Privacy & Cookie Policies

This notice explains how we collect, use, store, share, and protect your personal information. It covers information that can identify you ("personal data") and information that cannot.

When we say "process" we mean collect, store, organise, share, use, or otherwise act on personal data.

If you are not happy with any part of this policy, your choice is to stop using our website and services.

We take your privacy seriously. We understand that visitors, customers, and suppliers have the right to know:

• what data we collect
• why we collect it
• how long we keep it
• who we share it with
• what your rights are

We will keep the information you give us confidential and secure.

We comply with Irish and UK data protection law, including the EU/UK General Data Protection Regulation (GDPR). You can read more about your rights at dataprotection.ie.

Except as set out in this policy, we do not sell, rent, or trade your personal data to third parties.

The law requires us to tell you the legal basis we rely on for each use of your data. We use four main bases:

• contract
• consent
• legitimate interests
• legal obligation

If a basis ever stops applying, we will stop using your data for that purpose. If the basis changes, we will tell you if required by law.

2.1. Information we process because we have a contract with you

When you create an account, request a quote, place an order, accept a proposal, or otherwise do business with us, a contract is formed between you and us. We need to process certain data to perform the contract.

We use this data to:

• verify your identity and keep your account secure
• provide quotations and pricing
• fulfil and deliver orders
• provide after-sales and support
• invoice and take payment
• keep basic records for our internal reporting
• offer product, stock, delivery and reordering advice based on your purchasing patterns

The personal data we may process under this basis includes:

• your name and business name
• delivery address and billing address
• email address and phone number
• VAT number (if applicable)
• order history
• communication history

We may also aggregate this information at a non-personal level to monitor our performance (for example, "number of deliveries completed in under 48 hours").

We keep this data for as long as the contract is active and for a reasonable period afterwards to:

• answer questions or complaints
• meet legal/accounting/tax requirements
• maintain evidence of what was agreed

2.2. Information we process with your consent

In some cases there is no direct contract, but you share information with us – for example:

• browsing our website
• subscribing to marketing communications
• asking us to send a quote
• requesting a call back or product information
• applying for an account

In these cases, we process your data because you have given us consent.

We try to obtain explicit consent wherever possible (for example, ticking a box to accept marketing emails or to accept cookies). In some situations, consent is implied (for example, emailing us with a question where you reasonably expect a reply).

You can withdraw consent at any time by emailing us or using unsubscribe options in our communications. If you withdraw consent, we will stop processing that data unless we have another lawful basis to keep using it.

If you withdraw consent, certain services may no longer be available to you (for example, we may be unable to send marketing offers or notify you of stock levels you asked us to monitor).

2.3. Information we process for our legitimate interests

We may process data if it is necessary for our legitimate interests and does not override your fundamental rights and freedoms.

Examples of our legitimate interests include:

• keeping proper business records and internal controls
• preventing fraud or misuse of our services
• responding to an enquiry you sent that reasonably requires a reply
• defending or enforcing our legal rights
• obtaining professional advice (for example, from accountants, insurers, or legal advisors)
• understanding purchasing behaviour to maintain stock of core lines customers rely on
• sending reasonable service-related updates about supply issues, delivery delays, substitutions, etc.

Before relying on legitimate interest, we consider:

• whether we could achieve the same outcome in a less intrusive way
• whether using your data could cause you harm
• whether you would reasonably expect this use

You can object to processing based on legitimate interests. If you do, we will stop unless we have a compelling reason to continue (for example, fraud prevention or legal defence).

2.4. Information we process because we are legally required to

Sometimes we must process and retain data because the law requires it. Examples include:

• tax and VAT records
• proof of delivery
• anti-fraud checks
• responding to lawful requests from authorities, regulators, or law enforcement (if they provide proper authorisation such as a warrant or court order)

This may include personal data.

3.1. Information you make public

If our website, social channels, or review platforms allow you to post content (for example, testimonials, public reviews, photos of your business using our products), anything you choose to publish may be visible to others and may be copied, shared, or archived by third parties.

We do not control what others do with information you have made public.

If you ask us to remove content that you have posted, we will consider the request and remove it where reasonable and lawful.

3.2. Reviews and service feedback

We may from time to time invite you to leave a review of your experience with us. We do this to monitor service levels and to help future customers understand how we operate. This may involve trusted third parties (for example, survey tools or review platforms). We rely on legitimate interest for this.

Leaving a review is optional.

3.3. Customer support

When you contact us (phone, email, web form, messaging apps, or otherwise), we collect the information you give us so that we can:

• respond to your request
• provide technical or product support
• resolve delivery or invoicing issues
• keep a record of what was said in case we need to refer back

We keep these records as part of our standard business function.

3.4. Complaints and issue resolution

If you raise a concern or complaint, we record all relevant details and may, where necessary, share limited information with others involved (for example, a delivery partner or supplier) in order to resolve the issue.

If we believe a complaint is malicious or without basis, we may choose not to engage further.

3.5. Job applications and employment

If you apply for a role with us, we will keep your application information for a reasonable period (normally up to 3 years) in case a suitable role opens later.

If you become an employee, we will create and maintain an internal HR file. We only use this information for purposes directly related to your employment. After your employment ends, we retain employment records for up to 6 years (or longer if required by law or in connection with a legal claim).

We do not store or directly process your full card details on our own servers.

When you pay by card, you are passed to a secure, PCI-compliant payment service provider. That page may be branded to look like ours, but it is controlled by the payment provider.

Our staff never have access to your full card number.

If you pay on account / invoice, we will store information necessary to manage that account (for example, credit terms, statements, and a record of payments received).

We use cookies and similar technologies on our website. For full details, please see our Cookie Policy.

In summary, cookies help us to:

• keep you signed in
• remember what's in your basket or quote request
• understand how our site is being used so we can improve it
• show relevant product and stock information
• support security and fraud prevention
• deliver reasonable marketing and re-targeting where you have consented to cookies that enable this

You can control cookies in your browser and via our cookie banner.

We may use analytics tools (for example, to understand which pages are most visited, how often customers reorder certain SKUs, or which areas of Ireland we're delivering most frequently). This helps us plan stock and service levels.

We may also use re-marketing: placing a small file (cookie or pixel) so that, with your consent, we can show you relevant ads or reminders on other platforms. For example, "You're nearly out of chip boxes - need a top-up before Friday?"

You can opt out of marketing cookies at any time.

In some cases, we receive limited business contact information from:

• delivery partners (for example, to confirm a drop-off contact name or delivery window)
• payment/credit reference services
• marketing platforms or industry directories where you have asked to be contacted by suppliers like us

We use this information only for the intended purpose (for example, delivering your order, confirming credit terms, or responding to a direct enquiry).

We share personal data only when necessary. Typical examples:

• delivery partners and couriers (to deliver goods)
• payment processors (to take payment)
• professional advisers (accountants, lawyers, insurers) under duty of confidentiality
• IT service providers (for example, email, CRM, or order management platforms)
• marketing service providers that help us send service updates or marketing communications (only where lawful)

Where we use third parties, we require them to handle your data securely and only for the agreed purpose.

We do not sell your personal data.

Most of our core systems are hosted in the EU/UK. Some services we use may involve processing in other countries (for example, the United States).

If data is transferred outside the European Economic Area (EEA/UK), we take steps to ensure appropriate safeguards are in place (for example, Standard Contractual Clauses or equivalent protections).

We keep personal data only as long as necessary:

• to provide goods and services you've requested
• to meet tax, accounting, and regulatory requirements
• to resolve disputes or support a legal claim or defence

In general:

• order, invoice, and delivery records are kept for at least the period required by tax law
• support messages and enquiry history are kept for a reasonable period so we can follow up properly
• marketing consent records are kept so we can prove when and how consent was given or withdrawn
• job applications are kept for up to 3 years unless you ask us to delete sooner (where lawful)

You have the following rights under data protection law:

• Access - you can ask for a copy of the personal data we hold about you.
• Rectification - you can ask us to correct inaccurate or incomplete data.
• Erasure - you can ask us to delete your data in certain circumstances.
• Restriction - you can ask us to limit how we use your data.
• Objection - you can object to certain types of processing (for example, marketing).
• Portability - you can ask us to transfer your data to you or another provider in a usable format, where the basis is consent or contract and the processing is automated.
• Withdraw consent - where we rely on consent (for example, marketing emails), you may withdraw that consent at any time.

You can make any of these requests by contacting us.

Before we act on certain requests (for example, to disclose or delete data), we may ask you to confirm your identity. This protects you.

If you are unhappy with how we handle your data, you have the right to complain to the Data Protection Commission in Ireland (dataprotection.ie). We would appreciate the chance to resolve the issue first.

We do not market or sell to children. Our services are directed to business customers (for example, cafés, restaurants, takeaways, hotels, caterers, etc.).

If you are under 18, you may only use our website or contact us with the consent of a parent or guardian.

We use technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, disclosure, alteration, and destruction.

Where possible, we use SSL/TLS encryption so that information sent between your browser and our systems is protected in transit. You can usually see this via the padlock icon in your browser.

No system can ever be guaranteed 100% secure, but we work to industry-standard best practice.

We may update this policy from time to time. The version that applies is the version published on our website at the time you interact with us.

We recommend you print or save a copy for your records.

To exercise your rights, ask a question, or raise a concern about privacy, you can contact us at:

Please include enough detail for us to identify you and respond.