Privacy

Privacy Policy Statement

Privacy Statement for Kefron

Introduction

Kefron Limited (“Kefron,” “we,” “us,” “our”) is committed to protecting the privacy and security of your personal data. This Privacy Statement explains how we collect, use, disclose, and safeguard your information in compliance with the General Data Protection Regulation (Regulation (EU) 2016/679 – “GDPR”).

Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Legitimate Interests: For business operations, service improvements, and security (balanced against your rights and interests).
  • Contractual Necessity: To fulfil agreements with customers, suppliers, and employees.
  • Legal Obligations: Compliance with statutory and regulatory requirements.
  • Consent: For specific processing activities where required, which can be withdrawn at any time.

Collection and Use of Personal Data

We collect the following personal data:

  • Identification Data: Name, contact details, and user credentials.
  • Transactional Data: Purchase history and service usage.
  • Security Data: CCTV footage, access logs, and authentication records.

Personal data is used to:

  • Provide and improve our services.
  • Maintain security and compliance.
  • Communicate service updates and respond to inquiries.
  • Prevent fraud and unauthorised access.

Processors and Sub-Processors

Kefron uses third-party processors and sub-processors for service delivery, data hosting, and payment processing. A list of these processors is available upon request. We ensure that all third parties adhere to strict GDPR-compliant contracts.

International Data Transfers

Where data is transferred outside the EEA, we implement appropriate safeguards such as:

  • Standard Contractual Clauses approved by the European Commission.
  • Adequacy decisions from the European Commission.

Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this Privacy Statement or as required by law. Retention periods are specified in our Data Retention Policy.

Security Measures

We implement technical and organisational security measures, including:

  • Encryption and secure data storage.
  • Access controls and authentication mechanisms.
  • Regular security audits, compliance assessments and training.
  • Data Loss Prevention; Secure Backup and Disaster Recovery.

Data Subject Rights

Under GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate data.
  • Request erasure of your data (subject to legal obligations).
  • Restrict or object to processing.
  • Data portability (where applicable).
  • Lodge a complaint with the Data Protection Commission (DPC).

To exercise these rights, contact our Data Protection Officer (DPO) at DPO@kefron.com.

Automated Processing and AI

Where AI or automated decision-making is used, we ensure:

  • Transparency in how AI influences decisions.
  • Human oversight for critical AI-generated outputs.
  • The ability to contest automated decisions.

Cookies and Tracking Technologies

We use cookies to enhance user experience and analyse website traffic. You can manage cookie preferences through your browser settings.

Breach Notification

In the event of a data breach, affected individuals will be notified promptly in accordance with GDPR requirements.

Changes to This Privacy Statement

We may update this Privacy Statement from time to time. The latest version will always be available on our website.

Contact Information

If you have any questions, contact our DPO:

  • Email: DPO@kefron.com
  • Phone: +353 1 4380200
  • Address: 53 Park West, Dublin 12, Ireland.

Last updated February 2025.