Terms and conditions of use
Terms and Conditions of Use
1. Introduction
Our privacy policy is designed to build a relationship of trust between you and our services, in order to provide you with a positive experience in a fully transparent manner. Through this policy, we aim to take your requirements into account and meet your expectations while respecting your personal data and privacy.
To honour your trust, KDML RETAIL LIMITED guarantees the protection of your personal data and the confidentiality of our customers' information (hereinafter referred to as "Your Data").
For full transparency and to ensure secure use of our website www.kossdesign.com, in all its available versions and related applications (hereinafter the "Website"), we describe how your data is collected, processed and protected, so that our services remain fully aligned with the respect of your rights.
We implement appropriate technical and organisational measures to ensure the security, confidentiality and integrity of your personal data and to protect it against unauthorised access, loss, alteration or disclosure. Your data is retained only for the duration necessary for the purposes described in this policy. You may access, update or modify your data at any time via your personal account on the Website.
2. Compliance with applicable data protection laws
We are committed to complying with all applicable data protection and privacy laws, including:
the General Data Protection Regulation (EU) 2016/679 (GDPR),
the Irish Data Protection Act 2018,
the ePrivacy Directive 2002/58/EC (as transposed into Irish law by S.I. No. 336/2011), and
any other applicable data protection legislation in the jurisdictions where our customers are located.
This policy provides information on: the purposes of data processing, the legal bases for processing, your rights regarding your data, data retention periods, data transfers, and security measures implemented.
3. Who are you?
When we refer to "you" in this policy, this includes: customers who have placed an order on the Website, customers who have created an account without placing an order, visitors browsing the Website without creating an account.
4. Who are we?
KDML RETAIL LIMITED
Private company limited by shares, incorporated in Ireland
Company Registration Number (CRO): 725523
Registered office: 24A Baggot Street Upper, Dublin D04 N528, Ireland
VAT Number: IE4040092UH
KDML RETAIL LIMITED operates and publishes the Website and acts as data controller for the processing of personal data described in this policy.
5. For what purposes do we process your data?
5.1 Data collection
Your personal data may be collected when you: browse the Website (via cookies), create a customer account, place an order, subscribe to our newsletters or SMS communications. This data allows us to: improve navigation and user experience, process orders and payments, prevent fraud, manage refunds and after-sales service, manage customer reviews, communicate marketing and promotional content where consent has been given.
5.2 Website navigation
Data collected through cookies is processed based on your consent or our legitimate interest in ensuring proper website functionality and security.
5.3 Order processing
Your data is used to manage: order processing and fulfilment, customer service and mediation, delivery and logistics, marketing communications where permitted. The legal basis for this processing is the performance of a contract between you and us (Article 6(1)(b) GDPR), as well as compliance with legal obligations (Article 6(1)(c) GDPR) and our legitimate business interests (Article 6(1)(f) GDPR).
5.4 Payment in instalments
For eligible customers, personal data may be processed to offer instalment payment options. The legal basis is the performance of the contract and your explicit consent for processing payment data.
5.5 Customer reviews
Your data may be used to collect and display customer reviews, based on your consent or our legitimate interest.
5.6 Payment collection and fraud prevention
Personal data is processed to: secure payments, detect and prevent fraud. The legal basis is contract performance and legitimate interest.
5.7 Marketing and business operations
We may use your data for: advertising campaigns, statistical analysis, promotional activities, customer relationship management. This processing is based on your consent (Article 6(1)(a) GDPR) or our legitimate interest (Article 6(1)(f) GDPR). You may withdraw your consent or opt out of marketing communications at any time by clicking the unsubscribe link in any email or by contacting us.
6. Data recipients
Your data may be shared internally and with trusted service providers involved in: payment processing, customer support, logistics and delivery, IT infrastructure, marketing and analytics, customer review platforms. All third-party processors are bound by data processing agreements in accordance with Article 28 GDPR. Data is not sold to third parties.
7. Data retention
Personal data is retained only for as long as necessary:
Prospect data: up to 3 years from last contact.
Customer and order data: up to 6 years for accounting and legal obligations (in accordance with Irish tax and company law).
Payment data: retained only for the duration required to complete transactions and comply with legal requirements.
Cookies: retention periods detailed in the Cookies section.
8. Your rights
Under the GDPR and Irish Data Protection Act 2018, you have the right to:
access your data (Article 15 GDPR),
request rectification (Article 16 GDPR),
request erasure ("right to be forgotten") (Article 17 GDPR),
restrict processing (Article 18 GDPR),
object to processing, including for direct marketing purposes (Article 21 GDPR),
request data portability (Article 20 GDPR),
withdraw consent at any time (Article 7(3) GDPR),
lodge a complaint with a supervisory authority (Article 77 GDPR).
To exercise your rights, please contact us at: support@kossdesign.com
We will respond within one (1) month of receiving your request, in accordance with GDPR requirements. This period may be extended by two further months where necessary, depending on the complexity and number of requests.
If you are unsatisfied with our response, you have the right to lodge a complaint with a data protection supervisory authority. As our company is established in Ireland, our lead supervisory authority is the Data Protection Commission (DPC):
Data Protection Commission
21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
Website: www.dataprotection.ie
Email: info@dataprotection.ie
If you are located in another EU/EEA member state, you also have the right to lodge a complaint with the supervisory authority in your country of residence or place of work.
9. Cookies
The Website uses cookies to: enable essential functionality, analyse performance, personalise content, deliver relevant advertising. In accordance with the ePrivacy Directive and Irish law, we obtain your consent before placing non-essential cookies on your device. You may manage cookie preferences through the cookie consent banner on the Website or through your browser settings.
10. International data transfers
Your data may be transferred outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place in accordance with Chapter V of the GDPR, including: EU Standard Contractual Clauses (SCCs), adequacy decisions by the European Commission, or other approved transfer mechanisms. You may request further information about the safeguards in place by contacting us at support@kossdesign.com.
11. Security measures
We implement technical and organisational measures aligned with industry standards and in accordance with Article 32 GDPR, including PCI DSS compliance for payment security, encryption of data in transit, access controls, and regular security assessments.
12. Automated decision-making
Certain processes (e.g. fraud detection, instalment payment eligibility) may involve automated decision-making. In accordance with Article 22 GDPR, you have the right not to be subject to a decision based solely on automated processing which produces legal or similarly significant effects. You may request human intervention, express your point of view, or contest such a decision by contacting us.
13. Governing law and updates
This policy is governed by the laws of Ireland and the European Union. We reserve the right to update this policy periodically to ensure ongoing compliance with applicable regulations. Any significant changes will be communicated via the Website or by email where appropriate.
