Effective date: 9 October 2025
AcrossThePondFoods.com (“Across the Pond Foods”, “we”, “our”, “us”) is an online store selling foods from Ireland to customers in the United States and other locations. We operate a WordPress/WooCommerce eācommerce website at https://acrossthepondfoods.com.
Controller: Across the Pond Foods
Address: Acrossthepondfoods.com, Cabra Business Park, Thurles, Co. Tipperary, E41 WY66, Ireland
Email: hello@acrossthepondfoods.com
We are the ācontrollerā of your personal data for the purposes of the EU/EEA and Irish data protection law, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Data Protection Acts 1988ā2018 (Ireland).
We have not appointed a Data Protection Officer. For any privacy questions, please contact us by email.
This policy explains how we collect, use, disclose, and protect personal data when you visit our website, create an account, place an order, contact us, or otherwise interact with us. Separate terms may apply to cookies and tracking technologies (see Section 8 below).
We collect and process the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Identity & contact | name, billing & shipping address, email address, phone number | provided by you when creating an account, placing an order, or contacting us |
| Order details | items purchased, order number, delivery instructions, order notes | provided by you and generated by us |
| Payment-related info | payment method, payment status, transaction IDs; we do not store full card numbers | provided to/processed by our payment processors (see Section 7) |
| Account data | username, hashed password, order history, saved addresses | provided by you |
| Communications | emails, contact forms, customer service messages, product reviews | provided by you |
| Technical data | IP address, device identifiers, browser type/version, time zone, referral URLs, page interactions | collected automatically via your browser and cookies/SDKs |
| Marketing preferences | newsletter optāin/optāout, consent records | provided by you |
We do not intentionally collect special category data (e.g., health, religion) or data relating to criminal offences.
We process personal data only where an appropriate legal basis under Article 6 GDPR applies. The main purposes and corresponding legal bases are:
| Purpose | Legal basis |
|---|---|
| To process and fulfil your orders, take payment, arrange delivery, provide invoices and order updates | Contract (Art. 6(1)(b)) |
| To create and manage your account and order history | Contract (Art. 6(1)(b)) |
| To provide customer support and respond to enquiries | Contract (Art. 6(1)(b)) and Legitimate interests in running our business (Art. 6(1)(f)) |
| To prevent fraud and ensure platform security | Legitimate interests (Art. 6(1)(f)) and Legal obligation (Art. 6(1)(c)) |
| To send service emails about your order or account | Contract (Art. 6(1)(b)) |
| To send marketing emails (e.g., promotions) | Consent (Art. 6(1)(a)); you may withdraw at any time |
| To maintain our website, debug, and improve user experience | Legitimate interests (Art. 6(1)(f)) |
| To comply with tax, accounting, consumer and customs laws | Legal obligation (Art. 6(1)(c)) |
Where we rely on legitimate interests, we have balanced those interests against your rights and freedoms and concluded they are not overridden by your interests or fundamental rights.
If you do not provide data that we need to process your order (e.g., name, address, payment information), we cannot enter into or perform the contract to supply goods. For optional activities (e.g., marketing), you are not required to provide data; refusal has no effect on your purchases.
Our store runs on WordPress and WooCommerce. Personal data you provide is stored on our website and processed by our service providers (see Section 7) to host the site, deliver emails, process payments, and ship orders. When you leave product reviews or comments, the site may collect your IP address and browser user agent to help spam detection.
We share personal data with third parties only as necessary for the purposes set out above, including:
We require our processors to provide appropriate safeguards and to process personal data only on our documented instructions.
We use cookies and similar technologies to operate our store (e.g., keep your cart, remember your session), analyse site usage, andāwhere you consentādeliver marketing. You can manage your cookie preferences via your browser settings and, where available, our consent banner. For details of specific cookies and retention periods, see our Cookie Policy (linked from our site footer). Essential cookies are necessary for the site to function and cannot be switched off.
We are based in Ireland and mainly process data in the EEA. Some of our providers are located outside the EEA, including in the United States. Where personal data is transferred to a country that does not provide an EU adequacy decision, we ensure appropriate safeguards are in place, such as EU Standard Contractual Clauses (SCCs). For U.S. transfers to participating providers, we may rely on the EUāU.S. Data Privacy Framework. Copies of relevant safeguards can be requested via hello@acrossthepondfoods.com (with appropriate redactions).
We keep personal data only for as long as necessary for the purposes collected, and to meet legal, accounting, or reporting requirements. Typical retention periods are:
| Data | Retention |
|---|---|
| Order records (identity, contact, order details, invoices) | up to 7 years from the end of the relevant tax year (to satisfy tax and accounting rules) |
| Account data | for as long as your account is active; if you request deletion, we will delete or anonymise within a reasonable period unless we need to retain for legal obligations |
| Customer service communications | up to 3 years after resolution |
| Marketing consent records | for as long as you remain subscribed and for up to 2 years after withdrawal to maintain suppression lists |
| Technical logs (security/fraud) | typically 6ā24 months, unless needed longer for investigations |
We may anonymise data so it is no longer personal; anonymised data may be retained indefinitely.
We implement appropriate technical and organisational measures to protect personal data, including HTTPS/TLS encryption in transit, access controls, leastāprivilege policies, secure password hashing, and regular patching and backups. However, no system is completely secure; please use unique, strong passwords and keep your account details confidential.
Subject to conditions and exemptions, you have the following rights:
To exercise your rights, contact hello@acrossthepondfoods.com. We may need to verify your identity. We aim to respond within one month as required by law and may extend by two further months for complex requests.
Our website is not directed to children and we do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will take appropriate steps to delete it.
If you opt in, we may send you marketing emails about our products and offers. You can unsubscribe at any time by using the link in the email or by contacting us at hello@acrossthepondfoods.com. We will not sell your data to third parties for their own marketing.
If you have concerns about our use of your personal data, please contact us first. You also have the right to lodge a complaint with the Data Protection Commission (DPC) in Ireland or with your local EU supervisory authority.
We may update this policy from time to time. We will post the updated version on our website and adjust the effective date. If changes materially affect your rights, we will take additional steps to inform you (e.g., email or notice on our site).
If you have questions about this policy or your data, contact:
Email: hello@acrossthepondfoods.com
Post: Acrossthepondfoods.com, Cabra Business Park, Thurles, Co. Tipperary, E41 WY66, Ireland
We accept credit and debit cards (Visa, Mastercard, American Express) and alternative methods (Stripe, PayPal, Apple Pay, Google Pay). Payments are processed by these providers in accordance with their own privacy notices. We recommend you review their policies for more information.