At Brandy.ie (referred to in this document as “we”, “us” or “Brandy.ie”), we are committed to maintaining the trust and confidence of our customers, website visitors and newsletter subscribers. Read on to find out exactly how we collect and treat your data.
What information do we collect from you?
As part of your online experience with Brandy.ie, we may collect various personal and non-personal details, as outlined below:
Details you voluntarily provide to us when you create an account on our website, place an order, or opt in to our newsletter subscription. Please note that, while you provide these details voluntarily, certain services we provide are dependent on them. In other words, we won’t hold it against you if you don’t want to share your address with us, but if you want us to ship an order to you, we won’t be able to do so unless you provide it.
When you visit our website, we use third-party services (Google Analytics) to collect general information in an anonymised way. For example, if your name is Mark Jones, you visit our website from Dublin and place an order worth €100, our Google Analytics report will count your order towards the general statistics, but it won’t be associated with your personal information. The information we obtain this way may include:
- your behaviour – e.g. what pages you visit on our website and how much time you spend viewing them,
- technology you use to view our website – e.g. what device, operating system and browser you use, your internet service provider and screen resolution,
- geographical information – e.g. what country/city you connect from, your device/browser language and region settings,
- traffic source – e.g. whether you accessed our website directly by typing the website address in your browser, followed a link from Google search results, clicked a link in one of our newsletters, etc.,
- order value (if you make a purchase during your visit),
- demographics and interests data – this depends on your Google Ads Settings. If the necessary cookie files are enabled on your end, the actions you take on our website may be matched against your demographics (e.g. age range) and interests.
Depending on our analysis needs, we can collate this data and view various kinds of reports (e.g. average order value for people from a certain country, average page view time for people who use iPhones, etc.). We do not, however, make any attempt to use this data against any personal information you may provide to us, nor do we allow Google to do so. For example, if you visit our website from Germany and place an order (thereby providing your personal details), our Google Analytics reports will count you towards website visits made from Germany, but all the non-personal information mentioned above will not be matched against it.
We also use a third-party service (MailChimp) to deliver email marketing newsletters to people who have subscribed to them. In some cases, to make sure our subscribers only receive messages that are of interest to them, we may decide to send an issue of our newsletter to a particular segment of our subscriber base, based on several possible criteria:
- optional details you can provide to us in your subscription settings (a link to these is included in every newsletter we send) – while the only mandatory detail a subscriber has to provide is their email address, we also give the option to provide your first and last name, gender, country of residence, and areas of interest (limited to our business – for example, you can use this facility to let us know you’re only interested in whiskey and not in cigars or pipes),
- demographics and geographical information – this relies on your cookie files settings, but if enabled properly, we may be able to match your subscription to an age range, country, and language you use.
In addition to that, we may also log the fact that you opened a certain issue of the newsletter, clicked on any links inside it, or made a purchase on our website after doing so.
Why do we collect this information?
The short answer is to make your online experience with us as easy and pleasant as possible. Some data also needs to be collected in order to allow you to complete a certain action you intended to take on our website – for example, if you place an order with us, we need to collect your name, address and phone number in order to fulfill it.
Other than that, we use this information to tailor the content of our website and marketing materials to you personally. For example, if you indicate in your newsletter subscription settings that your country of residence is France, we may decide not to email you about an event we’re hosting in Dublin, based on the assumption that this may simply not be of interest to you.
Whom might we share your information with?
As part of our business operations and in order to fulfill our obligations to you, we may need to share your details with other people or companies. We advise you to check their privacy policies and statements to make sure you’re okay with this. As part of your online experience with us, your details may be shared with:
- An Post or other courier and logistics companies, depending on the shipping method you choose for your order – in order to ship the items you purchased to the address you indicated,
- SagePay and PayPal (our payment processors) – in order to verify and process your payment,
- MailChimp – in order to manage your newsletter subscription,
All of these entities are under contractual obligation to us not to use your details in any other way than those outlined above.
What do we do with your information?
We only use the information you provide us for purposes you provide it to us. For example, if you provide your shipping address while placing an order, we will only use it to fulfill said order. If you provide us with your email address while signing up for our newsletter, we’ll only use it to deliver the newsletter.
We take great care to provide an adequate level of protection towards your data. This is achieved internally by data handling policies all relevant employees of ours are trained on, as well as by industry-standard encryption and security measures implemented on our website to ensure any information you provide to us there is transmitted securely. Externally (i.e. where your data needs to be shared with other entities), we carefully select our business partners to ensure that, where needed, the information is only shared with reputable and trustworthy entities and used by them solely for the purposes we share it with them.
How long do we keep hold of your information?
Different kinds of information may be retained by us for various periods of time. See below:
- Customer account and order information – this is generally retained indefinitely to simplify future orders and maintain your history with us as a customer. We do, however, reserve the right to delete this without notice, particularly if your account hasn’t been used in a long time, or as part of planned database maintenance (for example, if we decide to delete all order history older than 10 years),
- Google Analytics data – 38 months,
- Newsletter subscription data – indefinitely, unless you choose to unsubscribe and/or delete your profile entirely. We also reserve the right to remove subscriptions we consider inactive – for example, if our reports show you haven’t opened any of our newsletters in a long time,
- Data shared with other entities – generally retained only until the purpose we share it for is served. In some cases, there may be legal requirements to retain it longer or indefinitely.
How can I access the information you hold about me?
Your customer account and order history can be viewed and managed directly on our website. Upon request, we can provide a copy of the remaining information we may hold about you. Similarly, you may wish to exercise your right to correct your details or request for it to be removed from our systems (digital or others). To this effect, please contact us by email on email@example.com.
The following list contains various cookies our website uses. Please note that not all of these may be in use at any given time, as some of them facilitate certain user-initiated actions.
|Cookie Name (Key)||Related to||What it’s/they’re used for|
|PHPSESSID||Brandy.ie||The PHPSESSID cookies are created/sent when a user ‘session’ is created. When you enter the site for the first time you are assigned a PHPSESSID cookie. This cookie stores details such as:
|store||Brandy.ie||Tracks the specific store view / locale selected by the shopper.|
|guest-view||Brandy.ie||Stores the Order ID that guest shoppers use to retrieve their order status.|
|Brandy.ie||Preserves the destination page the customer was navigating to before being directed to log in.|
|section_data_ids||Brandy.ie||Stores customer-specific information related to shopper-initiated actions such as display wish list, checkout information, etc.|
|product_data_storage||Brandy.ie||Stores configuration for product data related to Recently Viewed / Compared Products.|
|recently_compared_product||Brandy.ie||Stores product IDs of recently compared products.|
|recently_compared_product_previous||Brandy.ie||Stores product IDs of previously compared products for easy navigation.|
|recently_viewed_product||Brandy.ie||Stores product IDs of recently viewed products for easy navigation.|
|recently_viewed_product_previous||Brandy.ie||Stores product IDs of recently previously viewed products for easy navigation.|
|mage-translation-storage||Brandy.ie||Stores translated content when requested by the shopper.|
|mage-translation-file-version||Brandy.ie||Facilitates translation of content to other languages.|
|Brandy.ie||Facilitates caching of content on the browser to make pages load faster.|
|persistent_shopping_cart||Brandy.ie||Stores the key (ID) of persistent cart to make it possible to restore the cart for an anonymous shopper.|
|mage-messages||Brandy.ie||Tracks error messages and other notifications that are shown to the user, such as the cookie consent message, and various error messages, The message is deleted from the cookie after it is shown to the shopper.|
|stf||Brandy.ie||Records the time messages are sent by the SendFriend (Email a Friend) module.|
|form_key||Brandy.ie||A security measure that appends a random string to all form submissions to protect the data from Cross-Site Request Forgery (CSRF).|
|private_content_version||Brandy.ie||Appends a random, unique number and time to pages with customer content to prevent them from being cached on the server.|
|Google Analytics (website traffic reporting and analytics)||Used to distinguish users in an anonymised way. _ga expires after 2 years, while _gid expires after 24 hours.|
|_gat||Google Analytics (website traffic reporting and analytics)||Used to throttle request rate. It doesn’t store any user informaiton and expires after a minute.|
|__utma||Google Analytics (website traffic reporting and analytics)||This cookie keeps track of the number of times a visitor has been to the site pertaining to the cookie, when their first visit was, and when their last visit occurred. Google Analytics uses the information from this cookie to calculate things like Days and Visits to purchase. This cookie is what’s called a ‘persistent’ cookie, as in, it is not set to automatically expire unless removed by the user.|
|Google Analytics (website traffic reporting and analytics)||The B and C cookies work together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site, while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires. You see, __utmc has no way of knowing when a user closes their browser or leaves a website, so it waits 30 minutes for another page view to happen, and if it doesn’t, it expires.|
|_utmt||Google Analytics (website traffic reporting and analytics)||The _utmt cookie is a session cookie used to throttle the request rate. It expires after 10 minutes.|
|_utmv||Google Analytics (website traffic reporting and analytics)||The _utmv cookie is used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics.|
|__utmz||Google Analytics (website traffic reporting and analytics)||__utmz keeps track of where the visitor came from, what search engine you used, what link you clicked on, what keyword you used, and where you were in the world when you accessed a website. It expires in 6 months. This cookie is how Google Analytics knows to whom and to what source/medium/keyword to assign the credit for a Goal Conversion or an E-commerce Transaction.|
For more detailed information on cookies, visit www.allaboutcookies.org.