Data Protection Policies
Who We Are
Our website address is: https://thefitdish.com
What is the GDPR?
GDPR is the General Data Protection Regulation. It comes into effect from 25
May 2018. It sets out a series of new EU laws concerning how data is processed
and used. The objective of the regulation is to strengthen and standardise data
protection laws for all EU citizens.
These regulations will apply to any organisation that controls and/or
processes data on behalf of an individual or group of individuals. Those
responsible for adhering to these regulations include employees of the
organisation, including contractors, consultants, agents and third parties who
have access to data either directly or indirectly.
What does this mean for Thefitdish?
As a data controller and processor of your personal information, we will:
Process your information in a manner that ensures appropriate security of
the personal data, including protection against unauthorised or unlawful
processing and against accidental loss, destruction or damage, using
appropriate technical or organisational measures. This data is gathered through
our 3rd party agencies such as mailchimp, our payment processor and wordpress.
We do not personally hold any data, and all are on secure servers as per
business terms for the above.
Conduct our business in a fair and transparent way and ensure we minimise
the risk of unfair outcomes for our customers
Contact Information of the Data Controller
You can contact us any time to:
Request access to information that Thefitdish has about you
Correct any information that Thefitdish has about you
Delete information that Thefitdish has about you
Contact Information & Queries
If you have any additional questions about Thefitdish’s collection and
storage of data, please contact us at:
140 Hillside, Greystones, Co Wicklow
How we collect your information
We collect your information, for example when you register with our online
platform, when you sign up to our newsletter, when you make a purchase.
Our website uses “cookie” technology. A cookie is a little piece of text
that our server places on your device when you visit our website. They help is
make the site work better for you. These cookies are not stored, read or
processed by thefitdish.com, but by the technologies on which this website is
built, that is WordPress and 3rd party plugins.
What information we collect about you
Date of Birth
IP address – although we have no use on this website for it, IP addresses are
held as per irish law by ISPs.
How we Use your information
We may use the information we collect about you in a
variety of ways, including to:
process your purchases of or requests for products and services; communicate
with you about orders, purchases, returns, services, programmes; respond to
your customer service enquiries and requests for information; send you
personalised promotions and special offers; inform you about our brands,
products, events, or other promotional purposes; maintain, improve, and analyse
our website, ads, and the products and services we offer; detect, prevent, or
investigate security breaches or fraud; maintain appropriate records for
internal administrative purposes; facilitate the functionality of our website; deliver
gift cards or e-gifts in accordance with your instructions; provide important
product safety information and notice of product recalls.
Sometimes we need your consent to use your personal information. We have
controls to ensure that you are informed when making your decision and that you
are aware that you can remove your consent at any time by contacting us. Our
consent requests are built on the following principles:
Positive Action – Clear affirmative action is required. We will no longer
use pre-ticked boxes, imply or assume consent in the event of no positive
action from you.
Free will – Your consent must be freely given and not influenced by external
Specific – We will be clear on what exactly we are asking your consent for.
Recorded – We will keep a record of your consent and how it was obtained.
Can be withdrawn at any time – We will stop data processing requiring your
consent at any time you make valid request. Contact us at firstname.lastname@example.org
For direct marketing, we need your consent to make you aware of products and
services which may be of interest to you. We may do this by phone, post, email,
text or through other digital media. You can decide how much direct marketing
you want to accept when you apply for new products and services.
As part of our direct marketing, we analyse the information that we collect
on you through your use of our products and services and on our website. This
helps us understand your behaviour and how we interact with you. This enables
us to personalise your experience and provide you with the most suitable
products and services.
If we ever contact you to get your feedback on ways to improve our products
and services, you have the choice to opt out.
Your Personal Data is held on secure servers hosted by WordPress, our card
processor and Mailchimp.
The nature of the Internet is such that we cannot guarantee or warrant the
security of any information you transmit to us via the Internet. No data
transmission over the Internet can be guaranteed to be 100% secure.
However, we will take all reasonable steps (including appropriate technical
and organisational measures) to protect your Personal Data.
Nevertheless, we review our information collection, storage and processing
practices, including physical security measures, to guard against unauthorized
access to systems.
Security and Privacy
We respect your privacy and only hold information required to process your
orders. The information we ask of you through the checkout process is the
minimum required to process your order. We do not hold or store any payment
information details, including credit card numbers or bank details.
We do not pass your telephone number, email address or other details to any
other organisations other than to process your order or as required by law.
We will send order confirmation, dispatch confirmation and other relevant
emails related only to orders you have placed to the email address provided by
you when registering with us to create your account.
Your rights as a Data Subject
Right to Information
You have the right to request access to the information we have on you. You
can do this by contacting email@example.com
We will make sure to provide you with a copy of the data we process about you.
In order to comply with your request, we may ask you to verify your identity.
We will fulfil your request by sending your copy electronically, unless the
request expressly specifies a different method.
Right to rectification and erasure
If you believe that the information we have about you is incorrect, you are
welcome to contact us so we can update it and keep your data accurate. Any data
that is no longer needed for the purpose specified in information collection
and use will be deleted. If at any point you wish for Thefitdish to delete
information about you, you can simply contact us at firstname.lastname@example.org
Right to restriction and objection
You may have the right to restrict or object to us processing your personal
information. We will require your consent to further process this information
once restricted. You can request restriction of processing where;
The personal data is inaccurate and you request restriction while we verify
The processing of your personal data is unlawful;
You oppose the erasure of the data, requesting restriction of processing
You require the data for the establishment, exercise or defence of legal claims
but we no longer require the data for processing;
You disagree with the legitimate interest legal basis and processing is
restricted until the legitimate basis is verified.
Right to withdraw consent
You have the right to withdraw a previously given consent for processing of
your personal data for a purpose. Thefitdish.com will stop processing of the
personal data that was based on the consent provided earlier. To withdraw
consent you can contact us at email@example.com
Right to Data Portability
Where possible we can share a digital copy of your information directly with
you or another organisation. We will provide this information in a structured,
commonly used and machine-readable format. Note, we can only share this
information where it has been processed automatically and was processed under
your consent or performance of a contract.
We do not share information processed under legal obligation or our
legitimate interest for portability, in line with GDPR guidance.
Right to lodge a complaint to a regulatory authority
If you have a complaint about the use of your personal information, please
contact us, giving us the opportunity to put things right as quickly as
possible. If you wish to make a complaint you may do so by phone, in writing
and by email.
We will fully investigate all the complaints we receive. We ask that you
supply as much information as possible to help us resolve your complaint
quickly. You can contact us at firstname.lastname@example.org
You can also contact the Office of the Data Protection
Commissioner in Ireland on the below details:
Visit their website www.dataprotection.ie
Phone on +353 (0)57 8684800 or +353 (0)761 104 800
Write to Data Protection Office, Canal House, Station Road, Portarlington,
Co. Laois, R32 AP23. Or 21 Fitzwilliam Square, Dublin 2, D02 RD28, Ireland.