Privacy & Cookie Policy

Last Updated : 05/11/2020
This privacy policy describes how Gourmet Tart Company Limited (“Gourmet Tart Co.”, “we” and “our”) collect, use and share (collectively, “use”) your personal data. Please read the following carefully to understand our practices regarding your personal data.

Important Information

Who is Gourmet Tart Co.?
The controller of your personal data for purposes of data protection law is Gourmet Tart Company Limited, T/A Gourmet Tart Co., registered in Ireland under company number 357526 and has its registered offices at Unit 1, Block 13, Ballybane Industrial Estate, Galway. See the Contact Us section below for additional contact details.

When does this privacy policy apply?
This privacy policy describes our use of personal data in relation to our websites at gourmettartco.com (the “Site”). This privacy policy also describes how we use personal data we collect in other settings where we post or link to this privacy policy.

How will you use my personal data?
We use your personal data only as described in this privacy policy. See the Using Your Information section below for details.

Do you share my personal data with others?
We do not sell your personal data or share it with anyone except as described in this privacy policy. See the Disclosure section below for details.

What are my rights?
Data protection laws give you important rights and choices in relation to your personal data. See the section below on Your Rights for details.

How can I get more information?
Contact Us anytime with your questions and feedback.

Information We Collect

Personal Data You Give Us. Personal data you give us includes:

  • Identity information, such as your name and other demographic information, such as your gender
  • Contact information, such as your name, billing and shipping addresses, email address and telephone number
  • Profile information, such as your username and password, security question answers, interests, and preferences (such as your sizes and marketing preferences)
  • Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Site, receive customer support, interact with us on social media or otherwise correspond with us
  • Financial information, such as your payment card details
  • Transaction information, such as details about purchases you make through the Site, your purchase history, and transaction details
  • Usage information, such as your search terms and information you provide when you enter competitions, apply for special promotions, sign up for offers or updates, or use other interactive features of the Site

Information Automatically Collected.

We may automatically log information about you and your computer or mobile device when you access our Site. For example, we may log your IP address, computer or mobile device operating system name, version, manufacturer and model, browser type, device identifiers, browser language, screen resolution, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site.

Cookies.

We may collect this information about you using cookies.  Please see our Cookie Policy for more details.

Do Not Track.

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not currently respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Sensitive personal data.

We ask that you not send or disclose to us any sensitive personal data (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics, genetic characteristics, criminal background or union membership) on or through the Site or otherwise.  If you send or disclose any sensitive personal data to us, you must consent to our processing and use of such sensitive personal data in accordance with this privacy policy. If you do not consent to our processing and use of such sensitive personal data, you must not provide it.

Changes to your personal data.

It is important that the personal data we hold about you is accurate and current.  If your personal data changes during your relationship, please update it by updating your registration profile or contacting us.

Using Your Information

To process your orders

We use your personal data to process your orders and payments for goods and/or services and to deliver and/or provide those goods and services to you.

To operate the Site and our business

We may use your personal data:

to provide you with a customer account, including to make future ordering on our Site more efficient for you;
to ensure that content from our Site is presented in the most effective manner for you and for your computer;
to customise and optimise the mobile version of our Site;
to contact you where you have requested information from us or have reported a problem with our Site; and
to notify you about changes to our products and services.

To send marketing communications

If you request information from us, register for an account on the Site, purchase one of our products or participate in our surveys, promotions or events, we or our group companies may send you marketing communications if permitted by law, but you will be able to opt out. Such communications include notices of special offers, notice of advanced sales, notice of new store openings and other news related to Gourmet Tart Co., and may be tailored to your preferences.

To create anonymous data

We may create aggregated or other anonymous data derived from personal data of our users by excluding information that makes the data personally identifiable to you.  We may use the anonymous data to improve our products and services, develop new ones and for other lawful business purposes.

For security, compliance, fraud prevention and safety

We use your personal data as we believe necessary or appropriate to (a) implement and operate security measures designed to protect the Site and your personal data; (b) enforce the terms and conditions that govern the Site or other services you have requested; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorised, unethical or illegal activity.

To comply with law

We use your personal data as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

With your consent

We will request your consent to use your personal data where required by law, such as where we use certain cookies or similar technologies or would like to send you certain marketing messages.  If we request your consent to use your personal data, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us.

Disclosure

Affiliates

We may disclose your personal data to any company in our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, for purposes consistent with this privacy policy.

Service Providers

We may employ third party companies and individuals to help us process your personal data as described in this privacy policy (such as hosting, data storage, website analytics and testing, email delivery and database management services, payment processing, and order fulfilment).

Professional Advisors

We may disclose your personal data to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us for purposes consistent with this privacy policy.

Compliance with Laws and Law Enforcement; Protection and Safety

Gourmet Tart Co. may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate as described above to comply with law and for security, compliance, fraud prevention and safety.

Business Transfers

We may sell, transfer or otherwise share some or all of its business or assets, including your personal data, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganisation or sale of assets or in the event of bankruptcy.

International Data Transfer

The personal data that we collect from you may be transferred to a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or another company in our group.

Where we transfer personal data to a country that has not been approved by the European Commission as providing a level of data protection comparable to the EEA’s, we will transfer it subject safeguards that allow us to conduct the transfer in accordance with the EEA’s data protection laws, such as the specific contracts approved by the European Commission as providing adequate protection of personal data. For details, see the European Commission’s website for model contracts for the transfer of personal data to third countries.  Please contact us for further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Security and Payment Processing

All payment processing is handled on our behalf by a third party which uses the Payment Card Industry Data Security Standard (PCI DSS).  PCI DSS is a mandatory compliance standard for all payment service providers which enforces high levels of security in all areas where cardholder data is transmitted or stored. Strong protections such as encryption, intrusion detection and response, formalised policies and standards and security-aware development methodologies are utilised by our third party payment processing provider as part of its PCI DSS compliance.

Unfortunately, the transmission of information via the internet is not completely secure and no security measures can guarantee the protection of your personal data. Although we use various technical and organisational measures designed to protect your personal data, we cannot guarantee its security; any transmission is at your own risk.

Never send your bank or credit card details to us by email or other than by the form on our Site which requests payment details. Please note that email is not encrypted and is not considered a secure means of transmitting credit card numbers. We will never, ever ask for sensitive information via email.

Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Rights

You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by clicking the unsubscribe link contained in marketing emails, or by contacting us.

You may also ask us to take the following actions in relation to your personal data that we hold:

Access.  Provide you with information about our use of your personal data and give you access to it.
Correct.  Update or correct inaccuracies in your personal data.
Delete.  Delete your personal data.
Transfer.  Transfer a machine-readable copy of your personal data to you or a third party of your choice.
Restrict.  Restrict the processing of your personal data.
Object. Object to our reliance on our legitimate interests as the legal basis for our use of your personal data as described in the Legal Information section.
You can submit these requests by contacting us.  We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request.  If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator here.

Third Party Sites

Our Site may, from time to time, contain links to and from the websites of advertisers, affiliates and other third parties. These links to not imply endorsement of these third parties.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Children

Our Site is not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us . We will delete such information from our files as soon as reasonably practicable.

Changes to the Privacy Policy

We reserve the right to modify this privacy policy at any time. Any material changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or other reasonable means.

Contact Us

You may send any questions, comments and requests regarding this privacy policy to info@gourmettartco.com, or write to us at: Gourmet Tart Co., Jameson Court, Salthill, Galway

Legal Information

We are required to inform you of the legal basis of our processing of your personal data, which are described in the table below.  If you have questions about the legal basis of how we process your personal data, Contact Us.

Processing purposeLegal basis
To process your ordersProcessing necessary to provide goods and services you have ordered or to take steps that you request prior to ordering them.  If we are unable to process your personal data, we may not be able to provide you with the requested service.
To operate the Site and our business

To send marketing communications

To create anonymous data

for security, compliance, fraud prevention and safety

Processing for our legitimate interests outlined above. We consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with lawProcessing necessary to comply with our legal obligations
With your consentProcessing based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated when we requested your consent or by contacting us.