OUR

PRIVACY POLICY

This privacy policy describes how Redcave Industries Limited (“Keoghs Cafe”, “we” and “our”) collect, use and share (collectively, “use”) your personal data. Please read the following carefully to understand our practices regarding your personal data. IMPORTANT INFORMATION Who is Keoghs Cafe? The controller of your personal data for purposes of data protection law is Redcave Industries Limited t/a Keoghs Cafe, a company incorporated in Ireland with company number 290102 with a registered office at1-2 Trinity Street, Dublin 2, Ireland. When does this privacy policy apply? This privacy policy describes our use of personal data in relation to our website at keoghscafe.ie.This privacy policy also describes how we use personal data we collect in other settings where we post or link to this privacy policy. How will you use my personal data? We use your personal data only as described in this privacy policy. Do you share my personal data with others? We do not sell your personal data or share it with anyone except as described in this privacy policy. What are my rights? Data protection laws give you important rights and choices in relation to your personal data. How can I get more information? Contact Us anytime with your questions and feedback.

Information We Collect Personal Data You Give Us. Personal data you give us includes: • Identity information, such as your name and other demographic information, such as your gender • Contact information, such as your name, billing and shipping addresses, email address and telephone number • Profile information, such as your username and password, security question answers, interests, and preferences (such as your sizes and marketing preferences) • Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Site, receive customer support, interact with us on social media or otherwise correspond with us • Financial information, such as your payment card details • Transaction information, such as details about purchases you make through the Site, your purchase history, and transaction details • Usage information, such as your search terms and information you provide when you enter competitions, apply for special promotions, sign up for offers or updates, or use other interactive features of the Site Information Automatically Collected. We may automatically log information about you and your computer or mobile device when you access our Site. For example, we may log your IP address, computer or mobile device operating system name, version, manufacturer and model, browser type, device identifiers, browser language, screen resolution, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site. Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. All direct payment gateways used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

Cookies. We may collect information about you using cookies.

Sensitive personal data. We ask that you not send or disclose to us any sensitive personal data (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics, genetic characteristics, criminal background or union membership) on or through the Site or otherwise. If you send or disclose any sensitive personal data to us, you must consent to our processing and use of such sensitive personal data in accordance with this privacy policy. If you do not consent to our processing and use of such sensitive personal data, you must not provide it. Changes to your personal data. It is important that the personal data we hold about you is accurate and current. If your personal data changes during your relationship, please update it by updating your registration profile or contacting us. Using Your Information To process your orders We use your personal data to process your orders and payments for goods and/or services and to deliver and/or provide those goods and services to you. To operate the Site and our business We may use your personal data: to provide you with a customer account, including to make future ordering on our Site more efficient for you; to ensure that content from our Site is presented in the most effective manner for you and for your computer; to customise and optimise the mobile version of our Site; to contact you where you have requested information from us or have reported a problem with our Site; and to notify you about changes to our products and services. To send marketing communications If you request information from us, register for an account on the Site, purchase one of our products or participate in our surveys, promotions or events, we may send you marketing communications if permitted by law, but you will be able to opt out. Such communications include notices of special offers, notice of advanced sales, notice of new store openings and other Keoghs-related news, and may be tailored to your preferences. To create anonymous data We may create aggregated or other anonymous data derived from personal data of our users by excluding information that makes the data personally identifiable to you. We may use the anonymous data to improve our products and services, develop new ones and for other lawful business purposes. For security, compliance, fraud prevention and safety.

We use your personal data as we believe necessary or appropriate to (a) implement and operate security measures designed to protect the Site and your personal data; (b) enforce the terms and conditions that govern the Site or other services you have requested; (c) protect our rights, privacy, safety or property, and/or that of you or others; and (d) protect, investigate and deter against fraudulent, harmful, unauthorised, unethical or illegal activity. To comply with law We use your personal data as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities. With your consent We will request your consent to use your personal data where required by law, such as where we use certain cookies or similar technologies or would like to send you certain marketing messages. If we request your consent to use your personal data, you have the right to withdraw your consent any time in the manner indicated when we requested the consent or by contacting us. Disclosure Affiliates We may disclose your personal data to any company in our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, for purposes consistent with this privacy policy. Service Providers We may employ third party companies and individuals to help us process your personal data as described in this privacy policy (such as hosting, data storage, website analytics and testing, email delivery and database management services, payment processing, and order fulfilment). Professional Advisors We may disclose your personal data to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us for purposes consistent with this privacy policy. Compliance with Laws and Law Enforcement; Protection and Safety Keogh’s may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate as described above to comply with law and for security, compliance, fraud prevention and safety. Business Transfers We may sell, transfer or otherwise share some or all of its business or assets, including your personal data, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganisation or sale of assets or in the event of bankruptcy

International Data Transfer The personal data that we collect from you may be transferred to a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or another company in our group. Where we transfer personal data to a country that has not been approved by the European Commission as providing a level of data protection comparable to the EEA’s, we will transfer it subject safeguards that allow us to conduct the transfer in accordance with the EEA’s data protection laws, such as the specific contracts approved by the European Commission as providing adequate protection of personal data. For details, see the European Commission’s website for model contracts for the transfer of personal data to third countries. Please contact us for further information on the specific mechanism used by us when transferring your personal data out of the EEA. Security and Payment Processing All payment processing is handled on our behalf by a third party which uses the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a mandatory compliance standard for all payment service providers which enforces high levels of security in all areas where cardholder data is transmitted or stored. Strong protections such as encryption, intrusion detection and response, formalised policies and standards and security-aware development methodologies are utilised by our third party payment processing provider as part of its PCI DSS compliance. Unfortunately, the transmission of information via the internet is not completely secure and no security measures can guarantee the protection of your personal data. Although we use various technical and organisational measures designed to protect your personal data, we cannot guarantee its security; any transmission is at your own risk. Never send your bank or credit card details to us by email or other than by the form on our Site which requests payment details. Please note that email is not encrypted and is not considered a secure means of transmitting credit card numbers. We will never, ever ask for sensitive information via email. Retention We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements Your Rights You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by clicking the unsubscribe link contained in marketing emails, or by contacting us. You may also ask us to take the following actions in relation to your personal data that we hold:

Access. Provide you with information about our use of your personal data and give you access to it. Correct. Update or correct inaccuracies in your personal data. Delete. Delete your personal data. Transfer. Transfer a machine-readable copy of your personal data to you or a third party of your choice. Restrict. Restrict the processing of your personal data. Object. Object to our reliance on our legitimate interests as the legal basis for our use of your personal data. You can submit these requests by contacting us. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. Third Party Sites Our Site may, from time to time, contain links to and from the websites of advertisers, affiliates and other third parties. These links to not imply endorsement of these third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. Children Our Site is not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us . We will delete such information from our files as soon as reasonably practicable. Changes to the Privacy Policy We reserve the right to modify this privacy policy at any time. Any material changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or other reasonable means. Contact Us You may send any questions, comments and requests regarding this privacy policy to info@keoghscafe.ie, or write to us at: Keoghs Cafe 1-2 Trinity Street Dublin 2, Ireland