INTRODUCTION
Our website address is: https://teagarden.ie
TGSB Beverage LTD (“Tea Garden”) takes your privacy seriously. This privacy notice describes how and why we, as data controller, obtain, store and process personal data, that is, information relating to you that enables us to identify you, for example, your name, email address, payment details and information about your access to this website. We may update this notice from time to time and we will notify you of any changes.
Please do not hesitate to contact us if you have questions in addition to the information provided in this notice: Contact Us
COLLECTION OF PERSONAL DATA
When do we collect your personal data?
- When you visit our website
- When you visit our store(s), which usually have CCTV systems in operation (for security and safety) and these systems may record your image
- When you sign up to our newsletter
- When you create an account
- When you participate in a competition
- When you complete a survey
- When you complete a form, for example, if an incident or accident arises in our store
- When you sign up at an event
- When you buy products or services on the phone, in a shop or online (whether as an account holder or as a guest)
- When you engage with us on social media
- When you contact us with queries, for example, about a manufacturer’s warranty or guarantee
- When you log a service call with us or schedule repair of a product which we arrange on your behalf
- When you review our products or services
Third parties: We may also receive personal data about you from various third parties, including:
- Technical data from providers such as Google Analytics.
- Contact and transaction data from providers of technical and payment services such as AIB Merchant Services, Adyen Realex, Amazon Pay, Stripe and PayPal.
- Contact and user behaviour data from providers such as Hotjar, Userneeds, CrazyEgg, iPerceptions, Celebros, Nostos, Google conversion tracking, ShopBox, Trustpilot, Dotdigital, Facebook Pixel, Signal and conversion tracker and Google conversion linker.
- Preference data from social media providers such as Facebook, Twitter and Instagram.
- When you contact us online (either through our contact form, email or social media), your data is captured in a third-party ticketing system Zendesk and Falcon.io social media monitoring solution.
- When you contact us using the ‘chat’ function on our website, we respond to your query through third-party chat solution provided by Facebook.
What personal data do we collect?
Depending on the type and level of engagement you have with us, we may collect the following categories of personal data:
- Name and surname
- Email address
- Billing address
- Delivery address
- Telephone number
- Order history
- Saved items
- Contact history – queries or complaints you have made to us
- Customer behaviour via cookies
- User ID
- Tea Garden Account Password, in order to enhance your experience with us by allowing us to pre-populate certain personal data connected to your account with us, like your contact details
- Your shopping preferences
- Details of your visits to our website and which website you came from to ours
- IP address
- Communications between us, by letter, email, chat service, telephone and social media
When you browse our website, we collect details of your visits to our website and information gathered by the use of cookies in your web browser in order to prompt and display the most relevant content to you on our website. We do this on the basis of your consent for our website to place cookies or similar technology on your device. This is how we use cookies: Cookie Policy
PROCESSING YOUR PERSONAL DATA
We rely on the law to allow us to process your personal data. This is what’s known as legal basis for data processing. Our legal bases include:
- Our contract with each other, like where we pass your delivery address to our SMS service message provider and our driver/installer to facilitate delivery of the product you have bought.
- Our compliance with a legal obligation, like in suspected instances of fraud where we need to give personal data to An Garda Siochána or a government body.
- Your consent, like when you tick the box to receive e-marketing communications from us. (For children under the age of 16, the consent of their parent or guardian is required.)
- Pursuing our legitimate interests in a way that you might reasonably expect to be a part of running our business and that does not significantly impact your interests, rights and freedoms, for example, showing Tea Garden advertisements to you as you browse the internet.
We process your personal data in order to develop our offering to you and personalise our relationship with you. We also use it to make our website available to you. We have an interest in providing you with the best goods and services and understanding how we can improve our service based on your experience.
If you wish to change how we process your data, you’ll find details below in Your Rights.
Some of the services we offer rely on you sharing your personal data with us. If you do not to share your data with us, we cannot provide you with certain services, for example, home delivery, click and collect or repair of your product.
This is why we process your personal data:
- To personalise and assist your use of our website and to generally improve it.
- To offer you special offers, early access to sales and e-marketing information.
- To offer you promotions, products and services that are most likely to interest you.
- To fulfil your order and process purchases that you make by using our website or stores, including retaining your details to allow us to fulfil any contractual obligations, such as contacting you to arrange deliveries and installation, or to facilitate refunds or returns.
- To respond to your queries or complaints on the basis of our contract with you, our legal obligations and our legitimate interests in providing you with the best products, service and experience.
- To protect our business and your account from fraud and other illegal activities and to comply with our contractual or legal obligations to share data with An Garda Síochána or government body.
- To protect our customers, employees, premises and assets, we operate CCTV systems in our stores.
- With your consent, we will use your personal data to keep you informed by email, web, text, telephone and through our contact centres about products and services including special offers, early access to sales, e-marketing, discounts, vouchers, promotions, events and competitions.
- To send you information required by law, like a product recall notice or information relating to your orders.
- To liaise and assist you and the manufacturer in the management of a warranty or guarantee.
- To communicate changes to the services we provide you, for example, updates to this privacy notice.
- To administer competitions which you enter at our events, on our website, via social media or otherwise, based on your consent given at the time of entering.
- To develop, test and improve the systems, services and products we provide to you. We’ll do this on the basis of our legitimate business interests.
- To send you review requests (sometimes via our trusted third parties) to help us improve our products, services and website.
- To build a picture of who you are and what you like, we’ll combine data captured by us and third parties, on the basis of our legitimate business interests to help us personalise your experience and decide what to share with you.
We will only use your personal data for the purposes for which we collected it. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
SHARING
We sometime share your personal data with our trusted categories of third parties we use to conduct our business, for example, to enable delivery and installation of your goods; to handle feedback and complaints; and to help us understand your behaviour in order to customise and maximise our products, services, advertising, marketing, competitions and offers to you.
Our trusted categories of third parties include delivery and installation companies and independent contractors, marketing agencies, e-mail marketing service providers who assist our marketing team to run targeted email campaigns, customer survey service providers, advertising partners and agencies, website hosts, cloud service providers, social media providers, professional services providers, and consumer review providers.
Our brand providers, who offer the products and services for sale on our website and in our stores and whose products and services you may purchase, may receive personal data about you from us, for example, your contact details and proof of purchase in order to manage a warranty or guarantee.
You may be able to access third-party social media before, during or after accessing our website. We use social media buttons and/or plugins on this website, to allow you to connect with your social network in various ways. When you are using your third-party social media account, any personal data we obtain or share with social media service providers is done so in accordance with the practices explained in the third-party social media provider’s terms and privacy notice. Please consult their relevant terms and privacy notices for further information.
As part of our e-marketing methods and on the basis of our legitimate business interests, we use some Google services (including Google Ads, Google Analytics, Google Store Sales Direct Upload) and some Facebook products (including Offline Conversions and Data File Custom Audiences) in accordance with the practices explained in the Google and Facebook terms and privacy notices. In order to protect your personal data by pseudonymising it, Google and Facebook ensure that a hashing algorithm is applied automatically at the point of sharing personal data with Google and Facebook. Please consult their relevant terms and privacy notices for further information and your options. If we can help you in any way, please do not hesitate to contact our data protection administrator at dpa@teagarden.ie.
We may also share your personal data with government bodies and law enforcement to satisfy regulatory reporting requirements, and in order to comply with legal obligations.
If we share your personal data outside of the European Economic Area, we ensure that there is an appropriate transfer mechanism in place to protect your personal data and comply with our data protection obligations.
For example, our third parties who are based in the USA participate in the Privacy Shield Framework: https://www.privacyshield.gov/welcome
If you would like a complete and current list of these specific third parties, please contact our data protection officer at Contact Us
As part of running our business, we may decide to buy another business or assets, or we may decide to sell part or all of our business or assets. This may require us to share certain personal data with a prospective seller or buyer. If we, as a company, are bought by a third party, or if some of our assets are bought by a third party, personal data that we retain may be transferred to that third party as part of the transaction.
KEEPING
We need to retain your personal data to satisfy our legal obligations (for example, to administer refunds or returns within the relevant period), to deal with complaints and queries, in order to resolve, litigate or defend a dispute and to prevent fraud and abuse.
If your purchase includes a warranty, your related personal data will be kept until the end of the warranty period and possibly afterwards in relevant instances only, in line with the explanation above.
Having obtained your consent (or other legal basis) to contact you, we will retain your personal data for marketing and analysis purposes until you withdraw your consent. If you choose to withdraw your consent to marketing, we will delete your personal data from our systems, unless we have another legal basis to retain it, which may include performance of our contract with you.
We will not keep your personal data for longer than is necessary and when we no longer need to keep it, we will securely destroy, delete or anonymise it.
SECURITY
Keeping personal data about you secure is very important to us and certain sections of the website may encrypt data using Secure Socket Layer (SSL) encryption technology.
We have put in place physical, electronic and managerial security procedures in the storage and disclosure of your personal data to protect it against accidental loss, destruction or damage. Nevertheless, any data transmission over the internet or by any other means can never be fully secure, such is the character of the internet, and provision of personal data by you to us is at your own risk. We take all reasonable measures to protect your personal data by putting appropriate technical and operational security measures in place.
When we disclose your personal data to trusted third parties (for the purposes set out in this notice), we require all third parties to have appropriate technical and operational security measures in place to protect your personal data, and we work with them to ensure that your data protection and privacy rights are respected. Where your personal data is shared with a third party, it must only be used for the purposes for which it was supplied.
YOUR RIGHTS
Access, rectification or erasure: you have the right of access to personal data we hold about you in our records. You are also entitled to have your personal data corrected if it is inaccurate, or to have it erased if we do not have a legitimate reason for retaining your data.
To be informed: you have the right to be informed if and how your personal data is being processed.
To request restriction of processing: you have the right to restrict the processing of your personal data where you are contesting the accuracy of that information, you have objected to processing (as described below), or where the processing is unlawful.
To object to processing: where your personal data is being processed based on the legitimate interests of a data controller or third party, you have the right to object to that processing.
To object to automated decision-making including profiling: you have the right not to be the subject of any automated decision-making or profiling by us.
To request data portability: for personal data which you have provided to a controller, where processing was based on your consent, or where processing is done by automated means, you have the right to be able to move your data from one IT system to another in a safe and secure way.
To withdraw consent: in cases where we are relying on your consent for the processing of your personal data, you have the right to withdraw your consent at any time. In respect of the e-marketing we conduct, an unsubscribe (withdraw consent) option is included with every e-marketing communication we send.
To complain to the relevant supervisory authority: in Ireland this is the Data Protection Commission.
To exercise any of the above rights, simply contact us using the details below. We will only charge a fee to access your personal data if your request is obviously unfounded or excessive. As part of this process, we may need you to provide us with information in order to confirm your identity.
CONTACT
You can contact the data protection officer of Tea Garden, the data controller, at:
Name: | Marcel Polak |
Email: | dpa@teagarden.ie |
Telephone: | +353 1 534 20 90 |
Post: | 7 Ormond Quay Lower, Dublin 1, Ireland |
This notice was most recently updated: 22nd September 2021