Kish Fish Company Ltd trading as Kish Fish of Malahide Road Industrial Park, Coolock, Dublin 17 whose registered number 24530. is committed to protecting and respecting your privacy rights. Kish Fish is a family run seafood wholesale and retail business.
This Privacy Notice (the “Notice”) together with any disclaimers sets out the basis on which any personal data we collect from you or that you provide to us, or that is provided to us relating to you (“Personal Data”) by any means will be processed. Please read the following carefully to understand our use of personal data. Please note that the Notice relates only to living individuals in relation to personal data relating directly to themselves, and not to persons in any other capacity. This Privacy Notice is provided to you, in line with the following Personal Data Protection Legislation:
- The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 also known as the General Data Protection Regulation (GDPR), which became enforceable across the EU and the EEA from May 25th, 2018 having replaced the previous Directive 95/46/EC; In Ireland, the national law, which amongst other things, gives further effect to the GDPR, is the Data Protection Act 2018 (‘the 2018 Act’).
- The Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 also known as the ePrivacy Directive, amending the Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection laws;.
This Notice sets out the basis on which any Personal Data we collect from you, or from others, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Laws:
- Kish Fish is the Data Controller when we act as an employer, as a service provider, and where dealing with suppliers.
If you have any questions in relation to this Privacy Notice, or wish to exercise your rights relating to it, please contact our Privacy Compliance Co Ordinator us at email@example.com.
Personal Data we collect from you.
We collect Personal Data from you which you volunteer when you provide such Personal Data to us, or via our services with which you interact. We may also be given other Personal Data relating to you by other persons, or we may obtain such other Personal Data about you as may be provided to us in the course of our legitimate business activities.
We may collect and process Personal Data, including the following in the course of providing services to you, which could contain your personal data including your special category data:
- Your full name; your address; your various email addresses; your various phone numbers including mobile phone number; your occupational information, and your personal preferences, dietary information and objectives . loyalty card/ customer card number, photograph Financial information (such as credit card or banking information required to pay for our products or services) Username and order id when you register through our services,survey responses, reviews and/or comments and other information you may provide to us, such as through our “Contact Us” feature and all other Personal Data which you ask us to process on your behalf or which is necessary for us to process in order for us to fulfil our role as providing a service to you.
We may also process other data, which is not personal data.
When you access our website your device’s browser provides us with information such as your IP address, browser type, access time and referring URL which is collected and used to compile statistical data. This information may be used to help us to improve our website and the services we offer, and to offer services to you.
What Personal Data about you do we obtain from others?
- When you use our services, we may obtain Personal Data from others: to includeyour authorised representatives, if you are an employee of one or our clients, we may obtain your personal data from your employer and we may process your Personal Data on behalf of your employer in the context of our supply of our services.
- If you provide us with Personal Data about someone else, (for example one of your employees) you are responsible for ensuring that you comply with any and all obligations and particularly any consent obligations under the Data Protection Laws in relation to such disclosure. In so far as required by the Data Protection Laws, you must ensure that you have a lawful basis to provide us with the information and that you explain to them how we collect, use, disclose and retain their Personal Data or direct them to read our Privacy Notice.
Security and where we store your Data.
We are committed to protecting the security of your Personal Data. We use a variety of security technologies and procedures to help protect your Personal Data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. We will continue to revise policies and implement additional security features as new technologies become available.
The transmission of information via the internet is not completely secure and may involve the transfer of Personal Data to countries outside of the European Economic Area (EEA). This occurs typically through use of cloud solutions for web hosting, email hosting or proprietary software solutions delivered to us through the Cloud. We do not however authorise any third party to use your Personal Data for their own purposes. Non-EEA countries may not provide an adequate level of protection in relation to processing your personal data. By submitting your Personal Data, you agree to this transfer, storing and processing.
Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to us. Any transmission of Personal Data is at your own risk. Once we receive your Personal Data, we use appropriate security measures to seek to prevent unauthorised access.
Uses made of your Personal Data
We, or service providers acting on our behalf, may use the information collected from and about you to:
- Provide our products and services, including completing a transaction that you requested.
- To set you up as a customer on our systems including on our loyalty scheme where applicable.
- To create a candidate profile for you if you are a prospective employee.
- To process employment applications, including by assessing qualifications, verifying information, conducting reference or other employment-related checks.
- We will use your Personal Data to conduct due diligence in accordance with other legal or regulatory obligations.
- Send promotional materials, alerts regarding available offers and other communications,
- Communicate about, and administer participation in, special events, promotions, programs, offers, surveys, contests and market research.
- Respond to enquiries from you and other third parties, including enquiries from law enforcement agencies.
- To ensure payment of our invoices.
- To administer and improve our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- As part of our efforts to keep our website safe and secure.
- Operate, evaluate and improve our business (including developing, enhancing, analysing and improving our services; managing our communications; reviewing and processing employment applications, performing data and statistical analytics; and performing accounting, auditing and other internal functions).
- Protect against, identify and prevent fraud and other unlawful activity, claims and other liabilities.
- We will hold your Personal Data on our client management systems and use this to provide you with marketing information about similar services offered by us to those which you have engaged us to provide which we feel you might find useful from time to time. You have the opportunity to opt out of receiving this information at any time.
- Comply with and enforce applicable legal requirements, relevant industry standards, contractual obligations and our terms of service and other policies; and
- In other ways for which we provide specific notice at the time of collection.
The legal bases for the processing of your personal data are:
- Processing necessary for the performance of a contract which you have entered into with us or to take steps at your request prior to entering into a contract.
- That you have provided consent for the processing for one of more specified purposes such as marketing for example when you fill out consent to receiving marketing material and or consent for photographs to be taken and used
- Processing necessary for compliance with a legal obligation to which we are subject.
- Processing necessary for the purposes of the legitimate interest which we pursue in providing you with quotes and proposals about our services prior to contract where such interests are not overridden by your interests or fundamental rights or freedoms which require the protection of your information.
- Where we are acting as a processor for your employer who will have a separate legal basis for the processing of your personal data.
Special Category Data and the lawful basis for that processing activity.
The processing of your Personal Data may include Personal Data relating to your health and wellbeing or otherwise which is regarded as Special category of Personal Data under the GDPR.
The legal bases for the processing of your special category data or sensitive data are:
- That you have explicitly provided consent.
- Processing necessary for compliance with a legal obligation to which we are subject.
Where Personal Data collected and processed explicit and informed consent is gained at the point of the collection which can be withdrawn at any point by contacting our Privacy Compliance Co Ordinator at firstname.lastname@example.org.
List of services and Retention
Our services include provision of wholesale and retail business services.
We may use your Personal Data to send you information relating to our services, events and products which may be of interest to you. If you do not want us to use your Personal Data in this way, please notify us to that effect. You can contact us as set out at the end of this Notice.
We keep your Personal Data for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. If you no longer want us to use your Personal Data to provide this service to you, you can request that we erase your Personal Data and close your account with us. Please note that if you request the erasure of your Personal Data:
- We may retain some of your Personal Data as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety.
- We may retain and use your Personal Data to the extent necessary to comply with our legal obligations. For example, we may keep some of your information for tax, legal reporting, and auditing obligations.
- Because we maintain our records to protect from accidental or malicious loss and destruction, residual copies of your Personal Data may not be removed from our backup systems for a limited period of time.
Where we process your Personal Data based only on your consent, you may withdraw your consent.
You have the right to bring a complaint to a supervisory authority if you have any complaints about the processing of your Personal Data. In Ireland, the Personal Data Protection Commission is the supervisory authority.
In circumstances where the provision of your Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, we will advise you at the point of collecting your Personal Data whether the Personal Data is a required field, and the consequences of not providing the Personal Data.
Videography and Photography: Some of our programmes will involve photographic or videos records to be made for informational and promotional purposes due to your presence at the event hosted by us or by any third party authorised by us. The images resulting from the photography, videography or recordings, and any reproductions or adaptations of same, may be used for promotion, publicity and/or other purposes.
By attending at such events, you acknowledge that event run by us is in a public place and that you may have a reduced expectation of privacy. While you have a right to object to your inclusion in any photographs or video footage, any such objection must be balanced against the legitimate interests pursued by us and/or third-party media outlets and broadcasters.
Links to other sites
Our website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any Personal Data to those websites.
Who Do we share this information with?
We may share your personal data with provide you with our services. For example, our web hosting provider and our IT service providers.
We may share your information with selected third parties including:
- Business partners, suppliers, and sub-contractors for the performance of any contract we enter into with them or you.
- Third parties with whom: (i) we need to share your information to facilitate transactions you have requested, and (ii)you ask us to share your information.
- Statutory and regulatory bodies (including central and local government) and law enforcement authorities in order to comply with any applicable laws, grant applications and / or court orders.
- Service providers who provide us with marketing including, Wi Fi services, website and online platforms, and subcontractors who provide a service to us, and sub processors.
We attach at Schedule 1 a list of some of the entities with whom your personal data is shared. A full list is available on request.
Do we transfer your Personal Data outside the European Union or European Economic Area?
We will, from time to time, make use of services provided by third parties for the delivery of our services which may necessitate the transfer of personal data outside the EU/EEA. For example, we use a variety of cloud-based tools such as Microsoft Office 365. Where Personal Data needs to be transferred or processed outside the EU/EEA, we chose providers who process Personal Data on the basis of:
- An Adequacy Decision from the European Commission.
As an individual, under EU law you have certain rights to apply to us to provide information or make amendments to how we process your Personal Data. These rights apply in certain circumstances and are set out below: –
- The right to access Personal Data relating to you (‘access right’).
- The right to rectify/correct Personal Data relating to you (‘right to rectification’).
- The right to object to processing of Personal Data relating to you (‘right to object’).
- The right to restrict the processing of Personal Data relating to you (‘right to restriction’).
- The right to erase/delete Personal Data relating to you (i.e., the “right to erasure”)and
- The right to ‘port’ certain Personal Data relating to you from one organisation to another (‘right to Personal Data portability’).
These rights are not absolute and only apply in certain circumstances. You may exercise any of the above rights by
- an e-mail to email@example.com.
You may lodge a complaint with your local supervisory authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Data Protection Commission. The website is www.dataprotection.ie
Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time but any processing that we have carried out before you withdrew your consent remains lawful.
The exercise of Data Subjects’ rights as some other “interactions” requires the univocal identification of the person submitting such request as being, in fact, the Data Subject to whom such Personal Data pertains to, hence we may have to set in place a process or mechanism that allows it to document having undergone such assertive identification.
If you no longer wish us to contact you in a particular way, for example, to no longer send you text messages, just advise us of that and we will respect your wishes.
It may be necessary for us to contact you from time to time in connection with services, for example to ensure your Personal Data is correct.
If you no longer wish to receive marketing communications by electronic means, just use the opt-out facility in any of our communications OR please contact us at firstname.lastname@example.org and request to “opt out” of marketing.
Changes to this Notice
We reserve the right to change this Notice from time to time in our sole discretion. If we make any changes, we will post those changes here so that you can see what information we gather, how we might use that information and in what circumstances we may disclose it. By continuing to use our site or our services or otherwise provide data after we post any such changes, you accept and agree.
Questions, comments, requests and complaints regarding this Notice and your Personal Data we hold are welcome and should be addressed to us at Privacy Compliance Co-Ordinator at email@example.com.
All requests will be dealt with promptly and efficiently.
This Notice is effective from July 26th 2023
We have set out below a list of some of the third parties with whom we share your Personal Data.
|Third party name||Description of services provided|
|ERP||Datos Software Solutions Ltd|
|Phones||Digital well and Vodafone|
|Online ordering||Mobo Innovations Limited|
|Email Service Providers||Microsoft|