Privacy policy
Privacy Policy
Last updated: June 2026
Who We Are
Sarah Cronin Art is an Irish sole trader selling handmade art prints and original paintings online at www.sarahcroninart.com. For the purposes of GDPR, Sarah Cronin Art is the data controller responsible for your personal data.
Contact: sarahcroninart@gmail.com
What Data We Collect
We collect the following personal data when you place an order or contact us:
- Name and delivery address
- Email address and phone number
- Payment information (processed securely by our payment provider — we do not store card details)
- Order history and purchase details
- Communications you send us (e.g. enquiries, custom order requests)
- Website usage data (e.g. pages visited, browser type) via cookies
Why We Collect It & Our Legal Basis
| Purpose | Legal Basis |
|---|---|
| Processing and fulfilling your order | Contract performance (Art. 6(1)(b) GDPR) |
| Sending order confirmations and updates | Contract performance |
| Responding to your enquiries | Legitimate interests |
| Improving our website and services | Legitimate interests |
| Sending marketing emails (if opted in) | Consent (Art. 6(1)(a) GDPR) |
| Complying with legal obligations (e.g. tax records) | Legal obligation (Art. 6(1)(c) GDPR) |
How We Share Your Data
We do not sell your personal data. We share it only with trusted third parties who help us operate our store, including:
- Shopify Inc. — our e-commerce platform (data may be processed outside the EEA under appropriate safeguards)
- Payment processors (e.g. Stripe, PayPal) — for secure payment handling
- An Post / courier services — for order delivery
- Shop app — Shopify's buyer-facing app, governed by Shopify's own privacy policy
All third-party processors are required to handle your data securely and in accordance with GDPR.
International Data Transfers
Some of our service providers (including Shopify) are based outside the EEA. Where data is transferred internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
How Long We Keep Your Data
- Order data — retained for 7 years to comply with Irish tax and accounting obligations
- Marketing consent — until you withdraw consent or unsubscribe
- General enquiries — up to 2 years
- Website analytics — as per our cookie policy
Your Rights Under GDPR
You have the right to:
- Access the personal data we hold about you
- Correct inaccurate or incomplete data
- Erase your data ("right to be forgotten"), where applicable
- Restrict or object to processing
- Data portability — receive your data in a structured, machine-readable format
- Withdraw consent at any time (where processing is based on consent)
To exercise any of these rights, contact us at sarahcroninart@gmail.com. We will respond within 30 days.
Cookies
Our website uses cookies to improve your browsing experience and analyse site traffic. You can manage your cookie preferences via the cookie banner on our site.
Marketing Communications
We will only send you marketing emails if you have explicitly opted in. You can unsubscribe at any time by clicking the unsubscribe link in any email or by contacting us directly.
How to Complain
If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Data Protection Commission (DPC).
We would appreciate the opportunity to address your concerns directly before you contact the DPC.
Changes to This Policy
We may update this policy from time to time. The latest version will always be available on this page, with the date of last update shown at the top.