IMPORTANT: PLEASE READ THE FOLLOWING PRIVACY STATEMENT CAREFULLY
This is the website of Cosgrove Gaynard Solicitors . We have created this Privacy Statement in order to demonstrate our firm commitment to privacy. The following discloses our information gathering and dissemination practices relating to this website. In order to fully understand your rights, we encourage you to read this Privacy Statement. Each time you use this website you will be bound by the then current Privacy Statement and you should review it each time you use the website to satisfy yourself that you are happy with it.
ACCEPTANCE OF PRIVACY STATEMENT
By using this website, you signify acceptance of this Privacy Statement. If you do not agree with or you are not comfortable with any aspect of the Privacy Statement, your only remedy is to discontinue use of the website. We reserve the right to modify this Privacy Statement at any time. Your continued use of any portion of the website following notification or posting of such changes will constitute your acceptance of those changes. Therefore you should read the Privacy Statement again each time you visit the website.
PRIVACY & DATA PROTECTION
We respect your rights and do not require you to provide personal information unless you wish to avail of additional features or services. Where data is submitted it will be used for the stated purposes only. Communicating via the Internet and sending information to you by other means necessarily involves your personal information passing through or being handled by third-parties, but we do not sell or distribute without your permission your personal information to third parties for purposes of allowing them to market products and services to you.
Cosgrove Gaynard Solicitors regard our clients’ affairs as confidential in accordance with the best practices of the legal profession. In the course of acting for you, we will receive personal information relating to you, your employees, your associates and other parties (data subjects). In this statement, we refer to this information as "personal data". We are committed to protecting the right to privacy of all persons about whom we hold personal data.
This statement sets out the how we use, process and disclose personal data provided to us by individuals we do business with us which includes our (current, former and prospective) clients.
HOW WE OBTAIN PERSONAL DATA
We will collect data directly from you and will also create some data internally (e.g. when exchange correspondence with you). We will also collect additional personal data throughout the period you remain a client or you continue to interact / work with us.
We may also collect some data from external sources. For example, we may obtain information from public registers or employers , banks or other persons you liaise with in the course of your dealings with us may provide us with information about you as an employees/ customer.
HOW WE USE PERSONAL DATA
As you may be aware we are required to request personal data for compliance with anti-money laundering regulations (AML/ KYC). We shall process such information only for the purposes of preventing money laundering or terrorist financing, or as otherwise set out in this Statement or permitted by law.
For the purpose of our providing services to you, we shall use personal data and share it with our partners, service providers, staff and consultants. The legal basis for the processing of such data is for the performance of a contract with you or to comply with a legal obligation or where it is necessary for our legitimate interest in providing legal services to you. We may disclose personal data to our third party service providers (such as our contractors, service providers, agents, credit card providers, IT service providers and debt collectors) as well as with third parties (such as barristers, experts and regulators) where required by law, where necessary to administer our working relationship with you or where we have a legitimate interest in doing so.
We may use personal data to send you ezines, newsletters, invitations and similar marketing but we shall seek your consent to receiving such marketing materials from us. If at any time you decide that you do not wish to receive marketing emails from us, you can opt out by emailing email@example.com.
THIRD PARTY PROCESSORS
Our information technology systems are operated by us but some data processing is carried out on our behalf by a third party. Where processing of personal data is carried out by a third party data processor on our behalf we endeavour to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal data.
DISCLOSURE OF PERSONAL DATA TO A SUCCESSOR FIRM
We may transfer personal data to a successor firm or company which acquires the legal practice carried on by Cosgrove Gaynard Solicitors. If this happens, we will require the firm or company to which we transfer personal data to observe standards of data protection and privacy no less secure than those set out in this statement. Save as described in this statement, personal data will be retained by us and will not be sold, transferred or otherwise disclosed to any third party, unless such disclosure is required by law or court order.
CHANGE OF PURPOSE
We will only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
HOW WE USE SPECIAL CATEGORIES OF PERSONAL DATA
“Special categories of personal data” require a higher level of protection. These include information about a person’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health or condition or sexual life.
We have in place appropriate safeguards which we are required by law to maintain when processing such data. We may process special categories of personal data, in limited circumstances, with the data subject’s explicit written consent.
In certain cases, we may process this type of data where it is needed in the course of our work for you i.e. in relation to a legal claim or where it is needed to protect your interests (or someone else’s interests i.e. if the data subject is not capable of giving consent, or where the data subject has already made the information public.
TRANSFERRING PERSONAL DATA OUTSIDE THE EEA
We may transfer personal data outside the EEA. However, if we do, we will notify you in advance and you can expect a similar degree of protection in respect of the personal data obtained by us in the course of acting for you.
HOW LONG WILL WE RETAIN PERSONAL DATA
We will only retain personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Details of retention periods for different aspects of personal data obtained by us are available in our retention policy which you can request from us. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means and the applicable legal requirements.
Once you are no longer a client of our Firm or your relationship with us has ended, we will retain and securely destroy the personal data in accordance with our data retention policy.
If at any point you believe the information we process on you is incorrect you can request to see this information and even have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you can contact us on the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the national Data Protection Commissioner’s Office.
A full list of your rights under GDPR is as follows:
The right to access the personal data we hold on you
The right to correct, update or erase the personal data we hold on you
The right to object to processing of your personal data
The right to data portability
The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought
The right to object to the processing of personal data where applicable
The right to lodge a complaint with the national Data Protection Commissioner’s Office
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to establish its accuracy or the reason for processing it.
Request the transfer of your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us in writing. We will respond to your request as soon as possible and in any event within one month of receipt. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In circumstances where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email firstname.lastname@example.org Once we have received notification that you have withdrawn yourconsent, we will no longer process your data for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
WHERE WE PROCESS PERSONAL DATA FOR YOU AS A “DATA PROCESSOR”
In certain circumstances, we may process personal data on your behalf as a "data processor". Where we act as a data processor we shall:
process the personal data only to the extent, and in such a manner as is necessary for the purposes specified and in accordance with your documented instructions and only in accordance with the applicable data protection laws;
promptly respond to any request from you requiring us to amend, transfer or delete the personal data;
implement and maintain such technical and organisational security measures as may comply with the data security obligations under the applicable data protection laws;
not transfer the personal data outside the EEA without your written consent and where such consent is given to only transfer personal data where appropriate safeguards are in place;
not engage a sub-processor without your prior specific or general written consent and where a sub-processor is engaged they shall be subject to the same data protection obligations as us;
notify you without undue delay, and at least within 48 hours, after becoming aware of a personal data breach;
ensure that persons authorised to process the personal data are bound by confidentiality provisions;
assist you in ensuring compliance with the obligations regarding security of processing, notifications of breaches, data protection impact assessments and prior consultations taking into account the nature of the processing and the information available to us; and
at your choice, delete or return any personal data to you on the expiration or termination of the processing agreement and delete existing copies unless applicable law requires the storage of the data.
INFORMATION AND USES - WEBSITE
For general web-browsing no personal information is revealed to us, although certain statistical information is available to us via our internet service provider. This information may include the IP and logical address of the server you are using, the top level domain name from which you access the internet (for example .ie, .com, etc), the type of browser you are using, the date and time you access our website and the internet address linking to our website. This information may be used to help us to improve, administer and diagnose problems with our server and website. This information helps us monitor traffic on our website so that we can manage the website's capacity and efficiency. It also helps us to understand which parts of this website are most popular and generally to assess user behaviour and characteristics to measure interest in and use of the various areas of the website.
The statistical and analytical information provides general and not individually specific information about the number of people who visit this website; the number of people who return to this website; the pages that they visit; where they were before they came to this website and the page in the website at which they exited.
Through this website you may have an opportunity to send us information, such as through the "contact us" pages or any other area where you may send e-mails or provide feedback. By choosing to participate in these, you might provide us with some personal information. This information will only be used by us for (i) the purposes for which it was provided by you; (ii) verification purposes and statistical analysis; and (iii) marketing and administration purposes.
This website has security measures in place to protect the loss, misuse and alteration of the information under our control. As no data transmission over the Internet can be guaranteed as 100% secure, we cannot ensure or warrant the security of any information you transmit to us and you transfer the data at your own risk. We endeavour to use appropriate security measures.
COOKIES AND WEB BEACONS
Information about your general Internet usage may be obtained by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. Web beacons may also be used and these facilitate the transfer of data from our website to the Google Analytics website. Cookies and web beacons help us to improve our website and to deliver a better and more personalised service. They may be used to enable us to:
TO ESTIMATE USAGE NUMBERS, PATTERNS AND RELATED ACTIVITY.
To store information about how you accessed and use our website and your preferences, and so allow us to customise our website according to your individual interests.
To recognise you when you return to our website.
Our website may, from time to time, contain links to and from other sites. If you follow a link to any of these sites, please note that these sites have their own privacy statements and that we do not accept any responsibility or liability for these privacy statements. Please check their privacy statements before you submit any personal data to those sites.
GOVERNING LAW AND JURISDICTION
This legal notice and all issues regarding this website are governed by Irish law and are subject to the Irish courts.
Delay or failure on our part in enforcing any of our rights shall not constitute a waiver by us of our rights and remedies. If any part of this Privacy Statement is held to be invalid or unenforceable, the validity or enforceability of the remainder will not be affected.
If you have any questions about this Privacy Statement, how we handle personal data or our practices relating to the website , please contact us in writing. You can as mentioned above make a complaint to the Data Protection Commissioners office however we would appreciate the opportunity to deal with your concerns in the first instance.
MODIFICATIONS TO THIS STATEMENT
We may change this statement from time to time and we will provide you with a new statement where any substantial updates are made. The current version will always be available from us in hard copy or on our website.
24 May 2018