GoSmart.ie is the Data Controller of your personal data and is committed to protecting your privacy and security. This policy is designed to be clear and transparent, ensuring compliance with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (Ireland).
1. Data Controller Contact Details
Data Controller: GoSmart.ie (operated by [Your Legal Business Name])
2. What Personal Data We Collect and Our Legal Basis
We collect and process personal data only when we have a legitimate and lawful reason to do so.
To Fulfil Your Contract (Legal Basis: Performance of a Contract):
Data: Name, Delivery/Billing Address, Phone Number, and Email Address.
Purpose: To process your order, deliver products, handle payments, and manage returns or warranties.
Payment Details: We do not store full credit card details. Payments are processed securely by GDPR-compliant third-party payment processors.
For Marketing (Legal Basis: Consent):
Data: Email Address and Name.
Purpose: To send you promotional emails about new products, special offers, and smart home tips. We only do this if you have given us clear, specific, and explicit consent (opt-in).
For Website Improvement and Security (Legal Basis: Legitimate Interest or Consent):
Data: IP address, browser information, and certain usage data (via cookies).
Purpose: To secure our website against fraud and attack, and to analyse site traffic to improve your shopping experience. For non-essential cookies, we rely on your consent (see Cookie Policy).
3. Sharing Your Personal Data
We share your data only with trusted third-party providers who require the information to perform a service on our behalf, and under strict, GDPR-compliant Data Processing Agreements:
Delivery Services: To deliver your purchases.
Payment Gateways: To process financial transactions securely.
IT & Hosting Providers: To operate the website and securely store necessary data.
Analytics Providers: To measure website performance (only with consent where required).
We will not sell, rent, or trade your personal data. We will only disclose information if legally required to do so by an Irish or EU authority.
4. Your Data Protection Rights (GDPR)
You have the following rights regarding your personal data. To exercise any of these rights, please contact us at [email protected]:
Right of Access: The right to request copies of your personal data that we hold.
Right to Rectification: The right to request that we correct any information you believe is inaccurate.
Right to Erasure (‘Right to be Forgotten’): The right to request that we delete your personal data, under certain conditions.
Right to Restrict Processing: The right to request that we limit the processing of your personal data, under certain conditions.
Right to Object to Processing: The right to object to our processing of your personal data, particularly for direct marketing purposes.
Right to Data Portability: The right to request that we transfer the data we have collected to another organisation, or directly to you, under certain conditions.
5. Lodging a Complaint
If you feel that we have not addressed your concerns or handled your data appropriately, you have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland:
