Privacy Policy for SurfWorldIreland.com
1. Introduction
SurfWorldIreland.com (“we,” “us,” or “our”) is committed to maintaining the highest standards of privacy and data protection. We understand the importance of your personal data and strive to handle it with transparency, integrity, and in full compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the California Consumer Privacy Act (“CCPA”), and other applicable data protection laws. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or interact with our services.
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all visitors, users, and others who access SurfWorldIreland.com. In the context of applicable data protection laws, SurfWorldIreland.com acts as the “data controller” with respect to the personal data we collect, determine, and manage. If you have any questions about this policy, please contact us at [email protected].
3. Categories of Data Processed
We collect and process the following categories of personal data based on your interactions with our website and services:
A. Usage Data
Includes information such as your browser type, IP address, referring URL, pages visited, session timestamps, and other analytical data related to interactions with SurfWorldIreland.com.
B. Account Data
Information provided when you create an account, including your full name, physical address, email address, and telephone number.
C. Profile Data
Details about your surfing preferences, purchase history, saved items, and behavioral data derived from your activity on the website.
D. Communication Data
Records of communications between you and us, including email correspondence, support tickets, and requests submitted through contact forms.
E. Technical Data
Device-specific data such as your device model, operating system, unique device identifiers, browser settings, and server log information.
F. Transaction Data
Details necessary to process purchases and deliveries, including billing and shipping addresses, payment information, transaction history, and confirmation records.
G. Preference Data
Consent records and expressed interests related to marketing, newsletter subscriptions, product updates, and promotional materials.
4. Legal Bases for Processing
We process your personal data only where lawful under the GDPR and CCPA. The legal bases for processing may include:
– Contractual Necessity: To fulfill our contractual obligations when you purchase products or register an account.
– Legitimate Interests: To enhance and personalize your experience, prevent fraud, analyze site usage, and maintain site security.
– Consent: Where legally required, we obtain your express consent for email communications, cookies, and marketing activity.
– Legal Compliance: To comply with legal obligations, such as tax and accounting requirements or responding to lawful government requests.
5. Your Rights
Subject to applicable laws, you have the following rights in relation to your personal data:
– Right of Access: You may request access to the personal data we hold about you.
– Right to Rectification: You may correct inaccurate or incomplete data we have stored.
– Right to Erasure: You may request deletion of your data, subject to legal or contractual retention obligations.
– Right to Restriction: You may request that we limit the processing of your personal data.
– Right to Data Portability: You may receive a copy of the data you provided to us in a structured, commonly used format.
– Right to Object: You may object to processing based on our legitimate interests or direct marketing.
For all rights requests, please email us at [email protected]. We will respond in accordance with the timeframes and exceptions permitted under applicable law.
6. Security Measures
We implement industry-standard technical and organizational safeguards to protect your personal data, including but not limited to:
– SSL encryption for data transmission
– Role-based access control and authentication
– Regular security audits and logging
– Secure payment gateways
– Employee data protection training
– Automatic failover and encrypted backups
While we strive to use commercially acceptable means to protect your data, no method of transmission or storage is completely immune to risk. You should also take steps to protect your account credentials and access devices.
7. International Data Transfers
Given the international nature of the internet, your personal data may be transferred to and stored in jurisdictions outside of the European Economic Area (“EEA”) or California. In such cases, we ensure that standard contractual clauses or other lawful mechanisms approved by the European Commission are used to safeguard your information.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected. Retention periods vary by data type:
– Usage Data: up to 12 months
– Account Data: retained for the duration of your account and for up to 6 years following account termination
– Profile and Transaction Data: retained for up to 7 years for legal, tax, and accounting purposes
– Communication Data: up to 3 years after final interaction
– Technical and Preference Data: retained for 2 years or until consent is withdrawn
Upon expiration of the applicable retention period, data will be securely deleted or anonymized.
9. Cookie Policy
SurfWorldIreland.com uses cookies and similar technologies for website functionality, performance analysis, and marketing purposes.
Types of cookies used:
– Essential Cookies: Required for basic operations, such as cart storage or login verification
– Functional Cookies: Enhance user experience by remembering preferences and login status
– Analytics Cookies: Collect aggregated usage data about user behavior and interactions
– Performance Cookies: Help us monitor site responsiveness and optimize speed and availability
These cookies may be set by us or by trusted third-party service providers.
10. Cookie Management and Compliance
You may manage and control cookies through your browser settings or through the cookie consent banner available upon first visit to SurfWorldIreland.com. Under GDPR and CCPA, cookies not essential to the operation of the site will not be deployed without your consent. You may withdraw or modify your consent at any time.
11. Special Protections for Children
SurfWorldIreland.com does not knowingly collect or process personal data from children under the age of 13. If you believe a child has provided us with personal data inadvertently, please contact us at [email protected] so we may take prompt action.
12. Policy Updates
We reserve the right to update this Privacy Policy to reflect changes in legal or regulatory obligations, our data practices, or new website features. All users will be notified of material updates via email (if applicable) or through a clear on-site notification. Continued use of the website following updates constitutes acceptance of the revised Privacy Policy.
13. Contact
If you have any questions, concerns, or complaints regarding this Privacy Policy or the way we collect or handle your personal data, please contact our Data Protection team at:
Email: [email protected]
We are committed to responding to privacy inquiries quickly and in accordance with relevant laws and best practices.
This policy reflects our strong commitment to data privacy and regulatory compliance. You may reach out at any time to understand how your data is collected, used, and protected.