Privacy Policy

Last Updated: March 2026

J. Grennan & Sons

J. Grennan & Sons (“we”, “us”, “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, contact us, or use our services.

By using our website, you agree to the practices described in this Privacy Policy.

 

  1. Who We Are (Data Controller)

 J. Grennan & Sons
Rath, Birr, Co. Offaly
Phone: 057 9133002
Email: contactus@grennans.ie

We act as the Data Controller, meaning we determine how your personal data is collected and processed.

 

  1. How to Contact Us About Data Protection

For all data protection queries, including exercising your GDPR rights, you can contact:

Data Protection Contact
Email: contactus@grennans.ie

 

  1. What Data We Collect

We may collect the following categories of personal data:

Information you provide directly

  • Name
  • Postal address
  • Email address
  • Phone number
  • Enquiry or message content
  • Order‑related details (if placing an order)

Information collected automatically

  • IP address
  • Browser type and device data
  • Pages visited and time spent on the website
  • Cookie and tracking data (see Cookie Section)

 

  1. How We Collect Your Data

We collect data when you:

  • Complete a contact form
  • Send us an email or call us
  • Place an order (if applicable)
  • Browse our website (via cookies/analytics)

 

  1. How We Use Your Information

We use your personal data for:

  1. Responding to enquiries, questions, or requests
  2. Processing orders and providing customer support
  3. Maintaining website functionality and security
  4. Improving our website and user experience
  5. Managing customer accounts (if applicable)
  6. Fulfilling legal or regulatory obligations (e.g., invoicing)

We do not sell or rent your data to any third parties.

 

  1. Legal Basis for Processing

Under GDPR, we rely on the following legal bases:

  • Contract Performance
    To process orders, deliver goods, and respond to enquiries.
  • Consent
    For optional marketing communications (email, phone, SMS).
  • Legitimate Interests
    For website analytics, fraud prevention, site security, and improving services.
  • Legal Obligation
    For tax, invoicing, and accounting requirements.

 

  1. Data Retention – How Long We Keep Your Information

We retain data only for as long as necessary:

  • Enquiry emails: up to 24 months
  • Order records: 7 years (required under Irish tax law)
  • Website analytics data: typically, 14–26 months depending on provider
  • Cookie data: according to cookie expiry (see Cookie Policy)

When data is no longer needed, it is securely deleted.

 

  1. Who We Share Your Data With (Third‑Party Processors)

We may share data with trusted service providers who help us operate our business, such as:

  • Website hosting & security providers
  • Email service providers
  • Analytics services (e.g., Google Analytics)
  • Payment processors (if applicable)
  • IT support providers

These providers process data only on our instructions and are bound by GDPR‑compliant contracts.

We do not disclose your data to any parties for marketing purposes.

 

  1. International Data Transfers

Some of our service providers may store data outside the EU/EEA (e.g., servers in the USA).

Where this occurs, we ensure protection through mechanisms such as:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions
  • GDPR‑compliant data protection agreements

We take all reasonable steps to ensure your data remains secure and protected.

 

  1. Cookies and Tracking Technologies

Our website uses cookies to improve functionality, enhance user experience, and understand website performance.

Types of cookies used:

  • Strictly Necessary Cookies – required for website operation
  • Functional Cookies – improve usability
  • Analytics Cookies – help us analyse site performance
  • Marketing Cookies – used for advertising (only if applicable)

You can accept or reject non‑essential cookies via our cookie banner and can change your preferences at any time through your browser settings.

 

  1. Your GDPR Rights

You have the following rights under GDPR:

  • Right of access – request a copy of your data
  • Right to rectification – correct inaccurate information
  • Right to erasure – request deletion of your data
  • Right to restrict processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with the Data Protection Commission (DPC)

Irish Data Protection Commission: https://www.dataprotection.ie/

To exercise your rights, email: contactus@grennans.ie

We will respond within 30 days.

 

  1. How We Protect Your Data

We use several security measures including:

  • SSL encryption
  • Secure servers
  • Access controls
  • Regular system updates
  • Monitoring for potential threats

While we take all reasonable steps to secure your data, transmission over the internet cannot be guaranteed 100% secure.

 

  1. Data Breach Procedures

If we become aware of a breach affecting your personal data, we will:

  • Notify you promptly where required
  • Notify the Data Protection Commission when legally obligated
  • Take immediate steps to reduce any potential harm

 

  1. Children’s Data

Our website and services are intended for adults.
We do not knowingly collect personal data from individuals under the age of 16 without parental consent.

 

  1. Links to External Websites

Our website may include links to third‑party sites.
We are not responsible for their privacy practices, and we recommend reviewing their policies separately.

 

  1. Changes to This Privacy Policy

We review this policy regularly.
Any updates will be posted on this page with a new “Last Updated” date.