Level 1 PCI DSS (Payment Card Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure their systems are impenetrable.

In addition, you know that your session is in a secure encrypted environment when you see https:// in the web address, and/or when you see the locked padlock symbol alongside the URL.