In general, Charity Retail Ireland does not collect, store, use or disclose personally identifying
information except in very specific instances, such as, for example, when you subscribe to our
newsletter updates, use our contact form, or have had multiple previous communications with
a Charity Retail Ireland representative. Whenever we collect such information, you will have a
choice regarding whether to provide it, how it will be used, and to whom it will be disclosed,
mindful of statutory and legal obligations on our part.
of personally identifiable information or information generally, please contact
You may also use the above contact information if you think any information about you is
inaccurate, incomplete, or if you want to change the sort of information about you that Charity
Retail Ireland may have collected.
You have the right to lodge a complaint with the Data Protection Commissioner if you are
unhappy with how we are processing your Data.
Information we may collect from you
We only collect Data about you on the Site which you volunteer when you email us or by
using our online Contact Us or other forms; or if you report a problem with our Site. When you
contact us, we may keep a record of that correspondence. We also collect Data automatically
We may collect and process the following data about you:
● your name;
● your phone number;
● your email address;
● your address;
● information that you provide by filling in forms on our Site;
● the time and date of your visit;
● your IP address;
● your browser type; and
● your referring URL
Lawfulness of Processing
There are six alternative ways in which the lawfulness of a specific case of processing of
personal data may be established under the GDPR.
It is Charity Retail Ireland’s policy to identify the appropriate basis for processing and to
document it, in accordance with the regulation. The options are described in brief in the
Unless it is necessary for a reason allowable in the GDPR, Charity Retail Ireland will always
obtain explicit consent from a data subject to collect and process their data. Transparent
information about our usage of their personal data will be provided to data subjects at the time
that consent is obtained and their rights with regard to their data explained, such as the right
to withdraw consent.
2. Performance of a Contract
Where the personal data collected and processed are required to fulfil a contract with the data
subject, explicit consent is not required. This will often be the case where the contract cannot
be completed without the personal data in question e.g. a delivery cannot be made without an
address to deliver to.
3. Legal Obligation
If the personal data is required to be collected and processed in order to comply with the law,
then explicit consent is not required. This may be the case for some data related to
employment and taxation for example, and for many areas addressed by the public sector.
4. Vital Interests of the Data Subject
In a case where the personal data are required to protect the vital interests of the data subject
or of another natural person, then this may be used as the lawful basis of the processing.
Charity Retail Ireland will retain reasonable, documented evidence that this is the case,
whenever this reason is used as the lawful basis of the processing of personal data.
5. Task Carried Out in the Public Interest
Where Charity Retail Ireland needs to perform a task that it believes is in the public interest or
as part of an official duty then the data subject’s consent will not be requested. The assessment of the public interest or official duty will be documented and made available as evidence where required.
6. Legitimate Interests
If the processing of specific personal data is in the legitimate interests of Charity Retail Ireland
and is judged not to affect the rights and freedoms of the data subject in a significant way,
then this may be defined as the lawful reason for the processing. Again, the reasoning behind
this view will be documented. Use of your data
We may use your Data where necessary for our legitimate business interests, including:
· improve the content of our Site and the services we offer
· ensure the Site is presented in the most effective manner for you and for your computer
· compile statistical data on the use of our Site
· notify you about changes to our service
We make no attempt to identify individual visitors or to associate the technical details we
collect with any individual unless required to disclose such information by law. We may use
your Data to comply with any legal obligations.
We will store your Personal Data only for as long as necessary for the purposes of providing
access to our Site and related services to you; as required by law.
Disclosure of your information
We will not disclose your Data to third parties unless you have consented to this disclosure or
unless the third party is required to fulfil a request you have made or contract that you have
entered into. Where appropriate, Data may also be processed by our service providers in
which case we will take steps to ensure that the processing complies with applicable data
protection and confidentiality laws. We will also disclose your Data if we believe in good faith
that we are required to disclose it in order to comply with any applicable law, a summons, a
search warrant, a court or regulatory order or other statutory or legal requirement.
Links to other sites
Our Site may, from time to time, contain links to and from other websites. If you follow a link to
any of those websites, please note that those websites have their own privacy policies and we
do not accept any responsibility or liability for those policies. Please check those policies
before you submit any Data to those websites.
You may request access to, rectification, erasure or restriction of your Data, or object to the
processing of your Data or Data portability at any time. We will respond to your request in
writing as soon as practicable and in any event within one month of receipt of your request.
We may request proof of identification to verify your request. All requests should be
addressed to firstname.lastname@example.org
Security and where we store your personal data
We are committed to protecting the security of your Data. We use a variety of security
technologies and procedures to help protect your Data from unauthorised access and use.
We cannot guarantee the complete security of our database, nor can we guarantee that
information you supply will not be intercepted while being transmitted to us over the Internet.
We have implemented strict internal guidelines to ensure that your privacy is safeguarded at
every level of our organisation. We will continue to update policies and implement additional
security features as new technologies become available.
Although we will do our best to protect your Data, we cannot guarantee the security of your
Data transmitted to our Site. Any transmission of Data is at your own risk. Once we receive
your Data, we will use appropriate security measures to seek to prevent unauthorised access
Changes to this Privacy Statement
We reserve the right to change this Privacy Statement from time to time at our sole discretion.
If we make any changes, we will post those changes here and update the “Last Updated”
date at the bottom of this Privacy Statement. Your continued use of this Site after we make
changes is deemed to be acceptance of those changes, so please check this Statement
periodically for updates.
Last Updated: 21/06/2022