This document also outlines our approach to compliance with the General Data Protection Regulation (GDPR) and all other relevant data-protection legislation. It also sets forth your privacy rights. Please take a moment to familiarise yourself with our privacy practices.
Throughout this privacy statement, “we” “us” “ours” “Flynnassociates.ie” refers to Flynn & Associates Limited.
Flynn & Associates Limited is a registered company with an address at Ennis House, Castleknock Road, Castleknock, Dublin 15.
We are the Data Controller of your personal data. We can be contacted by email at firstname.lastname@example.org
Information we collect and how we use it
We collect and use your personal information for a variety of reasons including;
In correspondence with us
If you correspond with us, we will collect information such as your name, address, phone number and email address and any other personal information contained within the correspondence and use it to respond to your enquiry. We process this information in pursuit of our legitimate interests, which include developing and maintaining relationships with our users.
We use some of the information you provide to personalise your experience with us as you use our services, such as addressing you personally on our services and making navigation on our site easier. We use aggregate information we collect about you to suggest and recommend tailored content. This processing is necessary for the purpose of our legitimate interests in delivering relevant content to our users.
To track how you gain access to or read our content
We collect information relating to your use of our services to track how you gain access to or read our content. We typically collect this data in a form that does not, on its own, permit direct association with any specific individual and therefore cannot be reasonably used to identify you. Aggregated and anonymous data is considered non-personal information for the purposes of this privacy statement. If we can link usage data with your personal information and identify you, we will treat that linked data as personal information for as long as it remains combined. We use log-in information, cookies and similar technologies, device information and internet protocol (“IP”) addresses to log your use of our services.
To manage our everyday business needs
We may use your personal information to manage our every business needs, including accounting, market research, legal matters, ensure appropriate IT security and prevention of fraud.
To verify your identity
To exercise your data rights, we may need to collect additional personal information from you to verify your identify. We will verify your identity by reference to acceptable identification documentation supplied by you, which may include copies of your current passport, driving licence.
When you provide services to us
You may provide us with your personal information if you provide professional services to us. This typically includes your contact information, address, phone number, your VAT registration number and maybe your banking information. We process this information so we can administer, manage and pay for the relevant services you provide and as per the terms and conditions of our contract.
Anonymous information we process
The purpose and legal basis for processing your information
We collect your information for a number of purposes and rely on a number of different legal bases to use your personal information.
To comply with our legal obligations
We may be required to process your personal information to comply with certain legal obligations to which we are subject, including:
- Proving information to an Garda Síochána, the Revenue Commissioners or other Government bodies or agencies when required to do so by law
- If you have exercised one of your data rights, we will retain a copy of all correspondence to demonstrate our compliance with data-protection legislation
- If you have exercised one of your data rights and ask us not to contact you by email at a particular email address, we will need to retain a copy of that email address in order to comply with your no-contact request
- To carry out our statutory audit
Processing based on our legitimate interests
We process your personal information for carefully considered and specific purposes which are in our legitimate interests and enable us to enhance the services we provide, but which we also believe benefit our customers. Our legitimate business interests do not automatically override your interests. You have the right, free of charge, to object to our use of your personal information for our legitimate interests. Please bear in mind that if you do object, this may affect our ability to carry out certain tasks for your benefit.
We process personal information for the following legitimate business purposes:
- To manage our everyday business needs and for internal purposes such as auditing, data analysis, troubleshooting, accounting, providing customer service, auditing, technical support and fraud prevention
- To provide you with a more personalised experience, such as making content recommendations. By understanding which content you find useful or interesting, we can recommend more content that you might also like, as well as continuing to produce the most valuable content to meet your needs
- To ensure content from our site and mobile applications is presented in the most effective manner for you and for your device
- To develop and maintain relationships with our users
- To better understand and improve the usability, performance, and effectiveness of our services
- We may process your information to protect you against fraud when transacting on our services and to detect, prevent, investigate security or technical issues to ensure our services are secure
- To protect the rights, property and safety of Flynn & Associates Limited or the rights, property or safety of our employees or others
- To understand the demographics of our users
You have the right to object to this processing, and if you wish to do so please contact us by email email@example.com
When and how your information is shared
We may share your personal data with the parties set out below:
- Other companies in our group who provide services to us.
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers
- Government bodies that require us to report processing activities.
- Third parties to whom we sell, transfer, or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to
Data storage and retention
Flynn & Associates will retain your personal information as needed to fulfil the purposes for which it was collected. We will retain and use your personal information no longer than is necessary to comply with our business and legal obligations.
We may transfer your personal data outside the European Economic Area. These countries do not always afford an equivalent level of privacy protection and in such circumstances we take specific steps, in accordance with data protection law and to protect your personal information. In particular, for transfers of personal data, outside the EEA where there is no adequacy decision by the European Commission we may rely on contractual protection approved by the European Commission.
Your data rights
You have several rights under data-protection law in relation to how we use your personal information. You have the right, free of charge, to:
- Request a copy of the personal information we hold about you in a structured, commonly used and machine readable format
- Rectify any inaccurate personal information we hold about you
- Withdraw your consent where we have relied upon your consent to process your information
- Erase the personal information we hold about you subject to certain exceptions
- If technically feasible, have your personal information transmitted to another data controller in a machine readable format at your request
- Restrict processing of your personal information in certain circumstances
- Object to our use of your personal information for our legitimate interests, for profiling and for direct marketing purposes
- Not be subject to a decision which is based solely on automated processing where that decision produces a legal effect on you or otherwise significantly affects you. We do not make automated decisions of this nature
- Lodge a complaint with the appropriate data-protection authority if you have concerns about how we process your personal data
These rights are in some circumstances limited by data-protection legislation. If you wish to exercise any of these rights please contact us at firstname.lastname@example.org
We will take measures to verify your identify which we will do by reference to acceptable identification documentation supplied by you. These include but are not limited to copies of your current passport, current driving licence.
We will endeavour to respond to your request within a month. If we are unable to deal with your request within a month we may extend this period by a further two months and we will contact you and explain why.
Consequences of not providing information
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services which you have requested). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Your Personal Data is held on secure servers hosted by our Internet Service Provider. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data.