PRIVACY POLICY

Last updated of the Policy: May 1st, 2022

This Policy describes the Company’s policies and procedures on collecting, using, and disclosing the User’s information when the User uses the Online Service and tells the User about privacy rights and how the law protects the User.

The Company uses the User’s Personal Data that was provided by the Users the Company to provide and improve the Service and the Website. By using the Website, the User agrees to collect and use information following this Policy.

The Policy makes in compliance with Articles 12,13, and 14 of the GDPR.

I. INTERPRETATION AND DEFINITIONS

Interpretation

The words in which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

Definitions

For the purposes of this Policy:

“The User” means any person who visits the Company’s Website and uses the Company’s Online Services and has a registered account on the Website.

“Device” means any device that can access the Website such as a computer, a telephone, or a digital tablet.

“GDPR” means general data protection rules relating to the protection of natural persons about the processing of personal data and rules relating to the free movement of Personal Data.

“Website” means the Company’s Website for the User’s mobile devices or computers which can be used through a browser without downloading. The link to the Website www.spapackages.ie.

“Online Service or Service” means the Company’s products and services that are publicly not available in a full version without a creating account on the Website and without subscription. The Online Service includes the following: the User has the right to buy spa packages depends on subscription type.

“Personal Data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, location data, an online identifier, etc.

“Processing” means any operation or set of operations that are performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction

“Usage Data” refers to data collected automatically, either generated using the Online Service or from the Online Service infrastructure itself (for example, the duration of a visit, website usage, and numbers of users).

II. COLLECTING AND USING THE USER’S PERSONAL DATA

Personal Data:

While using the Company’s Website, the Company may ask the User to provide the Company with certain personally identifiable information that can be used to contact or identify the User. Personally, identifiable information may include, but is not limited to:

• email address;
• first and last name of the User (when the User add the payment information and book the Gift Voucher);
• country of the User;
• age of the User;
• billing address.

The Company has the right at any time at its sole discretion, to request the User to confirm their personal information such as documents confirming the identity of the User.

III. USAGE DATA

Usage Data is collected automatically when using the Website.

Usage Data may include information, type of the Device, pages that the User visits, the time and date of the User’s visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When the User accesses the Website by or through a Device, the Company may collect certain information automatically, including, but not limited to:

• the type of Device that is used;
• Device unique ID;
• Device operating system;
• the type of internet browser that is used;
• unique Device identifiers and other diagnostic data.

IV. TRACKING TECHNOLOGIES AND COOKIES

The Company use Cookies and similar tracking technologies to track the activity on the Company’s Website and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse the Website. The technologies that the Company uses may include:

• Cookies or Browser Cookies. A cookie is a small file placed on the User’s Device. The User can instruct the browser to refuse all Cookies or to indicate when Cookie is being sent. However, if the User does not accept Cookies, the User may not be able to use some parts of the Website.
• Flash Cookies. Certain features of the Website may use local stored objects (or Flash Cookies) to collect and store information about the User’s or s’ preferences or activity on the Online Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies.
• Web Beacon. Certain sections of the Website and the Company’s emails may contain small electronic files known as Web Beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count guests who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on the User’s personal Devices when the User goes offline, while Session Cookies are deleted as soon as the User closes the web browser.

The Company uses both Session and Persistent Cookies for the purposes set out below:

Necessary/Essential Cookies

Type: Session Cookies

Administered by the Company

Purpose: These Cookies are essential for providing the User with services available through the Website and to enable the User to use some of its features. They help to authenticate users. Without these Cookies, the services that the User has asked for cannot be provided, and the Company only use these Cookies to provide the User and/or s with those services.

Cookies Policy/Notice Acceptance Cookies

Type: Persistent Cookies

Administered by the Company

Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functionality Cookies

Type: Persistent Cookies

Administered by the Company

Purpose: These Cookies allow the Company to remember the choices the User makes when using the Website, such as remembering the User’s login details or language preference. The purpose of these Cookies is to provide the User and/or s with a more personal experience and to avoid the User having to re-enter preferences every time the User uses the Website.

Advertising Cookies

Administered by the Company

Purpose: Those cookies can be turned on and off by the Website to deliver potential customers the best advertising experience. They do not contain personal information and are based on the User’s actions over the Website.

V. USE OF THE USER’S PERSONAL DATA

The Company may use Personal Data for the following purposes:

To provide and maintain the Website, including monitoring the usage of the Website.

For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items, or services the User has purchased or of any other contract with the Company through the Website.

To provide the User with news, special offers and general information about other goods, services, and events that the Company offers that are like those that the User has already purchased or enquired about unless the User has opted not to receive such information.

To manage the User’s requests: To attend to and manage the User’s and/or s’ requests to the Company.

For business transfers: the Company may use the User’s information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or another sale or transfer of some or all the Company’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by the Company about the Website users is among the assets transferred.

For other purposes: the Company may use the User’s and/or s’ information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of the Company’s promotional campaigns, and evaluating and improving the Website, products, services, marketing, and the User’s experience.

The Company may share the User’s Personal Data in the following situations:

• With service providers: the Company has the right to share the User’s Personal Data with service providers to monitor and analyse the use of the Website, and to contact the User.
• For business transfers: the Company may share or transfer the User’s Personal Data in connection with, or during negotiations of, any merger, sale of the Company assets, financing, or acquisition of all or a portion of the Company’s business to another company.
• With Affiliates: the Company has the right to share the User’s Personal Data with the Company’s affiliates, in which case the Company will require those affiliates to honour this Privacy Policy. Affiliates include the Company’s parent company and any other subsidiaries, joint venture partners or other companies that the Company controls or that are under common control with the Company.
• With business partners: the Company has the right to share the User’s Personal Data with business partners to offer the User certain products, services, or promotions.
• With the User’s Consent: the Company has the right to disclose the User’s personal information for any other purpose with the User’s consent.

VI. RETENTION OF THE USER’S PERSONAL DATA

The Company will retain the User’s Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy.

The Company will retain and use the User’s Personal Data to the extent necessary to comply with the Company’s legal obligations (for example, if the Company is required to retain the User’s Personal Data to comply with applicable laws), resolve disputes, and enforce the Company’s legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this Personal Data is used to strengthen the security or to improve the functionality of the Website, or the Company are legally obligated to retain this data for longer periods.

VII. TRANSFER OF THE USER’S PERSONAL DATA

The User’s information, including Personal Data, processing by the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of the User’s state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of the User’s jurisdiction.

The User’s consent to this Privacy Policy followed by submission of such information represents the User’s agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that the User’s Personal Data is treated securely and following this Privacy Policy and no transfer of the User’s Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of the User’s Personal Data and other personal information.

VIII. DISCLOSURE OF THE USER’S PERSONAL DATA

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, the User’s Personal Data may be transferred. The Company will provide notice before the User’s Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose the User’s Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose the User’s Personal Data in the good faith belief that such action is necessary to:

• Comply with legal obligations.
• Protect and defend the rights or property of the Company.
• Prevent or investigate possible wrongdoing in connection with the Website.
• Protect the personal safety of the User of the Online Service or the public.
• Protect against legal liability.

IX. CHILDREN’S PRIVACY DATA

The Company’s Website does not address anyone under the age of 18 (eighteen). The Company do not knowingly collect personally identifiable information from anyone under the age of 18 (eighteen). If the User is a parent or guardian and is aware that the child has provided the Company with Personal Data, please contact us.

If the Company becomes aware that the Company has collected Personal Data from anyone under the age of 14 (fourteen) without verification of parental consent, the Company takes steps to remove that Personal Data from the Company’s servers or/and any storage used by the Company.

If the Company needs to rely on consent as a legal basis for processing the User’s information and the User’s country requires consent from a parent, the Company may require the User’s parent’s consent before the Company collect and use that information.

X. SECURITY OF THE USER’S PERSONAL DATA

The Company takes all reasonable steps to protect information that is received from the User from accidental or unlawful destruction, loss, alteration, and unauthorized disclosure or access. The Company has put in place appropriate physical, technical and administrative measures to safeguard and secure the User’s information, and the Company make use of privacy-enhancing technologies such as encryption. If the User has any questions about the security of the User’s personal information, the User can contact the Company VIA email: ____________.

XI. LINKS TO OTHER WEBSITES

The Company’s Website may contain links to other websites that are not operated by the Company. If the User clicks on a third-party link, the User will be directed to that third-party’s website. The Company strongly advise the User to review the Privacy Policy of every site that the User visit.

The Company has no control over and assumes no responsibility for the content, privacy policies or practices of any third-party sites or services.

XII. CHANGES TO THIS PRIVACY POLICY

The Company may update the Policy from time to time. The Company will notify the User, and any other third parties of any changes by posting the new Policy on this page.

The Company has the right to update the Policy. The Company will let the User, and any other third parties know via updating the “Last Updated” date at the top of this Policy.

The User and any other third parties are advised to review this Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

XIII. GDPR NOTICE

The legal basis for processing the User’s  Personal Data is Art. 6 sec. 1 a) b), f) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals about the processing of personal data and the free movement of such data and repealing Directive 95/46 / MI Laws UE.L.2016.119.1) (GDPR), where the legitimate interest of the Company is related to providing the Website for the User.

Personal Data will be processed for a period until an objection to data processing or termination is made, but no longer than 10 (ten) years.

The User has the right to access, correct, delete, or restrict his or her Personal Data or to object to the processing, as well as the right to transfer the Personal Data and the right to complain to the supervisory authority.

In the case of obtaining data and processing them based on Art. 6 sec. 1 year a) GDPR – the User has the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out based on consent to its withdrawal.

To GDPR the Company is a data controller for the Personal Data collected from all categories of data subjects listed above, with the following exceptions: the Company is a data processor of the User logs, and administrative user logs. In addition, the Company is a data processor for any of the content provided by the User through the Online Services that transit. Where the Company is a data processor, the Company processes data on behalf of its the User under their data processing instructions.

XIV. DISPUTE RESOLUTIONN

If the User has an unresolved privacy or data use concern that the Company has not addressed satisfactorily, please contact the Company via info@spapackages.ie.

XV. CONTACTS

If the User have any questions about this Policy, the User can contact the Company:

• by email: info@spapackages.ie.