WHO WE ARE?
VOYA is the trading name of Celtic Seaweed Bath Products Ltd, a private company registered in Ireland with company number No. 383465. Our registered office is Finisklin Business Park, Sligo, F91 A2PF, Ireland.
If you have any questions about how we look after your personal data, you can contact us:
- In writing, at the address above. Please mark your letter for the attention of the Data Protection Officer.
- By email to this address: firstname.lastname@example.org
- By telephone on +353 71 91 61872
SECTION 1: PROTECTING YOUR PRIVACY
‘Personal information’ refers to any information which can identify an individual – either directly or indirectly. It can refer, amongst other things, to a customer ID, or to one or more specific identifying pieces of information, such as a name, email address or postal address. Any personal information which you provide to us will be securely stored, strictly in accordance with the Data Protection Acts, 1988 - 2003, and the General Data Protection Regulation 2018, which supersedes all previous Data Protection Acts.
What Personal Information do you collect about me?
When you browse our website or carry out actions such as the following:
- Create a customer account.
- Update your contact details.
- Place an order.
- Update, amend or cancel an order.
- Sign up to our mailing list or subscribe to any other services that we offer.
- Enter any competition, promotion, or prize draw.
- Correspond with us, whether by phone, email, or live chat
Then, we may collect your personal information, including:
- Date of birth
- Email address
- Phone or mobile number
- Delivery address
- Other information you voluntarily provide that you believe is required by us.
- Encrypted password and payment information
- Customer Service correspondence records
- Technical information about how you access and use our websites, including your IP address, browser type, referring URL and operating system.
- Cookies - for more information see below.
What is done with this information?
We use your information for the following:
- To process your orders. We use the relevant personal information described above (including your name, address, and payment details) to process and deliver your order, add payments or refunds and to notify you of the status of your order.
- To provide Customer Support. If you contact our Customer Service (or vice versa), we will use your identification information as provided by you, to identify you and other personal information such as your order information and contact history to process your request and provide you with the best service possible. We will use your personal information to keep a record of when and why you contact us and to keep your contact details up to date.
- To improve our website and services. We use your personal information to help us analyse and understand how you use our products and services, to develop more interesting and relevant products and services, to improve our website and our customer service offering to you, as well as to personalise the products and services we offer you.
- Fraud Prevention. To prevent or detect fraud or abuse of our sites, which may also include any details you have provided to us during your business with us.
- Marketing. If you consent, we will use your information to notify you of products or special offers that may be of interest to you. We will send direct marketing communications to you via the channel you choose, such as email or Social Media. We ask for your consent, where required by applicable law, to use the contact details you have provided to us to send personalised marketing or retargeting communications. Your consent to us to notify you of products and services in this manner can be withdrawn by you at any time via the "opt out" option that will form part of each of our communications with you. Please see below for more information on third parties and cookies used to provide these services.
How long will you keep my information?
- Customer and order information will be kept securely on our system until you ask us to remove it. Note: Purchase information retention is subject to regulatory mandates we must adhere to e.g., data retention requirements for tax reporting purchases for a period of six years.
- Encrypted Credit Card information will be purged every 365 days. Credit card, Debit card or Pay Pal receipts produced by Voya, and retained by us, are anonymised and do not contain the full details of your credit card number or account details.
- Mailing List Subscriptions will remain active unless you decide you wish to opt-out from a Mailing list.
- We may keep a record of any correspondence with you, for example, if you have made a complaint about a product, for as long as is necessary to resolve the matter you have complained about, and in the event of any potential legal claim.
- Where we no longer have a need to keep your information, we will delete it. However, please note where you have unsubscribed from our marketing communication, we will keep a record of your email to ensure we do not send you marketing emails in the future.
SECTION 2 – CONSENT
How do you get my consent?
- When you place an order with us, we ask you to provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return of a purchase, we necessarily require this information to process your requests, and we, therefore, imply that you consent to our collecting it and using it for the specific reasons as outlined only.
- If we ask for your personal information for marketing purposes, e.g., to offer you special discounts, we will request your permission explicitly by means of an electronic opt-in or your signature, if you have not already granted us your permission.
How do I withdraw my consent?
- At any stage, after you have opted-in, you may withdraw your consent to marketing communications. Marketing of our products and services to you will be terminated, and any data specifically used for marketing purposes alone will be deleted.
- Financial transaction data will be retained and securely maintained by us to comply with our legislative and statutory obligations.
- You may opt-out at any time, by clicking the unsubscribe link on our newsletter emails, contacting us at email@example.com or writing to us at VOYA, Finisklin Business Park, F91 A2PF, Ireland.
SECTION 3 - MARKETING
Depending on your marketing preferences, we may use your personal data to send you marketing messages by texts, mailshots, and telephone. Some of these messages may be tailored to you, based on your previous browsing or purchase activity, and other information we hold about you.
If you no longer want to receive marketing communications from us, you can change your preferences at any time by contacting us, or by clicking on the ‘unsubscribe’ link in any email, or by updating your settings in your customer account. If you unsubscribe from marketing, please note we may still contact you with service messages from time to time (e.g., order and delivery confirmations)
You may also see advertisements for the Voya Site on third party websites, including on social media. These advertisements may be tailored to you using cookies (which track your web activity, to enable us to serve advertisements to customers who have visited our Site). Where you see an advertisement on social media, this may be because we have engaged the social network to show advertisements to our customers, or users who match the demographic profile of our customers. In some cases, this may involve sharing your email address with the social network. If you no longer want to see tailored advertisements, you can change your cookie and privacy settings on your browser and these third-party websites.
SECTION 4 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if required to fulfil our contractual or obligations under our agreement with you. Some examples would be when we provide your delivery address to the courier to have your purchases delivered, or provide your Name, Address, and email address to our sister company the Seaweed Baths to fulfil orders made by you to us for Seaweed Bath Vouchers.
SECTION 5 - Shopify
Our store is hosted on the Shopify Commerce platform. We have carefully selected Shopify as our IT Partner and ensure that they process data we receive from you on our behalf, in a fully GDPR compliant manner. Shopify provides us with the online e-commerce platform that allows you to buy our products and use our services. All stores powered by Shopify are PCI compliant by default so you can keep payment info and business data safe.
What is PCI?
The Payment Card Industry Data Security Standard (PCI DSS) is a security standard for organizations that handle credit and debit card information. The standard was created to increase controls around payment data to reduce fraud.
SECTION 6 - THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use, and disclose your information to the extent necessary to allow them to perform the services they provide to us. e.g., Couriers to deliver your purchases.
Further, all such Third-Party Processors are contractually bound by us to keep the information confidential and to ensure that any such data they necessarily obtain from us to deliver goods and services to you, is secured and maintained to the highest standards. All information provided to Third-Party Processors is used solely by them only to carry out the service they are providing for VOYA and is not shared with any other parties whatsoever.
Voya takes great care to ensure that we only select Business partners who can provide the highest standards of data security to our customers. VOYA has selected Shopify Payments and PayPal as our Website Payments partners. Shopify Payments is PCI compliant and supports 3D Secure checkouts..
SECTION 8 - LINKS
When you click on links on our website, such as articles or documents from third parties, they may direct you away from our site. While we take every care to ensure the integrity of such external links, we are not responsible for the privacy practices of other sites you may visit in this manner and encourage you to read their privacy statements.
SECTION 9 - SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practice to make sure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL). Our website platform follows all PCI-DSS Level 1 requirements and implements additional generally accepted industry standards.
SECTION 10 - COOKIES
A cookie is a small file that resides on your computer’s hard drive and often contains an anonymous unique identifier and is accessible only by the web site that placed it there, not any other sites. Cookies are not computer programs and cannot read other information saved on your hard drive. They cannot be used to disseminate viruses or get a user's email address etc. They only contain and transfer to the website as much information as the users themselves have disclosed to that website.
You may delete Cookies; however, you may lose any information that enables you to access the Web Site more quickly or enjoy a custom user experience. You can choose to enable or disable Cookies in your web browser. By default, your browser will accept Cookies, however, this can be altered. For further details please consult the help menu in your browser. Disabling Cookies may prevent you from using the full range of Services available on the Web Site.
More information on the cookies VOYA use is available upon request to the Data Protection Officer, by email to this address: firstname.lastname@example.org or by telephone on +353 71 91 61872.
SECTION 11 - CHILDREN
Our Site is not intended for, and should not be used by, children under the age of 18. We do not knowingly collect personal data from children under 18. It is the policy of Voya not to accept online orders or payments from children under 18.
SECTION 13 - QUESTIONS AND CONTACT INFORMATION
In compliance with The EU GDPR Directive 25th May 2018, if you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information, contact our Privacy Compliance Officer by email or post at the address given in the ‘Who We Are’ section above.