This policy governs the use of personal data which you provide to us via our website. Personal data is any or all data relating to a natural person who is identified, or can be identified, from the data. Whiteside Cullinan (“we”, “our”, “us”) respects your privacy. We understand that how your personal data is used and shared online matters to you, and we take the privacy of those who visit our website (“the site”) very seriously. We will not collect any data other than when you contact us, and we will always process that data in compliance with the law. Our site may contain links to other sites and be aware that if you choose to click on those links, your data may be processed by other organisations hosting those sites. We cannot control or monitor this, and you should have regard to their privacy policies.
Who we are
- The website is owned and operated by:
Whiteside Cullinan, Fleming Court, Flemings Place, Dublin 2.
- We are regulated by The Institute of Chartered Accountants in Ireland
You have certain rights as a data subject under the General Data Protection Regulation (GDPR), which governs the collection, processing and disposal of personal data by organisations such as ours.
In relation to personal data about you, you have the right:
- to be informed about how and why we collect and use the data
- to be informed about who may receive your data, where it may be transferred and how long it will normally be retained
- to be given access to the data we hold
- to have any inaccurate or incomplete data rectified
- to ask us to delete personal data earlier than we might already dispose of it
- to prevent us from processing the data further
- to object to us using the data for particular purposes.
We provide contact details at the end of this policy for you to use if you have any complaint about our processing of your personal data. If you are not satisfied with the way we deal with this issue, you have the right to lodge a complaint with the Data Protection Commissioners office, which is the body in charge of supervising personal data use in the Ireland.
How we process personal data
For people who contact us through our website
We use the personal data you have provided to us to respond to your queries when you contact us. Our legal basis for this processing is our legitimate interest in the administration and operation of our firm. If you become a client, your personal date will become part of your file with us. If you do not become a client, we will delete your personal data 12 months after your last contact with us.
For people who sign up for our newsletter
We use the contact information you have provided us to send you our newsletter and other updates. Our legal basis for this processing is the consent that you provided when you signed up. We always include an unsubscribe option in our marketing communications, so you can opt out of receiving such communications at any time. We will retain your contact information until you unsubscribe or opt out.
For people whose information we received from one of our clients
If you are an employee, contractor, customer, supplier, or family member of one of our clients, we might receive and process your personal data as part of our engagement with that client. That personal data may include your name, contact information, financial information such as salary or payments, and other information held by our client. We will only process your data in order to provide our accounting, tax, audit or other services to our client. Our legal basis for this processing is our legitimate interest in fulfilling our professional and contractual obligations to our clients. We retain this data for a period of 7 years because we believe we have a legal responsibility to retain it for this period.
Whom we share data with
We share your personal data with our IT service providers and our cloud data storage providers. These providers are not permitted to use this data, except on our behalf. We may share your personal data with advisors who are subject to rules of confidentiality. We may also be obliged to provide access to your personal data to regulators, including our professional body.
If we received your personal data from one of our clients, then we also share your personal data with that client.
We will not share your personal data with any other third parties, unless we have a legal or professional duty to do so.
How and where do we store your data?
We will only keep your data as long as we need it for the purpose(s) for which it is collected, and/or for as long as we have your permission to hold it.
Some or all of your data may be stored outside of the EEA. If we do store data outside this area, we will take all reasonable steps to ensure that your data is as safe and secure as it would be within Ireland and is treated lawfully and in accordance with the GDPR.
Security & Retention of Data
We are committed to ensuring that your information is secure. For this purpose, we will not hold your personal data for any longer than is reasonable. Further, we have taken reasonable steps to protect your information against unauthorised access and against unlawful processing, accidental loss, damage and destruction. Nevertheless, any personal data submitted by you is at your own risk.
We will not transfer your personal details to any third party for direct marketing without your permission. We use certain third-party service providers who may have access to your personal data so that they can provide services to us. When this occurs, we have a data protection compliant contract in place with these third parties.
Automated decision-making and profiling
We do not use any personal data for automated decision-making or profiling.
Measuring Website Usage (Google Analytics)
We use Google Analytics software to collect information about how you use this website. We do this to help make sure the site is meeting the needs of its users and to help us make improvements.
Google Analytics stores information about:
- the pages you visit
- how long you spend on each page
- how you got to the site
- what you click on while you’re visiting the site
We don’t collect or store your personal information (for example your name or address) so this information can’t be used to identify who you are. We don’t allow Google to use or share our analytics data.
Accessing your data
You are entitled to make a subject access request under the GDPR. This means that you may request a copy of any personal data we hold about you, free of charge. We will provide any or all information in response to your request if you contact us on email@example.com
If you have any questions about the site or this policy, or you wish to make a subject access request, then please contact us as follows, making your request or query clear:
- email: firstname.lastname@example.org
- telephone: + 353 (1) 677 8185
- postal address: Flemings Court, Flemings Place, Ballsbridge, Dublin 4
You also have the right to lodge a complaint with the Data Protection Commission, whose contact details are as follows:
Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland.
Telephone +353 (0761) 104 800 | LoCall 1890 25 22 31 | Fax +353 57 868 4757
Amending the policy
We may change this policy from time to time, in response to changes in the law or for operational reasons. Any changes will immediately be posted on the site and you will be deemed to have accepted the amended policy if you continue to use the site afterwards. You should therefore regularly review this policy.