This Website Privacy Policy is provided by TGR1.618 Limited (“TGR“) and its group company Iris Audio Engineering Limited (“IAEL“) (referred to collectively as “IRIS” or “we” or “us”). Each of us are a ‘controller’ for the purposes of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018 (collectively the “Data Protection Laws“). This Website Privacy Policy applies to the personal data we collect in relation to your use of our websites https://irislistenwell.com and https://iris-headphones.com. TGR1.618 is responsible for this website and Iris Audio Engineering Limited sells our headphones through this website. We take your privacy very seriously and ask that you read this Website Privacy Policy carefully as it contains important information about our processing and your rights.
How to contact us
If you would like this Website Privacy Policy in another format, please contact us at the details below:
Data Protection Manager: Tom Darnell
Address: Suite 305, 50 Eastcastle Street, London W1W 8EA, United Kingdom
Email: [email protected]
Current version: September 2020
What personal details do we collect?
Website Usage Data
When you use our websites, we collect and analyse information such as your IP address, browser types, browser language, operating system, the state or country from which you accessed the website , software and hardware attributes (including device IDs), referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the website and upload or post content, error logs, and other similar information. Please refer to our cookie policy (https://irislistenwell.com/legal/cookie-policy/) for more information about our use of cookies.
If you access the website through a third-party connection or log-in (e.g. through a social network), you may allow us to have access to and store certain information from your social network profile. This includes your name, gender, profile picture, your “likes” and check-ins, and your list of friends, depending on your settings on the website. If you do not wish to have this information shared, do not use a social networking connection to access the website. For a description of how social networking sites handle your information, please refer to their privacy policies and terms of use, which may permit you to modify your privacy settings.
Social Media Data + Promotion Data
When you “like” or “follow” us on Facebook, Instagram, Twitter or other social media sites, we may collect some information from you including your name, email address and any comments or content that you post that is relevant to us. We also collect your information if you sign up for one of our promotions or submit information to us through social media sites.
Purchase Data
When you purchase our hardware products (such as our headphones) we collect your name, address, contact details and information on the product purchased.
Warranty Data
When you make a warranty claim for products purchased from us, we collect your name, address, contact details, product purchased and information in relation to the warranty claim.
General Enquiries
When you contact us for general enquiries, we collect your name, contact details and information regarding your query.
Why do we process your personal data?
We use your personal data for the following purposes listed in this section. We are allowed to do so on certain legal bases (please see section ‘How is processing your data lawful and how long do we keep it for?’ for further detail).
|
Personal Data processed |
Purpose |
Legal Basis |
|
Website Usage Data |
|
Consent |
|
Social Media Data |
|
Legitimate Interest |
|
Promotion Data |
|
Contract/ Consent |
|
Purchase Data |
|
Contract, Legitimate Interest |
|
Warranty Data |
|
Contract |
|
General Enquiries |
|
Legitimate Interest |
Furthermore, we will process your personal data for the following purposes:
- Comply with any procedures, laws and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others; and
- Establish, exercise or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others.
How is processing your personal data lawful and how long do we keep it for?
We are allowed to process your personal data on the following legal bases:
- In order to carry out our contractual obligations to you where you have purchased our products;
- For our legitimate interests i.e. we have good, sensible, practical reasons for processing your personal data which is in the interest of IRIS. We have considered the impact on your interests and rights and have placed appropriate safeguards to ensure that the intrusion on your privacy is reduced as much as possible. You can object to any of the processing that we carry out on the grounds of legitimate interests (see the section “Your Rights” to find out how); and
- Based on consent you have provided us. Please note that you can withdraw your consent at any point by contacting us (please refer to section “How to contact us”).
We will keep your personal data for the following retention periods:
- Website Usage Data: 12 months from collection
- Social Media Data: 12 months from collection
- Promotions Data: 6 months from collection
- Purchase Data: 1 year from delivery of products
- Warranty Data: 1 year from delivery of products
- General Enquiries: 30 days from date of closure of enquiry
Who will have access to your personal data?
We use external providers (such as hosting providers) that process your personal data as part of the services they offer to us. We take steps to ensure that our service providers process your data in accordance with the Data Protection Laws, only use it in accordance with our contract with them and keep it secure. If you would like more information about our processors, please contact us using the details at the “How to contact us” section.
We do not transfer your personal data outside the UK and the European Economic Area.
We strive to implement appropriate technical and organisational measures in order to protect your personal data against accidental or unlawful destruction, accidental loss or alteration, unauthorised disclosure or access and any other unlawful forms of processing. We aim to ensure that the level of security and the measures adopted to protect your personal data are appropriate for the risks presented by the nature and use of your personal data. We follow recognised industry practices for protecting our IT environment and physical facilities.
Your rights
As a data subject, you have the following rights under the Data Protection Laws:
- Right to object to processing of your personal data;
- Right of access to your personal data;
- Right to correct any mistakes in your personal data;
- Right to prevent your personal data being processed;
- Right to have your personal data ported to another controller; and
- Right to erasure.
Rights in relation to automated decision making do not apply as we do not carry out any automated decision making. Some of these rights are qualified and do not apply in certain circumstances.
To exercise your rights, contact us using the details given in the ‘Contact Us’ section. When you contact us, both TGR and IAEL will take steps to implement the rights you have exercised.
If you do not think that we have processed data in accordance with this notice, you should let us know as soon as possible. You can also complain to the ICO, the UK data protection regulator. Information about how to do this is available on its website at www.ico.org.uk.