Welcome!
If you have arrived at this page, it means that you value your privacy — and so do we.
This document explains, in one place, the rules for processing personal data and the use of cookies and other tracking technologies in connection with the operation of the website https://tegrefurniture.ie.
Formal Information:
The website is owned and operated by Tegre Sligo Ltd, registered in Ireland under company number 623299, with its registered office at Cliffords Buildings, Harmony Hill, Sligo, F91 RR2F, Ireland, VAT registration number IE3530202WH.
Tegre Sligo Ltd is the data controller for all personal data processed through the Store.
This Privacy Policy has been structured as a series of questions and answers to ensure transparency and readability.
Contents
- Who is the data controller?
- How can you contact us regarding personal data?
- What information do we collect about you?
- How do we obtain your personal data?
- Are your data secure?
- For what purposes do we process your personal data?
- How long do we retain your personal data?
- Who are the recipients of your personal data?
- Do we transfer your data outside the EEA?
- Do we use profiling or automated decision-making?
- What are your data‑protection rights?
- What happens if you do not provide certain data?
- Do we use cookies, and what are they?
- On what legal basis do we use cookies?
- How Does Our Cookie Consent Work?
- What are first‑party cookies used for?
- What third‑party cookies are used?
- Do we track your behaviour on the website?
- Do we deliver targeted advertising?
- How can you manage your privacy?
- What are server logs?
- What if there’s a data breach?
- Age of Users
- Anything else you should know?
- Can this Privacy Policy change?
If you have any questions regarding this Policy, you may contact us at privacy@tegrefurniture.ie.
1. Who is the Controller of Your Personal Data?
The data controller is Tegre Sligo Ltd, registered in Ireland (Company No. 623299),
Cliffords Buildings, Harmony Hill, Sligo, F91 RR2F, Ireland,
VAT No. IE3530202WH.
You may contact us at privacy@tegrefurniture.ie.
2. Contact Regarding Data Protection
Given the nature and scale of our processing activities, we are not required to appoint a Data Protection Officer under Article 37 GDPR.
All privacy‑related matters, including data‑access requests, may be addressed directly to: privacy@tegrefurniture.ie.
3. What Information We Hold About You
Depending on the purpose, we may process the following categories of data:
- first name and surname,
- residential or delivery address,
- business address and VAT number (for business customers),
- email address,
- telephone number,
- correspondence content,
- details of orders placed in the Store,
- bank‑account or payment reference numbers,
- IP address and approximate location,
- newsletter statistics (opens, link clicks),
- preferred email client,
- interests inferred from site activity,
- content of product reviews or comments posted.
We also use analytics tools that automatically collect information about how the website is used, including:
- operating system and browser type,
- visited pages, time spent, navigation paths,
- referral source,
- age bracket and gender (where provided by analytics services),
- approximate geographic location,
- interests inferred from browsing behaviour.
These automatically collected data are referred to here as “Usage Information”.
Although such information does not normally allow us to identify you directly, under Irish DPC and CJEU interpretations it may in some cases constitute personal data.
Therefore, we treat all Usage Information with the same safeguards as personal data.
4. How We Obtain Your Data
Most data are provided directly by you when:
- creating an account,
- placing an order,
- submitting a complaint or withdrawal form,
- subscribing to the newsletter,
- adding a comment or review,
- contacting us by email or chat,
- following or interacting with us on social media.
Additionally, certain data are collected automatically:
- our systems record your IP address during account registration, order placement or newsletter sign‑up;
- the mailing system collects engagement metrics (open and click rates);
- external tools described later collect Usage Information through cookies or pixels.
5. Data Security
We take the security of your data seriously.
We have assessed processing risks and implemented appropriate technical and organisational safeguards, including encrypted connections (HTTPS), access control, employee training, and continuous monitoring of our infrastructure.
We regularly review these measures and improve them as needed.
If you have questions about our security arrangements, please contact privacy@tegrefurniture.ie.
6. Purposes and Legal Bases of Processing
We process your personal data for specific, lawful purposes, and only when necessary. Below is a summary of:
- why we collect the data
- our legal justification
- whether providing the data is mandatory
- what happens if you don’t provide it
| Purpose | Legal Basis | Mandatory? | Consequences if Not Provided |
|---|---|---|---|
| Account registration and management | Art. 6(1)(b) GDPR | Yes | Cannot create or manage your account |
| Order processing and fulfilment | Art. 6(1)(b), 6(1)(c) | Yes | We cannot fulfil your order or issue invoices |
| Complaints and withdrawals | Art. 6(1)(f) | Yes | We cannot process your complaint or refund |
| Newsletter delivery | Art. 6(1)(a) | No | You will not receive updates or promotions |
| Comments or reviews | Art. 6(1)(f) | No | You will not be able to submit reviews |
| Legal obligations (e.g. tax) | Art. 6(1)(c) | Yes | We cannot comply with legal requirements |
| Marketing and analytics (cookies) | Art. 6(1)(a) | No | Personalisation will be limited |
Account Management
When you create an account, we process your email and password, and optionally additional data such as name, address, VAT number and phone number.
These data are necessary to provide the service described in our Terms & Conditions.
They are stored for the life of your account and then archived for the statutory limitation period for contractual claims.
Orders
When you place an order, we process your name, address, email, phone number and, if applicable, company details.
We also log your IP address for security and fraud‑prevention purposes.
Data are used to perform the sales contract, issue invoices, and fulfil legal obligations under the Companies Act 2014 and tax legislation.
Order records are kept for 7 years for accounting purposes.
Complaints and Withdrawals
If you file a complaint or exercise the right of withdrawal, we process the data contained in your correspondence (name, address, email, phone number, bank account).
Data are used to manage the procedure and later archived for defence against potential claims.
Retention: up to the statutory limitation period (six years).
Newsletter
To receive our newsletter, you must provide your name and email address and give explicit consent.
You may withdraw consent at any time via the unsubscribe link in every message or by contacting us.
We also process limited engagement metrics (opens, clicks) to improve communication.
All newsletter data are retained for up to 3 years from the last interaction or until consent is withdrawn, whichever is earlier.
Reviews and Comments
Reviews may be submitted only by logged‑in users.
Published content includes your first name (or chosen display name) and review text.
You may edit or delete your review at any time.
Processing is based on our legitimate interest in maintaining transparency and customer feedback.
Customer Correspondence
If you contact us by email or live chat, we process the data contained in your message for the purpose of communication and possible follow‑up.
The lawful basis is our legitimate interest in responding to enquiries.
Correspondence may be archived for up to 2 years unless longer retention is necessary for legal defence.
7. How Long Do We Retain Your Personal Data?
We retain your personal data only as long as necessary to fulfil the purposes for which it was collected and to comply with our legal obligations. Specific retention periods are:
| Data Category | Retention Period | Legal Basis |
|---|---|---|
| Order and invoicing data | 7 years from transaction date | Companies Act 2014 and tax law |
| Complaint and withdrawal records | Up to 6 years | Limitation period for contractual claims |
| Newsletter and marketing data | 3 years from last activity or until withdrawal of consent | Article 6(1)(a)/(f) GDPR |
| Account data | For the duration of the account and 6 years after closure | Article 6(1)(b)/(f) |
| Customer service correspondence | 2 years from last contact | Article 6(1)(f) |
| Server logs | Up to 12 months | Article 6(1)(f) (security and diagnostics) |
In cases where we archive data based on legitimate interest (e.g. for legal defence), we do so only for as long as reasonably necessary and in a proportionate manner.
8. Who Are the Recipients of Your Data?
To run our business and provide the Store, we rely on third-party services. These entities may process your personal data on our behalf or independently, as data processors or controllers, respectively. Data recipients include:
- Hosting provider – stores data and site content on secure servers.
- Cloud storage providers – store internal documents, some of which may contain personal data.
- CRM system provider – manages order and customer interactions.
- Invoicing software provider – issues and stores invoices.
- Accounting firm – processes accounting records, including invoice data.
- IT support providers – may have access during technical interventions.
- Subcontractors – only if their tasks require access to data (e.g. support or integration tasks).
All of the above third parties are bound by appropriate data processing agreements and are required to comply with GDPR standards.
We may also disclose your data to:
- Legal advisors, if needed to defend or pursue legal claims;
- Tax authorities, for VAT and financial compliance;
- Law enforcement agencies or regulatory bodies, if required by law.
In addition, courier companies receive limited data (name, address, phone, email) solely to deliver your order. These providers act as independent controllers of delivery data.
We do not sell or lease your personal data to any third parties.
9. Do We Transfer Your Data Outside the EEA?
Yes. Some of the tools and services we use may store or process personal data on servers located outside the European Economic Area (EEA), particularly in the United States.
When this happens, we ensure your data remains protected through the following safeguards:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Transfer Impact Assessments (TIAs) assessing legal risks in destination countries
- Supplementary security measures, such as encryption, data minimisation, and restricted employee access
Specific Transfers
| Provider | Purpose | Destination | Safeguard |
|---|---|---|---|
| Stripe Payments Europe Ltd. | Payment processing | USA (via Stripe Inc.) | SCCs + Encryption + Access Control |
| Google LLC | Analytics & Advertising | USA | SCCs + Data Minimisation + Consent‑only activation |
| Meta Platforms Ireland Ltd. | Facebook Pixel / Ads | USA | SCCs + Pseudonymisation + Consent |
| Google LLC (YouTube) | Embedded media | USA | SCCs + Consent only (see Cookie section below) |
Third‑party tools (Google, Meta, Stripe, etc.) are independent data controllers once they receive your information.
You can read the European Commission’s SCC decision here.
These providers may further transfer data globally under their own compliance frameworks; we review such arrangements annually.
10. Do We Use Profiling or Automated Decision-Making?
We do not use automated decision-making that produces legal or similarly significant effects, as defined in Article 22 GDPR.
We do, however, use profiling to group website users into advertising audiences based on browsing behaviour. This is limited to:
- Facebook Pixel
- Google Ads remarketing
These tools help us show more relevant ads, but:
- do not affect your rights or pricing
- are based only on your prior consent to marketing cookies
- do not result in contract-related decisions
How profiling works:
- Input: pages viewed, abandoned carts, clicks
- Logic: audience group assignment
- Output: display of relevant ads
You may disable this at any time via our cookie preferences.
11. What Are Your Rights Under the GDPR?
You have the following rights:
| Right | Description |
|---|---|
| Access | Find out if we process your data and receive a copy (Art. 15 GDPR) |
| Rectification | Request correction of inaccurate or incomplete data (Art. 16) |
| Erasure | Request deletion if data are no longer needed or processed unlawfully (Art. 17) |
| Restriction | Ask us to limit processing in specific cases (Art. 18) |
| Objection | Object to processing based on our legitimate interest (Art. 21) |
| Portability | Receive your data in a machine-readable format (Art. 20) |
| Withdraw Consent | Withdraw your consent at any time (Art. 7) |
| Lodge Complaint | Contact the Irish Data Protection Commission at dataprotection.ie |
To exercise any of the above, contact us at privacy@tegrefurniture.ie.
We will respond within 1 calendar month and may request identity verification.
12. What Happens If You Do Not Provide Certain Data?
We will always indicate whether specific personal data:
- is required by law or contract
- is optional
Consequences of not providing required data:
- Account setup may be unavailable
- Orders may not be fulfilled
- Complaints or returns may not be processed
- We may be unable to respond to your inquiry
Data for marketing purposes is always optional and can be withdrawn at any time.
13. Do We Use Cookies, and What Are They?
Yes — our website uses cookies and similar technologies to improve user experience, provide essential features, and analyse website performance.
Cookies are small text files stored on your device that may include unique identifiers. They can be:
- Essential cookies – required for site operation (e.g. cart, login)
- Non‑essential cookies – used for analytics, ads, or media embeds
We will never place non‑essential cookies before you give consent.
14. On What Legal Basis Do We Use Cookies?
We process cookie data under:
| Type | Legal Basis | Activation |
|---|---|---|
| Essential cookies | Art. 6(1)(b) – contract performance or Art. 6(1)(f) – legitimate interest | Always active |
| Analytics & Advertising cookies | Art. 6(1)(a) – explicit consent | Only after consent |
| Embedded media (e.g. YouTube) | Art. 6(1)(a) – explicit consent | Only after click‑to‑play or consent |
Note: Ireland’s Data Protection Commission does not permit reliance on “legitimate interest” for analytics or embedded‑media cookies.
Such cookies will remain blocked until you grant consent through the banner or manual interaction.
15. How Does Our Cookie Consent Work?
When you first visit our site, a Cookie Consent Banner appears. It provides:
- Equal prominence for “Accept All” and “Reject All” options
- The ability to customise consent by category (e.g. Analytics, Marketing, Media)
- A default “no consent” state — no cookies are dropped until you make a choice
- No pre‑ticked boxes or implied consent
- A clear link to this Privacy & Cookie Policy
You can withdraw or modify consent at any time using the “Cookie Settings” link in the footer.
We maintain consent logs as required under GDPR Article 7(1).
16. What Are First‑Party Cookies Used For?
Our own cookies (set by tegrefurniture.ie) enable:
- remembering cart contents between sessions
- handling form submissions
- maintaining login sessions
- storing cookie consent preferences
These are essential for the website to function and do not require consent.
17. What Third‑Party Cookies Are Used?
| Provider | Purpose | Data Collected | Transfers Outside EEA | Legal Basis |
|---|---|---|---|---|
| Google Analytics 4 | Usage analytics | anonymised IP, device info, navigation paths | Yes (USA) | Consent |
| Google Ads | Remarketing & conversion tracking | browsing behaviour | Yes (USA) | Consent |
| Meta (Facebook Pixel) | Audience segmentation & ad delivery | page views, events | Yes (USA) | Consent |
| YouTube Embed | Embedded video playback | device ID, playback stats | Yes (USA) | Consent (click‑to‑play) |
Each of these providers acts as an independent controller.
Refer to their privacy notices for details:
Non‑essential third‑party cookies are disabled by default.
They are activated only after explicit consent is recorded.
18. Do We Track Your Behaviour on the Website?
Yes — but only after you consent to analytics or marketing cookies.
We use anonymised tracking to measure:
- pages visited
- time spent per section
- cart and checkout steps
- interactions with site features
Tracking data are aggregated and never used for individual decisions.
Consent may be withdrawn at any time via the Cookie Settings link.
19. Do We Deliver Targeted Advertising?
Yes, if you have given consent for marketing cookies.
We use:
- Google Ads Remarketing
- Facebook Custom Audiences
These services help us show relevant ads based on your browsing patterns.
They do not identify you by name or affect your contractual rights.
You may adjust ad preferences at:
You can also disable marketing cookies entirely through our banner.
20. How Can You Manage Your Privacy?
You can manage your data and privacy preferences in the following ways:
- Use the cookie settings banner on our site to opt in or out of specific cookie types
- Adjust settings in your browser (block, delete cookies)
- Use browser extensions for advanced cookie control (e.g. Ghostery, uBlock Origin)
- Use ad preference tools:
- Use Incognito/Private Browsing Mode in your browser to limit cookie storage
- Contact us directly at privacy@tegrefurniture.ie to:
- Request access or deletion of your data
- Revoke newsletter consent
- Ask any privacy-related question
21. What Are Server Logs?
Every time you visit our website, your browser automatically sends a request to our server.
These server logs may include:
- your IP address
- date and time of request
- pages visited
- browser and operating system information
We process this information to:
- ensure website security and stability
- diagnose technical problems
- detect and prevent malicious activity
Server logs are stored on secure servers for up to 12 months and are not linked to customer profiles or used for marketing.
22. What if There’s a Data Breach?
We take every reasonable technical and organisational measure to prevent data breaches.
However, if a breach occurs that may affect your personal data, we follow strict procedures under Articles 33 and 34 GDPR:
Controller obligations
- Assessment:
We immediately evaluate the nature and impact of the breach. - Notification to the Data Protection Commission (DPC):
- We will notify the Irish DPC within 72 hours of becoming aware of the breach.
- If the notification is delayed, we will provide the reasons for the delay.
- Notification to affected individuals:
- If the breach poses a high risk to your rights or freedoms, we will contact you without undue delay, using the contact details available in our system (e.g., email or phone).
- The notification will describe the nature of the breach, possible consequences, and actions you can take to mitigate harm.
- Mitigation and documentation:
- We will take all steps to contain and remedy the breach.
- Every breach (even minor ones) is recorded in our internal Breach Register.
If you suspect any unauthorised use or access to your personal data, please contact us immediately at privacy@tegrefurniture.ie
23. Age of Users
Our website and services are intended for adults aged 18 and over.
We do not knowingly target or collect personal data from children.
If you believe a child has provided personal data to us without parental supervision, please contact privacy@tegrefurniture.ie and we will delete it promptly.
24. Anything Else You Should Know?
We strive to make this policy complete and clear.
If you have any doubts about how we handle your personal data, or would like further details about our processors or safeguards, simply email us at privacy@tegrefurniture.ie.
For postal inquiries:
Tegre Sligo Ltd
Cliffords Buildings, Harmony Hill
Sligo, F91 RR2F, Ireland
25. Can This Privacy Policy Change?
Yes.
We may update this Privacy Policy to reflect:
- new legal requirements,
- changes in our services or technology, or
- updated guidance from the Data Protection Commission.
If you have an account with us, you will be notified of any material changes by email.
Older versions remain archived and available upon request.
Effective date: 1 November 2025