Privacy policy
Last updated: 19 May 2026
At Monairre, your privacy is a fundamental priority. This Privacy Policy explains how Monairre ("we", "us", "our") collects, uses, stores, and protects your personal data when you visit monairre.com, place an order, or contact our customer service team.
This Policy is written in compliance with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) and the Irish Data Protection Act 2018. By using our website or purchasing from us, you acknowledge that you have read and understood this Policy.
1. Who We Are (Data Controller)
Monairre is the data controller responsible for your personal data.
Company name: Monairre
Business Address: 68 Mody Rd, Tsim Sha Tsui East, Hong Kong
Email: support@monairre.com
Phone number: +353-43-054-8718
Warehouse Address: 2 Kilbelin Cres, Kilbelin, Newbridge, Co. Kildare, W12 A336, Ireland
Website: https://monairre.com
2. What Personal Data We Collect
2.1 Data you provide directly
- Full name and delivery/billing address
- Email address and phone number
- Payment information (processed securely by our payment provider — we never store full card details)
- Messages and enquiries you send to our customer service team
- Account login credentials if you create an account
2.2 Data collected automatically
- IP address, browser type, and operating system
- Device type and screen resolution
- Pages visited, time spent on pages, and click behaviour
- Referring URL (how you arrived at our website)
- Cookie and tracking data (see our Cookie Policy)
2.3 Data from third parties
- Payment status and fraud screening results from our payment processor
- Delivery status updates from our courier partners (DHL, FedEx, UPS)
3. Legal Basis for Processing (Article 6 GDPR)
Under the GDPR, we are required to have a valid legal basis for every type of processing we carry out:
Contract (Art. 6(1)(b)): Processing your order, arranging delivery, handling returns and refunds, and managing your customer account.
Legal obligation (Art. 6(1)(c)): Complying with tax, accounting, and consumer protection laws; responding to lawful requests from authorities.
Legitimate interests (Art. 6(1)(f)): Preventing fraud and chargebacks; improving our website; sending service-related communications; analysing purchase trends to improve our product range.
Consent (Art. 6(1)(a)): Sending marketing emails and newsletters. You can withdraw consent at any time by clicking 'unsubscribe' in any email or by contacting us directly.
4. How We Use Your Personal Data
We use your personal data for the following purposes:
- Processing, fulfilling, and shipping your orders
- Sending order confirmation, shipping confirmation, and delivery updates
- Handling returns, exchanges, and refunds
- Providing customer support and responding to enquiries
- Sending marketing communications (only where you have given consent)
- Detecting and preventing fraud and unauthorised transactions
- Improving our website, product catalogue, and overall shopping experience
- Complying with our legal and regulatory obligations
5. Who We Share Your Data With
We never sell or rent your personal data to third parties. We share your data only where necessary with the following trusted service providers, who are bound by strict data processing agreements:
- Payment processors — to securely process your transactions (e.g. Shopify Payments)
- Courier and logistics companies — to deliver your order (DHL, FedEx, UPS)
- Shopify Inc. — our e-commerce platform provider, which processes data on our behalf
- Email service providers — to send transactional and marketing emails
- Analytics and advertising platforms — only where you have given consent via our cookie banner
- Law enforcement or regulatory authorities — where required by law or to protect our legal rights
6. International Data Transfers
Because we operate globally and use international service providers (including Shopify, Inc., based in Canada, and payment processors and courier companies with operations in the United States and other countries), your personal data may be transferred to and processed in countries outside the European Economic Area (EEA).
Where such transfers occur, we ensure that adequate safeguards are in place in accordance with GDPR Chapter V. These safeguards may include:
- European Commission adequacy decisions (e.g. Canada is recognised as providing adequate protection)
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data processing agreements with sub-processors that comply with GDPR requirements
You may request a copy of the relevant safeguards by contacting us at support@monairre.com.
7. How Long We Keep Your Data
We retain your personal data only for as long as necessary for the purposes outlined in this Policy, or as required by law:
| Data Type | Retention Period | Reason |
|---|---|---|
| Order & transaction records | 7 years | Irish tax & accounting law |
| Customer account data | Until account deleted + 1 year | Service provision |
| Marketing consent records | Until consent withdrawn + 1 year | Legal compliance |
| Customer support messages | 3 years | Dispute resolution |
| Website analytics data | 26 months (anonymised) | Service improvement |
| Fraud prevention records | 5 years | Legitimate interests / legal obligation |
8. Your Rights Under GDPR
As a data subject located in the European Economic Area or the United Kingdom, you have the following rights:
- Right of access (Art. 15): You may request a copy of the personal data we hold about you.
- Right to rectification (Art. 16): You may request correction of inaccurate or incomplete data.
- Right to erasure (Art. 17): You may request deletion of your personal data where there is no lawful reason for us to continue processing it.
- Right to restriction of processing (Art. 18): You may request that we restrict processing of your data in certain circumstances.
- Right to data portability (Art. 20): You may receive your personal data in a structured, machine-readable format and transfer it to another controller.
- Right to object (Art. 21): You may object to processing based on legitimate interests or for direct marketing purposes at any time.
- Right to withdraw consent (Art. 7(3)): Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
- Right not to be subject to automated decision-making (Art. 22): We do not use solely automated decision-making that produces legal or similarly significant effects on you.
To exercise any of these rights, please contact us at support@monairre.com. We will respond within 30 days. We may need to verify your identity before processing your request.
9. Right to Lodge a Complaint
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a data protection supervisory authority.
In Ireland: Data Protection Commission (DPC) Website: www.dataprotection.ie Phone: +353 57 868 4800 Address: 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland
In the United Kingdom: Information Commissioner's Office (ICO) Website: ico.org.uk
10. Cookies
Our website uses cookies and similar tracking technologies. We use both strictly necessary cookies (which do not require consent) and optional cookies (which require your explicit consent via our cookie banner).
For full details of the cookies we use, their purpose, and how to manage your preferences, please read our Cookie Policy. You can manage or withdraw your cookie consent at any time through the cookie preferences banner on our website, or by adjusting your browser settings.
11. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These include:
- SSL/TLS encryption for all data transmitted via our website
- Secure, access-controlled storage of personal data
- Strict internal access controls — only authorised personnel can access personal data
- Regular security reviews and updates
- Payment data is handled exclusively by PCI DSS-compliant payment processors — we never store full card numbers
In the unlikely event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours as required by Article 33 GDPR, and will notify affected individuals without undue delay.
12. Children's Privacy
Our website and services are intended exclusively for adults aged 18 and over. We do not knowingly collect personal data from children under the age of 18. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us at support@monairre.com and we will delete that information promptly.
13. Third-Party Websites and Links
Our website may contain links to third-party websites, including our social media profiles. We have no control over the content or privacy practices of those websites and are not responsible for them. We encourage you to read the privacy policy of any third-party website you visit.
14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page. Your continued use of our website after any changes constitutes your acceptance of the updated Policy.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:
Company name: Monairre
Business Address: 68 Mody Rd, Tsim Sha Tsui East, Hong Kong
Email: support@monairre.com
Phone number: +353-43-054-8718
Warehouse Address: 2 Kilbelin Cres, Kilbelin, Newbridge, Co. Kildare, W12 A336, Ireland
Customer Service
Monday to Friday: 8:00 – 17:00
Saturday to Sunday: 9:00 - 16:00
(All times are based on Hong Kong Time GMT+8)
Average response time: within 12 hours