Privacy Policy

At Dileas Caraid, we are committed to protecting your privacy and maintaining your trust. This Privacy Policy explains how we collect, use, and safeguard your personal information in accordance with the General Data Protection Regulation (GDPR, EU Regulation 2016/679).

By using our website or purchasing products from us, you consent to the practices described in this policy.

What is GDPR?

The GDPR is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union. It gives you greater control over your personal data, how it is collected, stored, and used.

What is Personal Data?

Personal data is any information that can identify an individual, directly or indirectly, such as name, address, email, phone number, or payment details.

How We Use Your Information and Legal Basis

We collect and process your personal data only for legitimate purposes, such as:

  • Order fulfillment: To process and deliver your purchases.

  • Account management: To manage customer accounts and transactions.

  • Marketing: To send updates about new products or promotions (only if you have subscribed).

We use your data only as necessary to fulfill a contract, comply with legal obligations, or with your consent for marketing communications.

Data We Collect

Customer Account and Orders

  • Name, address, email, phone number

  • Payment details processed securely via PayPal and Stripe

  • Any personalized information you provide for your order

Website Analytics

We may use tools such as Google Analytics to collect anonymized data about website usage and performance. No personally identifiable information is tracked.

Cookies

We use cookies to ensure the functionality of our website, including:

  • User-input cookies: To remember your selections and shopping cart.

  • Authentication cookies: To verify your login identity.

Data Processors and Security

While Dileas Caraid is the data controller, some data may be processed on our behalf by GDPR-compliant service providers, such as:

  • PayPal – payment processing

  • Stripe – payment processing

  • Courier companies – delivery of products

We take appropriate technical and organizational measures to protect your personal data, including:

  • Password protection on devices storing personal data

  • Secure website (HTTPS) encryption

Sharing Personal Data

We do not sell or rent your personal data. We only share data with third parties when necessary to:

  • Fulfill orders (e.g., courier services)

  • Comply with legal obligations or protect our rights and safety

Data Retention

We retain personal data only as long as necessary for the purpose it was collected or to comply with legal obligations:

  • Financial transaction records: 7 years (Irish accounting requirements)

  • Other personal data: as needed to manage your customer account and comply with legal requirements

Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of access: Request a copy of your personal data.

  • Right to rectification: Correct inaccurate or incomplete data.

  • Right to erasure: Request deletion of your data where legal obligations do not require retention.

  • Right to restrict processing: Limit how we use your data.

  • Right to object: Withdraw consent for marketing communications.

Requests will be processed within 5 business days.

How to Contact Us

If you have any questions or requests regarding your personal data, you can contact us at:

Dileas Caraid
Email: info@dileascaraid.com