M & E Doyle Associates Ltd T/A Doyle Associates is committed to protecting your privacy and safeguarding your personal, business and financial information.
The purpose of this Notice is to inform you about the types of Personal Information that Doyle Associates uses and discloses, the choices you have regarding such use and disclosure, and how you may correct that information. It applies to any information we collect or receive about you, from any source. In addition, we continue to be subject to the confidentiality rules of our professional accountancy body, Chartered Accountants Ireland.
- What is personal information?
“Personal Information” is any information relating to an identified or identifiable natural person. This information may include, but is not limited to, your mailing address, telephone number, email address, Internet Protocol (“IP”) address, age, gender, marital status and financial status. Personal Information, however, does not include your business title, business address or business telephone number in your capacity as an employee of an organisation.
- How do we collect your Personal Information?
When you engage Doyle Associates as your service provider our policy is to collect only the personal data necessary for agreed purposes and we ask clients to only share personal data where it is strictly needed for those purposes. We collect personal data from our clients or from third parties acting on the instructions of the relevant client.
From time to time, you may voluntarily provide us with unsolicited Personal information. If you provide such information for any reason, you consent to Doyle Associates using that information in the ways described in this Notice or as described at the point where you choose to disclose this information.
- Where do we store your Personal Information?
Personal Information provided to us by our clients is primarily stored on servers maintained by Doyle Associates in the Republic of Ireland and on our “cloud” storage providers based in the United States. Doyle Associates has taken appropriate steps for the protection of Personal Information handled by our service providers. However, information transmitted to other countries may be subject to the laws and lawful disclosure requirements of the jurisdiction(s) where the information is stored.
- How do we use your Personal Information
We process Personal Information to provide the range of professional services that we offer. We also process personal data in the administration and management of our business. Your consent covers all processing activities carried out for the same purpose or purposes.
We will only share your Personal Information with others when we are legally permitted to do so. Generally, these are Government bodies and third parties which either legally require the disclosures of Personal Information or it is necessary to transact your business requirements.
- When and how we obtain your consent
We obtain your consent to collect Personal Information when you engage Doyle Associates as your service provider. This consent is therefore in place prior to collecting, and in any case, prior to using or disclosing your Personal Information for any purpose. You may provide your express consent to us either orally, electronically or in writing.
Doyle Associates may also rely on your implied consent to the collection, use and disclosure of your Personal Information where implied consent is permitted under applicable law.
We will not, as a condition of the supply of our professional services or products, require you to consent to the collection, use, disclosure or protection of information beyond that which is required to fulfill the specified and legitimate purposes for which the information is being collected.
- How do we ensure the privacy of your Personal Information when dealing with third parties
Third parties which are retained by Doyle Associates to perform services on our behalf are contractually required to observe the intent of this Notice and our Data Protection Policy and Procedures. When providing information to third parties, Doyle Associates complies with the requirements of Article 28 of the EU General Data Protection Regulation 2016/679 (“the GDPR”) and practices.
- How long will we use your Personal Information
Personal data processed is kept by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). In the absence of specific legal, regulatory or contractual requirements, our retention policy period for records and other documentary evidence created in the provision of services is 7 years.
- Accuracy of Personal Information Held
We ensure that your Personal Information is kept as accurate, complete and up-to-date as possible. However, it will not be updated routinely unless such a process is necessary. You may ask us at any time to update and correct your personal details subject to confirmation of the accuracy of the changes being sought. Where appropriate or necessary we will pass the amended information to third parties having access to your Personal Information.
- Accessing your Personal Information that we have collected
You may access any Personal Information about you that we have collected, utilised or disclosed by writing to a Director at Doyle Associates, Railway Road, Gorey or, contacting the Office to obtain a Personal Data Access Request Form for completing and return to us. To help protect your information we will ask you to identify yourself when you contact us. We will respond to a written request not later than one month after receipt of such a request unless we advise you to the contrary. If we do not meet this time limit you have the right to make a complaint to the Data Protection Commission in Ireland.
In general you are entitled to request your Personal Information free of charge. In certain circumstances such as frequent or excessive requests we may charge a fee. The fee will be determined by the circumstances and the requirements of the requests and you will be advised of the amount prior to any work being undertaken. If a fee is payable then we will generally need to receive it before we can disclose the requested information.
- Safeguards in place to protect your Personal Information
We take the security of your Personal Information that we hold seriously. The only employees who are granted access to your Personal Information are those with a business ‘need-to-know’ or whose duties reasonably require such information. We have a policy including procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.