Privacy Policy
Pacha Organic Ltd trading as Nunaïa is registered in the Republic of Ireland and is the sole owner of the information collected on www.nunaia.com. We are committed to protecting your privacy, and at the same time we endeavour to use any data we collect from you to provide the best possible service. This Policy should be read in conjunction with the general Terms and Conditions of this website.
OVERVIEW
Maintaining the security of your data is a priority at NUNAÏA, and we are committed to respecting your privacy rights. We pledge to handle your data fairly and legally at all times. NUNAÏA is also dedicated to being transparent about what data we collect about you and how we use it. We at nunaia.com respect your right to privacy and comply with our obligations under the Irish Data Protection Act's of 1988 and 2003. NUNAÏA is registered in Ireland and is referred to as "NUNAÏA", "we" or "us" in this policy.
This policy, which applies whether you use your mobile device or go on line, provides you with information about:
- how we use your data;
- what personal data we collect;
- how we ensure your privacy is maintained; and
- your legal rights relating to your personal data.
1. HOW WE USE YOUR DATA
General
NUNAÏA (and trusted partners acting on our behalf) uses your personal data:
- to provide services to you;
- to make a tailored website available to you;
- to manage any registered account(s) that you hold with us;
- to verify your identity;
- for crime and fraud prevention, detection and related purposes;
- with your agreement, to contact you electronically about promotional offers and products and services which we think may interest you;
- for market research purposes - to better understand your needs;
- to enable NUNAÏA to manage customer service interactions with you; and
- where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
Other Marketing
Promotional communications
NUNAÏA uses your personal data for electronic marketing purposes (with your consent).
NUNAÏA aims to update you about products & services which are of interest and relevance to you as an individual.
You have the right to opt out of receiving promotional communications at any time, by:
making use of the simple “unsubscribe” link in emails and/or
contacting NUNAÏA via the contact channels set out in this Policy.
Web Banner Advertising
If you visit our websites, you may receive personalised banner advertisements whilst browsing other websites. Any banner advertisements you see will relate to products you have viewed whilst browsing our websites on your computer or other devices.
These advertisements are provided by NUNAÏA via market leading specialist providers using ‘cookies’ placed on your computer or other devices (see further information on the use of cookies in our Cookie Policy below). You can remove or disable cookies at any time - see below for further information.
Sharing data with third parties
Our service providers and suppliers
In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers.
NUNAÏA only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. They can only use your data to provide services to NUNAÏA and to you, and for no other purposes.
Other third parties
Aside from our service providers, NUNAÏA will not disclose your personal data to any third party, except as set out below. We will never sell or rent our customer data to other organisations for marketing purposes.
We may share your data with:
- governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so: -
- to comply with our legal obligations;
- to exercise our legal rights (for example in court cases);
- for the prevention, detection, investigation of crime or prosecution of offenders; and
- for the protection of our employees and customers.
International transfers
To deliver products and services to you, it is sometimes necessary for NUNAÏA to share your data outside of the European Economic Area. This will typically occur when service providers are located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under data protection laws.
If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to use ‘standard data protection clauses’ which have been approved by the European Commission for such transfers.
2. WHAT PERSONAL DATA DO WE COLLECT?
NUNAÏA may collect the following information about you:
- your name, age/date of birth and gender;
- your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
- purchases and orders made by you;
- your on-line browsing activities on the NUNAÏA website;
- your communication and marketing preferences;
- your interests, preferences, feedback and survey responses;
- your location;
- your correspondence and communications with NUNAÏA; and
- other publicly available personal data, including any which you have shared via a public platform (such as an Instagram or public Facebook page).
Our website is not intended for children and we do not knowingly collect data relating to children.
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you set up an on-line account on our website, or send an email to our customer services team. Other personal data is collected indirectly, for example your browsing or shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.
How long do we keep your data?
We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 6 years.
3. HOW WE PROTECT YOUR DATA
Our controls
NUNAÏA is committed to keeping your personal data safe and secure.
Our security measures include: -
- security controls which protect the entire NUNAÏA IT infrastructure from external attack and unauthorised access; and
- internal policies setting out our data security approach and training for employees
4. WHAT YOU CAN DO TO HELP PROTECT YOUR DATA
NUNAÏA will never ask you to confirm any bank account or credit card details via email. If you receive an email claiming to be from NUNAÏA asking you to do so, please ignore it and do not respond.
If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.
In addition, we recommend that you take the following security measures to enhance your online safety both in relation to NUNAÏA and more generally: -
- keep your account passwords private. Remember, anybody who knows your password may access your account.
- when creating a password, use at least 8 characters. A combination of letters and numbers is best. Do not use dictionary words, your name, email address, or other personal data that can be easily obtained. We also recommend that you frequently change your password.
- avoid using the same password for multiple online accounts.
5. YOUR RIGHTS
You have the following rights:
the right to ask what personal data that we hold about you at any time, subject to a fee specified by law
the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
- (as set out above) the right to opt out of any marketing communications that we may send you.
If you wish to exercise any of the above rights, please contact us using the contact details set out below.
6. CONTACT INFORMATION
If you have any questions about how NUNAÏA uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by E-MAIL HERE.
7. THIRD PARTY SITES
NUNAÏA has partnered with certain trusted third parties to make additional products and services available to you, including:
We use Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. For more information, please see Google's privacy notice.
We use a third-party provider, MailChimp, to deliver our newsletter. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s privacy notice. You can unsubscribe to general mailings at any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by emailing our data protection officer here.
These websites, and others linked to from this Policy, are owned and operated by a third party and they are responsible for processing personal data in accordance with their own privacy policies.
8. OUR STORE
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
9. CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
We reserve the right to transfer information (including your Personal Data) to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all of the assets of our company provided that the third party agrees to adhere to the terms of the Website Privacy Policy.
10. COOKIES
Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. This is statistical data about our users browsing actions and patterns, and does not identify any individual.
We may collect information about your computer, including (where available) your IP address where it has been clipped or anonymised, operating system and browser type, for system administration and statistical purposes.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. You can also delete cookie files from your computer at your discretion. Note that if you decline our cookies or ask for notification each time a cookie is being sent, this may affect your ease of use of this website.
UPDATES
This policy was last updated in May 2018.
