Privacy Policy

Last updated:

1. Introduction

Phaltrongrax ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website phaltrongrax.world and use our services.

We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679, the Data Protection Act 2018 (Ireland), and other applicable data protection laws. Use of our website is described in this policy; processing based on consent (for example marketing or non-essential cookies) occurs only where you have given consent through the relevant mechanism (such as our cookie banner or form tick-box).

Rules on cookies and similar technologies are also subject to the ePrivacy framework as implemented in Ireland (including the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011, S.I. No. 336 of 2011, as amended).

2. Data Controller

The data controller responsible for your personal data is:

Phaltrongrax

103 Retreat Park, Retreat

Athlone, Co. Westmeath

N37 XV30, Ireland

Email: message@phaltrongrax.world

3. Information We Collect

3.1 Information You Provide

We collect information that you voluntarily provide when you:

  • Place an order or submit an enquiry through our website
  • Contact us via email or contact forms
  • Subscribe to our communications, where we offer that option

This information may include:

  • Full name
  • Email address
  • Phone number (if provided)
  • Postal address (for delivery purposes)
  • Order and transaction details
  • Any other information you choose to provide in messages

3.2 Information Collected Automatically

When you visit our website, we may automatically collect certain information, including:

  • IP address
  • Browser type and version
  • Operating system
  • Referring website
  • Pages visited and time spent on pages
  • Date and time of visits
  • Device information

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under GDPR:

  • Contract Performance: Processing necessary for the performance of a contract with you (e.g., processing your order)
  • Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and preventing fraud
  • Legal Obligation: Processing necessary to comply with legal requirements
  • Consent: Where you have given explicit consent for specific processing activities (e.g., marketing communications)

5. How We Use Your Information

We use the information we collect for the following purposes:

  • To process and fulfill your orders
  • To communicate with you about your orders and inquiries
  • To provide customer support
  • To send transactional emails (order confirmations, shipping updates)
  • To send marketing communications (with your consent)
  • To improve our website and services
  • To analyze website usage and trends
  • To detect and prevent fraud or other illegal activities
  • To comply with legal obligations

6. Data Sharing and Disclosure

We may share your personal data with:

  • Processors (service providers): Third parties that process personal data on our instructions and under a contract that requires them to protect your data (for example payment processors, delivery partners, hosting providers, email service providers, and analytics or advertising technology providers where you have consented to those cookies)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, subject to appropriate safeguards

We do not sell your personal data to third parties for their marketing purposes.

7. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Order Data: Retained for 7 years for legal and accounting purposes
  • Customer Service Communications: Retained for 3 years
  • Marketing Consent: Retained until you withdraw consent
  • Website Analytics: Retained for 26 months

After the retention period, your data will be securely deleted or anonymized.

9. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you
  • Right to Rectification: You can request correction of inaccurate or incomplete data
  • Right to Erasure: You can request deletion of your personal data in certain circumstances
  • Right to Restrict Processing: You can request that we limit how we use your data
  • Right to Data Portability: You can request to receive your data in a commonly used format
  • Right to Object: You can object to processing based on legitimate interests or for direct marketing
  • Right to Withdraw Consent: You can withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us using the details provided in Section 2. We will respond within one month, which may be extended by two further months where necessary (we will inform you if so).

9.1 Automated decision-making and profiling

We do not use automated decision-making, including profiling, which produces legal effects concerning you or similarly significantly affects you. If this changes, we will update this Privacy Policy and, where required, obtain your consent or provide other lawful grounds.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • SSL/TLS encryption for data transmission
  • Secure server infrastructure
  • Access controls and authentication procedures
  • Regular security assessments
  • Employee training on data protection

While we take reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

11. Cookies

Our website uses cookies and similar tracking technologies. For detailed information about the cookies we use and your choices regarding cookies, please see our Cookie Policy.

12. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.

13. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

15. Complaints

If you have concerns about how we handle your personal data, please contact us first. You also have the right to lodge a complaint with a supervisory authority. In Ireland, this is:

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2, D02 RD28, Ireland

Website: www.dataprotection.ie

16. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Phaltrongrax

103 Retreat Park, Retreat

Athlone, Co. Westmeath

N37 XV30, Ireland

Email: message@phaltrongrax.world