McGrath Daly & Company Limited T/a MCD Accountants & Payroll Plus Solutions– GDPR Privacy Statement
McGrath Daly & Company Limited fully respects your right to privacy and we are committed to ensuring that your privacy is protected, and we wish to be transparent on how we process your data. This statement sets out the basis on which any personal data we collect from and about you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. This statement is being provided to you in line with our obligations from 25th May 2018 under the General Data Protection Regulation (GDPR).
This statement refers to the personal data you provide to us in the course of the engagement. We will process your personal data for the purpose of providing our services to you as agreed for the engagement, because this processing is necessary for us to fulfil our obligations under our contract with you. If you have given us consent, we may also use your contact information to market our services to you in the future. We will retain your personal data for seven years because we believe that we have a legal responsibility to retain it for this period arising from this engagement. Following this, we will destroy the data unless we have a separate obligation to retain the data for a further period.
The data will not be shared with any third party, except where we have a legal or professional duty to do so, or where we engage a third party to store data on our behalf, ie. a cloud computing provider. We will put in place and maintain adequate physical, procedural and electronic safeguards to maintain the integrity and confidentiality of the data stored by us and we will take reasonable steps to ensure that safeguards of an adequate standard are put in place by any third party engaged by us to store this data. The transmission of information via the internet and including email is never completely secure. We do our very best to protect your personal data, we cannot guarantee the security of your data transmitted to or from us by means of email and any transmission is at your own risk.
In accordance with GDPR, you have a right to access any personal data that we hold concerning you. You have a right to ask that your data to be rectified where it is inaccurate, incomplete or not up to date. In certain circumstances you have the right to erasure of your personal data, to restrict the processing of your data, to object to the processing of your data, and to portability of your data. In view of our legal responsibility to retain the data as part of this engagement, we cannot comply with most requests that the data should be erased or transferred before the end of our retention period, or that we should cease processing the data in accordance with the terms of our engagement.
We will collect and process the following data about you:
This is information about you that you give us by corresponding with us by phone, e-mail or otherwise. It includes the information you supply us with when you engage us to provide financial advice and tax services. The information you give us may include, but is not limited to, your name, address, e-mail address, phone number, your demographic information, your financial information, financial and payment data such as bank account numbers and transaction information, bills, photo ID such as a passport or driving licence or other identification documents, medical records, etc.
Depending on the circumstances, we might also obtain personal data about you from other sources such as public registers, government and regulatory authorities, business partners, financial and insurance advisors, service providers, etc. You are not obliged to provide us with your personal information. However, if you do not, we might not be able to carry out the services you have requested of us.
We gather and use your information to:
allow us to provide you with the financial and/or tax services you request from us and fulfil our contractual obligations to you;
to perform administrative activities in connection with our services;
comply with legal obligations we might be subject to such as anti-money laundering;
to carry out background checks and conduct due diligence;
to comply with legal and professional obligations and to cooperate with regulatory bodies;
to exercise, defend or protect our legal rights or the rights of our clients or third parties;
provide you with information about other services we offer that are similar to those you have already requested of us or enquired about;
to notify you of changes to our services;
to monitor and improve the quality of our services;
McGrath Daly & Company Limited will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
We must have a legal basis to process your personal information. We process your data in order to comply with legal obligations to which we are subject, to perform the services you have requested of us or to take steps at your request prior to undertaking to provide services for you. In most cases the legal basis will be one of the following:
for our legitimate interests, for example to provide services to our clients,
to ensure that the services we provide are appropriate to our clients requirements,
to improve our services,
manage our risks,
maintain accurate records,
manage our business in an efficient way and to provide you with information about other services we offer;
for the legitimate interests of our clients and other third parties, where applicable;
or to comply with legal and regulatory obligations to which we are subject such as due diligence and reporting obligations.
We may share your personal information with third parties in the following circumstances:
to agents, contractors, advisers, contractors and business partners for the purposes of fulfilling our contractual obligations to clients, for example to deliver our services and to provide the financial advice that you have requested;
to third party service providers such as entities providing customer service, Revenue, archiving services, third party experts, solicitors, financial advisors or external auditors
We may disclose or share your data in order to comply with any legal obligation
We may collect information about your computer including, where available, your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and does not identify any individual. For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve the Site and to deliver a better and more personalised service.
They enable us to:
estimate our audience size and usage pattern;
store information about your preferences, and so allow us to customise the Site according to your individual interests;
speed up your searches; and recognise you when you return to the Site.
We take our data security responsibilities seriously, employing the most appropriate physical and technical measures. Unfortunately, the transmission of information by means of the internet, including through e-mail, is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or from us by means of e-mail and any such transmission is at your own risk.
It is our aim to only hold your data for as long as is necessary. Data will be retained for as long as required under legal or regulatory obligations and to commence or defend legal claims and for as long as required for legitimate business purposes. Unless otherwise required under applicable law, we will store your data for as long as we provide services to you and for a period of no less than six years beginning on the date, we archive your file.
We might store your information in different places. Physical files are stored in our office and in our archives. Electronic files are stored on our secure servers and potentially in the cloud.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
Right of access – you have the right to request a copy of the information that we hold about you;
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete without undue delay;
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records without undue delay;
Right to restriction of processing – where certain conditions apply, to have a right to restrict the processing of your data;
Right of portability – you have the right to have the data we hold about you transferred to another organisation;
Right to object – you have the right to object to certain types of processing such as direct marketing;
Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
Where we process your data solely on the basis of your consent, you are entitled to withdraw your consent at any time. This will not affect the lawfulness of our processing before the withdrawal.
If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information to you prior to processing this data.
We seek to resolve directly all complaints about how we handle personal information. Please send your data protection queries to our Head of Privacy, Falcon House, Henry Street, Bailieborough, Co Cavan or
firstname.lastname@example.org. You also have the right to lodge a complaint with the Data Protection Commissioner, whose contact details are as follows:
Data Protection Commissioner
21 Fitzwilliam Square South
Telephone +353 761 104 800