Who are we?
When we refer to ‘we’ (or ‘our’ or ‘us’) we are referring to Brand Power Limited, t/a Madcraft. We are based in Ireland and have our registered offices at The Westgate, Finisklin Business Park, Sligo, Ireland F91 H92P.
How we collect your data and what data is collected
When you visit our websites, get in contact with the business or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following:
Information you provide to us directly : When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. This could include but is not limited to asking you for your contact information when you fill out a contact form on the website, when you make a support request to our team in relation to your website, when you apply for a job or a placement with Brand Power Limited, t/a Madcraft, or when you sign up to our newsletter on the site. You are not required to provide us with personal information however this may prevent us from providing our products and services to you.
Information we collect automatically : We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect anonymous analytical information about the pages you visit on our website, how you interact with our website, and where you were referred from to reach our website. This allows us to better understand how our website is performing and allows us to improve our website in the future.
Where we collect personal data, we’ll only process it:
- to perform a contract with you, or
- where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent.
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
If you’re someone who doesn’t have a relationship with us, but believe that a Client of ours has entered your personal data into websites we host or services we provide, you’ll need to contact that Client for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data).
How we use your data
We use your personal data provide you with information and services you’ve requested from us and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
- To communicate with you, which may include:
- providing you with information you’ve requested from us or information we are required to send to you
- operational communications, like changes to our websites and services, your websites and services, billing and accounting, project management, security updates and notices, or data protection issues
- marketing communications in accordance with your marketing preferences
- asking you for feedback.
- To support you, which may include assisting with the resolution of technical support issues or other issues relating to the websites or services we provide, whether by email, phone or otherwise.
- To enhance our websites and services and develop new ones where by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools.
- To protect our websites and infrastructure so that we can detect and prevent any malicious activity, and make sure that everyone is using our websites and services fairly.
- To market to you where in addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.
- To analyse, aggregate and report, where we may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share with third parties.
How we can share your data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
- third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you
- Approved Processors and Sub-Processors of Brand Power Limited, t/a Madcraft where there are adequate technical, organisational and legal safeguards in place, along with appropriate legal bases to protect this sharing of data
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
- other people where we have your consent.
We do not distribute, share or sell your personal data with any other services or third parties for their own use, and we do not share your information with third parties without your prior knowledge and consent.
Further information about the recipients or categories of recipients of personal data can be provided upon request at the contact information below.
International Data Transfers
While we endeavour to only store and process data inside of the European Economic Area (EEA), however from time to time we may be required to transfer your data outside of the EEA for processing.
Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate legal protection for EEA data, or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties).
How do we protect your data?
Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens.
Information shared between your browser and our site is encrypted and secured using Secure Socket Layer (SSL/HTTPS) technologies, which creates a secure and encrypted medium of data transfer between your browser and our servers and adds a layer of security to prevent malicious attackers obtaining your personal data. We also use encryption and other advanced security measures where appropriate.
We also employ standard industry operating procedures and internal policies to ensure that your data remains secure, and continually monitor and improve the security of all hosting and storage infrastructure we use to store data.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested, for HR and Recruitment purposes, or to comply with applicable legal, tax or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our internal data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
As it is your personal data that we may hold, you have a number of rights over this data. When it comes to marketing communications, you can ask us not to send you these at any time by simply following the unsubscribe instructions contained in the marketing communication, or send your request to email@example.com
Some of your rights over your personal data include:
- Right to Basic Information and Transparent Communication (about the personal data we hold about you)
- Right of Access (the personal data we hold about you)
- Right to Withdraw Consent
- Right of Rectification
- Right to Erasure (the “right to be forgotten”)
- Right to Restrict Processing
- Right to Data Portability
- Right to Object
- Right to lodge a complaint with a supervisory authority
You can exercise these rights at any time by sending an email to firstname.lastname@example.org or by communicating to us via post at The Westgate, Finisklin Business Park, Sligo, Ireland F91 H92P.
If you’re not happy with how we are processing your personal data, please let us know by sending an email to email@example.com . We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority who will be able to advise you how to submit a complaint.
The Irish DPA is the Data Protection Commissioner and their office can be contacted as follows
Data Protection Commissioner
Lo-Call: 1890 25 22 31
Tel. +353 57 868 4800
Fax +353 57 868 4757
How to contact us
If you have a question, query or concern regarding data protection, our websites, or our services please don’t hesitate to get in touch and we would be happy to help.
This can be done by email by sending your question to firstname.lastname@example.org where a member of our team will be in touch, or alternatively by post by sending any correspondence to The Westgate, Finisklin Business Park, Sligo, Ireland F91 H92P.