Privacy & Cookie Policy

Introduction

This Privacy and Cookie Policy applies to all websites owned and operated by Byrne’s Bespoke Joinery Limited (trading as Byrne Custom Joinery). It covers how we collect, use, and protect your personal data, as well as information about our use of cookies. By using our website or services, you agree to the terms of this Policy.

Who Are We?

When we refer to “we” (or “our” or “us”), we mean Byrne’s Bespoke Joinery Limited (t/a Byrne Custom Joinery). We are based in County Laois, Ireland, and our registered office is at Loughlass, Ballyadams, Co. Laois, R14 NT28, Ireland. We are a specialist joinery company that provides bespoke joinery and custom woodworking services.

How We Collect Your Data and What Data Is Collected

When you visit our websites, contact us, or use our services, we collect personal data. The ways we collect data fall into the following categories:

Information you provide to us directly

You may give us information when you interact with our site or team. For example:

When you fill out a contact form on our website (providing details like your name, email, phone number, etc.).
When you make an inquiry or request support from our team (for example, about a project or our services).
When you apply for a job or placement with Byrne Custom Joinery (via our Careers page or other channels).
When you sign up to receive our newsletter or other updates (if applicable)

Information we collect automatically

We collect some information automatically when you visit our website or use our services. This may include details like your IP address, device type, browser type, and operating system. We also gather anonymous analytical information about which pages you visit, how you interact with our site, and what site referred you to us. This helps us understand how our website is performing and improve our services and user experience in the future.

Note: Some of this information is collected using cookies and similar tracking technologies. For more details on the cookies we use and how you can control them, please see our Cookie Policy below.

If we collect personal data, we will only process it under certain lawful bases. Specifically, we will process your data only:

To perform a contract with you – for example, to provide the services or products you have requested.
Where we have a legitimate interest – for example, to improve our services or website’s functionality – and only if those interests are not overridden by your rights.
To comply with a legal obligation – if we are legally required to process or share certain data.
Where we have your consent – for example, if you have explicitly agreed to receive marketing communications.

If you choose not to provide personal information when requested, we may not be able to deliver the full range of our services to you, and some features of our website might not function properly.

How We Use Your Data

We use your personal data to provide you with information and services you’ve requested and to manage our relationship with you. We may also use your data for other purposes, which include:

To communicate with you, which may include:
- Providing you with information you have requested from us (such as a quote or details about our
  services) or information we are required to send you.
- Sending operational communications, for example about changes to our services, project updates, billing or account information, security updates, or other service-related notices.
- Sending you marketing communications (such as newsletters or offers) in accordance with your
  marketing preferences.
- Asking you for feedback on our services or your customer experience.
To support you – for instance, to assist you in resolving any technical issues or questions you have about our services or website, whether by email, phone, or otherwise.
To enhance our websites and services and develop new ones – by tracking and monitoring your use of our website and services so we can improve them. We may also carry out technical analyses of our website’s performance and user experience to optimise functionality and content.
To protect our websites and infrastructure – by detecting and preventing any malicious or fraudulent activity, and ensuring that our website and services are used fairly and safely by all users.
To market to you – in addition to sending direct marketing communications, we may use your personal data to tailor and display online advertisements for our services that are more relevant to you. For example, we might display targeted ads on third-party websites or social media platforms, based on your interaction with our website (subject to any consent requirements for cookies or similar tracking).
To analyse, aggregate and report – we may use the personal data we collect (sometimes in combination with data from third parties) to generate aggregated, anonymised analytics and reports about user interactions with our site or services. For example, we might compile reports on how many users visited a certain page or requested a certain service. These reports do not identify you personally, and we may share these aggregated insights with third parties or publicly for business or marketing purposes.

How We Can Share Your Data

We treat your personal data with care and confidentiality. However, there are times when we need to share your data with third parties, under strict conditions, as part of running our business. We will only disclose your personal data to:

Service providers and partners who assist us in operating our website or providing our services. For example, this could include IT hosting companies, email service providers, analytics providers, or other vendors who process data on our behalf. These parties only access and use your data to perform tasks for us and are bound by contractual confidentiality and data protection obligations.
Approved processors and sub-processors of Byrne Custom Joinery – in cases where we engage third-party companies to process data on our behalf (such as cloud storage providers or payment processors), we ensure that adequate technical, organisational, and legal safeguards are in place. We only work with processors who can provide sufficient guarantees that your data will be protected (for example, by complying with GDPR requirements, entering into EU Standard Contractual Clauses where required, or holding relevant certifications).
Regulators, law enforcement agencies, government bodies, courts, or other third parties – where disclosure is legally required or necessary (i) to comply with any applicable law, regulation, or legal process, (ii) to assert, establish or defend our legal rights, or (iii) to protect your vital interests or those of another person. If we receive a legitimate legal request for user data, we will attempt to notify you unless we are legally prevented from doing so.
Other people or organisations if we have your explicit consent to do so. For example, if you agree that we may share your information with a business partner or reference your project as a case study, we will only do so with your permission.

We do NOT sell your personal data to any third parties, and we do not share your information with third parties for their own independent marketing or business purposes without your prior consent.

If you would like more details about the third parties with whom we may share personal data (or the categories of recipients of personal data), you can contact us using the information in the “How to Contact Us” section below, and we will be happy to provide additional information.

International Data Transfers

While we strive to store and process personal data within the European Economic Area (EEA) whenever possible, some of the tools and services we use may involve transferring your data outside of the EEA. For example, if we use a cloud service or an analytics provider that is based outside the EEA, your data may be transferred to servers in other countries.

Whenever we transfer your personal data outside the EEA, we will ensure that it is protected in a manner that is consistent with how your data would be safeguarded within the EEA. We will only transfer data to countries that have been officially deemed to provide an adequate level of data protection, or where we have put appropriate safeguards in place, such as:

Entering into contracts approved by the European Commission that give personal data the same
protection it has in Europe (often called Standard Contractual Clauses).
Ensuring the recipient is certified under a scheme like the EU–US Privacy Shield (if applicable) or other approved certification mechanism (though Privacy Shield was invalidated in 2020, any future
approved trans-Atlantic framework or similar mechanism would be used if available).
Relying on any other transfer mechanism approved by EU data protection law as appropriate for the
transfer in question.

If we transfer your data outside the EEA and none of the above safeguards are available, we will only do so with your explicit consent or where the transfer is otherwise permitted by EU data protection law. You can ask us for more information about the safeguards we have in place for international data transfers.

How Do We Protect Your Data?

The security of your personal data is a top priority for us. We have implemented appropriate technical and organisational measures to safeguard the personal information we hold against unauthorised access, alteration, disclosure, or destruction. These measures include:

Encryption: Any information exchanged between your web browser and our website is secured using industry-standard encryption protocols such as SSL/TLS. This means that when you access our site, the connection is encrypted (you’ll see “https://” in the URL), which helps prevent anyone from
intercepting your data during transmission. We also employ encryption and other security techniques to protect personal data stored on our systems where appropriate.
Access Controls: We limit access to personal data to those employees, contractors, and service providers who need to know that information for the purposes described in this policy. All such persons are subject to strict confidentiality obligations.
Secure Infrastructure: We use reputable hosting providers and cloud services with strong security practices. We regularly monitor our systems and infrastructure for vulnerabilities and attacks, and we update and patch our software and systems to stay protected against the latest security threats.
Internal Policies: We maintain internal policies and conduct training for our staff to ensure that personal data is handled and protected properly. Our data protection and security practices are reviewed periodically, and we continuously work to improve our security posture to adapt to new threats and regulatory requirements.

While we do our best to protect your personal data, it’s important to remember that no website, Internet transmission, or system is completely secure. We encourage you to take precautions as well, such as using strong passwords, keeping your login credentials confidential, and logging out of websites after use.

Retention

We will keep your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purpose of satisfying any legal, accounting, or reporting requirements. The exact length of time we retain data will vary depending on the type of information and the reasons we collected it.

In general, we will retain your personal data for as long as we have an active relationship with you (for example, while you are using our services or communicating with us, or if you are an employee or applicant, for the duration of your employment or application process). After that relationship has ended, we may still need to keep certain data for a period of time for legitimate business or legal purposes. This might include retention for audit purposes, tax compliance, record-keeping, to handle any disputes, or to enforce our agreements.

When we no longer have an ongoing legitimate business need to retain your personal data, we will either delete it or anonymise it. If deletion or anonymisation is not immediately possible (for example, because the data is stored in backup archives), then we will securely store the data and isolate it from any further use until deletion is possible.

Your Rights

As an individual whose personal data we hold, you have certain rights under GDPR and other applicable data protection laws. These rights include:

Right to Basic Information and Transparent Communication: The right to be informed about how your personal data is being used, and to receive clear, transparent communication about our data practices (which is one of the purposes of this Privacy Policy).
Right of Access: The right to request a copy of the personal data we hold about you, as well as information about how we use it. This is commonly known as a “Data Subject Access Request.”
Right to Withdraw Consent: If we are processing your personal data based on your consent, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we conducted prior to your withdrawal.
Right of Rectification: The right to have inaccurate personal data corrected or completed if it is incomplete. If you believe any information we hold about you is incorrect or incomplete, please let us know.
Right to Erasure (the “Right to be Forgotten”): The right to request that we delete your personal data when it is no longer necessary for the purposes for which it was collected, or if you have withdrawn consent or objected to the processing (and no other legal grounds for processing apply), or if the data was processed unlawfully, or if erasure is required to comply with a legal obligation.
Right to Restrict Processing: The right to request that we limit the processing of your personal data in certain circumstances – for example, if you contest the accuracy of the data or have objected to our processing, we may restrict processing until the issue is resolved. This means we can still store the data but not use it further.
Right to Data Portability: The right to obtain and reuse your personal data for your own purposes across different services. You are entitled to request a copy of the data you provided to us in a structured, commonly used, machine-readable format (for example, CSV format), and you have the right to have that data transmitted to another controller where technically feasible.
Right to Object: The right to object to certain types of processing. For instance, you have the right to object to processing of your personal data for direct marketing at any time. You may also object, on grounds relating to your particular situation, to processing that we justify on the basis of legitimate interests or public interest. If you lodge an objection, we will stop processing the personal data unless we can demonstrate compelling legitimate grounds for the processing that override your rights, or if the processing is needed for legal claims.
Right to Lodge a Complaint with a Supervisory Authority: If you believe that we have not complied with data protection laws in the way we have processed your personal data, you have the right to file a complaint with a data protection supervisory authority. In Ireland (where we are based), the supervisory authority is the Data Protection Commission.

You can exercise any of these rights at any time by contacting us via the methods described in the How to Contact Us section below. Typically, you will not have to pay a fee to exercise your rights, but we may ask you to verify your identity before fulfilling certain requests. We will respond to your requests within the applicable legal timeframes (generally within one month, though we may extend this period by an additional two months for complex requests, in which case we will inform you of the extension).

If you have given us consent to use your personal data (for example, for marketing) and you wish to withdraw that consent, you can easily do so. For email marketing, you can click the “unsubscribe” link in any marketing email we send you. Alternatively, you can contact us directly (by email or post) to let us know that you do not want to receive marketing messages. Once you opt out of marketing, we will stop using your data for that purpose. (Please note that even if you opt out of marketing communications, we may still need to send you certain transactional or informational messages related to services you have requested, such as invoices, quotes, or service notifications.)

If you have any questions or concerns about your rights or how to exercise them, please contact us and we will assist you.

Supervisory Authority Contact: If you wish to lodge a complaint or seek advice from Ireland’s data protection authority, you can contact the Irish Data Protection Commission (DPC) for assistance. The DPC’s contact details are:

Data Protection Commission (Ireland)
Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland.
Telephone: +353 (0)57 868 4800
Email: info@dataprotection.ie
Website: www.dataprotection.ie

(If you are based in another country, you may contact your local data protection authority. A list of EU data protection authorities and their contact details is available on the European Commission’s website.)

How to Contact Us

If you have any questions, concerns, or requests regarding this Privacy and Cookie Policy or about how we handle your personal data, please do not hesitate to get in touch with us. We are here to help and will respond as promptly as possible.

By Email: You can email us at info@byrnecustomjoinery.com. Please include in your email your name and the details of your inquiry or request. Sending an email is often the fastest way to reach us, and we will acknowledge and address your email as soon as we can.
By Post: If you prefer, you can also write to us. Please send any correspondence to:
- Byrne Custom Joinery
  Loughlass, Ballyadams,
  Co. Laois, R14 NT28
  Ireland

When you contact us, please provide as much information as possible about your query. For example, if you are requesting a copy of your data or asking us to delete something, it helps if you detail what you are referring to. This will assist us in responding to your request efficiently.

We will address all communications and requests related to your rights and this Policy in a timely manner and in accordance with applicable data protection laws. If you raise a concern about how we handle your personal data, we will investigate and do our best to resolve it. We value your privacy and will always take your questions and complaints seriously

Cookie Policy

Our website uses cookies and similar tracking technologies to ensure the site functions correctly, to personalise your experience, to analyse usage, and to assist in our marketing efforts. This section explains what cookies are, which cookies we use, and how you can control them.

What Are Cookies and How Are They Used?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work, or work more efficiently, as well as to provide information to the site owners or others. Cookies allow a website to remember your actions or preferences over time.

In addition to cookies, we may use other tracking technologies such as web beacons or pixels (small graphic images or scripts). These technologies function differently from cookies, but like cookies, they help us recognise users, count how many people visit certain pages, or understand usage patterns. For example, a web beacon might be used to see if an email was opened or if a link was clicked.

Why Do We Use Cookies and Tracking Technologies?

We use cookies and similar technologies for several reasons:

Essential Cookies: Some cookies are necessary for our website to operate properly. For example, certain cookies enable you to navigate the site and use key features. Without these cookies, the site may not function correctly.
Functional Cookies: These cookies allow us to remember choices you make on our site (such as your cookie consent preferences) and provide enhanced, more personalised features. They can make your browsing experience better by remembering certain preferences.
Analytics and Performance Cookies: We use analytics cookies to collect information about how visitors use our website — for instance, which pages are visited most often, or if users encounter error messages on certain pages. This information is generally collected in an anonymous form and is used to improve how our website works and understand the interests of our users.
Advertising and Targeting Cookies: We do not display third-party advertisements on our site; however, we may use targeting cookies to track your browsing habits on our site so that we can better understand your interests. This information might be used to tailor advertising for our services on other platforms (such as Google or social media). For example, if you visit our site, you might later see an advertisement for our services on another website – this is sometimes made possible by cookies and trackers set by advertising networks. Any advertising cookies will only be used in accordance with your consent choices.
Third-Party Cookies: Some content or applications on our site are provided by third parties (for example, an embedded Google Map, or social media sharing buttons). These third parties may set their own cookies on your browser. We do not control the operation of third-party cookies, but we do allow them to be placed on your device. These cookies are likely to be analytical, functional, or targeting cookies belonging to those third parties.

Overall, cookies and tracking technologies help us to operate our websites and services, enhance and customise your experience, perform analytics, and deliver content (including marketing content) that is relevant to you.