The Dandys Privacy and Security

 

Privacy Policy

1) We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.

2) You are legally entitled to request details of the personal information which we hold about you, under the UK's Data Protection Act 1998.

The Dandys ( Derrynoose) Ltd is committed to respecting the privacy rights of visitors to its website. This Privacy Notice aims to be transparent and helpful in setting out the way we collect, protect and use your personal data, and your rights to control it.

REASONS FOR COLLECTING & PROCESSING DATA

  • To comply with our contractual obligations to fulfill your home delivery. For example, using your address details to deliver your purchase, including passing them to our courier.
  • To respond to your queries, refund requests and complaints. Handling the information you send enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
  • With your consent, we will use your personal data to keep you informed of The Dandys ( Derrynoose) Ltd, product ranges, special, offers, discounts, promotions and to offer product tips and information by email. Once consent is given, you are free to opt out at any time.
  • As part of our legitimate business interests we build a rich picture of our customers to understand them better, to offer the best customer service and inform our business decisions. To do this we use purchase history to send review requests, send relevant offers; and/or combine the anonymised shopping history of customers to identify trends that ensure we keep up with demand or develop new products/services.

WHEN DO WE COLLECT YOUR PERSONAL DATA

  • When you visit our website and use your account to buy products and services.
  • When you make an online purchase and check out as a guest.
  • When you create an account with us.
  • When you purchase a product by phone.
  • When you sign up for an e-newsletter.
  • When you engage with us on social media.
  • When you contact us by any means with queries, complaints etc.
  • When you enter prize draws or competitions.
  • When you comment on or review our products and services.

WHAT SORT OF PERSONAL DATA DO WE COLLECT

  • Upon ordering: your name, billing/delivery address, order details, email and telephone number (used only in the event of a query) and password (if you create an account).
  • Payment details – these are held in an encrypted format by our payment provider, so secure that even we cannot see them. We DO NOT therefore store any card details.
  • Details of your interactions with us by phone and email
  • Details of your visits to our website and which site you came from to ours.
  • Information gathered by the use of cookies in your web browser. For more information see our cookie policy.
  • We also collect non-personal information on general website usage; how people arrive at and navigate the website, and how visitors use the pages offered. This information provides essential feedback for us showing the effectiveness of online marketing. This information is not directly correlated against individuals
  • Your comments and product reviews.
  • Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.

PROTECTING YOUR DATA

  • We will always treat your data with the utmost care and take all appropriate steps to protect it.
  • We secure access to all transactional areas of our websites and apps using ‘https’ technology.
  • Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption.
  • We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

WHO DO WE SHARE PERSONAL DATA WITH

We sometimes share your personal data with trusted third parties as follows:

  • Delivery couriers
  • IT companies who support our website and other business systems.

Summary of the policy we apply to those organisations to keep your data safe and protect your privacy:

  • We provide only the information they need to perform their specific services.
  • They may only use your data for the exact purposes we specify in our contract with them.
  • We work closely with them to ensure that your privacy is respected and protected at all times.
  • If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

CONTROLLING YOUR DATA & CONSENT

You have the right to request:

  • Access to the personal data we hold about you.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • At any time that we stop using your personal data for direct marketing (either through specific channels, or all channels).
  • That we stop any consent-based processing of your personal data after you withdraw that consent.

HOW YOU CAN STOP THE USE OF YOUR PERSONAL DATA FOR DIRECT MARKETING

  • Click the ‘unsubscribe’ link in any email communication that we send you.
  • If you have an account, log in and visit the ‘My Account’ area and change your preferences.
  • Email us at: Sales@TheDandys.ie
  • Write to us at: Customer Services,  The Dandys ( Derrynoose ) Ltd, 5 Listrakelt Road, Derrynoose, Co Armagh, N. Ireland, BT60 3 DP .

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

Privacy

We at The Dandys.ie respect your right to privacy and comply with our obligations under the Data Protection Acts 1988 and 2003. The purpose of this Website Privacy Policy is to outline how we deal with any personal data you provide to us while visiting this web site. Naturally, if you are not happy with this Website Privacy Policy you should not use this website. By visiting this website, you are accepting the terms of this Website Privacy Policy. Any external links to other web sites are clearly identifiable as such, and we are not responsible for the content or the privacy policies of these other websites.

Payment Security

Realex Payments are certified and approved by several leading financial institutions. Our systems and security controls are based on current industry standards. There are several layers of technology in place to ensure the confidentiality, authentication and integrity of information. Realex Payments have been accredited with the AIS (Account Information Security) certification
by VISA and is one of the few companies in Europe to achieve this. This shows our commitment to above industry standard in every aspect of payment processing. Realex Payment is fully PCI compliant to the highest level of PCI, and was one of the first PSP’s in Europe to deliver this with Level 1 certification achieved in October 2003. We appeared on the VISA website as a case study on implementing the PCI DSS.
Information is sent to us from businesses via the internet and we connect to financial institutions with whom we are fully certified and approved. All information when in transit via the internet is encrypted (128bit SSL) to ensure confidentiality of sensitive data. All messages sent to us and the responses from us are authenticated using digitally signed digests. All requests are verified
against a legal list of IP address and referring URLs.
Realex's infrastructure is located in secure co-location facilities that have 24/7 manned security and advanced building management systems along with environmental controls. Critical servers and applications are monitored constantly to threshold levels and Realex Payments staff is instantly alerted via our real time monitoring and alerting service. All connections to the financial institutions are over private dedicated leased circuits, backed up with ISDN lines and in certain cases VPN connections over the internet.
The network is designed to be highly resilient with duplicate and triplicate systems in place depending on the critical nature of each component. Realex Payments are registered with the data protection commissioner as a "Data Processor". Cardholder information is encrypted and not displayed in our reporting systems - realcontrol.

FOR ANY FURTHER QUESTIONS

If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you: 

  • Email us at: Sales@TheDandys.ie
  • Write to us at: Customer Services,  The Dandys ( Derrynoose ) Ltd, 5 Listrakelt Road, Derrynoose, Co Armagh, N. Ireland, BT60 3 DP .