Privacy policy

Privacy Policy

Effective Date: April 8, 2025

This Privacy Policy outlines how we collect, use, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the Irish Data Protection Act 2018. By using our products or services, you agree to the terms of this Privacy Policy.

1. Who We Are

We are committed to safeguarding your privacy and ensuring that your personal data is processed lawfully, fairly, and transparently. As a data controller, we adhere to all applicable data protection laws in Ireland.

2. What Data We Collect

We may collect the following types of personal data:

Name, address, email address, and phone number for order processing or customer support.
Payment details for transaction purposes.
Feedback or preferences shared voluntarily during product reviews or surveys.

We do not collect special category personal data unless explicitly required and consented to.

3. How We Use Your Data

Your personal data is used for:

Processing orders and delivering products.
Providing customer support and addressing inquiries.
Sending promotional offers (only with your explicit consent).
Improving our products and services through feedback analysis.

We ensure that all processing activities are necessary, proportionate, and relevant to the purposes outlined above.

4. Legal Basis for Processing

We process your data based on:

Contractual necessity: To fulfill orders and provide services you request.
Consent: For marketing communications and optional surveys.
Legitimate interests: To improve our services while respecting your rights.

5. Data Sharing

We do not sell or share your data with third parties except:

With service providers (e.g., payment processors or delivery partners) to fulfill your orders.
If required by law or regulatory authorities under GDPR or Irish law.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Measures include encryption, pseudonymization, secure storage systems, and regular risk assessments as per GDPR Article 32.

7. Your Rights

Under GDPR and the Irish Data Protection Act 2018, you have the following rights:

Access: Request a copy of your personal data we hold.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your data ("Right to be Forgotten").
Restriction: Limit processing under certain circumstances.
Data Portability: Receive your data in a structured format for transfer to another controller.
Objection: Opt-out of direct marketing or processing based on legitimate interests.

To exercise these rights, contact us at [email address].

8. Cookies

Our website uses cookies to enhance user experience in compliance with GDPR and Irish ePrivacy Regulations. You can manage cookie preferences through browser settings.

9. Children's Data

We do not knowingly collect data from individuals under the age of 16 without parental consent as required by Irish law.

10. International Data Transfers

If we transfer your data outside the EU/EEA, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

11. Retention Period

Personal data is retained only as long as necessary for the purposes outlined above or as required by law.

12. Contact Information

If you have questions about this policy or wish to file a complaint regarding our handling of personal data, please contact us at:
Email: help@brotan.ie
Phone: 0876005990

You also have the right to lodge a complaint with the Irish Data Protection Commission via their website (dataprotection.ie).

13. Updates to This Privacy Policy

We reserve the right to update this policy periodically in compliance with legal requirements. Changes will be posted on our website with an updated effective date.

By choosing our products or services, you trust us with your personal data—and we are committed to protecting it responsibly under GDPR and Irish law.