Scented
Privacy policy
Privacy Notice and Cookie Policy
-
Who we are and the type of data we collect from you
Welcome to our privacy notice and cookie policy. We are Infinite Candles Limited t/a Sónua, an Irish registered company with registration number 750830, and with a registered office at: Sónua, Unit 5, Carrigaline Industrial Estate, Kilnagleary, Carrigaline, Co. Cork, P43XH27 (“Company”).
This privacy notice is intended to advise you on how we collect and process information that may identify you (“Personal Data”) and in compliance with the General Data Protection Regulation 2016/679 and implementing legislation under the Data Protection Act 2018 (together, “GDPR”) when you use our website and/or sign up for our services using our Customer Authorisation Form (“Application”).
We take our responsibilities under GDPR very seriously, and you can contact us at the above address details by post (to the attention of Laura Lyons – Account Manager), or you can contact our data protection officer (please make the subject line “To the Attention of the Sónua Data Protection Officer”) at the following email address: info@sonuaofficial.com.
In addition, you can contact our Customer Care Team at: 00353 83 1135040, Monday to Friday between 9am and 5pm (excluding public holidays), who can take details of any requirements or complaints you may have with respect to your Personal Data.
The type of data we collect is:
a) Information that directly identifies you. This may include your name, address, email address, username, and password.
b) Information that indirectly identifies you. We automatically receive and record information from your device or web browser when you interact with our website, the Application, and from the use of the Services, for example, your internet protocol (IP) address, mobile device ID, time zone setting, location data, language preference, operating system, platform, and links you have clicked on or shared with others, including through email and social media. We may also create a user ID that may similarly indirectly identify you. We may use this information to collect data about your activities on our sites and apps and on third-party sites, apps, and platforms, such as Facebook. We may associate information that indirectly identifies you with your user account (if you have one) and other information we have collected about you. We will also have access to data such as internet data, including the amount of data used, time duration of the session, device, IP/MAC address, and the websites you visit.
c) Location data. We may collect geo-data, which tells us where you are when we collect other information about you. We may also collect the language option or country you choose. We may link location data to other information we have collected about you.
d) Profile data. This may include your username and password and other information you give us (if you are a registered user), information you give us in connection with purchases or orders made by you, your interests, preferences, feedback, and survey responses. We do not disclose email addresses to other users.
e) Marketing and communications data. This may include information about your subscriptions to our newsletters and your marketing preferences.
f) Transaction and financial data. We may collect or receive transactional and financial information relating to you when you purchase our Services (for example, payment details, telephone, and other contact details).
-
Why we process your Personal Data, the lawful basis for processing your data, and who we share it with
-
For people who view and interact with our website and Services, we process data:
- when you register to receive our services via the website or the Application
- to send you invoices
- to respond to your queries
- to sign up to our newsletter
- when you visit our website
- for the purposes of fraud prevention, investigation, and detection
- establishing, exercising, or defending legal claims
The legal basis for this processing is our legitimate interest in the administration and operation of our services as a provider of internet services, as well as our legitimate interest in marketing and promoting our Company’s products and services. We always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
We may share this data with our client relationship management (“CRM”) system provider as used by us from time to time – this CRM provider will only process this data for the purpose of providing us with their services, and no other purpose.
We may also share your Personal Data with a group company for the operation of the Services or with other service providers in order to assist in providing the Services to you, and some of these companies will process your Personal Data on our behalf. These other data processors provide a range of services to us, such as deliveries, cloud computing, data storage, outsourced IT services, repairs of hardware, as well as consultants and professional advisors.
We may also share your Personal Data with a regulator or other statutory bodies as the particular situation dictates.
We always require all of the above third parties to keep your information confidential and secure and use it solely for the purpose for which it was provided.
We will retain this data for as long as is legally permissible, taking into account regulatory requirements, limitation periods for legal action, as well as any legal requests from Government or law enforcement agencies, good practice, and our own business purposes.
-
For our potential clients, we process data:
- in order to market the services of our Company
- to provide you with newsletters to which you have subscribed from us
The legal basis for the processing of this data is processing necessary for the purpose of the legitimate interests of our Company in promoting our services and/or products, and we always include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
We share information such as your name and email address with our newsletter services provider who sends out our newsletters. This provider is not permitted to use this data other than on our behalf.
We will retain this data for as long as is legally permissible, taking into account regulatory requirements and limitation periods for taking legal action, good practice, and our own business purposes.
-
For job applicants to the Company, we process data:
- to recruit new employees
- to ascertain their suitability for a specific role
The legal basis for this processing is processing necessary for the purpose of the legitimate interests of our Company in recruiting new staff. Please see the privacy notice in the job advertisement for further information about how we process applicant data.
We share the information you provide in your application with our contracted recruiter in order to make a shortlist of candidates. This recruiter is not permitted to use this data other than on our behalf. We may also send you emails about your application through our email service provider.
We will retain this data for as long as is legally permissible, taking into account regulatory requirements and limitation periods for taking legal action, good practice, and our own business purposes.
-
-
Transfers of data outside the European Economic Area
Your Personal Data may be transferred to, stored at, or accessed from a destination outside the European Economic Area (“EEA”) for the purposes of us providing our services or operating our website. It may also be processed by staff operating outside the EEA who work for us or any of our suppliers. By submitting your personal data to us, you explicitly consent to this transfer, storing, or processing. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this privacy policy.
The safeguards in place with regard to the transfer of your personal data outside of the EEA are the entry by us into appropriate contracts with all transferees of such data.
-
Your rights relating to personal data
You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:
Right to access the data - you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
Right to rectification - you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information, you may request that we update the information such that it is complete.
Right to erasure - you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the “right to be forgotten”.
Right to restriction of processing or to object to processing - you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
Right to data portability - you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used, machine-readable format.
In order to exercise any of the rights set out above, please contact us at the contact details at the start of this privacy notice.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.
How do we protect your information?
We work very hard to protect your privacy and have taken key steps in protecting it. We have appointed trained individuals to ensure that our network is as safe as it can be using best practice industry norms within Ireland to ensure the security of our network and information systems. These solutions may include, but are not limited to, password protection, encryption, firewalls, anti-virus, intrusion detection, anomaly detection, and access controls for our employees.
If you are unhappy with how we process personal data, we ask you to contact us so that we can rectify the situation. You may also lodge a complaint with the Data Protection Commission; however, we do hope that if you first contact us directly, we can deal with your complaint in a manner that is fully to your satisfaction.
-
Requirement to process personal data
You may browse our website without providing us with any personal data, and this will not affect your ability to view our website. However, if you do not provide us with your information for the purposes described above, we cannot send you our newsletter or a brochure, respond to your queries sent through our contact us form, liaise with you generally, or assess your suitability for a role within the Company.
Access to the Services always requires you to tick acceptance to our Terms and Conditions of Use and this Privacy Notice and Cookie Policy.
-
Automated decision-making and profiling
Please note that we do not use any personal data for the purpose of automated decision-making or profiling.
-
Cookies and how we use them
Cookies are small data text files that are sent from a server during a browsing session. Cookies are typically stored on your computer’s hard drive and are used by websites to simulate a continuous connection to that site. The use of cookies automatically identifies your browser whenever you interact with a site. A “web beacon,” also known as a tag, pixel tag, or clear GIF, is used to transmit information back to a web server. When we talk about “cookies” in this privacy notice, we mean not just cookies, but web beacons and similar technologies. Browsers and devices have tools that allow you to disable cookies on sites and apps. If you disable cookies, you may not be able to access all the features of our services. We suggest that you keep our essential cookies (described below) active for a better user experience and to help us keep improving and developing our products and services.
We use what are called “essential cookies” to recognise you and remember you as a unique user. Cookies allow us to: serve you with content and ads; monitor traffic on our sites and apps; count and keep track of users who have seen particular ads and content; analyse your actions, see what you’re interested in, and where you go online when you leave our site. By using your personal data in this way, we can improve our products and services and your experience of the same.
“Session cookies” remember you during your session on our site and are deleted when you log out of the site and when you close your web browser.
“Analytics cookies” are used by us and by third parties who process data for us for data analytics purposes (for example, Google Analytics) so that we can manage and improve the performance and design of our site and apps and for monitoring, auditing, research, and reporting purposes.
“Consent cookies” may be used by consent management tools we employ to allow us to record your preferences about third-party cookies described below, and to store and share your preference with us.
We may collect the following personal data through essential cookies: a unique ID assigned to your device; IP address; device and browser type; operating system; referring URLs; content viewed or other actions taken on our sites and apps; time and date of those actions; country and language selected.
You can decide who you will allow to set these third-party cookies on your browser or device by going to your consent preferences centre. You can change your mind and revisit your consent choices at any time by returning there.
If we change this Privacy Notice and Cookie Policy, we will post a notice on our website so that you are always aware of how we collect, use, and disclose your personal information.
We hope that the above provides you with all the information you might require, and thank you for visiting us.
We look forward to providing you with the very latest in innovation and technology.