Privacy/Data Protection Policy
This Data Protection Policy is effective as and from the 3rd January 2023.
Your privacy and security are important to us. This policy sets out how we collect, manage, use, process and delete your personal information. It is important that you read this carefully and become familiar with your rights in relation to your personal information to include your right to object to processing of your personal information where that processing is carried out for legitimate interests.
Within this policy we use the terms “we” and “our” to refer to Grace Solicitors LLP, incorporating Gerald Meaney.
Who is Collecting your Information?
This privacy policy applies to Grace Solicitors LLP, incorporating Gerald Meaney, which is a law firm regulated by the Law Society of Ireland and the Legal Services Regulatory Authority. We are the controller responsible for your personal data.
Within the firm we have appointed a Data Protection Officer (DPO) who is responsible for overseeing any queries or concerns you may have with regard to this policy and how we approach your privacy. If you wish to request to exercise your legal rights with respect to privacy, please send a letter or email for the attention of the DPO at the details below:
Data Protection Officer,
Grace Solicitors LLP,
Incorporating Gerald Meaney,
Suite 6B & 7B,
Newpark Shopping Centre,
Newpark,
Kilkenny
The Purpose and Legal Basis for Requesting and Processing your Personal Information
There are a number of reasons why we require the collection of personal data, which include:
- To enter into a contract with you
When you engage us to carry out legal services on your behalf, it is necessary for us to collect personal information in order to seek and receive instructions from you in relation to said legal services and to carry out said legal services.
- To comply with our legal obligations
We are required to process your personal information to comply with certain legal obligations to which we are subject, including:
- Providing information to An Garda Siochana, the Revenue Commissioners and other enforcement agencies under various pieces of legislation which apply to us.
- To verify your personal information provided to us and to meet our legal and compliance obligations, including detecting and preventing money laundering, tax avoidance and financing of terrorism.
- For the establishment, exercise or defence of legal claims
We sometimes process your personal information, including sensitive personal information, such as information concerning health, trade union membership and criminal convictions/offences where it is necessary for the establishment, exercise or defence of legal claims.
- For our legitimate business interests
Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms.
We may use your personal information to manage our everyday business needs including accounting, internal reporting needs, market research, to progress and respond to legal claims, to ensure appropriate IT security and to prevent fraud, in our legitimate interest.
Our legitimate interest is the effective management of our business. We may use your personal information to update you on legal developments, firm developments or to invite you to events that we feel may interest you in our legitimate interest. Our legitimate interest is to connect with our clients and to update our clients on services which we provide. We may from time-to-time monitor whether such emails have been opened by you.
- Consent
We will, in certain circumstances, rely on your explicit consent to process your personal data, including sensitive personal data. This consent can by withdrawn at any time by using the contact details of the DPO set out above.
Consequences of Failing to Provide Information
Where we need to collect personal data by law, or under the terms of a contract/retainer with you and you fail to provide that data when requested we may not be able to perform the contract/retainer we have or are trying to enter in to with you. For example, we may require certain information from you in order to fulfil our requirements under both Irish and European Anti-Money Laundering Legislation before carrying out certain legal services. As such we may not be able to carry out those legal services without that information, but we will notify you of this at the time, should this be the case.
Types of Information we Collect
The following are examples of the types of personal information we may request from you and how we use it:
|
Information Sought |
Use of that Information |
|
Name, date of birth, PPS Number, marital status, nationality, passport, driving licence. |
We use this information to carry out instructed legal work and to verify your identify and to comply with our obligations under anti-money laundering legislation. |
|
Address, email address, phone numbers. |
We use this information to carry out instructed legal work, to send you information about legal developments and services and to respond to your queries. |
|
Occupation, details of income, employer, employment status, salary, additional incomes, expenses, business affairs. |
We use this information to carry out instructed legal work. |
|
Information pertaining to your family status, marital status and information relating to your family. |
We use this information to carry out instructed legal work. |
|
Financial information concerning your bank accounts, credit union accounts and other financial information as may be necessary. |
We use this information to carry out instructed legal work. |
|
Interaction with all members of the legal team to include Partners, Solicitors, Legal Executives, support and administrative staff. |
We use this information to keep a record of your interactions with us, to monitor and train our staff or to provide you with legal services. |
|
Information on your physical or mental health, trade union membership, criminal offences/convictions, risk to any third parties. |
We use this information for the establishment, exercise or defence of legal claims or to provide you with legal advice and to ensure the health and safety of you and/or anyone we perceive to be at risk from information gathered from you. |
Your Information and Third Parties
Third Party Service Providers:
We may share your personal information with third party service providers that perform services and functions at our direction and on our behalf such as accountants, IT service providers, printers, debt collection agencies, business advisors, marketing companies who carry out marketing campaigns on our behalf and providers of security and administrative services.
Potential sale or merger of Grace Solicitors LLP, Incorporating Gerald Meaney:
We may also transfer your personal information to law firms we plan to merge with or be acquired by.
An Garda Síochána, government bodies, or other government officials:
We may share your personal information with An Garda Síochána, or other government bodies or agencies including but not limited to the Revenue Commissioners, where required to do so by law.
The Law Society and The Legal Services Regulatory Authority:
We may share your personal information with the Law Society and/or the Legal Services Regulatory Authority, where required to do so by law.
Third Parties:
We may provide your information to third parties to facilitate your instructions to us, such as lawyers, parties to any legal claim, parties with whom you have a legal issue or complaint and third parties who you instruct us to communicate with on your behalf such as the Personal Injuries Assessment Board, Motor Insurers Bureau of Ireland etc.
Legal Directories:
We may, with your consent, furnish your personal information to legal directories.
Storage
We will retain your personal information for the purpose of satisfying any legal, accounting or reporting requirements. How long certain information is stored depends on the nature of the information we hold and the purpose for which it is processed. For example, we may hold some personal information for a period of seven years from the date of completion of any contract with you. In other instances, such as in relation to conveyancing matters, it may be necessary to hold some personal information for a period of twelve years from the date of completion of any contract with you. If you require information on the exact duration your personal data will be retained by us, please speak with your appointed Solicitor/Legal Executive or contact the DPO at the details set out above.
Requesting and Updating your Personal Data
To request a copy of the personal data, which we hold for you on our file or wish to make a change to any of the information we hold, please direct all such requests to info@gracesolicitors.ie with the subject line “Request for Personal Information” or “Request to Change Personal Information” and we will endeavour to respond to your query within 30 days. Before we can complete such request, we will need to verify your identity. You will need to confirm your full name and email address and possibly your telephone number if we hold same on file.
Your Rights under Data Protection Law
You enjoy a number of rights under data protection law in relation to how we use your personal information. You have the right, at no cost to you to:
- Request a copy of the personal information we hold about you (please see above process).
- Rectify any inaccurate personal data we hold about you (please see above process).
- Erase personal information we hold about you.
- Restrict processing of your personal information.
- Object our use of your personal information for our legitimate interests.
- Receive your personal information in a structured commonly used and readable format.
- To have that data transmitted to another data controller.
- These rights are in some circumstances limited by data protection legislation. If you wish to exercise any of these rights, please contact us using the contact details contained in this form and the process referred to above. We will endeavour to respond to your request within 30 days. If we are unable to deal with your request within this period of time, we may extend this period by a further period of two months, and we will explain the reasons why.
- You also have the right to lodge a complaint to the Office of the Data Protection Commission here.
Contacting you Outside of the Provision of Legal Services
From time to time we may update our clients on the firm, legal updates of significant importance, general information about our services etc. However, if you do not wish to receive this type of information, please contact the DPO at the contact details above.
Updates to our Policy
We reserve the right to update, change or amend our policy in accordance with the law and where necessary from time to time. Any updates will appear in this policy and where it is appropriate, we will ensure to advise you of such updates. We will state the date in which the last updates were made to this policy, within the policy.