1.2 SCOPE OF THIS POLICY
This Policy applies to your use of Beechfield Healthcare web sites, www.beechfieldhealthcare.ie, www.beechfieldstairlifts.ie, www.beechfieldrentals.ie and www.iwalkfree.ie, otherwise known as the (“Sites”) or services which are supplied to you through your use of the Sites (“Services”).
2.1 DATA CONTROLLER
For the purpose of data protection legislation, the data controller of Your Information where you have provided information on any of the Sites is Beechfield Healthcare, Clonminam Business Park, Portlaoise, Co Laois.
Our Data Protection Officer may be contacted by emailing firstname.lastname@example.org
2.2 INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
Your name and email address if you sign up to our newsletter.
The information you give us by logging in and placing your order which may include but is not limited to:
Billing address and/or delivery address
Your credit card information is not stored by us but handled through a specialised merchant centre to protect and secure your credit card details. Stripe is used to processes payments on beechfieldhealthcare.ie and is fully compliant with GDPR requirements. Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider. This is the most stringent level of certification available in the payments industry.
See more about Stripe’s policies here: https://stripe.com/guides/general-data-protection-regulation#stripe-and-the-gdpr
We use Realex to process payments for www.beechfieldrentals.ie and www.iwalkfree.ie sites.
Realex, as a specialised merchant centre stores your credit card details for the purpose of processing the transaction. In the case of rentals, we reserve the right to set you us as a Realex customer to allow for ongoing charges if applicable for the duration of the rental. This is in line with the rental agreement that you agreed to when undertaking a rental product from us. It is also explicitly requested that you agree to this by ticking the approval box on the checkout page.
All Realex payment processing is hosted within a secure PCI DSS v3.2 compliant environment ensuring all transactions are fully PCI compliant and meet GDPR standards
See more about Realex here: https://www.globalpaymentsinc.com/en-ie/accept-payments/ecommerce/solution/simplify-pci-scope
2.3 INFORMATION WE WILL COLLECT AUTOMATICALLY
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
Personal Data collected: Cookies and Usage Data.
Zendesk Chat (Zendesk Group)
We offer an online chat service on all our sites. This is provided by the Zendesk Group which provides customers compliance with high security standards, such as encryption of data in motion over public networks, auditing standards (SOC 2, ISO 27001, ISO 27018), Distributed Denial of Service (“DDoS”) mitigations, and a Support team that is on-call 24/7.
From a privacy perspective, the Beechfield Healthcare is the controller of Service Data, and Zendesk is a processor. This means that throughout the time that a customer subscribes to services with Zendesk, the Beechfield Healthcare retains ownership of and control over Service Data in its account.
Personal Data collected: Cookies. If given name and email
Google Maps widget (Google Inc.)
Google Maps is a maps visualization service provided by Google Inc. that allows this Application to incorporate the content of this kind on its pages.
Personal Data collected: Cookies and Usage Data.
Platform services and hosting
These services have the purpose of hosting and running key components of the sites therefore allowing the provision of the sites from within a unified platform. Such platforms provide a wide range of tools to the Owner – e.g. analytics, user registration, commenting, database management, e-commerce, payment processing – that imply the collection and handling of Personal Data. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data is stored.
WordPress.com (Automattic Inc.)
WordPress.com is a platform provided by Automattic Inc. that allows the Owner to build, run and host the site. Beechfieldstairlifts.ie. Beechfieldrentals.ie and iwalkfree.ie are word press sites.
Personal Data collected: name, address, contact number, cookies.
Magento (X.commerce, Inc)
Magento is an open source ecommerce platform and is distributed under the Open Software License (OSL 3.0), and is thus open source software. www.beechfieldhealthcare.ie is built on Magento.
Personal data collected: name, address, contact number, cookies
2.4 OUR USE OF INFORMATION RELATING TO YOU
We use information we collect about you with your consent only. You can withdraw your consent at any time from our use of your information by emailing email@example.com .
We use information relating to you in order to provide you with the Services and to make the Sites available to you and to develop and personalise the Services so that we understand how you are using the Services and the Sites and to enable us to communicate with you more effectively, through the Sites or by e-mail to:
Provide customer care services;
Supply any products and services;
Keep you informed about new products and services, new developments, special offers, and any discounts or offers which we believe may be of interest to you, or which you may be entitled to;
Inform you of our promotions;
Carry out market research;
Carry out activities necessary to the running of our business, including system testing, Network monitoring, staff training, quality control and any legal proceedings;
Carry out any activities or disclosures to comply with any regulatory, government or legal obligations or in making the disclosures set out in section 2.5 below; and
Achieve any other lawful purpose, including the sharing with third parties where you have given any consent required by law to such use.
System logs and maintenance. For operation and maintenance purposes, this Application and any third-party services may collect files that record interaction with this Application (System logs) use other Personal Data (such as the IP Address) for this purpose.
2.5 DISCLOSURE OF YOUR INFORMATION
We take your privacy extremely seriously, and we never sell lists or email addresses.
We may share information relating to You with third parties engaged by us to deliver your products or administer the Services and/or the Sites.
If we are under a duty to disclose or share information relating to you to comply with any legal or regulatory obligation or request;
2.6 CONTACTING YOU
We may use email to contact you about an order or query you may have. We will only engage with you by email should we need to update you or if you engage with us.
Personal Data collected: email address, name, address query.
We use Microsoft 365 as our email platform. Microsoft has extensive expertise in protecting data, championing privacy, and complying with complex regulations, and currently complies with both EU-U.S. Privacy Shield and EU Model Clauses.
MailChimp (The Rocket Science Group, LLC.)
MailChimp is an email address management and message sending service provided by The Rocket Science Group, LLC. We use Mailchimp to build our customer newsletter list and to provide and email service to send marketing emails.
Personal Data collected: first name, last name, email address via newsletter sign up on www.beechfieldhealthcare.ie
Last updated 15/5/18