Data Privacy Notice

1. Who we are:

1.1 This data privacy notice applies to SO Prosecco Limited of DMG House, Deansgrange Industrial Estate Deansgrange County Dublin. You can contact us at info@soprosecco.com

1.2 This Data Privacy Notice has been prepared in accordance with the requirements of the EU General Data Protection Regulation 2016/679 (“GDPR”) and sets out how we collect, process, store and keep secure your personal data.

2. The information we collect

2.1 We may collect, record and use information about you in physical and electronic form and will hold, use and otherwise process the data in accordance with the GDPR and as set out in this notice.

2.2 We will collect your personal data when you register on our Website, place an order with us, subscribe to our newsletter or fill out a form. You may visit our Website anonymously.

2.3 We may share such data with other (for example third party delivery providers).

2.4 The categories of personal data that we may collect includes, but is not limited to:

  • Your name, email address, mailing/delivery address, phone number or credit card information. We will not retain your credit card details unless you authorise us to do so.
  • Your IP address, browser type and language.
  • Details about how you use our products and services.

2.5 If you fail to provide us with this information, or you object to us processing such information the consequences are that we may be prevented from processing your product order or continuing to provide all or some of our services to you.

3. Do we use Cookies?

Yes we do. A “cookie” is a small text file containing non-personal information about the user that is stored on the user’s hard drive. Websites use cookies to recognise users who revisit the website and to collect statistical data to identify those sections of the website that are of most interest to the user. Cookies also help the user to navigate the website more easily.

We use cookies to help us remember and process the items in your shopping cart, understand and save your preferences for future visits and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

Most web browsers allow the user to block the use of cookies by adjusting the relevant settings in the browser options window.

4. How we use information about you

The personal data we collect from you may be used in one of the following ways:

  • To manage and respond to any request you submit through our Website.
  • To process orders made by you.
  • Financial accounting, invoicing and credit risk analysis purposes.
  • Protecting our rights and those of our customers, employees and third party suppliers.
  • To improve our Website based on the information received from you.
  • To improve our customer service.
  • To administer a contest, promotion, survey or other Website feature.
  • To send periodic emails (the email address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information).

If at any time you want to unsubscribe from receiving future emails, it will simply be necessary to email us at info@soprosecco.com

5. The legal basis for processing of personal data

5.1 As we are required to do we are setting out the legal basis upon which we may rely in order to lawfully process your personal data. In this regard we rely on one or more of the following:

  • Your consent to our processing of your personal data; or
  • To perform any agreement with you or any essential pre-contractual step; or
  • To comply with a non-contractual legal obligation (for example keeping records for tax purposes, or providing information to a public body or law enforcement agency); or
  • To protect your vital interests or those of another natural person In appropriate circumstances; or
  • To prevent fraud; or
  • To protect our legitimate business interests in the proper administration and operation of our business; or
  • For direct marketing of our products (unless you have previously stated at any time that you do not wish to receive such material) whether by post, electronic communications, phone, mobile phone on the basis that all direct marketing communications will contain a clear method to opt out from subsequent direct marketing material.

5.2 Please note that in certain circumstances it may be still lawful for us to continue processing your information even where you have withdrawn your consent, if one of the other legal bases described above is applicable.

6. Sharing your information

6.1 In the normal course of running our business and in connection with one or more of the purposes set out at clause 5 above, we may disclose details about you to some or more of the following recipients, or categories of recipients:

  • Trusted third parties who assist us in to fulfil your order from us and for marketing and communication purposes;
  • Banks/Financial institutions;
  • Credit Reference Agencies;
  • Any Court, Tribunal, Administrative or Competent Authority or Public Body
  • Email providers;
  • IT suppliers and maintenance contractors;
  • IT back-up and forensic software analysts and cloud storage providers, External file and document archive storage providers;
  • Any other person or organisation after a restructure, sale or acquisition of the company (or any holding company), as long as  that person uses your information for the same purposes as it was originally given to us or used by us (or both).

Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

7. Transferring your personal data outside the EEA

7.1 Information we collect will not normally be processed in or transferred to any country or territory outside of the European Economic Area (EEA). It may however be necessary to transfer your personal data outside the European Economic Area (“EEA”) in connection with the lawful basis for processing to jurisdictions which may have less stringent data protection laws.

7.2 When we, or our permitted third parties, transfer your personal data outside the EEA, we or they will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the EEA.

7.3 If we transfer your personal data outside the EEA in other circumstances (for example because we have to provide such information by law), we will put in place appropriate safeguards to ensure that your personal data remains adequately protected.

7.4 We may share anonymised and aggregated information with third parties for data analytics, research, and promotional purposes.

8. Protection of your Personal Data

8.1 The security of your personal data is important to us. We restrict access to personal information to those of our employees, contractors and processors who have a requirement to process your personal data.

8.2 We implement a variety of security measures to maintain the safety of your personal data when you place an order or enter, submit, or access your personal data. We offer the use of a secure server. All sensitive personal data (such as credit card information) is transmitted via Secure Socket Layer (SSL) technology. We do not store encrypted credit card information. Currently all payments are processed for us by Stripe, and Stripe only stores information needed to process the order and is a fully PCI compliant global payment processor.

8.3 Transmission of personal data over the Internet (for example web-forms or email) is insecure. Therefore we cannot guarantee the safety and security of personal data transmitted in this way.

9. Your rights

9.1 Under the GDPR, you have the following rights in respect of your personal data:-

  • The right to access the personal data we hold about you.
  • The right to require us to rectify any inaccurate personal data about you without undue delay.
  • The right to have us erase any personal data we hold about you in circumstances where the processing is no longer necessary or where you withdraw your consent or where there is no overriding lawful basis for the processing.
  • The right to request a restriction of the processing of your personal data.
  • The right to data portability only in circumstances where the processing is carried out by automated means, is based on consent, or for the performance of a contract with the data controller and to the extent that it does not affect the rights and freedoms of others.
  • Where processing is based on consent – the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • The right to lodge a complaint with the Office of the independent supervisory authority in the Member State in which you ordinarily reside (In Ireland the Office of the Data Protection Commissioner).
  • If you have any questions or concerns about how we process your data, you can contact us at dpo@GowanGroup.com

10. How long will we retain your data?

10.1 It is our policy not to keep personal data for longer than is necessary, for the purposes that are set on in this data privacy notice and for long as is required to do so in order to meet any legal obligations that we are bound by.

10.2. We will hold your personal data for the longer of the following periods:

  • To honour any contractual obligation with you; or
  • To comply with any retention period required by law; or
  • The expiry of any limitation period in respect of which investigations or litigation may arise.