Privacy Policy

Irish Fake ID is operated by CardFairy. When this policy says "we", "us", or "our", that's who it means. We sell novelty ID cards through irishfakeid.com and we take data protection seriously. This policy sets out what we collect, what we do with it, and how you can control it. We comply with the GDPR and all relevant Irish and EU data protection legislation.

There are two categories:

Information you give us directly — when you place an order or send us a message, you provide things like your name, email address, delivery address, payment details, and the photo and personal details that go on your card.

Information collected automatically — when you browse the site, we pick up anonymised data like which pages you visit, how long you stay, your rough geographic location, and your device/browser type. This comes through cookies and analytics tools, not through anything you actively submit.

We use Google Analytics and Microsoft Clarity. Both collect anonymised browsing data — page views, scroll depth, click patterns, session duration. None of it is tied to your identity. We use it to figure out what's working on the site and what isn't, and to make improvements. You can block these tools via your browser's cookie settings or a browser extension like uBlock Origin.

We use personal data for these purposes and no others:

• Printing and shipping your novelty card order.

• Sending you order confirmations, dispatch notices, and tracking info.

• Replying to messages you send through the contact page.

• Improving the site based on anonymised analytics.

• Complying with legal obligations if required by law.

We don't send marketing emails unless you've explicitly opted in, and we never sell your data to anyone.

When you order a novelty card, you give us a name, photo, and other details to print on it. We process that data on your behalf — you're the one who decides what goes on the card. That means you're responsible for making sure the information you provide is yours to use and that you're not submitting someone else's details without their knowledge.

Order data (including photos and card details) is kept for 6 months after your order is completed. After that, it's permanently deleted. This window exists so we can handle any returns, reprints, or queries. If you want your data removed sooner, let us know and we'll sort it out.

We share data only when there's a genuine reason to:

• Payment processors — to take your payment securely. They handle card numbers and billing details under their own strict data protection obligations.

• Postal services — your name and delivery address go on the package, obviously.

• Law enforcement — if An Garda Síochána or another authority presents a valid warrant or legal demand, we are obliged to comply.

We don't share, rent, or sell your data to marketers, advertisers, or data brokers. Full stop.

Under the GDPR, you can:

• Access your data — ask us for a copy of everything we hold on you.

• Correct it — if something's wrong, tell us and we'll fix it.

• Delete it — request that we erase your data entirely.

• Restrict processing — limit what we do with your data while a dispute is resolved.

• Port it — get your data in a standard, machine-readable format to take elsewhere.

• Object — tell us to stop a specific type of processing.

We don't use automated decision-making or profiling. To exercise any of these rights, use the contact page and we'll respond within 30 days.

Payments are processed over encrypted connections. Order data is stored on secure servers with access restricted to the people who need it. We review our security practices regularly, but no system is 100% bulletproof — if you ever suspect something's wrong with your account or data, contact us immediately.

Some of our tools and service providers operate outside Ireland and the EEA. Where data is transferred internationally, we make sure adequate safeguards are in place — Standard Contractual Clauses or equivalent mechanisms — so your data gets the same level of protection it would receive under EU law.

We may revise this policy from time to time. If we make a meaningful change, we'll update the date at the top and note what changed. We won't sneak in changes — if something material shifts, it'll be obvious.

Questions about your data or this policy? Reach us through the contact page. We aim to get back to you within 48 hours.

If you think we've handled your data poorly, you have every right to complain to the Data Protection Commission (DPC) — the Irish supervisory authority for data protection. We'd prefer you talk to us first so we can try to fix it, but the choice is yours.