GDPR Policy

Effective Date: March 1st, 2024

Preppy May (“we”, “us”, or “our”) is committed to complying with the General Data Protection Regulation (GDPR). This GDPR Policy outlines the principles and directives we follow to ensure the privacy and protection of personal data collected or processed from individuals within the European Union (EU). 


This GDPR Policy applies to all personal data processed by Preppy May, an e-commerce website regitsred and operating in Ireland, regarding our customers, users, employees, and partners. 

Principles of Data Processing

We adhere to the following principles regarding data processing: 

Lawfulness, Fairness, and Transparency: 

Personal data will be processed lawfully, fairly, and in a transparent manner

Purpose Limitation: 

Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner incompatible with those purposes. 

Data Minimization: 

Only data that is necessary for the purposes for which it is processed is collected. 


Every reasonable step is taken to ensure that personal data is accurate and, where necessary, kept up to date. 

Storage Limitation: 

Personal data is kept in a form which permits identification of data subjects for no longer than necessary. 

Integrity and Confidentiality: 

Data is processed in a manner that ensures appropriate security, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage. 

Rights of the Data Subject

Under the GDPR, data subjects have the following rights: 

Right of Access: 

You have the right of access your personal data and obtain copy of the personal data we process. 

Right to Rectification: 

You have the right to rectify inaccurate or incomplete personal data.

Right to Erasure (Right to be Forgotten): 

You can request the deletion or removal of personal data where there is no compelling reason for its continued processing. 

Rights to Restriction of Processing: 

You have the right to block or suppress processing of your personal data. 

Right to Data Portability: 

You have the right to move, copy, or transfer personal data easily from one IT environment to another in a safe and secure way. 

Right to Object: 

You have the right to object to processing based on legitimate interests, direct marketing, and processing for research or statistical purposes. 

Rights Related to Automated Decision Making and Profiling: 

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you. 

Data Protection Measures

Preppy May has implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including measures to protect data against unauthorised access, alteration, disclosure, or destruction. 

Data Breach Notification

In the event of a data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals. Affected individuals will be notified without undue delay if the breach is likely to result in a high risk to their rights and freedoms. 

International Data Transfers

Any transfer of data outside the EU will be carried out in compliance with GDPR requirements to ensure that the level of protection afforded to personal data is not undermined.

Contact Us

For any inquiries or complaints regarding our GDPR Policy or practices, please contact us at::

Preppy May

77 Lower Camden Street, Dublin, D02 XE80, Ireland

Website: Chatbot


Scroll to Top