Last updated: 24.05.2018
Atlantic Island Investments Ltd. (trading as ‘Monoset’) (“We/Us/Our”) are committed to protecting and respecting your privacy and data.
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, phone number and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org, mailing us at: 45a Shelbourne Road, Ballsbridge, Dublin 4, Ireland, or to unsubscribe from our emails you can click on the unsubscribe link at the base of each of our emails (there may be certain transaction related emails that we are obliged to deliver in order to inform you of the status of your order).
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – YOUR RIGHTS
1) The Right to be Informed
2) The Right of Access
You have the right to obtain from the data controller confirmation as to whether or not the personal data concerning the subject is being processed, and, if that is the case, a copy of the personal data undergoing processing.
3) The Right to correct Inaccurate data
We endeavour to ensure that your personal information is accurate. In order to assist with this process, please notify us of any changes to the personal information that you have provided to rectify any data that is inaccurate / incomplete.
4) The Right to have your Data Erased
A request for us to delete all of your personal data will result in us (Monoset) deleting your personal data without undue delay. The provision is that there is not some legitimate and legal reason why Monoset is unable to delete your personal data, in which case you will be informed to that effect.
5) The Right to limit Data Processing
At any point you can ask us to stop processing your personal data at any time.
6) The Right to Data Portability
This gives you the right to request that all of your personal data be transmitted to you or another data controller in a structured, commonly used and machine-readable formate, where it is technically feasible for Monoset to do so.
7) The Right to Complain
You have the right to complain to a supervisory authority such as the Data Protection Commissioner in Ireland (https://www.dataprotection.ie/docs/Home/4.html) However we would encourage you to get in touch with us directly at email@example.com if you feel we can address your concerns / complaints.
SECTION 8 – INFORMATION COLLECTION
We may collect and process the following data about you:
Information that you provide us in order to make use of our service:
– completing our Website forms, or through correspondence on email, live chat or otherwise;
– register to use our services, subscribe to our newsletter, promotional emails etc.
– complete any customer, visitor or user research surveys.
– report a problem with our Website.
The information that you will be asked to provide to us for these purposes will include your first name, surname, email address, phone number, delivery address, billing address or additional information needed to verify your identity or provide our services.
Information we collect about you. When you visit our Website we may collect the following information, however this information cannot be used to identify you:
– the details of your visit to our Website, including the URL clickstream, length of visits to certain pages, and pages interaction information, i.e. scrolling, clicks.
– device related information, such as the hardware model, operating system version, unique device identifiers, and mobile network information.
– information about your computer device such as IP address, operating system / browser type.
SECTION 9 – INFORMATION USE / JUSTIFICATION
Use of personal information under the EU data protection laws must age justified under one of a number of legal grounds and we are required to set out the ground in respect of each use of your personal data in this policy.
These are the principal grounds that justify our use of your information:
– Consent – where you have consented to our use of your information – you are providing explicit, informed, freely given consent, in relation to any such use and may withdraw your consent in the circumstance detailed below and by notifying us.
– Legal Obligation – where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
– Legal Claims – where your information if necessary for us to defend, prosecute or make a claim against you or a third party.
– Contract – where your information is necessary to enter into or perform a contract with you.
– Legitimate interests – where we need to use your information to comply with our legal obligations.
We use information held about your in the following way:-
Types of Information Collected
Uses of that Information
Phone number, Email address, first name, surname, home address, billing address
To provide you with access to our Website , to use our Services and products.
Email address, first name, surname, home address, product choices and personalization, Website Live chat history
To provide you with the Services / products
Email address, first name, surname
For marketing our own products and services that we believe will be of interest to you.
Legitimate interest (for marketing our own similar products and services and any re-engagement campaigns).
Email address, first name, surname, home address, product choices and personalization and Website chat history
To identify more appropriate products and services to market to you.
Legitimate interest (to tailor our services appropriately). No marketing of third party products or services will be conducted without your consent.
Email address, first name, surname, home address, product choices and personalization, and Website chat history
To administer our Services and for internal operations, including research, data analysis and data statistics, and to create derived, anonymised and aggregated data to improve our Services.
Legitimate interest (to administer and improve our Services).
To notify you about changes to our Services.
Contract performance, legitimate interests (to update our Services from time to time)
SECTION 10 – Disclosure of your Information
We may also disclose your personal information to third parties in the following circumstances:-
Purpose of disclosure and third party(s) to which disclosure might be made
If we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets.
Legitimate interest (to sell our business or assets); and where required by applicable law, consent (for sensitive personal data).
If Monoset or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets.
Legitimate interest (to sell our Company or assets); and where required by applicable law, consent (for sensitive personal data).
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of Papier LTD, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
Legal obligation, vital interest.
Fraud Prevention and other checks. We and other organisations may also access and use your personal information to conduct credit checks and checks to prevent fraud. If false or accurate information is provided and fraud is identified or suspected, details may be passed to fraud prevent agencies.
Legitimate interest (to assist with the prevention of fraud and to assess your risk profile).
We may disclose your personal information to third parties, the court service and/or regulators or law enforcement agencies in connection with proceedings or investigations anywhere in the world where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.
Legal obligation (to cooperate with law enforcement and regulatory authorities).
SECTION 11 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of Our Site.
SECTION 12 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 14 – QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at Monoset.
[Re: Privacy Compliance Officer]
[45a Shelbourne Road, Ballsbridge, Dublin 4, Ireland]