Privacy Statement – Customers (Sole Traders) – Republic of Ireland

What is the Purpose of this Privacy Statement?

This Privacy Statement refers to our commitment to treat the information of customers with the utmost care and confidentiality.

With this Statement, we ensure that we gather, store and handle data fairly, transparently and with respect towards individual rights in accordance with the applicable data protection legislation including the Irish Data Protection Acts and the EU General Data Protection Regulation.

Who does this Privacy Statement refer to?

This Statement refers to all customers (sole traders) data processed by us.

What data is included?

As part of our relationship, we need to obtain and process data.  This data includes any offline physical data or online data that makes a person identifiable such as names, addresses, usernames and passwords, IP addresses, any online identifier, CCTV, financial data etc.

Types of Personal Data (i.e. any information relating to an identified or identifiable person)                                                      On what legal basis do we hold it?

Demographic Data  e.g. name, address, country code                                                                                                                                   Contract/implicit contract and/or legitimate interest

Contact Details e.g. work landline phone number, personal/work mobile, work postal address, personal/work email address              Contract/implicit contract and/or legitimate interest

Financial Data  e.g. bank account number                                                                                                                                                       Contract/implicit contract and/or legitimate interest

Digital Identifiers  e.g. IP Address or e-mail                                                                                                                                                     Contract/implicit contract and/or legitimate interest

Government Identifiers e.g. tax number                                                                                                                                                         Contract/implicit contract and/or legitimate interest

Retention Period

We’ll only store your personal data for as long as is necessary to fulfil the purposes outlined in this Privacy Statement or for as long as we reasonably consider necessary to establish, exercise or defend our legal rights. Your data will be retained in line with statutory and regulatory requirements. The criteria used to determine these retention periods includes:

  • To comply with the statutory retention periods for accounting records, as set by the Companies Act and Revenue.

Where our retention periods are not governed by legislation, our retention policy is based on commercial justifications, which have been set in accordance with the principle of retaining personal data for no longer than is necessary for the purposes for which it is processed. These include:

  • To enable us to provide you with our products;
  • To allow us to resolve any disputes or complaints; and
  • For the detection and prevention of fraud.

How we collect your data?

We collect this data in a transparent way and only with the full knowledge of interested parties.  Once this information is available to us, the following rules apply.  Our data will be:

  • Accurate and kept up-to-date
  • Collected fairly and for lawful purposes only
  • Processed by us on the basis of either a valid or implicit contract, legal compliance or legitimate interest
  • Protected against any unauthorised or illegal processing by internal or external parties

Our data will not be:

  • Communicated to any unauthorised internal or external parties;
  • Stored for more than a specified amount of time (which is notified to you via this Privacy Statement prior to us receiving the data);
  • Transferred to organisations, states or countries outside the European Economic area without adequate safeguards being put in place as required under Data Protection law.

Explicit consent will be required for the processing of any special category of personal data.

Information we provide before processing the data

Prior to processing any data we will always provide, via this Privacy Statement, the following information:

  • Which of their data is collected;
  • How we process their data;
  • The purpose for processing their data;
  • Who has access to their information;
  • Provisions in cases of lost, corrupted or compromised data;
  • Information relating to the right to request that we modify, erase, reduce or correct data contained in our systems;
  • Information relating to data subjects rights in relation to their data.

How we protect your data

Our commitment to protect your data:

  • Restrict and monitor access to sensitive data;
  • Develop transparent data collection procedures;
  • Train employees in data protection and security measures;
  • Build secure networks to protect online data from cyberattacks;
  • Establish clear procedures for reporting privacy breaches or data misuse;
  • Include contract clauses or communicate statements on how we handle data;
  • Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorisation etc.).

Your rights

  • Access to your personal data
  • request any changes to inaccurate personal data held by us;
  • have your personal data deleted on all our systems;
  • restriction of processing of personal data concerning you;
  • to object to such processing;
  • data portability should systems allow

Updates to our Privacy Statement

From time to time we may change our Privacy Statement. You can always find an up to date version of this Statement on our website