Privacy Policy

Introduction

Webenito.ie is a site operated by WEBENITO Digital Media (Webenito). This website is the property of Webenito and contains general information about Webenito and about our services.

This Privacy Policy explains our data processing practices and your options with regards to the personal data collected via the website. Please read this Privacy Policy carefully to find out more about why and how we process your personal information and make sure that you understand them before using our website www.webenito.ie.

We reserve the right to update this Privacy Policy from time to time by publishing a new version on our website. You should check the Privacy Policy posted on this Website periodically to ensure that you are aware of and comply with the current version. By using our website, you are accepting the terms of this Website Privacy Policy. If you do not agree to this Privacy Policy, please refrain from using our site.

Our commitment to data privacy

At Webenito we are fully committed to maintaining the privacy of any information that you provide to us. We commit to ensuring that such data is held securely, used appropriately and only retained for as long as is necessary. At Webenito we are committed to protecting your privacy.

General Data Protection Regulation (GDPR) Compliance Statement

At Webenito we aspire to comply to the fullest extent possible with applicable data protection regulations, in particular, the European Union’s General Data Protection Regulation (GDPR).

The General Data Protection Regulation (GDPR) replaces the Data Protection Directive 95/46/EC and comes into force across the European Union on 25th May 2018.  The aim of the GDPR is to protect all EU citizens from privacy and data breaches in today’s data-driven world. The new GDPR aims to standardise data protection laws and processing across the EU, affording individuals stronger, more consistent right. GDPR is the most important change in data privacy regulation in 20 years. At Webenito we comply with our obligations under the new GDPR legislation.

The information we collect about you

Personal Data

Personal Data, as defined under the European Union Directive 95/46/EC, means any information relating to an identified or identifiable natural person (Data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Non-personal Data

Non-Personal Data comprises information such as demographic information regarding, for example, user IP addresses, browser types and other anonymous statistical data involving the use of our website. This information cannot be used to identify or contact you. This information will be used for statistical purposes only.

How we collect your data

In order for us to operate our business and provide our services to you, it is sometimes necessary for us to collect or process information about you. The ways we collect it can be broadly categorised into the following:

  1. Information that you provide to us directly:

When you visit and use our websites and our services, we might ask you to provide personal data to us. You may give us information about you:

  • by completing enquiry forms or general contact form on our website
  • when you sign up to our newsletter on the website
  • by corresponding with us by phone, email or otherwise

The information you give us may include your name, email address, address/location and phone number. You are not required to provide us with personal information however this may prevent us from providing our products and services to you.

  1. Information that we collect automatically:

We collect some information about you automatically when you visit our websites or use our services. We may collect the technical information from you and information about your visit, how you use our website or our services.

This collection may include, but is not limited to:

  • technical information: including the IP (Internet protocol) address used to connect your computer to the internet, browser type and version, time zone setting, operating system and platform, a browser plug-in types and versions
  • information about your visit, how you use our website or our services: including the full URL (Uniform Resource Locators), page response times, length of visits to certain pages, services you viewed or searched for, pages you visit, how frequently you visit the website, clickstream to, through and from the Site (including date and time), website errors, page interaction information, where you were referred from to reach our website.

Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, please read our Cookie Policy.

How we use your data

When you visit our website, you can browse it without submitting any personal information about yourself. We will, however, receive and store some non-personal information about you, that cannot identify you.  In order to participate in certain functionalities, you may be asked to provide personal data, that can identify you.

Use of Personal Data

We will only collect and use your personal information for any lawful purpose in accordance with Data Protection Legislation.  If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you. Our grounds for processing your personal information are as follows:

  1. Consent

Where necessary we will only collect and process your personal information if you have consented for us to do so.

  1. Contract

We require your personal data for fulfilment our obligations under any contract we have entered into with you and to provide you with information, products and services you have requested. We may be unable to fulfil the contract without your personal data.

  1. Legitimate interest

We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under the Data Protection Regulation, there is a concept of “legitimate interests” as a justification for processing your personal information. We collect and process your personal information on the grounds of legitimate interests, which include some or all of the following:

  • to enable you to access and use our website and other digital tools we may provide as part of our service
  • to enable us to enhance, modify, personalise or otherwise improve the website, our services and communications for the benefit of you
  • to communicate with you about our service or make information available regarding products and services offered by Webenito
  • to protect our website, to enhance the security of our network and information systems, so that we can detect and prevent any malicious activity, and make sure that everyone is using our websites and services fairly
  • better understand how our website is performing and how you interact with our website
  • to determine the effectiveness of promotional campaigns and advertising
  • to provide statistics to third parties for the purposes of improving and developing the website and the services, but these statistics will not include information that can be used to identify you
  • to administer our website and carry out data analysis, troubleshooting and testing

If we are unable to rely on legitimate interests or any other ground set out in the GDPR to process your personal data, we will obtain consent from you to the processing.

We also use your personal data for other lawful purposes, which may include the following:

  • to fulfil our obligations under any contract we have entered into with you and to provide you with information, products and services you have requested
  • to maintain relationships with you
  • to communicate with you, to understand your requirements and avoid conflicts of interest
  • to support you, which may include assisting with the resolution of technical support issues or other issues relating to the websites or services we provide, whether by email, phone or otherwise.
  • to send you newsletters and marketing information if you have consented to us doing so
  • to notify you of products and services we offer that are similar to those you have purchased or enquired about
  • to notify you of changes to our services and products
  • to maintain up to date database of clients, which enable us to communicate with you more easily and to perform the services requested by you more efficiently
  • to produce aggregated and anonymised analytics and reports, which we may share with third parties.
  • to enforce this Privacy Policy and the Terms & Conditions
  • to detect and protect against fraud and criminal activity
  • to meet legal and regulatory requirements
  • for any other purpose described in this Privacy Policy or that we describe to you at the time of collection

Use of Non-personal Data

Like most websites, we gather statistical and other analytical information collected on an aggregate basis of all visitors to our website. We collect automatically information (non-identifying information), such as anonymous analytical information about the pages you visit on our website, how you interact with our website, and where you were referred from to reach our website.

We may use non-personally identifiable information and aggregate information for any lawful purpose, including, but not limited to:

  • for research purposes
  • for analysis purposes
  • monitor our website usage
  • continually improve and develop our website, our services and our business
  • better understand how our website is performing and how you interact with our website
  • enhance our websites and services and develop new ones by tracking and monitoring your use of our websites and our services
  • for technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools
  • provide general statistics regarding use of our website
  • provide statistics to third parties for the purposes of improving and developing the website and the services, but these statistics will not include information that can be used to identify you
  • protect our website, enhance the security of our network and information systems, so that we can detect and prevent any malicious activity, and make sure that everyone is using our websites and services fairly
  • determine the effectiveness of promotional campaigns and advertising

Period for which the personal data will be stored

The General Data Protection Regulation (GDPR) states that personal data must be kept no longer than is necessary for the purposes for which the personal data are processed, personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

To make sure we meet our legal data protection and privacy obligations, we only hold on your personal data for as long as we actually need it for the purposes, we acquired it for in the first place.

In most cases, this means we will keep your information for as long as we have a relationship with you or as you continue to use our services, and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our internal data retention policies and practices. After that period, we will delete it other than where we lawfully can keep any data for audit or legal reasons.

How we protect your data

Protecting your security and privacy is very important to us and we make every effort to secure your information and maintain your confidentiality in accordance with the terms of the data protection legislation. Our website is protected by various levels of security technology, which are designed to protect your information from any unauthorised or unlawful access, processing, accidental loss, destruction and damage.
We will use all reasonable efforts and technical measures to safeguard your information. However, you should be aware the transmission of information via the internet is not completely secure and the security cannot be absolutely guaranteed against all threats, so any such transmission is therefore at your own risk.
For this reason, we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the internet.  By using our website and our services you accept the inherent risks of providing information online. Webenito cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
We have put in place the following security procedures, technical and organisational measures to safeguard your personal information:

  1. Access control: Access to personal data is strictly limited in line with our Privacy policy detailed in the “Sharing personal data with Third Parties section” on this page.
  2. Data encryption:  Where data is stored in a cloud facility (such as the storage of website backup files), that all data is securely obscured both during the process of transfer to the cloud provider and then additionally when it is in storage at its final location. Which means that data is encrypted both “in transit” and “at rest”.
  3. SSL (Secure Socket Layer) Certificate: Our website is secured with SSL encryption. Which means that information shared between your browser and our site is encrypted and secured using SSL technologies, which creates a secure and encrypted medium of data transfer between your browser and our servers and adds a layer of security to prevent malicious attackers obtaining your personal data. This applies to our own administrative access to the website as well as that of users of our services.
  4. Dedicated security software: We operate dedicated security scanning and access control software on our website. This software is responsible for limiting login attempts to our site, regularly performing full file system scans and blocking potentially malicious attempts to access our services.
  5. Safe storage of information: All the information is stored safely in our servers and we continually monitor and improve the security of all hosting and storage infrastructure we use to store data.
  6. Internal policies and procedures: We also employ standard industry operating procedures and internal policies to ensure that your data remains secure.
  7. Constantly reviewing and enhancing: We are constantly reviewing and enhancing our technical, physical and managerial procedures and rules to protect your personal data from unauthorised access, accidental loss and/or destruction.

Sharing personal data with Third Parties

To ensure we provide you with a better experience and to continue to improve our services, we may share your information with third parties who we need to engage with to enable us to perform our services to you. We may share your information with selected third parties including:

  1. employees of Webenito
  2. third party service providers and partners who assist and enable us to use the personal data to (for example, support delivery of or provide functionality on the website, services, or to market or promote our goods and services to you)
  3. our web hosting technology supplier Blacknight Solutions, who provide the physical server infrastructures that our website operates on
  4. defiant Inc, the providers of the Wordfence™ security software that protects our website. Only limited, technical data (such as device IP address, browser type/version, language etc) are transmitted
  5. business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you and where there are adequate technical, organisational and legal safeguards in place, along with appropriate legal bases to protect this sharing of data
  6. trusted partners to help us perform statistical analysis that assists us in the improvement and optimisation of our website
  7. other people where we have your consent

Please note that we may need to disclose your personal information:

  1. in the event that we undergo re-organisation, or we sell any or all of our business to a third party or we buy another business. In which case you agree that any personal information we hold about you may be transferred to that re-organised entity or third party for the purposes and subject to the terms of this Privacy Policy.
  2. if required or permitted to do so by law or in the good faith belief that such action is necessary:
    • if it is requested by a government agency, regulators, law enforcement bodies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations
    • if it is requested by other regulatory body or organisation, to protect or enforce our legal rights or the rights of any client, or third party, or in the detection and prevention of fraud (including credit card or identity fraud) and other crimes
    • to protect and defend the rights or property of Webenito

Please note that Webenito do not distribute, share or sell your personal data with any other services or third parties for their own use.  Webenito do not share your information with third parties without your prior knowledge and consent, only if required and permitted to do so by law or in the good faith belief that such action is necessary.

Your rights in respect of your personal data

If you have directly provided personal information to us and in the situation where we collect personal data automatically, you have a number of rights regarding the personal data that we process.

There are eight rights available to you under GDPR:

  1. The right to be informed

You have the right to know what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.

  1. The right of access information

You have the right to ask us to confirm that we process your personal data. You have the right to request a copy of the information that we may hold about you.

The GDPR states that the right to obtain a copy of your personal data must not adversely affect the rights and freedoms of others. This means that the right cannot be used to access the personal data of other persons, i.e. third parties.

We will process your request to access your information. We will provide the information you request as soon as possible and in any event within one month of receiving your request. The one-month period may be extended by 2 further months, where necessary, taking into account the complexity and number of requests.

We provide this information to you free of charge. However, if your request is manifestly unfounded or excessive or repetitive, we may charge a reasonable fee or refuse to act on your request. We may also charge if you request more than one copy of the same information.

We will take all reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.

If you would like a copy of some or all of your personal information, please send an email to hello@webenito.ie. Please quote your name and address. We would be grateful if could also provide brief details of what information you want a copy of (this helps us to more readily locate your data).  

  1. The right to rectification

If you believe personal data, we hold about you is inaccurate, you have the right to have the data rectified. If you believe personal data, we hold about you is incomplete, you have the right to have data completed, including by means of providing supplementary information.

We will process your request to make the necessary changes to the information we hold for you on our database.  We will comply with your request within one month of receiving it.  The one-month period may be extended by 2 further months, where necessary. We will let you know if we need more time to comply with your request.

We will take all reasonable steps to confirm your identity before we make the necessary changes to the information, we hold for you on our database.

We want to ensure that your personal information is accurate, complete and up to date. If you wish to make any changes to your information, please email us at hello@webenito.ie.

  1. The right to erasure (The right to be forgotten)

In some circumstances, you have the right to ask us to delete personal data we hold about you. You have the right to have your data erased, without undue delay, if one of the following grounds applies:

  • Where your personal data are no longer necessary for the purpose for which we collected and processed it.
  • Where we have collected your personal data on the grounds of consent, and you withdraw that consent to the processing and there is no other lawful basis for processing the data.
  • Where you object to the processing and we do not have any overriding legitimate grounds for continuing the processing (see below point f).
  • Where you object to the processing and your personal data are being processed for direct marketing purposes (see below point f).
  • Where we have unlawfully processed your personal data
  • Where your personal data have to be erased to comply with a legal obligation.
  • Where we have collected and processed your personal data in relation to the offer of information society services (e.g. social media) to a child.

There are certain scenarios in which we are entitled to refuse to comply with a request. If any of those apply, we will let you know.

If you wish to delete personal data, we hold about you, please email us at hello@webenito.ie.

  1. The right to restrict processing

In some circumstances you have the right to ask us to suppress processing of your personal data. This means we will stop actively processing your personal data, but we do not have to delete it.

This right applies in four ways:

  • You can request restriction of processing personal data, if you believe the personal data, we hold is not accurate. In these cases, the restriction applies until we have determined the accuracy of the data.
  • You can request restriction of processing personal data, if you have objected to us processing the data. In these cases, the restriction applies until we have determined the outcome of your objection and until we have determined whether our legitimate interests override your objection.
  • You can request restriction if the processing of personal data is unlawful. ln these cases, if you do not want us to delete your information, you can request restriction of the personal data instead.
  • You can request restriction of processing personal data, even where we no longer need the data, but you would like us to keep it because you need it to establish, exercise or defend a legal claim.

Where processing of your data is restricted, it can be stored by us, but most other processing actions, such as deletion, will require your permission.

If you wish to restrict the processing of your personal data, please email us at hello@webenito.ie.

  1. The right to data portability

In some circumstances, you have the right to ask us to provide your personal data in a structured, commonly used and machine-readable format so that you are able to transmit this personal data to another data controller of your choosing without hindrance.

This right to data portability only applies:

  • where processing of personal data is based on your consent to processing
  • where processing of personal data is carried out by automated means
  • where processing of personal data is conducted on the basis of a contract (i.e. the right does not apply if we process your personal data on the grounds of legitimate interests)

We will process your request.  We will respond to your request as soon as possible and in any event within one month from the date of receiving your request. We will let you know if we need more time to comply with your request.

  1. The right to object processing of personal data

You have the right to object us processing your personal data:

  • where this processing is carried out in connection with tasks in the in the public interest, under official authority or in the legitimate interests of others
  • where the processing relates to direct marketing (including profiling)
  • where the processing is for research purposes (unless the processing is necessary for the performance of a task carried out in the public interest)

Where you have made a valid objection, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or if the processing is for the establishment, exercise or defence of legal claims.

If you wish to object to the processing of your information, please email us at hello@webenito.ie.

  1. Rights in relation to automated decision making, including profiling

You have the right to not be subject to a decision based solely on automated processing. Automated processing is where it is carried out without human intervention and where it produces legal effects or significantly affects you, such as profiling. Profiling is any kind of automated processing of personal data that involves analysing or predicting your behaviour, habits or interests.

You have the right to request a review of the processing if you believe the rules are not being followed.

Contact us

If you have any requests concerning your personal information or any queries with regard to our processing, please contact us at email hello@webenito.ie.

This Privacy Policy was last updated on 31 August 2019.