Data Protection Statement
This notice relates to our privacy practices in connection with this website. Comyn Kelleher Tobin LLP (hereafter referred to as “CKT”, “Us” and/or “we”) fully respects your right to privacy and will not collect or publish any personal information about you through this website without your permission. Any personal information which you volunteer to CKT will be treated with the highest standards of security and confidentiality.
This statement sets out your rights as a data subject and is being provided to you in line with our obligations under applicable data protection legislation (including the General Data Protection Regulation (EU) 2016/679 (hereafter referred to as “GDPR”).
This statement will be reviewed regularly and is therefore subject to change. You are requested to check this statement regularly for updates.
CKT is the data controller in respect of your personal data which you provide to us. A data controller refers to a person, company, or other body which decides the purposes and methods of processing personal data.
Who we are
We are Comyn Kelleher Tobin LLP of 2 George’s Quay Cork, T12 TR2A and Ormond Building, 31-36 Ormond Quay, Upper Dublin 7, D07 E303. You can contact us at either address by post or by email at firstname.lastname@example.org .
Your Rights Under GDPR
In accordance with the applicable legislation, you have the right to the following:
- Request that we inform you as to whether we hold your personal data, and if so, you may request that we provide you with details of what personal data we hold.
- Request that we rectify any inaccurate or incomplete personal data we might have about you without undue delay.
- Request that we erase your personal data without undue delay where we no longer have a basis for holding it.
- Object to our processing of your personal data where we are relying on a legitimate interest (or the legitimate interests of a third party). This right also arises where your personal data is held for direct marketing purposes.
- Object to automated decision making.
- Request access to your personal data which you provided to us. Generally this is referred to as a data subject access request.
- Request the restriction of your personal data being processed.
- Request the transfer of your personal data. This right relates to data portability and means that you may request that your personal data is transferred to another party in an electronic, usable and structured format.
You may exercise your data protection rights by contacting our Data Protection Officer (hereafter referred to as “DPO”) at email@example.com. The DPO is a person within CKT who is specifically entrusted with the task of receiving any such queries or requests about our processing of your personal data.
You also have the right to lodge a complaint concerning CKT to the Data Protection Commissioner at any time here. We would appreciate the opportunity to resolve any complaints you may have in advance of a complaint being made to the Data Protection Commissioner.
The exercise of your rights might be subject to certain conditions prescribed by law, and we might require further information from you before we can respond to your request.
Why We Process Your Personal Data
We process your data in order to perform the services you have requested of us and to comply with our legal obligations.
Our Legal Basis For Processing Personal Data
In the provision of our services to you we rely on your consent, as well as our legitimate interests (for example in the proper marketing of, recruitment for and record keeping of our firm), as the legal basis for processing your personal data.
Furthermore, we also rely on our contractual obligations to you where appropriate as a justification for processing your personal data is necessary for the performance of a contract with you.
You may withdraw your consent in accordance with your data protection rights by contacting us at firstname.lastname@example.org. Such withdrawal of consent does not effect the legality of processing prior to your consent being withdrawn.
Personal Data We Collect And Process
The term ‘personal data’ means any information concerning or relating to a living person who is either identified or identifiable.
You are not obliged to provide us with your personal data. However, if you do not, we might not be able to carry out the services you have requested of us.
You may provide us with personal data in order for us to provide you with legal services. This information may include, but is not limited to, your name, contact details, PPS numbers, financial information, technical data (such as your IP address, browser data, operating system and platform, and other information collected by website cookies) bills, photographs, copies of passports, driving licenses or other identification documents, medical records, marketing preferences etc. Our website also collects information about your visit, including what pages you visit, how long you are on the site, how you got to the site (including date and time), page response times, length of visit, what you click on, documents downloaded and download errors.
You may supply us with information about you by filling in our ‘Contact us’ form on our website: Contact Us – CKT The information you give us may include your first name, last name, telephone number and your email address.
We may also obtain personal data about you from other sources such as public registers, government and regulatory authorities, business partners, financial and insurance advisors, service providers, etc.
How Do We Use Your Personal Data
We gather and use your information to:
- respond to your query when sent through our ‘contact us’ form;
- provide you with the services you request from us;
- comply with legal obligations (such as our Anti-Money Laundering requirements);
- provide you with information about other services we offer;
- notify you of changes to our services;
- monitor and improve the quality of our services;
- contact you regarding updates, events and legal developments.
Who We Share Your Personal Data With
We may share your personal data with email service providers, advisers, barristers, experts and other third parties in order to provide you with the services which you request from us.
We will not disclose your personal data to third parties unless you have consented to this disclosure or unless the third party is required to enable us to fulfil a request you have made or contract that you have entered into.
In the event that your personal data is required to be processed by a third party, we will take steps to ensure that the processing complies with applicable data protection and confidentiality laws. We may also be required to share your personal data to comply with our statutory or regulatory legal obligations.
Transferring Your Personal Data Abroad
Where we need to transfer your personal data outside of the European Economic Area in order to provide our services to you, we will ensure that appropriate safeguards are in place so as to ensure that the country to which your personal data is being transferred to has an adequate level of protection (in accordance with Article 45 of GDPR) or else by ensuring that the provisions of Article 46 GDPR are complied with through the use of appropriate safeguards.
We may also seek your specific consent to enable such transfers.
We take all reasonable steps including appropriate technical and organisational measures to protect your information. We have Q9000 certification and review our data security measures and procedures regularly.
We limit access to your personal data to our employees, agents and third parties who require access to same in the course of providing you with the services which you request from us.
Despite our stringent data security policies and procedures, we cannot guarantee the security of your data transmitted to or from us by means of e-mail and any such transmission is at your own risk.
Data Storage and Retention
Our physical files are stored in our offices or in our off-site archives. Electronic files are stored on our secure servers.
We hold your information only for as long as it is necessary in accordance with the purposes which we collected it for. When determining the appropriate retention period for personal data we consider our legal, accounting and reporting requirements, as well as the nature, amount and sensitivity of the data in question and the potential harm from unauthorised disclosure of same. Please contact us should you wish to know the specific retention period for any of your personal data.
Where you have requested that your contact details be removed from our update or marketing emails, we may retain your email address so as to ensure that you are not sent further updates or marketing emails in the future.