‍

Last updated: October 15th, 2022.

I know that the chances of you reading this are small to non-existent...

So whilst I highly encourage you to, I also just want to let you know that I am myself a massive privacy advocate and I take my own internet privacy very seriously. I use browsers you definitely haven't heard of, I use all sorts of software to block non essential cross-site cookies, trackers, fingerprinting tools, ads and more, and I am very aware of the shady ways in which businesses try to exploit user data. 

To this end I also really care about your data and your privacy. I make a concerted effort not to collect data that is not necessary or of legitimate interest to the running of my business.  I am very conscious and careful when it comes to where and how data is securely stored and transferred, both in terms of the services & apps I choose to use and place my trust in, and the internal practices & security measures I employ within the business. I would be delighted to get back to you if you have any concerns or questions, whatsoever, and I will happily assist you in exercising any of your data protection rights (which are all laid out below) should you choose to.

‍

This Privacy Policy describes how Guy Boggan (also: guyb.ie, Shop Guy Boggan, shop.guyb.ie, the “Site”, "us" or “we”) collects, uses, and discloses your Personal Information: when you visit, interact with or make a purchase from this site (guyb.ie) and any other directly affiliated domains (including shop.guyb.ie); when you contact Guy Boggan in any form (via email/ social media/ phone, and via any web forms); when you schedule a virtual meeting/video call with Guy Boggan; when you engage Guy Boggan in services as a client and you provide contact details, business details, payment information and your signature on contracts or other formal documents (all often provided/ collected via web form and through third party software).

‍

Personal Information We Collect

When you visit the Site, guyb.ie, we do not track or log any information about you. The analytics software we use, Fathom, is GDPR, CCPA, ePrivacy and PECR compliant because it doesn't use cookies for tracking. You might have already noticed that this means visitors don't have to accept a cookie policy through an annoying pop up in order to browse this site. Fathom is a paid tool that I employ to respect your privacy, free tools such as Google Analytics are really only free because you pay with your data or your users' data... Instead Fathom, and tools like it, can intelligently track information about top pages and content without using cookies and without associating data to any individual or building profiles about them.

We only collect information about you when you provide it to us such as when making a purchase, booking a service, making an inquiry, contacting customer support, or when you create an account with us. In all cases where we must collect Personal Information we make an effort not to ask for, or require, data to be collected that is not necessary to fulfil our contract with you.

The site at the domain shop.guyb.ie is hosted by Shopify, in order to give you the best ecommerce experience there is, however Shopify set cookies on their customers (our) behalf and unfortunately we cannot control this.

We can still control our use of third party cookies and pixels though, and unlike the vast majority of ecommerce stores we do not place trackers in your browser on behalf of advertisers, such as Meta. We do our utmost not to track or log any information about you and we wish Shopify had a cookie less analytics solution as well. Internally, we still use the same analytics software, Fathom, as on the site guyb.ie, which does not track you at all, but because of Shopify and the first party analytics cookies they place, when you visit the site shop.guyb.ie you must be met with that annoying pop up. Detailed information on all cookies is provided below.

‍

In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.

Project Enquiry, Service Booking & Shop Order Information

1. Examples: first and last name, email address, company name, billing address, shipping address, phone number, company details (address, registration #, VAT # etc.), and payment information.‍
2. Purpose: to fulfil our contract and provide products or services to you; to process your payment information; to arrange for shipping; to communicate with you and provide you with order confirmations and other important updates about products and services that you have purchased; to send you quotes, contracts and invoices with accurate contact and billing information, to screen our orders for potential risk or fraud; and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services, such as through a newsletter you subscribe to.
3. ‍Source: collected from you.

Customer Support Information

• Examples: name, email address, and order information such as billing & shipping address (required where you are already an existing customer querying or altering an existing order, or where you are a prospective customer who requires an order to be created manually by customer support).
• Purpose: to provide customer support.
• Source: collected from you.

‍

Minors

The Site is not intended for individuals under the age of 16. We do not intentionally collect Personal Information from children.

In Ireland, children below the age of 16 (the “age of digital consent”) cannot give consent to online service providers to process their personal data. If you are a parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.

‍

Sharing Personal Information

We only share your Personal Information with service providers when it is absolutely necessary to help us provide our services and fulfil our contracts with you, as described above. For example if you make a purchase of a physical item we will need to share your contact details and address with a courier for delivery.

All software and web software companies that we work with use enterprise-level encryption for their servers and take security and privacy very seriously. Internal access, within Guy Boggan, to all platforms where your data is stored is extremely strict, all logins are always protected with Multi-Factor Authentication and more.

For example:

• We use Webflow to host and power our site, and to process some form submissions that collect your information, you can read more about how Webflow securely stores and uses your Personal Information here - https://webflow.com/legal/eu-privacy-policy
• We use Typeform to host a number of forms and submission data which is collected from you both when making an inquiry about a service ("Let's Work Together"), and when collecting detailed contact information from you to be used for quotes, contracts, invoices, and all other formal communication.  You can read more about how Typeform securely stores and uses your Personal Information here - https://admin.typeform.com/to/dwk6gt.
• We also use Shopify to power and process orders and payment information, at shop.guyb.ie, you can read more about how Shopify uses your Personal Information here - https://www.shopify.com/legal/privacy, and see the Shopify Data Processing Addendum here - https://www.shopify.com/legal/dpa.
• Payment information for orders at shop.guyb.ie, including card details, is collected and processed securely by Shopify Payments, powered by Stripe. You can read the Irish Shopify Payments terms of service here - https://www.shopify.ie/legal/terms-payments-ie. Shopify Payments is facilitated by Stripe Payments Europe, Ltd and you can read their privacy policy here - https://stripe.com/en-ie/privacy.
• We also use Stripe as a stand alone billing integration to securely process payments and invoice for services and some other products, in which cases it is not associated with Shopify Payments, and again you can read their privacy policy here - https://stripe.com/en-ie/privacy.
• Additionally we may offer PayPal as another payment option, you can read their privacy policy here - https://www.paypal.com/en/webapps/mpp/ua/privacy-full
• We use Xero to send invoices and for other billing tools, you can read their EU data addendum here - https://www.xero.com/ie/data/xero-and-gdpr/
• We also use GoCardless for direct debit billing on invoices, you can read their privacy policy for payers here - https://gocardless.com/privacy/payers/
• Any payment details, collected through our payment partners, are always encrypted and are actually never accessible to us (Guy Boggan), even when making a refund, we simply instruct Stripe or Shopify payments to return funds to your card on file with Stripe/Shopify, at no point are payment details shared with or accessible by us. The only exception to this are the last 4 digits of the payment card, which is sometimes provided to us by our payment partners to acknowledge, for reference, which card a successful payment was made on, and we use this to assist you when communicating with you about any payment issues and for your own reference in order confirmation emails, etc.
• Some order information, including name, email address, shipping address, and phone number, is shared with our fulfilment partners and print labs, and through them also with carriers and logistics companies, such as DPD, DHL and FedEx, to fulfil our products to you.
• Some order information, including name, email address and order value is shared with our rewards software, Smile.io, so that customers can redeem discounts for making multiple purchases at shop.guyb.ie, you can read their privacy policy here - https://smile.io/privacy-policy.
• Email inquiries and customer support chat information is not shared with any external organisation but may take place on services hosted by third parties or stored using internal tools, including by email (Google Workplace), via internal communications (Slack & Notion) and on social media (including Messenger and Instagram both hosted by Meta), or using the on-site chat (hosted by Shopify Inbox and Apple Business Chat). The privacy policies of all organisations listed above are linked on their names, this is not an exhaustive list, particularly when it comes to internal tools, and may be subject to change.
• For some documents, such as quotes, proposals and contracts that require a formal e-signature, we use Pandadoc and you can read their privacy policy here - https://www.pandadoc.com/privacy-notice/
• For sharing deliverables and other files with you we may use services including WeTransfer, Pixieset and Frame.io, again the privacy policies of all organisations listed are linked on their names and again this is not an exhaustive list and is subject to change.
• We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights. For example, we may be obligated to share some order information with customs authorities, including your contact details and the total order value or may be obligated to share invoices with state tax authorities and auditors.

‍

Behavioural Advertising

We do not use your Personal Information to provide you with targeted advertisements.

For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.

We do not set third party cookies of any sort on behalf of advertisers, but for your reference you can try to opt-out of targeted advertising in general at these links:

• Facebook - https://www.facebook.com/settings/?tab=ads
• Google - https://www.google.com/settings/ads/anonymous
• Bing - https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads]

Additionally, you can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at - http://optout.aboutads.info/.

‍

Using Personal Information

We use your Personal Information to provide our services to you, which includes: booking services , offering products for sale, processing payments, shipping and fulfilment of your order, and keeping you up to date on new products, services, and offers.

Lawful basis

Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:

• Your consent;
• The performance of the contract between you and us;
• Compliance with our legal obligations;
• To protect your vital interests;
• To perform a task carried out in the public interest;
• For our legitimate interests, which do not override your fundamental rights and freedoms.

Retention

When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We DO NOT engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processors and payment processors, such as Stripe and Shopify, use limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

• Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
• Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

‍

Your Rights

GDPR

If you are a resident of the EU and EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

For Shopify, your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

CCPA

If you are a resident of California, you have the right to access the Personal Information we hold about you (also known as the ‘Right to Know’), to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.

If you would like to designate an authorised agent to submit these requests on your behalf, please contact us at the email address below.

‍

Cookies

A cookie is a small amount of data that a website may store in or retrieve from your browser when you visit a site. Cookies can make your browsing experience better by allowing the website to remember your actions and preferences (such as login, region selection, items in your cart etc.), which means you don’t have to re-enter this information each time you return to the site, browse from one page to another or browse this site across multiple tabs.

Cookies - guyb.ie

When you visit the Site, guyb.ie, we do not track or log any information about you. The analytics software we use, Fathom, is GDPR, CCPA, ePrivacy and PECR compliant because it doesn't use cookies for tracking. You might have already noticed that this means visitors don't have to accept our cookie policy through some annoying pop up in order to browse this site, our tools can intelligently track information about top pages and content without associating that data to any individual or building profiles about them.

We do not link analytics data to Personal Information, even if you subsequently provide personal information to us, such as by making an inquiry or purchase after browsing the site. In fact technically speaking we could not link analytics data to Personal Information even if we wanted to because our analytics data is hashed, and unlike encryption, which is, albeit hard to, designed to be decrypted, hashing is a one way and irreversible process.

We must still use some cookies to enable basic functionality of the site, and for security around login. Please find them all listed below.

‍

Necessary & Functional

• These cookies are fundamental and necessary to enable basic functionality of the site.

wf-csrf - Webflow - Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.

wf-csrf.sig - Webflow - Ensures visitor browsing-security by preventing cross-site request forgery. This cookie is essential for the security of the website and visitor.

p.gif - Typekit - Needed to keep track of special fonts used on the website for internal analysis. The cookie does not register any visitor data.

Personalisation

• These cookies allow the website to remember choices you make (such as setting your user name, language, or the region you are in) and provide enhanced, more personal features.

YSC - YouTube - Registers a randomly generated, unique and anonymous, ID to keep statistics of what videos from YouTube the user has seen.

VISITOR_INFO1_LIVE - YouTube - Used to try to estimate the users' bandwidth on pages with integrated YouTube videos.

‍

Some embed items, such as a Typeform, Vimeo video or a YouTube video, opening in an embed window, may require a visitor to separately agree to another site's cookie policy to fill out a form or consume a piece of content, these are not set or controlled by Guy Boggan.

‍

Cookies - shop.guyb.ie

The site at the domain shop.guyb.ie is hosted by Shopify, in order to give you the best ecommerce experience there is, however Shopify set cookies on their customers (our) behalf and unfortunately we cannot control this.

We can still control our use of third party cookies and pixels though, and unlike the vast majority of ecommerce stores we do not place trackers in your browser on behalf of advertisers, such as Meta. We do our utmost not to track or log any information about you and we wish Shopify had a cookie less analytics solution as well. Internally, we still use the same analytics software, Fathom, as on the site guyb.ie, which does not track you at all, but because of Shopify and the first party analytics cookies they place, when you visit the site shop.guyb.ie you must be met with that annoying pop up.

Below are all of the first party cookies Shopify sets, many are essential to enable basic functionality of the site, and for security around login, but some are for analytics that Shopify runs.

‍

Necessary & Functional

• These cookies are fundamental and necessary to enable basic functionality of the site.

secure_session_id - Used to track a user's session through the multi-step checkout process and keep their order, payment and shipping details connected.

_shopify_country - For shops where pricing currency/country is set from GeoIP, that cookie stores the country we've detected. This cookie helps avoid doing GeoIP lookups after the first request.

_shopify_m - Used for managing customer privacy settings.

_shopify_tm - Used for managing customer privacy settings.

_shopify_tw - Used for managing customer privacy settings

_storefront_u - Used to facilitate updating customer account information.

_tracking_consent - Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region.

c - Used in connection with checkout.

cart - Used in connection with a shopping cart.

cart_currency - Set after a checkout is completed to ensure that new carts are in the same currency as the last checkout.

cart_sig - A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations.

cart_ts - Used in connection with checkout.

cart_ver - Used in connection with shopping cart.

checkout - Used in connection with checkout.

checkout_token - Used in connection with checkout.

dynamic_checkout_shown_on_cart - Used in connection with checkout.

hide_shopify_pay_for_checkout - Used in connection with checkout.

keep_alive - Used in connection with buyer localization.

master_device_id - Used in connection with merchant login.

previous_step - Used in connection with checkout.

remember_me - Used in connection with checkout.

secure_customer_sig - Used to identify a user after they sign into a shop as a customer so they do not need to log in again.

shopify_pay - Used in connection with checkout.

shopify_pay_redirect - Used in connection with checkout.

tracked_start_checkout - Used in connection with checkout.

checkout_one_experiment - Used in connection with checkout.

checkout_session_lookup - Used in connection with checkout.

checkout_session_token_<<id>> - Used in connection with checkout.

identity_state - Used in connection with customer authentication.

identity_state_<<id>> - Used in connection with customer authentication.

identity_customer_account_number - Used in connection with customer authentication.

‍

Reporting & Analytics

• These cookies help us understand how the website is performing and how visitors are interacting with the site (through page views, traffic origin, user flows etc.), and also allows us to identify any technical issues.

_landing_page - Track landing pages.

_orig_referrer - Track landing pages.

_s - Shopify analytics.

_shopify_d - Shopify analytics.

_shopify_fs - Shopify analytics.

_shopify_s - Shopify analytics

_shopify_sa_p - Shopify analytics relating to marketing & referrals.

_shopify_sa_t - Shopify analytics relating to marketing & referrals.

_shopify_y - Shopify analytics.

_y - Shopify analytics.

_shopify_evids - Shopify analytics.

_shopify_ga - Shopify and Google Analytics.

customer_auth_provider - Shopify analytics.

customer_auth_session_created_at - Shopify analytics.

‍

The length of time that a cookie remains on your computer or mobile device depends on whether it is a “persistent” or “session” cookie. Session cookies last until you stop browsing and persistent cookies last until they expire or are deleted. Most of the cookies we use are persistent and will expire between 30 minutes and two years from the date they are downloaded to your device.

You can control and manage cookies in various ways. Please keep in mind that removing or blocking cookies can negatively impact your user experience and parts of our website may no longer be fully accessible.

‍

Do Not Track

There is no consistent industry understanding of how to respond to “Do Not Track” signals, but when browsing guyb.ie we do actually alter our data collection and usage practices when we detect such a signal from your browser, we don't run analytics scripts wherever possible.

‍

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons.

Contact

For more information about our privacy practices, if you have questions, if you wish to exercise your data rights or if you would like to make a complaint, please contact us by e-mail at privacy@guyb.ie

If you are not satisfied with our response to your complaint, you have the right to lodge your complaint with the relevant data protection authority. You can contact your local data protection authority, or in Ireland you can contact the Data Protection Commission, An Coimisiún um Chosaint Sonraí, here - https://www.dataprotection.ie/Last updated: October 15th, 2022.