Skip to Content
Package Offers  Up to 35% OFF

Privacy Notice

Updated: 13 April 2026 
RenewellWater.com

  1. Introduction

    This Privacy Notice is intended to describe the practices Renewell Water Filtration Limited follows in relation to the privacy of all individuals whose personal data is processed and stored through their operations. This Privacy Notice should be read together with the Renewell Water Terms and Conditions and The Privacy Statement. In the case of any conflict with the Privacy Statement, the terms of this Privacy Notice will prevail. 


  2. Who is responsible for your personal data?

    For the purposes of applicable data protection legislation, including Regulation (EU) 2016/679 (the General Data Protection Regulation, “EU GDPR”), the Data Protection Act 2018 (Ireland) and, where applicable, the UK GDPR, Renewell Water (“we”, “us” or “our”) acts as a data controller.

    This means that Renewell Water determines the purposes for which, and the manner in which, your personal data is processed. Where we provide services to customers in Ireland and the United Kingdom that require the collection, use, storage or other processing of personal data, Renewell Water is responsible for ensuring that such processing is carried out in accordance with applicable data protection law.

    If you have any questions regarding how your personal data is processed, or if you wish to exercise your rights under applicable data protection law, you may contact Renewell Water using the contact details set out in this Privacy Notice.

  3. Why do we need your Personal Data?

    We process your personal data where it is necessary to facilitate, administer and complete the services, enquiries and purchases that you choose to engage in with us.

    In particular, we use your personal data to:

    • Respond to enquiries, requests and communications submitted by you;

    • Provide, manage and deliver our products and services;

    • Process orders, payments and related transactions;

    • Verify your identity where required;

    • Communicate with you in relation to your account, orders or services, including providing service-related notices and updates; and

    • Maintain accurate records for operational, administrative and business continuity purposes.

    • Manage customer accounts

    • Process payments and refunds

    • Send service-related communications

    • Send marketing communications (only with consent)

    • Improve website performance and user experience

    • Fraud prevention and security

    • Legal and tax compliance

  4. We only process personal data where we have a valid legal basis to do so under the EU GDPR. In most cases, this processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract. 

    By providing your contact details and, where required, by actively opting in, you consent to us contacting you for marketing purposes by email and/or SMS in accordance with applicable data protection and electronic communications legislation. You may withdraw your consent to receive marketing communications at any time by using the unsubscribe link included in our communications or by contacting us directly.

    We also use cookies and similar technologies on our website to enhance user experience, analyse website traffic and support our marketing activities. Where required by law, we will obtain your consent before placing non-essential cookies on your device. 
    In certain circumstances, we may also process your personal data to comply with our legal obligations, or where it is necessary for our legitimate interests. 

    Where we rely on legitimate interests as our lawful basis for processing, those interests include:

    • Operating and managing our business effectively
      To administer our day-to-day business operations, including internal record-keeping, service administration, customer relationship management and ensuring the continuity and quality of our service delivery.

    • Responding to enquiries and communications
      To respond to enquiries and requests for information, follow up on communications, and engage with individuals in a proportionate and expected manner, including where no contractual relationship has yet been established.

    • Improving and developing our services
      To analyse service usage, feedback and interactions in order to enhance the quality, efficiency and functionality of our services, systems and overall customer experience.

    • Ensuring network, system and data security
      To protect our IT systems, platforms and data from unauthorised access, loss, misuse or cyber security threats, and to ensure the integrity, availability and resilience of our services.

    • Preventing fraud and misuse of our services
      To detect, prevent and investigate fraud, misuse or other activities that may compromise the security of our services, our business operations or the rights of others.

    • Establishing, exercising or defending legal claims
      To pursue or defend legal claims, respond to regulatory or supervisory enquiries, and manage disputes in accordance with our legal and commercial interests.


  5. Where we process personal data on the basis of legitimate interests, we have carried out a balancing assessment to ensure that our interests do not override your fundamental rights and freedoms. You have the right to object to processing carried out on this basis.

    We do not collect or process personal data unless it is relevant and necessary for the purposes described above.

  6. What types of personal data is processed by Renewell Water?

    Renewell Water processes the following personal data categories: 

    • Full name

    • Email address

    • Phone number

    • Billing address

    • Shipping address

    • Order history

    • Wishlist or saved products

    • Subscription status

    • Account login credentials (hashed passwords)

    • Transaction IDs

    • Payment status

    • Payment method used

    • Last 4 digits of card (if applicable)

    • Payment provider reference

    • IP address

    • Browser type

    • Device type

    • Operating system

    • Pages visited

    • Date and time of access

    • Newsletter opt-in status

    • Email interaction data (opens, clicks)

    • Consent records

    • Communication preferences

    •  Audio recordings of customer service interactions.

  7. This data is sourced directly from you. 

  8. Sensitive Personal Data 

    Certain categories of personal data are considered particularly sensitive under data protection law and are referred to as special categories of personal data. This includes personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for the purpose of uniquely identifying an individual, data concerning health, and data concerning a person’s sex life or sexual orientation. Personal data relating to criminal convictions and offences is subject to separate and enhanced protections. We do not intentionally collect or process special category personal data, and such data does not form part of the scope of our processing activities.

  9. Call Recording

    Telephone calls may be recorded for training, quality assurance, and compliance purposes. Call recording is carried out on our behalf by Aircall, a third-party service provider acting as a data processor. Callers are informed at the commencement of the call that recording is taking place. Recorded calls are retained for a maximum period of one year, after which they are securely deleted, unless a longer retention period is required to comply with a legal obligation or to establish, exercise, or defend legal claims. All processing is conducted in accordance with applicable data protection legislation and our contractual obligations with Aircall.


  10. Who can access your Personal Data? 

    Your personal data is accessed by the following individuals/teams: 

    add the table here

    We may transfer or disclose personal data to third-party service providers (including their subsidiaries) engaged to support our internal business operations, such as the provision of customer support services or the hosting and maintenance of our information technology systems. We ensure that all such third-party service providers are subject to contractual obligations requiring the implementation of appropriate technical and organisational measures to safeguard personal data and to maintain its confidentiality and security in accordance with applicable data protection law. Where personal data is transferred outside the European Economic Area, such transfers are carried out in compliance with Chapter V of the General Data Protection Regulation, including through the use of Standard Contractual Clauses approved by the European Commission and, where necessary, the implementation of supplementary measures to ensure an essentially equivalent level of protection.

    Renewell Water is committed to protecting the confidentiality and security of all information obtained in the course of its business operations. Access to such information is strictly restricted, and appropriate policies and procedures are implemented to safeguard data against loss, misuse, and unauthorised access, alteration, or disclosure.


  11. Security Measures

    We implement appropriate technical and organisational measures to protect personal data in accordance with Article 32 of the EU GDPR and the UK GDPR. These measures are designed to safeguard personal data against unauthorised access, loss, misuse, or disclosure.

    Our security measures include:

    • SSL Encryption to protect data transmitted via our website and online services.

    • Secure Payment Processing through Stripe, a PCI-DSS compliant provider. We do not store full payment card details on our systems.

    • Strict Access Controls, ensuring that personal data is only accessible to authorised personnel on a need-to-know basis.

    • Data Minimisation, in line with Article 5(1)(c) GDPR, limiting data collection to what is necessary.

    • Regular System Updates and Monitoring to maintain system security and detect potential threats, with procedures in place to manage data breaches in accordance with Articles 33 and 34 GDPR.

  12. These measures ensure the confidentiality, integrity, and security of personal data processed by us.


  13.  Data Retention 

    We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, as described in the section entitled “Why We Process Your Personal Data”, unless a longer retention period is required or permitted by applicable law.

    In certain circumstances, we are required to retain personal data for extended periods in order to comply with our legal and regulatory obligations, to establish, exercise or defend legal claims in accordance with Article 5(1)(e) of the General Data Protection Regulation.

    Personal data is retained in accordance with Renewell Water’s internal data retention policies and procedures, which set out applicable retention periods based on the nature of the data and the purposes for which it is processed.

    The policies and or/procedures for the retention of personal data are as follows: 

    • Account data is retained for the duration that the user maintains an active account with us. 

    • Where an account becomes inactive, we will either securely delete or irreversibly anonymise the associated personal data after a period of five years.

    • Order and invoice data is retained for a period of between six and ten years in order to comply with our statutory obligations under Irish tax and financial legislation.

    • Personal data processed for marketing purposes is retained until such time as consent is withdrawn or the individual otherwise objects to such processing.

    • Upon expiry of the applicable retention period, personal data will be securely deleted or irreversibly anonymised, unless further retention is required by law.


  14.  Your Rights 

    Renewell Water is established in Ireland and processes personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“EU GDPR”), as supplemented by the Data Protection Act 2018. Where we offer goods or services to individuals in the United Kingdom, or otherwise process the personal data of individuals located in the UK, such processing is also subject to the UK GDPR.

    Under the EU GDPR and, where applicable, the UK GDPR, you have the following rights in relation to your personal data. These rights are not absolute and may be subject to certain legal limitations:

    1. The Right of Access: You have the right to request confirmation as to whether we process your personal data and, where we do, to access that data and receive information about how it is processed.

    2. The Right to Rectification: You have the right to request that any inaccurate or incomplete personal data we hold about you is corrected without undue delay.

    3. The Right to Erasure: You have the right to request the deletion of your personal data in certain circumstances, including where the data is no longer necessary for the purposes for which it was collected.

    4. The Right to Restrict Processing:  You have the right to request that we restrict the processing of your personal data in certain circumstances, such as where you contest the accuracy of the data.

    5. The Right to Data Portability: You have the right to receive personal data you have provided to us in a structured, commonly used and machine-readable format and, where technically feasible, to have that data transmitted to another data controller.

    6. The Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including where processing is based on our legitimate interests or where processing is for direct marketing purposes.

    7. Rights in relation to Automated Decision-Making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where permitted by law.

  15. In order to protect your personal data and ensure that it is not disclosed to unauthorised persons, we may require you to provide reasonable and proportionate information to verify your identity before responding to any request made under applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 and the UK General Data Protection Regulation. This may include, where appropriate, confirmation of your email address, account credentials, or the provision of a copy of an official identification document such as a passport or driving licence, or other information necessary to enable us to reliably verify your identity. Any personal data provided for the purposes of identity verification will be used solely for that purpose and will be processed in accordance with our obligations under applicable data protection law.

  16. We respect the rights of individuals under the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018. Where you exercise any of your rights as a data subject, including the right of access, rectification, erasure, restriction of processing, data portability, or objection, we will respond to your request without undue delay and in any event within one month of receipt of the request, in accordance with our statutory obligations. Where a request is complex or numerous, we may extend this period by a further two months, as permitted by law, and will inform you of any such extension within the initial one-month period.


  17. To exercise any of these rights, please contact us using the details provided in this Privacy Notice.

    If you hold an account with us, you may access and manage certain personal data through our secure online account portal at https://www.renewellwater.com/my/home. This automated access allows you to view, update, or correct your personal information, giving you greater transparency and control over your data. You are responsible for maintaining the confidentiality of your login credentials and for all activity carried out under your account.

    You also have the right to lodge a complaint with the relevant supervisory authority. In Ireland, this is the Data Protection Commission (DPC). If you are located in the United Kingdom, you may also lodge a complaint with the Information Commissioner’s Office (ICO).

  18.  Complaints

    If you have any concerns or complaints regarding the manner in which we process your personal data, we encourage you to contact us in the first instance so that we may address the issue promptly.

    You may contact us using the following details:

    Email: info@renewellwater.com

    Postal address:  Knockagh, Hackballscross, Dundalk, Co Louth, Ireland, A91 ENP6

    If you remain dissatisfied with our response, you have the right to lodge a complaint with the relevant supervisory authority.

    For individuals located in Ireland, the supervisory authority is the Data Protection Commission (DPC):

    Data Protection Commission
    21 Fitzwilliam Square South
    Dublin 2
    D02 RD28
    Ireland

    Website: www.dataprotection.ie

    For individuals located in the United Kingdom, the supervisory authority is the Information Commissioner’s Office (ICO):

    Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF
    United Kingdom

    Website: www.ico.org.uk

    This is without prejudice to your right to pursue a legal remedy through the courts where you consider that your rights under applicable data protection law have been infringed.


  19.  Contact us

    If you have any questions, concerns, or requests regarding this Privacy Notice or the manner in which Renewell Water processes your personal data, please contact us using the details below.

    Renewell Water Filtration Limited
    Company registration number: 553503
    Postal address: Knockagh, Hackballscross, Dundalk, Co Louth, Ireland, A91 ENP6.
    Contact email:info@renewellwater.com
    Telephone: +353 42 942 0517

    If you are contacting us to exercise your rights under applicable data protection law, please provide sufficient information to enable us to verify your identity and respond to your request.