Privacy Policy
 
You Choose Ltd is committed to protecting your privacy and handling your personal data in a transparent and secure way in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Irish Data Protection Act 2018.This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you visit our website www.youchoose.ie, create an account, place an order, use our product customisation tool, or interact with us in any other way.


We may collect the following categories of personal data:
  • Identity & Contact Data: name, billing/shipping address, email address, phone number
  • Order & Transaction Data: products ordered, purchase history, payment amounts (we do not store full payment card details)
  • Account Data: username, password (hashed), order notes
  • Customisation Data (via Zakeke): uploaded images, text entered for personalisation, preview data (processed to generate your custom product)
  • Technical & Usage Data: IP address, browser type/version, operating system, pages visited, time/date of visit, referral source, approximate location (from IP)
  • Marketing & Communications Data: preferences for receiving marketing, records of consents/withdrawals, email opens/clicks (if you subscribe to newsletters)
How we collect your personal data
Most data is collected directly from you when you:
  • Place an order
  • Create/register an account
  • Use the product customiser (Zakeke)
  • Contact us (email, chat, phone)
  • Subscribe to marketing communications
  • Fill in forms on the site
We also collect some data automatically via cookies and similar technologies (see our Cookie Policy [link if separate]).4. Why we process your personal data & lawful basis
We process your personal data for the following purposes and on these legal bases:
Purpose
Type of data
Lawful basis (GDPR Art. 6)
Process & fulfil your orders
Identity, contact, order, payment
Performance of a contract (Art. 6(1)(b))
Provide customer support
Identity, contact, order
Performance of a contract / Legitimate interests
Product customisation (Zakeke)
Uploaded images/text, contact details
Performance of a contract
Manage your account & order history
Account, order
Performance of a contract
Comply with legal obligations
All relevant data
Legal obligation (Art. 6(1)(c))
Prevent fraud & secure the website
Technical, IP, order patterns
Legitimate interests (Art. 6(1)(f))
Marketing emails/newsletters
Contact, preferences
Consent (Art. 6(1)(a)) – you can withdraw anytime
Analytics & site improvement
Technical, usage
Legitimate interests (Art. 6(1)(f))
Sharing your personal data
We share your data only when necessary:
  • WooPayments / Stripe (payment processor) – billing name, address, order amount, email (limited transaction data). Stripe acts as an independent data controller for payment processing. See Stripe’s Privacy Policy: https://stripe.com/ie/privacy
  • Zakeke (product customiser) – uploaded images, text, email (for quote/save features if enabled). Zakeke acts as our data processor under a GDPR-compliant agreement. See Zakeke’s privacy information: https://www.zakeke.com/privacy-policy-platform/
  • Shipping carriers – name, shipping address, phone, order reference (e.g., An Post, DPD, UPS)
  • Email service providers (e.g. Mailchimp/Brevo if used) – email & name for marketing
  • Hosting & technical providers (e.g. WP Engine, Cloudflare, etc.) – limited technical data
How long we keep your data
We keep personal data only for as long as necessary:
  • Order data → 6 years after order (for tax & accounting obligations)
  • Account data → until you delete your account (inactive accounts may be deleted after [3–5] years)
  • Marketing data → until you unsubscribe/withdraw consent
  • Uploaded customisation files → typically until order fulfilment + short retention for support (then deleted)
  • Technical logs → up to 12–24 months
8. Your GDPR rights
Under the GDPR you have the right to:
  • Access your personal data
  • Rectify inaccurate data
  • Erase your data (subject to legal retention obligations)
  • Restrict processing
  • Object to processing (especially marketing)
  • Data portability
  • Withdraw consent (where we rely on consent)
Security of your personal data
We implement appropriate technical and organisational measures (HTTPS, limited access, regular updates, secure hosting) to protect your data. However, no internet transmission is ever 100% secure.
 
Cookies & similar technologies
Our site uses cookies and similar technologies. Please see our separate Cookie Policy [link] for details. We use a cookie consent manager to obtain your consent for non-essential cookies.