Search
Wishlist
My Cart: 0 item(s)

It appears that your cart is currently empty

  • Home
  • Privacy Policy

Privacy Policy

This Privacy Policy helps you understand what personal information we collect, why we collect it, what we do with it and the choices you have, including how to access and update information.

Our Policy applies to you if you use our products or services in store, over the phone, online, through our mobile applications or if you use any of our websites or interact with us on social media (our “Services”).

This Privacy Policy covers in detail how we process your personal information. We have summarised below each area, and more information is available in each of the sections:

  • Information we collect: We collect a range of information about you when you interact with Megastar in store, online, over the phone, in writing (email and post) or through our social media channels. The specific types of information are listed in the section below.
  • How we use your information: We use your information in line with this Privacy Policy and the lawful reasons set out in data protection legislation:
    • Where we have your consent to do so
    • Where we need to comply with a legal obligation
    • Where there is a contract in place
    • Where we have established a legitimate interest that does not override your rights and freedoms
    • Where there is a vital interest
  • More sensitive information: In limited cases, we may handle more sensitive information such as health or criminality-related information.
  • How we use your information to make automated decisions: We sometimes use systems to make automated decisions, but you do have rights in relation to our use of these, outlined in more detail below.
  • How we protect children and customers in vulnerable circumstances: We endeavour to protect children or those who are in potentially vulnerable circumstances, as described in the section below.
  • How we use information for analysis: We undertake analysis activities on our customers and products for a number of reasons, outlined in more detail below.
  • Digital advertising and personalisation: We advertise across digital channels, including social media platforms and working with partners and agencies, explained in more detail in this section.
  • Who we share your information with: We share your information within the Megastar group of companies, with external service providers and other third parties where necessary. In every case we undertake appropriate due diligence to ensure the sharing of your information is secure and appropriate.
  • Credit Applications: Megastar works with Creation Consumer Finance and will exchange information with them. Full details of this are included in the section below.
  • Sharing your information with lending partners: Where Megastar acts as a credit broker, we will share your information with our lending partners when you apply for a credit account and while you have an active credit account. Go to this section for more information.
  • International transfers of your personal information: When necessary, we may transfer your personal information out of Ireland. When we need to do this, we ensure appropriate safeguards are in place.
  • How long we keep your personal information: We do not keep personal information for longer than is necessary.
  • Your rights: You have a number of rights under data protection legislation, including the right to access your information, and the right to request erasure of your information. All your rights and how to exercise them are listed in this section.
  • How can you stop the use of your personal information for marketing: You can unsubscribe from our direct marketing communications at any time, including via our dedicated form here. More information on how to stop digital marketing is available in our Cookies Policy.
  • Security measures: We have in place appropriate technical and organisational measures to ensure the security of all personal information we hold.
  • Links to other websites and social plugins: We do link to other third party websites and social platforms within our websites which we do not control, and encourage you to also read those privacy policies
  • Contact us: You can contact us regarding this Policy using the details listed in this section.

 

We collect personal information about you when you visit one of our stores, use our websites ("Websites") or if you communicate with us by phone, e-mail and social media. We refer to our websites as "Online Services".

The types of personal information we collect include:

  • Personal details such as your name, address, date of birth, email address, phone number and other contact information.
  • Transaction information, such as the product you purchased, its price, your method of payment and your payment details, which are anonymised as per Payment Card Industry Security Standards (PCI DSS).
  • Information about you, like your employment details, financial position and information taken from identification documents, like your passport or driving licence, when we review your application for insurance or loans offered by selected third parties and partners.
  • Your account information, such as dates of payments owed and received, the subscription services you use or any other information related to your account.
  • The phone numbers that you use to contact us over the phone, such as contacting our customer services team.

When you're using our Online Services, the information we collect includes:

  • Account information, like your username, password, and other identifiers or credentials you use to access our Online Services or to buy our products and services, details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in (Please note, when you log into your account you will remain logged in for 120 minutes, even if you leave our website. If you are using a shared computer, or do not want to remain logged in for this duration, please ensure you log out before leaving our website).
  • Information that you provide in your dealings with us. This includes when you register to use our Online Services, or when you subscribe to our services or request further services and/or information from us.
  • Details of your visits to the website or in-store WI-FI and the resources that you access. Examples include ads that you click, device information and location.
  • IP address, type of device you are browsing from and cookie information.
  • If you interacted with our Online Services from an email we sent you we will have a record of that.

More information is available in our Cookie Policy

The situations when you provide personal information could include when you:

  • Purchase products at our stores, online or through our contact centre.
  • Register or use our Online Services.
  • Request to receive marketing or other communications.
  • Use our Wi-Fi networks or other in-store tech.
  • Enter one of our competitions or when you complete one of our customer surveys.
  • Submit information when you’re providing feedback or making an enquiry.
  • Use interactive features of our Online Services.

Data protection sets out a number of different lawful reasons for which a company may collect and process your personal information. These are:

  • Where we have entered into a contract with you;
  • Where we have your consent;
  • Where we are legally obligated to;
  • Where we have determined a legitimate interest that does not impact your rights and freedoms; and
  • Where it is in your vital interests to.

The table below provides examples of when we might rely on these lawful reasons:

Contract
  • We use your personal information to process your orders and payments or to give you a refund
  • We also enter into a contract with you when you use one of our services, such as insurance, or to facilitate an agreement between you and our lending partner when you make a credit application
Consent
  • We use email and text messages to communicate with you about our products and services, competitions, offers, promotions or special events. For example:
    • To provide a free mobile phone upgrade reminder service to inform you when a product is back in stock
    • To send you a renewal notice
    • To communicate with you about our third-party partners that we believe may interest you
  • To personalise your experience on our Online Services. This could include providing you with interesting, relevant content, or making navigation to our websites easier (more information is available in our Cookie Policy).
  • To enter you into competitions.
  • To record if you have additional needs due to vulnerable circumstances or need extra support when communicating with us.
  • To participate in customer research activities carried out by Megastar or agencies on our behalf, such as interviews, surveys and observations, including the capture of images and videos.
Legitimate Interest
  • To provide customer support and to respond to, and communicate with you about your requests.
  • To contact you if we need to obtain or provide additional information in relation to your order or query.
  • To check our records are right and to check every now and then that you’re happy and satisfied (e.g. customer surveys).
  • For marketing activities (other than where we rely on your consent), such as marketing permissions captured during the course of a sale and personalising marketing messages through social media and other third party platforms.
  • To monitor how our email marketing campaigns are performing and personalise the email content towards you by monitoring email opens and what links, if any, you are clicking within the email.
  • To ensure that the emails we send cannot be ‘spoofed’ by fraudsters.
  • To send promotional material (e.g. renewals) to you in the post or inform you of our offers by telephone.
  • To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request).
  • To send communications to you about your orders, purchases or accounts and bill you for using our products or services.
  • To let you post on our blogs and interact with us through social media.
  • To ensure a smooth experience on our Online Services, including making sure our websites work correctly (more information is available in our Cookie Policy).
  • To help us understand more about you as a customer, the products and services you use, the way you use them and how you shop across the company, so we can serve you better.
  • Improve the content and appearance of the website, and to make sure that content is presented in the most effective manner for you.
  • To operate, evaluate and improve our business, including the development of new products and services; to determine the effectiveness of our sales, marketing and advertising; and the analysis and improvement of our products, offers, promotions, and Online Services and other technologies.
  • To show you relevant ads by using data collected from your devices, if you have provided your consent for such collection, including your searches, location, ads that you have seen and personal information that you have given us, such as your age range, gender and topics of interest. Dependant on your Ads Settings, this information informs the ads that you see across your devices. So if you visit our website on your computer at work, you might see ads about our products or services on your phone later that night.
  • To facilitate an omnichannel journey to ensure that you can shop with us in any way that you choose. For example, we may use your information either in store or on a video call with a member of staff, known as a Shoplive call, to register you with an online account or to access your existing online account, in order to provide you with tailored product advice and support.
  • Where you fail to repay what you owe us or return our property, we may need to trace your whereabouts (sometimes using a tracing agent) in order to recover payment or reclaim property. This might be carried out by a third party debt recovery agent on our behalf.
  • To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities.
  • For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access.
  • To ensure the security and safety of our stores via CCTV.
  • To send you claim details as part of fulfilling promotional offers if you have made a qualifying purchase.
  • To help reduce the overall fraud and credit risk for our customers and ensure a duty of care for customers who apply for financial products and services.
  • To engage in the sale of anonymised and pseudonymised sales and analytics data, ensuring that individuals cannot be identified from it by the recipients. Pseudonymised data is personal data that has been de-identified, and can only be re-identified with certain information, that will not be shared externally under any circumstances. Anonymisation and pseudonymisation is performed using robust methods that comply with applicable data protection laws.
Legal obligation
  • To identify you when you contact us
  • To verify the accuracy of information that we hold about you
  • To assist the Revenue Commissioners and/or the police and/or other regulatory bodies in relation to an investigation by a public authority.
  • To complete any requests you make regarding your Data Subject Rights
  • For financial administration
  • Where necessary for health and safety purposes
Vital interest
  • We may need to contact you if there are any urgent safety or product recall notices or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you.

Where we process your information under Legitimate Interest, we will have assessed this processing and balanced it against your rights and freedoms.

 

Under data protection law, some personal information is considered more sensitive, including information relating to a person’s racial origins, certain beliefs or health conditions. It can also include information relating to criminal activity.

We do not expect to handle any of your more sensitive information unless it becomes relevant in our dealings with you or you volunteer the information. Examples of this might be where you have a vulnerability or health condition which is relevant to our dealings with you; where you are involved in a medical emergency or accident; if the information is relevant to a legal dispute or complaint; or while addressing criminality impacting our business. On the rare occasions we handle more sensitive information, we only do so as allowed by data protection law (for example, where we have your consent, to protect someone’s vital interests or to prevent or detect crime) or as required by law.

 

We sometimes use systems to make automated decisions based on your personal information or the information we are allowed to collect from others about you or your business (for example where we perform credit or internal fraud checks). This helps us to make sure our decisions are quick, fair, efficient and correct, based on what we know. These automated decisions can affect the products, services or features we may offer you now or in the future, or the price that we charge you for them.

You have rights over automated decisions:

  • Under certain circumstances, you can ask that we do not make our decision based on the automated score alone; and
  • You can object to an automated decision, and ask that a person reviews it.

We advertise across all digital platforms with both targeted and non-targeted advertising. For targeted advertising, we may use information obtained through the use of cookies or similar technologies in your web browser to display ads to you, which you may see on other websites or digital platforms. We will seek your consent to deploy these kinds of cookies and similar technologies through our website cookies consent mechanism. More information is available in our Cookie Policy.

In order to ensure that appropriate ads are displayed, we work with partners and agencies to analyse and prepare the information, and measure the effectiveness of our advertising. See below the section on ‘Who we share your personal information with’. Where applicable, we or our advertising partners will combine this information with your transaction information and other information, such as your cookie consent instruction, interactions with our emails, and information from external or publicly available sources. By building a richer picture of your preferences in this way, we can make sure you see ads most relevant to you. We also use this information to ensure you do not receive unnecessary ads.

Our digital advertising includes advertising across social media platforms. The media owners we most commonly work with are Meta (which owns Facebook and Instagram) and Google (which owns YouTube). The individual privacy policies are linked for your information.

We will also use the information we have on existing customers for modelling purposes, to help identify potential new customers who may be interested in our products.

 

We share personal information within the Megastar Group of companies. Members of the Megastar Group that receive this information are not authorised to use or disclose the information except as provided in this Privacy Policy.

Where we share your information with any third parties, we will undertake due diligence prior to sharing any information with them and will have in place robust contracts that cover the security of any information shared.

Our service providers

We work with partners, suppliers, insurers and agencies so they can process your personal information on our behalf and only where they meet our standards on the processing of data and security. We only share information that helps them provide their services to us or to help them provide their services to you. For example, some of our service providers place advertising for us online, about our products and services and those of our retail partners, suppliers and third parties. As a result, where you have indicated you are happy to receive online marketing from us in our cookie preference centre, you might see online advertising that we have placed on the websites you visit, or the interactive services you use.

Our third-party service providers include:

  • Credit and Insurance Partners: When you apply for credit or purchase an insurance product we will pass on your information to trusted third party partners responsible for these products. When you are an approved credit customer or purchase an insurance product, we will continue to exchange your information while you use the credit facility or have an active insurance product. Please note we act as a credit broker and not as a lender in respect of our insurance products credit facility within our UK and Republic of Ireland stores. See ‘Credit Applications’ section below for more information.

  • We share your information with financial institutions to improve levels of services, reduce risk and provide a duty of care to you and other customers.

  • Providers that we work with to deliver our marketing and campaigns, and facilitate our competitions.

  • Manufacturers of products sold to our customers for whom we carry our repairs.

  • Companies that enable us to collect your reviews and comments, both online and offline.

  • Companies which run our contact centres because they need your personal information to identify and contact you.

  • Third party vendors who help us to manage and maintain the Group IT infrastructure.

  • Companies that provide insights and analytics services for us so we can stock the right products, send the right marketing campaigns and understand our business and customers better.

  • Specialist providers of digital advertising and personalising content to provide customers with adverts tailored to them.

  • Partners that support our services, such as where we need to arrange a specialist engineer visit.

  • Companies that work on our behalf processing and sorting information, monitoring how customers use our website, issuing our emails for us and collecting product/customer feedback from you via surveys.

Where you have asked us to deliver your purchases either to the store (‘Click & Collect') or any other place, we will also share your address and contact details with our delivery partners like DPD or An Post to ensure a successful delivery. These partners may contact you to provide periodic updates on your delivery.

Other organisations and individuals

We may also transfer your personal information to other organisations in certain scenarios. For example:

  • If required to by law, under any code of practice by which we are bound or we're asked to do so by a public or regulatory authority such as the police or the Department of Social Protection.

  • To prevent and detect criminality impacting our business, we may voluntarily or on request share information with the Police or other crime prevention organisations, such as the National Business Crime Solution (NBCS). NBCS is a non-profit initiative that works with the Police and the business community to help tackle business crime in the UK and Ireland by gathering and sharing information.

  • To providers of specialist software which enables us to record retail crime and share intelligence across our business, such as Auror.

  • Information may also be shared with fraud prevention agencies to prevent fraudulent claims.

  • If we need to do so in order to exercise or protect our legal rights, users, systems and services.

  • With banks and insurance companies if you are a financial services (insurance or credit) customer.

  • With mobile phone operators if you buy a phone contract through us.

  • In response to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.

  • With emergency services (if you make an emergency call), including your approximate location.

  • To trusted third party companies who have subscribed to our services to consume anonymised commercial data.

  • With Google for online advertising and personalisation management, more information is available here: Google’s Business Data Responsibility site (how Google processes personal information)

The table below outlines the Data Protection Rights available to you:

Access to information held about you You have the right to request what personal information we hold about you. This is sometimes called a 'Data Subject Access Request'. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you free of charge. Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us so that we can locate your personal information. Except in rare cases, we will respond to you within 30 days after we have received this information or, where no such information is required, after we’ve received your request. You can request a copy of your information via this form, or using the contact details below.
Rectify information held about you If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.
Data Portability In certain circumstances you have the right to request a copy of your personal information from us or to have that information passed to an organisation of your choice in a format that can be easily re-used.
To stop or limit our processing of your information You have the right to object to us processing your personal information if we are not entitled to use it anymore, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

Where we rely on our legitimate interests, as set out under 'How we use your information', you may object to us using it for these purposes. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your information for those purposes. Otherwise, we will provide you with our justification as to why we need to continue using your information.

You can ask us to restrict the use of your personal information if:

  • It isn't accurate.
  • It has been used unlawfully but you don't want us to delete it.
  • It is not relevant anymore, but you want us to keep it for use in legal claims.
  • You've already asked us to stop using your information but you are waiting for us to tell you if we are allowed to keep on using it.

Please note that we may be required by law to retain certain information. Before we are able to provide you with any information or correct any inaccuracies, we may ask you provide other details to help us respond to your request.
Erasure

You have the right to request erasure of your personally identifiable information (also known as the right to be forgotten). In some circumstances we may not be able to fully delete your information, for example where we have an overriding legal obligation to retain it, and where we can delete it, we will need to keep an appropriate record of the request.

 

 

 

Our websites (which includes this Privacy Policy) contain links to other websites run by other organisations which we do not control. This Policy does not apply to those other websites and apps‚ so we encourage you to read their privacy statements.

We use so-called social plugins (buttons) of social networks such as Facebook, You Tube, Instragram and Twitter. After activation of a button, the social network can retrieve information, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account. A social network cannot assign a visit to websites operated by our other group companies unless you activate the respective button there as well.

If you are a member of a social network and don’t want that network to combine information retrieved from your visit to our websites with information they hold on you, you must log out from the social network concerned before activating the buttons.

 

When you purchase a product or service online or in store, or create an account with us, we collect personal information about you to let you know about our latest products, services or offers. We may do this by post, email, text message, online, or by using social media.

We will only use your personal information to send you marketing messages if we have a legal right to do so. That could be either with your explicit consent or where there is ‘legitimate interest’, like when we have a business or commercial reason to use your information. We will always provide you with the opportunity to opt out of marketing when we first collect your contact details and in every subsequent message.

We may ask you to confirm or update your marketing choices, if you purchase any new products or services with us in future. We’ll also ask you to do this if there are changes in the law, regulation, or the structure of our business.

The personal information we have about you is made up of what you tell us, and the information we collect when you use our services, or from third parties we work with, like Experian. For more information on the third parties we work with and how we use your personal information, please see our Privacy Policy.

We also gather statistics about email opening and clicks, using industry standard technologies to help us monitor and improve our e-mail communications.

We won’t send unsolicited one-to-one (direct) marketing email and/or SMS communications unless they comply with the rules of General Data Protection Regulations (GDPR), Data Protection Act 2018 (DPA18) and Privacy Electronic Communication Regulations (PECR) and related guidance.

Specifically, our promise to you is that:

I. We will always ask you to actively opt-in to receiving electronic direct marketing messages. That is, unless we’re contacting you about receiving marketing for our own similar products during the course of a sale or when you are setting up a Megastar account, and we offered you the opportunity to opt-out when you gave us your details.

II. Our store and contact centre colleagues will always inform you about any further use of your contact details for direct marketing when you make a purchase.

III. We will offer you a choice of how you would like to receive marketing from us, including email or text.

IV. We will make sure that the products or services we are marketing are the same or similar to the product you originally agreed / permitted to receive marketing for.

V. We will ask for your consent to pass details to third parties for their own marketing purposes. We will name those individual companies when we request your consent.

VI. We will record when and how we obtained permission from you for marketing, and exactly what it covers.

VII. We will make sure the language we use is clear and easy to understand, and that it’s clearly distinguishable from any other matters, including other Terms & Conditions.

VIII. We won’t use confusing language in our marketing statements, including the use of double negatives, technical or legal jargon and confusing terminology or inconsistent language.

IX. For telephone and postal marketing communications, we’ll screen your name and contact details against the Telephone & Mail Preference Service.

X. We will always offer you the option to opt out of direct marketing at the point when we capture your contact details and in every subsequent communication by clicking the unsubscribe link.

XI. We will make sure we promptly (and always within 28 days) opt you out of our marketing activities on your request. We will make sure there is always a simple, easy-to-access and free of charge way for you to withdraw your approval.

XII. We will operate and maintain an in-house suppression file listing the names and contact details of customers who have told Us they don’t want to receive marketing communications through all or particular means of communication.

XIII. We will rely on the legitimate interests of the business (as an alternative to explicit consent) when we undertake postal marketing, when we conduct live outbound phone sales or when we are contacting our business customers. We will include information in our telephone scripts and in all postal marketing on how to opt out of receiving such marketing.

XIV. We will screen information to remove files of deceased people so that they are not used for marketing.

XV. We will not send you any direct marketing if you haven’t been in touch with us or purchased from us in the past three years.

XVI. We have procedures for dealing with inaccuracies and complaints.

XVII. We will cooperate fully with any investigation by the Data Protection Commission (DPC) in relation to our direct marketing activities.

XVIII. We may remove you from direct marketing if we believe that doing so could cause you financial harm or distress.

Bought in lists

We will only use bought-in lists for texts, emails or recorded calls where we have proof of opt-in consent which specifically names us.

I. We will only use the information on the lists for marketing purposes.

II. We will delete any irrelevant or excessive personal information.

III. We will screen the names on bought-in lists against our own list of customers who say they do not want our calls, texts or emails.

IV. We will carry out small sampling exercises to assess the reliability of the information on the lists.

V. When marketing by post or email, we will include our company name, address and telephone number in the content.

VI. We will always tell customers where we obtained their details.

VII. We will provide you with a link to our Privacy Policy.

VIII. We will undertake adequate due diligence when we first select information suppliers and in our ongoing work with them in order to make sure it has received and used personal information fairly.

IX. We will make sure that adequate contractual terms are in place requiring information suppliers to make sure personal information was obtained and provided fairly and in accordance with the requirements of GDPR.

X. We will take all necessary steps to satisfy ourselves that the information has been properly sourced, permissioned and cleaned. We will make sure that sufficient due diligence is undertaken and contractual arrangements are in place with suppliers of personal information.

WhatsApp