Privacy Policy - PetMatch

Last updated: 16 August 2022

Introduction

Welcome to the PetMatch.ie website. PetMatch.ie is owned and operated by PetMatch Limited, a company registered in the Republic of Ireland under company number 709871. In this privacy policy, we refer to ourselves as “PetMatch”, “we”, “us”, “our” or “ourselves”.

We take the privacy, including the security, of personal information we hold about you seriously. This privacy policy is designed to inform you about how we collect personal information about you and how we use that personal information. You should read this privacy policy carefully so that you know and understand why and how we use the personal information we collect and hold about you.

We are the Data Controller of the personal information we collect, hold and use about you, as explained in this policy. You can contact us in relation to this policy by emailing us at hello@petmatch.ie.

We do not have a data protection officer, but if you have any questions about this privacy policy or issues arising from it, you can contact us using the above details for matters relating to data protection at our organisation.

We may issue you with other privacy notices from time to time, including when we collect personal information from you. This privacy policy is intended to supplement these and does not override them.

We may update this privacy policy from time to time. This version was last updated on 16 August 2022.

Key definitions

The key terms that we use throughout this privacy policy are defined below, for ease:

Data Controller: Under Irish data protection law, this is the organisation or person responsible for deciding how personal information is collected and stored and how it is used.
Data Processor: A Data Controller may appoint another organisation or person to carry out certain tasks in relation to the personal information on behalf of, and on the written instructions of, the Data Controller. This might be the hosting of a site containing personal data, for example, or providing an email-marketing service that facilitates mass distribution of marketing material to a Data Controller’s customer base.
Personal Information: In this privacy policy, we refer to your personal data as ‘personal information’. ‘Personal information’ means any information from which a living individual can be identified. It does not apply to information that has been anonymised.
Special Information: Certain very sensitive personal information requires extra protection under data protection law. Sensitive data includes information relating to health, racial and ethnic origin, political opinions, religious and similar beliefs, trade union membership, sex life and sexual orientation and also includes genetic information and biometric information. We do not collect or hold any special information about you.

Personal information that we collect and hold

PetMatch collects personal data as part of the operation of our business and to provide you with the product and services that we offer. You provide some of this data to us directly, for example when you create a profile with us, contact a rescue through the site, sign up to our newsletter or send a query to our team. Other data is collected via cookies and other technologies when you interact with our site.

We collect personal data in the following ways:

Information you provide to us: When you register a profile with us or sign up to our newsletter, you provide us with some personal data such as your name and email address, which we will store in order to create your account or add you to our mailing list. We will also store information relating to any further use of our service, when you contact another user of the site through our platform, the contents of the emails you send to them and any other information that you may upload to the site. Finally, we may also collect information from any correspondence that you have with us.
Your use of our services: When you use our site, we collect information about what types of services you use and how you use them. The information that we collect includes:
Information about how our services are used: We also register information about how you use our services. For example, which pages of the site you visit, the searches that you have performed, the times and dates that you visited our site, how long a page is displayed on your screen, how you navigate around the page, which websites you have visited before visiting our site, what functions you have carried out on a page.
Messages: We collect information about when you send or receive messages from other users of our site.
Information about user location: We register your geographical location based on your IP address and mobile network code.
Information about your device and internet connection: We may also receive website, device and technical information automatically from technologies such as cookies that are installed on our website. This can include information about the device you use, such as the device manufacturer, operating systems and browser version, IP address, network ID, cookies and unique ID files. This information can help us to adapt the way content is displayed to you, based on your device and user profile. You can find more information about cookies, how and why we use them, and how to manage them in our Cookie Policy.
Third Party & publicly available information: We may receive some of your personal information from third parties or publicly available sources. This includes:

1. Identity Information and Contact Information from publicly available sources such as The Companies Office, others;
2. Website, Device and Technical Information from third parties such as analytics providers (like Google);
3. Any other methods by which you collect personal data;

The types of personal data we collect about you may differ from person to person, depending on who you are and your relationship with us.

When using our site, you have choices about what data we collect, and when you are asked to provide personal data you may decline. If you decline to provide data that is necessary to provide you with a particular feature, it may mean that you may not be able to use this product or feature.

Legal Basis for Processing

We are only able to use your personal information for certain legal reasons set out in data protection law. There are legal reasons under data protection law other than those listed below; but, in most cases, we will use your personal information for the following legal reasons:

Contract Reason: In order to perform our obligations to you under any contract we have entered into with you;
Legitimate Interests Reason: Where the use of your personal information is necessary for our (or a third party’s) legitimate interests, so long as that legitimate interest does not override your fundamental rights, freedoms or interests;
Legal Obligation Reason: Where we have to use your personal information in order to perform a legal obligation by which we are bound; and
Consent Reason: Where you have given us your consent to use your personal information for a specific reason or specific reasons. In the event you wish to withdraw your consent to the collection and processing of your Personal Data in this manner, please contact us at hello@petmatch.ie.

How We Use Your Personal Information

We use the data that we collect to provide you with the products and services that we offer. This allows us to improve the products that we offer you and to personalise your experience on our site. We have explained below the different purposes for which we use your personal information and, in each case, the legal reason(s) allowing us to use your personal information. Please also note the following:

where Legitimate Interests is the legal reason for which we can use your personal information, we have also explained what that legitimate interest is; and
for some of the purposes, we may have listed more than one legal reason on which we can use your personal information, because the legal reason may be different in different circumstances. If you need confirmation of the specific legal reason that we are relying on to use your personal data for that purpose, please contact us using the contact details set out at the start of this privacy policy.

Purpose	Legal Reason(s) for using the personal information
To enrol you as a user or customer and authenticate your account	Contract Reason Legitimate Interests Reason (in order to offer you goods, services and/or digital content which helps us to develop our business)
To process an order, which includes taking payment from you, advising you of any updates in relation to your order or any enforcement action against you to recover payment	Contract Reason Legitimate Interests Reason (in order to [recover money that you owe us])
To manage the services we provide to you and to notify you of any changes, service issues and/or security updates	Contract Reason Legal Obligation Reason
To comply with audit and accounting matters	Legal Obligation Reason
To improve the goods, services, and/or digital content that we supply	Legitimate Interests Reason (in order to improve the goods, services, and/or digital content for future customers and to grow our business)
To recommend and send communications to you about goods, services, and/or digital content that you may be interested in. More details about marketing are set out below	Legitimate Interests Reason (in order to grow our business) Consent Reason
To understand how customers and visitors to our website use the website and interact with it via data analysis	Legitimate Interests Reason (to improve and grow our business, including our website, and to understand our customer’s needs, desires and requirements)
To enable communication between users of the site	Legitimate Interests Reason (in order to offer you goods, services and/or digital content which helps us to develop our business)
To investigate and respond to service issues and complaints	Legitimate Interests Reason (to improve and grow our business, including our website, and to understand our customer’s needs, desires and requirements)
To monitor security, investigate and identify possible fraudulent behaviour on the site and possible attempts to harm other members or visitors to the site. We may also use your data to investigate violations of our Terms of Use or this Privacy Policy.	Legitimate Interests Reason (to improve and grow our business, including our website, and to understand our customer’s needs, desires and requirements) Legal Obligation Reason

Where we rely on consent as the legal reason for processing your personal information for a specific purpose, you have the right under data protection law to withdraw your consent at any time. If you do wish to withdraw your consent, please contact us using the details set out at the beginning of this policy. If we receive a request from you withdrawing your consent to a specific purpose, we will stop processing your personal information for that purpose, unless we have another legal reason for processing your personal information – in which case, we will confirm that reason to you.

Sometimes we may anonymise personal information so that you can no longer be identified from it and use this for our own purposes. In addition, sometimes we may use some of your personal information together with other people’s personal information to give us statistical information for our own purposes. Because this is grouped together with other personal information and you are not identifiable from that combined data we are able to use this.

Under data protection laws, we can only use your personal information for the purposes we have told you about, unless we consider that the new purpose is compatible with the purpose(s) we told you about. If we want to use your personal information for a different purpose that we do not think is compatible with the purpose(s) we told you about, then we will contact you to explain this and what legal reason is in place to allow us to do this.

It is important that you keep your personal information up to date. If any of your personal information changes, please contact us as soon as possible to let us know. If you do not do this, it may impact the products or features that you can use.

How we Share Your Information

Site Usage: Our service allows you to engage with other members of our site. If you send a message to a rescue member of our site, your message will be shared with that site member and with us.

Suppliers & Advisors: We engage third party service providers to help us to provide our service to you. For example, these can include IT support services, payment providers, administration providers, marketing agencies, email platforms, bankers, credit reference agencies, lawyers, accountants, auditors, insurance companies. These service providers will have access to your information as much as is reasonably necessary for them to perform these tasks on our behalf. They are obligated not to disclose or use your data for any other purpose.

Legal Disclosures: When required to by law, we may disclose information about you. This may be as a result of a subpoena or other legal process. Your personal information will also be shared if we believe that the disclosure is necessary to

1. Be used by government enforcement agencies to investigate, prevent or take action against any suspected or actual illegal activities.
2. To enforce the agreements that we have with you.
3. To investigate and defend PetMatch against any allegations made by third parties.
4. To protect the integrity and security of our services.
5. To exercise the rights and safety of PetMatch, our employees and other users of our service.

Potential Change of Ownership: If PetMatch enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to the potential new business partners or owners in preparation for, or as a result of, any of these events. Any other entity which buys PetMatch or any part of our business, will have the right to continue to use your data in the way described by this privacy policy, unless you notify us otherwise.

Depending on the circumstances, the organisations or people who we share your personal information with will be acting as either Data Processors or Data Controllers. Where we share your personal information with a Data Processor, we will ensure that we have in place contracts that set out the responsibilities and obligations of us and them, including in respect of security of personal information.

We do not sell or trade any of the personal information that you have provided to us.

How Long we Hold your Personal Information

We will only hold your personal data for as long as is necessary. How long is necessary will depend upon the purposes for which we collected the personal information and whether we are under any legal obligation to keep the personal information (such as in relation to accounting or auditing records or for tax reasons).

We may also need to keep personal information in case of any legal claims.

When you register an account with us, we will retain the information that you provide to us for as long as you hold this account. For personal information connected to a Business user or Rescue user account, once an account has been closed, we will continue to retain this data for a period of seven years. This timeframe is in line with the Irish statutory limitation periods. For Public users, once an account has been closed, we will continue to retain this data for a period of one year. All other data provided, which is not personally identifiable, may be retained for possible future use.

If you have provided data to us without registering an account, this data will be retained for 7 years after your last date of activity with us.

Automated Decision Making

‘Automated decision making’ is where a decision is automatically made without any human involvement. Under data protection laws, this includes profiling. ‘Profiling’ is the automated processing of personal data to evaluate or analyse certain personal aspects of a person (such as their behaviour, characteristics, interests and preferences).

Data protection laws place restrictions upon us if we carry out any automated decision making (including profiling) that produces a legal effect or similarly significant effect on you.

We do not carry out any automated decision making (including profiling) that produces a legal effect or similarly significant effect on you. If we do decide to do this then we will notify you and we will inform you of the legal reason we are able to do this.

Your Rights and Choices

Under data protection laws, you have certain rights in relation to your personal information, as follows:

Right to request access: Non-registered and registered users of the site can request that we provide a copy of the personal information that we hold about you.
Right to correction: Users of the site can request that any incorrect personal data is corrected and that any incomplete personal data is completed. You can edit and make changes to the personal information by logging into your profile and editing it directly from there or by contacting our team directly. You can change your marketing and contact preferences at any time in your account dashboard or by unsubscribing from our newsletter. You may ask us to make any necessary changes to ensure that such information is accurate and kept up-to-date.
Right to erasure/Right to be forgotten: This right only applies in certain circumstances. Where it does apply, you have the right to request us to erase any personally identifiable information we hold. In some instances we may be unable to delete your data if we are required to retain it to comply with our legal obligations (including requests from law enforcement agencies).
Right to restrict processing: This right only applies in certain circumstances. Where it does apply, you have the right to request us to restrict the processing of your personal information.
Right to data portability: This right allows you to request us to transfer your personal information to someone else.
Right to object: you have the right to object to us processing your personal information for direct marketing purposes. You also have the right to object to us processing personal information where our legal reason for doing so is the Legitimate Interests Reason (see section 4 above) and there is something about your particular situation that means that you want to object to us processing your personal information. In certain circumstances, you have the right to object to processing where such processing consists of profiling (including profiling for direct marketing).

In addition to the rights set out above, where we rely on consent as the legal reason for using your personal information, you have the right to withdraw your consent.

If you wish to exercise any of the above rights in relation to your personal information, please contact us using the details set out at the beginning of this policy. If you do make a request, please note:

we may need certain information from you so that we can verify your identity;
we do not charge a fee for exercising your rights unless your request is unfounded or excessive; and
if your request is unfounded or excessive, then we may refuse to deal with your request.

Marketing

We do not pass your personal information on to any third parties for marketing purposes.

You may receive marketing from us about goods and services, where either you have consented to this, or we have another legal reason by which we can contact you for marketing purposes. However, we will give you the opportunity to manage how or if we market to you. In any email that we send to you, we provide a link to either unsubscribe or opt out, or to change your marketing preferences. If you have a profile with us, you can login to your account and manage your preferences there too. To change your marketing preferences, and/or to request that we stop processing your personal information for marketing purposes, you can also contact us on the details set out at the beginning of this policy.

If you do request that we stop marketing to you, this will not prevent us from sending communications to you that are not to do with marketing.

Complaints

If you are unhappy about the way that we have handled or used your personal information, you have the right to complain to the Irish supervisory authority for data protection, which is the Data Commissioner’s Office (DCO). Please do contact us in the first instance if you wish to raise any queries or make a complaint in respect of our handling or use of your personal information, so that we have the opportunity to discuss this with you and to take steps to resolve the position. You can contact us using the details set out at the beginning of this privacy policy.

Third-party websites

Our website may contain links to third-party websites. If you click and follow those links, then these will take you to the third-party website. Those third-party websites may collect personal information from you, and you will need to check their privacy policies to understand how your personal information is collected and used by them.

Other Important Information

Security: The security of your data is important to us. We perform regular monitoring of our systems to identify possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send to us. No guarantee is given that the data will not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

Changes to this Statement: This statement will be updated when necessary to reflect product or other changes. When this statement is updated, the “last updated” date will be revised at the top of this statement. We encourage you to review our Privacy Policy regularly so that you can stay informed about our use of your data.