AJ Products Ireland and the General Data Protection Regulation (GDPR)
At AJ Products Ireland Ltd, we always strive to build long-term relationships with our customers, companies and organisations as well as their representatives and all consumers who buy directly from us. Our customers are of the utmost importance to us and we will therefore always handle personal data with the greatest caution and in accordance with the General Data Protection Regulation.
Please visit the The Data Protection Commission's website for more information.
Customer Contact Data, what data do we collect, how and why is it collected?
When you as a customer, either as a representative at a company or as a private consumer, purchase products at AJ, you provide your personal data such as name, email address and phone number. A consumer usually also fills in his or her home address.
The data is used by AJ Products Ireland to enable a good customer experience throughout the entire order and sales process: presentation of our range of products, placement of order, delivery, potential complaints/warranty matters and development of our offer and IT-processes.
We document our communication with you.
The communication with you as a customer is carried out via phone, email, chat, written and physical contact as well as digital media. The reason for documenting it is to enable follow ups of customer matters and complaints as well as handling all matters during your time as an AJ customer, such as questions relating to purchases/orders, complaints, warranty matters or other complaints/opinions that you are free to bring to our attention.
Who is responsible for the personal data that is collected and processed?
We, AJ Products Ireland, a limited liability company with registered company no.307842, Unit B4, Network Enterprise Park, Kilcoole. Co. Wicklow are the controller of the personal data. The personal data can be processed by us or by our partners.
We are always responsible for the partners who processes personal data on our behalf, so-called processors of the personal data. Please find more information about our processors and other receivers of the personal data below.
We will process some personal data due to legal requirements. Other personal data will be processed to enable contractual relationships with you so that we subsequently can fulfil our commitments within the purchase agreement.
Main purpose: To fulfil our agreement with you
A number of personal data is needed so that we can enter into an agreement with you and subsequently fulfil our commitments therein as listed below. The collection of such personal data derives from the legal basis for the fulfilment of the agreement.
We need to process your personal data in connection with orders and delivery (including notifications and contacts regarding delivery) to fulfil and conclude our commitments within the purchase agreement. In certain cases, we will also handle complaints and warranty matters and the personal data collected thereby. Additional personal data can be processed in connection with services as e.g. booking of assembly, delivery and in-home delivery. Please note that all stated purposes above are subject to separate and individual processing of personal data.
The personal data
The personal data that will be processed in order to fulfil the purchase agreement is:
ii. email address,
iv. phone number, and
v. payment details.
If you are a company customer, the categories of personal data above will also be processed regarding the person specified as contact person.
The data will be stored and processed through the legal support of a binding agreement.
The time period for data storage of company and customer contact data is based on how often our customers purchase and the warranty period our products have. Therefore, depending on which item you have purchased from us, the storage time can vary between three (3) and thirty (30) years.
When the warranty period has expired, your personal data is stored up to twelve (12) months and is then anonymised. The anonymisation process is undertaken on a monthly basis. Personal data and customer data with open balances older than twelve (12) months is kept in its original form and eventual anonymisation is evaluated monthly.
The time period for data storage of data about individuals is based on our commitments to you as a consumer. The data will be deleted or anonymised when the order has been completed, delivered, paid and the warranty period has expired. If the data is anonymised, it is no longer identifiable and therefore not considered as personal data.
However, we will process your personal data as long as it is required to handle any complaint and warranty matters, or for a longer period if necessary to handle such process.
Main purpose: Creation of customer profile
You must create a customer profile to be able to make a purchase from us. This is needed because we must be able to keep our product specific guarantees (please see further information below). The collection of personal data derives from the legal basis for the performance of the agreement.
To enable a purchase and, thus, a contractual relationship, customers need to create a customer profile on the AJ website through My Pages. The purpose of this is so that AJ shall be able to comply with guarantees and document customer matters/complaints. You are responsible for updating the data at all times in the event of changes.
The personal data
The personal data that will be processed to fulfil the purchase agreement is:
ii. email address,
iii. phone number, and
iv. personal identity number (if registered as a sole proprietor).
AJ will process the personal data required to keep your customer profile active as long as you are a customer, have ongoing matters with us (e.g. warranty matter or complaints) or use the digital services. Thereafter, we will process your personal data, for the same purpose as above, for a period of twelve (12) months. The personal data will then be anonymised. The anonymisation process is undertaken on a monthly basis. Communication that has been submitted in our digital channels is saved until further notice.
Main Purpose: Individualisation of our offer to you
To meet our customers’ interest of receiving relevant and individualised marketing distributions and campaigns through our channels and IT-systems, the personal data listed below is processed. The collection of personal data derives from the legal basis of balancing of interests. AJ has a legitimate interest in communicating news with you and providing offers specially adapted to your needs.
We process some of your personal data to individualise offers and make them as relevant as possible for you, to present relevant assortment, product recommendations, inspiration and other relevant activities, customised news and distribution of catalogues to you.
The Personal Data
The personal data that will be processed to individualise such offers are:
iii. contact information (email address and phone number),
vi. place of residence or company,
vii. purchase history,
ix. other preferences that has been specified to us by you.
The digital channels can be search engines such as Google and Bing as well as social media, digital networks for ads, and our own as well as external customer surveys.
AJ will process the personal data required to keep your customer profile active as long as you are a customer, have ongoing matters with us (e.g. warranty matter or complaints) or use the digital services. Thereafter, we will process your personal data, for the same purpose as above, for a period of twelve (12) months. Then, the personal data will be anonymised. The anonymization process is undertaken on a monthly basis. Communication that has been submitted in our digital channels is saved until further notice.
How does our individualisation process take place (i.e. how do we process your data)?
We perform analysis at individual level which either sorts the data into a customer group (so called customer segment or industry type), or which results in a unique profile. The insights from the analysis form the basis of your personal and relevant offers. This data is then used as a basis for the creation of different market activities, such as email distributions and digital advertisements in all media the company uses.
Campaigns based on your digital interaction
Purpose and legal basis
The personal data
• User generated data (e.g. click and visit history) on our website.
Evaluation, development and improvement of AJ
Purpose and legal basis
To meet our interest of constant evaluation, development and improvement of AJ’s offer, the personal data listed below is processed through our channels and IT-systems on the legal basis of balancing of interests. AJ has a legitimate interest in processing purchase history, complaints and other related information to be able to better develop our offers and service to you as a customer. The processing is necessary to meet our legitimate interest of managing the life cycle of our systems, products and services as well as to protect and develop them.
AJ may use data collected through customer surveys, customer contact or purchase history for analyses for the purpose of company development, e.g. to develop our website and its functions. The analyses contribute to secure our logistical processes and forecasts for warehousing and development of our range, and to create a basis for our IT-system in order to generally increase the security for our customers, suppliers and partners.
The personal data
Most of the data collected for this purpose will be anonymised. However, certain information may contain some personal data, for example:
i. correspondence and feedback regarding our services, products and customer care.
If data is collected and processed in an identifiable form when you communicate with AJ, you will be specifically informed of this by us. Any other data handled by us is anonymised and, thus, not classified as personal data, such as click- and visit history, phone calls and chat conversations. In addition, technical data related to devices and their settings, e.g. domain, devices, browser settings and operating systems may also be processed. This data is anonymised and you as an individual can never be identified by it.
Your personal data is stored during the same period as specified in relation to the respective stated purpose of the processing of your personal data above. From the time when the personal data was first recorded in logs, the data will be retained for troubleshooting and incident response for a period of thirteen (13) months.
Your rights when we process your personal data
You have several statutory rights when we process your personal data, e.g. that you have the right to access all personal data we process about you (extracts), you have the right to demand correction of incorrect data and you can demand deletion (to some extent) of personal data. Your rights are:
i. Right to be informed
ii. Right to access
iii. Right to rectification
iv. Right to deletion
v. Right to restricted processing
vi. Right to portability
vii. Right to object
viii. Right to complain to the Data Protection Commission
Please see below for a review of your most relevant rights. If you want to read more about your rights, comprehensive information is available here.
Your privacy is of the utmost importance to us. Therefore, it is important for AJ that there is full transparency regarding our processing of your personal data. It is important to us that you have access to the data we have about you and if you wish to know more about the data in detail, you can request an extraction from our register. You can do this easily by sending an email to firstname.lastname@example.org
To ensure that we disclose the data to the correct person and that we do not disclose your personal data to anyone else, we must obtain proof that the request is made by you. In order to handle your request, we will provide you with information on how you should identify yourself in connection with the submission of the form via our website.
You can also request deletion of your customer contact data (right to deletion) and the right to rectification of your personal data. We perform a review and anonymisation of our business customers’ contact data after four (4) years, given that no transaction has taken place during the four-years period. Individuals, i.e. data on consumers, follow the same anonymisation process, given that all commitments from us and the customer are completed.
You can easily request deletion by sending an email to us at email@example.com We will respond with information on how you should identify yourself so that we can handle your request.
Please visit My Pages on our website, contact us via the newsletter or call our customer service on 00353 1 2811700 if you wish to change or correct customer contact data or unsubscribe from marketing communication such as newsletters and catalogues.
You always have the right to submit a complaint regarding our processing of your personal data to the Data Protection Commission. However, we prefer that you contact us directly as a first step so that we can resolve your questions and complaints. You can contact us at firstname.lastname@example.org.
How do we protect your personal data?
We use IT-systems to protect the confidentiality, integrity and access to customer contact data. Within our organisation, the access to your personal data is limited to the persons who actually need to process your personal data so that we can fulfil our commitment to you as a customer.
Who can we share your personal data with?
Processors of the personal data
If it is necessary to offer our services, we share your personal data with companies that are our processors of the personal data. A processor of the personal data is a company that processes the data on our behalf in accordance with our instructions.
We have processors helping us with:
i. Transport (logistics companies and freight forwarders),
ii. Payment solutions (card redeeming companies, banks and other payment service providers),
iii. Marketing (print and distribution, search engines, social media, digital advertising networks, media agencies or advertising agencies), and
iv. IT-services (companies that handle necessary operations, technical support and maintenance of our IT-solutions).
When your personal data is shared with processors of the personal data, it is solely for purposes that are compatible with the purposes for which we have collected the data. We perform controls on all processors to ensure that they can provide adequate guarantees regarding the security and confidentiality of personal data. We have concluded written agreements with all processors of the personal data through which they guarantee the security of all the processed personal data and undertake to comply with our security requirements as well as restrictions and requirements regarding international transfer of personal data.
Companies that are independent controllers of the personal data
We share your personal data with certain companies that are independently responsible for the personal data (controllers of the personal data). This means that we are not in control of how the provided data is processed by them.
Independent controllers of the personal data that we share your personal data with are:
i. Authorities (police authority, tax agency or other authorities) if we are obliged to do so by law or in case of suspicion of criminal offence,
ii. Companies that handle general goods transport (logistics companies and freight forwarders), and
iii. Companies that offer payment solutions (card redeeming companies, banks and other payment service providers).
Where do we process your personal data?
We always strive to process your customer contact data within the EU/EES and all our IT-systems are located within the EU/EES. In the event of system support, maintenance and development, we may have to transfer the data to a country outside of the EU/EES, e.g. if we share your customer contact data with a processor who, either itself or through a subcontractor, is established in a country outside the EU/EES or stores the personal data there. In these cases, the processor will only access the data that is relevant for the given purpose.
Regardless of the country in which your customer contact data is processed, we take all reasonable legal, technical and organisational measures to ensure that the level of protection is equivalent to the level of protection within the EU/EES. We require, through our agreements, that our processors of the personal data follow the privacy laws and regulations, such as GDPR and national personal data legislations. Also, we require that no data may be transferred to a country outside the EU/EES unless there is an agreement, adequate level of protection or binding company rules to protect the personal data.
About the website
[ We are members of [applicable memberships] and certified with [applicable certifications] which contains a number of regulations to make you as a customer safe. ]
About cookies at AJ Products Ireland