This Privacy Statement explains how we collect, store, use and protect personal data about you when you access Hafra Vape (the "Hafra Vape") or otherwise provide your personal data to us including via our social media platforms.
When we talk about “Hafra Vape”, or “we,” “us,” or “our,” in this privacy statement, we are talking about the Hafra Vape.
The sections below outline what we use your information for, why we do it and what allows us to do so legally:
When you use our website, we collect your personal information such as your name, address contact details, payment details, the time and date you access the website and the time and date of a purchase. We may also store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the website work as you expect it to (please see our Cookie Policy for more information).
When you use the Hafra Vape your personal details are collected in the form of a registered a username - which is your email address or mobile phone number
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available HERE. After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We collect basic personal information (name, contact details etc.) when you contact us directly. We’ll record what you say to us if you contact us by email, phone, website chat or social media. We’ll also record your IP address if you contact us by website chat and your social media account information when you contact us through our social media channels.
We use your information for customer insight and marketing purposes. In some cases we will purchase information from 3rd Parties, but this usually aggregated data and does not normally directly identify you. We will also keep a record of your social media account name and information you make available to us via your social media account settings when you connect your social media account to ours, by messaging us, liking or following a page, tagging us in post or commenting on our posts.
Where we process information on the basis that it is important for us as a business to do it, we will consider your interests also. We will weigh up our business interests with your interests to ensure they are fairly balanced. You can contact us for further information on this.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
We take great care to ensure the security of our websites and your personal information. To ensure that we keep your information secure we use technical security measures such as encryption, access controls, firewalls and logging, and organizational security controls such as security policies and procedures, awareness training for employees and 3rd party vendor assessments.
To take full advantage of all security features you should use an up-to-date browser. To further ensure your personal information is safe, please note, we will never ask a customer to confirm any debit or credit card details via email.
-
We may share your information externally with our core service providers when required for our business to function. These include for example companies who help us provide our websites, pick and pack orders, make deliveries or provide support services.
-
We may need to share personal data in order to protect ourselves against fraudulent claims and to manage insurance and legal claims.
-
We may need to share personal data to support our IT system providers to keep our systems secure. Each of the external companies we work with has been selected by us for their ability to provide what we need to our required specification, including their ability to handle sensitive data (like your personal information) securely and appropriately.
-
We may need to share personal data when we receive requests for information from government departments, the police and other enforcement agencies. If this happens, and there is a proper legal basis for providing your personal information, we will provide it to the organization asking for it.
-
We may share your information with other partners when we have your consent to do so.
Our third party service providers who process your information on our behalf may transfer your information outside the European Economic Area (EEA). Where such transfers occur, it is our policy that: a) they do not occur without our prior written authority; and b) that an appropriate transfer agreement is put in place to protect your information. If you would like to find out more about any such transfers, please contact us.
Your personal information may be processed with automated methods to understand which Hafra Vape outlet you usually shop at, whether you have been shopping recently or not, and which products you purchase or which you might be interested in hearing about in future.
This data may include things like your age, gender and purchasing history or preferences. When your Personal Data is processed in this way it is used in summarised (by which we mean anonymised and aggregated) business reports, or to tailor news, offers and promotions we feel you will find most relevant.
-
We keep personal data for a variety of purposes and for a variety of time periods. The general guidelines for how long we keep personal data are based on what is necessary and proportionate in our business, taking into consideration how and why we collected it and with particular reference to legal obligations that apply to our business.
-
Where there is no legally defined time period for keeping data, we will keep your information for a time period based on relevant industry standards.
-
Where there is no relevant industry standard, we will use a time limit that allows us to serve you as customers but also ensures we don’t keep your personal information for longer than we need to.
-
You can ask us for a copy of the personal information we hold about you.
-
You can ask us about how we collect, share and use your personal information.
-
You can ask us to update and correct your personal details.
-
You can request that we restrict processing of your personal data in certain circumstances.
-
You can object to processing that is carried out where we have decided that it is important for us as a business (legitimate interests).
-
In certain circumstances, you may ask us to delete your personal information.
-
You have a right to move your information (your right to Portability). Where you have provided information in a structured, commonly used and machine readable format we can share a digital copy of your information directly with you or another organisation.
-
You can object to any automated decision making, including profiling, where the decision has a legal or significant impact on you.
-
You have a right to request access to your personal information.
-
You can change your mind wherever you give us your consent and withdraw that consent, such as for direct marketing.
In some circumstances there are limitations to your data protection rights and we may not always be required to or be able to complete your request. We will tell you why in these circumstances. When you contact us to ask about your information, we may ask you to identify yourself. This is to help protect your information.
If you wish to be removed from our email marketing list (opt-out), at any time, you can do so by clicking the "unsubscribe" link in any communication that we send. Alternatively, you can update all of your communication preferences by contacting us.
You also have a right to lodge a complaint with a supervisory authority. In Ireland this is the Data Protection Commission (DPC).
You can contact the DPC via their website: https://www.dataprotection.ie/en/contact/how-contact-us.
If you are not a resident of Ireland you can find contact details for relevant supervisory authority for your country of residence here: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
From time to time we may provide links to other sites. This privacy statement only covers our Website and any website that we own and control. It does not cover links to other sites nor information collected by parties that own and control those sites or their use of cookies when you visit another site.
We will make changes to this notice from time to time, particularly when we change how we use your information and change our technology.
You can always find an up to date version of this notice displayed in store, or ask us for a copy. This notice was updated as of February 2024.