We are committed to ensuring that your rights under data privacy laws are protected and personal information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online in accordance with data privacy laws.
- What we collect
We may collect the following information:
- Your name
- Your contact information such as email address
- Demographic information such as preferences and interests
- Other information relevant to customer surveys and/or offers
- Any information you provide by filling in forms on our website
- Details of your visits to our website and the resources that you access
- Technical data which may include your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website
- Communication and usage data which may include when you contact us by phone, letter or email or details on how you use our website, products and services
- Marketing and communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences
We use different methods to collect personal data about you including through:
- Direct interactions. You may give us your personal data when you order services through the website, enter a competition or promotion on the website or by corresponding with us or contacting us by post, phone, email or otherwise.
- Automated technologies or interactions. As you interact with our website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
- Third parties or publicly available sources. We may receive personal data about you from third parties such as our website visitor authentication tool, Web Insights.
- What we do with the personal information we gather
We use this information to provide you with a better service and to ensure that our website is presented in the most efficient manner for you, and in particular for the following reasons:
- For internal record keeping purposes
- To improve our products and services
- To provide you with information and promotional material about products, special offers or other information which you request from us or we think you may find interesting – this is using the email address which you have provided and where you have consented to be contacted for such purposes
- To send you promotional information about third parties which we think you may find interesting where you have consented to be contacted for such purposes
- To carry out our obligations arising from any contracts entered into between you and us
- To allow you to participate in interactive features of our service, when you choose to do so
- To notify you about changes to our products or services
We primarily process your personal data based on our legitimate interests but, in certain instances, we may process your personal data based on another legal basis where it is more appropriate to do so. Our legal basis for processing your personal data include:
- entering into or performance of a contract: it may be necessary for us to process your personal data in order to enter into and perform a contract with you. If you do not provide your personal data for these purposes, we will not be able to perform our contract with you.
- compliance with a legal obligation: it may be necessary for us to process your personal data in order to comply with legal obligations to which we are subject to under Irish and EU law.
- legal claims: it may be necessary for us to process your personal data to establish, investigate, exercise, or defend a legal claim.
In certain limited circumstances, we may process your personal data based on your freely given consent. For example, when we send you promotional or direct marketing material, we do so on the basis of your consent.
You can withdraw your processing consent at any time by contacting us on the details set out in section 8 of this Notice. In the case of direct marketing, we will ask you in each marketing communication whether you want to “unsubscribe” or “opt-out”. Please note that any processing carried out before you withdraw your consent will remain valid.
We apply digital certificates to our official corporate websites to secure communications and also provide assurance that you are connected to approve resources. All our customer, supplier and accounts payable / accounts receivable functions all use Glanbia branded email addresses and never use 3rd party email addresses. We will treat all your queries in relation to potentially fraudulent activity with the highest urgency. We maintain in-house and external Information Security services to provide website security analysis and identify areas of website security improvement
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
- Links to other websites
- Recipients of your personal information
We may share your personal data with:
- Internal Third Parties: Glanbia group companies in Ireland and abroad (“Glanbia Group”) for our internal business purposes.
- External Third Parties: We may share information with the following external third parties:
- Professional advisers including lawyers, bankers, financial service providers, auditors and insurers who provide banking, financial, legal, insurance and accounting services to us.
- IT and technical service providers which provide IT and technical services.
- Third party service providers such as payment service providers and customer relationship management service providers.
- Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets.
- The competition/promotion supplier for the purposes of administering the competition/promotion.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- International transfers
The safeguard we use to facilitate these transfers is the European Commission’s Standard Contractual Clauses (“SCCs”). We either enter directly into SCCs with service providers, or require our service providers to have the SCCs in place with any non-EEA based sub-processors of such service providers who receive your Personal Data. Glanbia Group has in place internal SCCs.
- Retention of your personal information
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
- Controlling your personal information
You have a number of rights in relation to your personal data, which are set out below. Please note that in certain circumstances these rights may not be absolute. You have the:
- right of access: you are entitled to receive a copy of your personal data which we hold. We will only charge you for such a request where we feel your request is manifestly unfounded or excessive.
- right to rectification: you can request that we amend any inaccurate personal data that we have about you.
- right to erasure: you can request us to erase the personal data we hold about you in certain circumstances.
- right to restriction of processing: you can request that we restrict our processing of your personal data in certain circumstances.
- right to data portability: you can request your personal data be provided to you in a structured, commonly used, and machine-readable format and have your personal data transmitted to another controller in certain circumstances where it is technically feasible.
- right to object: you can object at any time where we process your personal data on the legal basis of our legitimate interests or where we process your personal data for direct marketing purposes. Please note GI does not engage in decision-making based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
You can exercise any of these rights by submitting a request:
- by emailing: email@example.com
- by writing to: Glanbia Ingredients Ireland, Customer Service Department, Cavan Road, Virginia, Co. Cavan.
We will provide you with information on any action taken upon your request in relation to any of these rights without undue delay and at the latest within one month of receiving your request. We may extend this up to 2 months if necessary; however, we will inform you if this arises. Please note that we may ask you to verify your identity when you seek to exercise any of your data protection rights. You also have the right to lodge a complaint with the Data Protection Commission. For further information, see www.dataprotection.ie.