WHO ARE WE (Throughout this document we, us, our and ours.)
Infinity Vision Ltd t/a McKeogh Gallagher Ryan trades from the following offices
- 45 O’Connell Street, Limerick [Head Office].
- 50 O’Connell Street, Ennis, Co. Clare.
- 23 Silver Street, Nenagh, Co Tipperary.
We are accountants and business advisers based in Ireland. Infinity Vision Ltd is authorised by the Institute of Chartered Accountants in Ireland to carry on Investment Business.
Eoin Ryan, Partner, is the Privacy Officer; he can be contacted in writing at the above Limerick address or via email to email@example.com.
WHERE ARE WE (Where is the location of data processing.)
Infinity Vision Ltd has four offices:
- 45 O’Connell Street, Limerick.
- 50 O’Connell Street, Ennis, Co. Clare.
- 23 Silver Street, Nenagh, Co. Tipperary.
- 12 Merrion Square, Dublin 2.
Personal Data is processed by Infinity Vision Limited:
- At our offices in Limerick, Ennis and Nenagh, listed above; and/or
- At other locations where staff are located on occasion.
WHAT INFORMATION WILL WE COLLECT ABOUT YOU?
We collect some or all of the following information about you when you engage us to deliver our services or interact with us professionally:
- Name, address and telephone number.
- E-mail address.
- Proof of identity and address.
- Basic health information and contact details required for contract tracing during the COVID-19 pandemic.
- Educational, personal and professional details/history (as outlined on a curriculum vitae and via reference checks).
- We also process personal data, including but not limited to PPSN, marital status, P60, medical expenses etc., on behalf of our clients for the provision of our professional services. There is a formal written contract put in place between us and our client, which sets out our Data Protection Policy.
We also collect information when you give us your business card, enquire about our services, network with us at events, engage us for our services, register for our events. We use this information to communicate with you about our firm, invite you to events, market our services to you, and distribute technical updates. If you have consented to receive marketing information, you may opt out at any time by writing to us or emailing us at the details below.
HOW WILL WE USE THE INFORMATION WE COLLECT ABOUT YOU
We process data for a variety of reasons:
- Customer administration (invoicing etc.) and customer relationship management.
- To disseminate our firm newsletter, tax and business updates.
- To market tax-based investment opportunities to clients and contacts such as the Employment and Investment Incentive Scheme (EIIS) in line with data protection regulations and the regulations governing the marketing of financial products.
- To invite clients and contacts to events.
- Other day-to-day administration purposes that would be in our legitimate business interests.
- To deliver the services for which you have contracted with us.
- In accordance with Anti-Money Laundering Legislation.
- Filling of employment vacancies.
- In accordance with our compliance obligations to the Chartered Accountants Regulatory Board and Chartered Accountants Ireland. We also engage third party compliance firms to perform compliance reviews.
- In accordance with the Return to Work Safely Protocol issued by the Government during the COVID-19 pandemic, to facilitate contact tracing.
If we are in receipt of a valid request from Irish and European law enforcement authorities, we would make data available to them in accordance with our legal obligations.
We will use your information about you to provide the services you have requested from us and, if you agree, to contact you about other products and services we think may be of interest to you. We are able to use your information because we have a contractual obligation to you or because you have consented to the use of your information in certain ways.
We use MailChimp to disseminate our email newsletters and invitations and may use it to send email communications to our clients. This is a third-party service where we have uploaded your name and e-mail address to MailChimp via a secure channel. By virtue of them storing your Personal Data, MailChimp are therefore considered a Data Processor. MailChimp necessitates the transfer of some data to servers in the United States. MailChimp is certified to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework. One legal ground for transferring personal data set out in the GDPR is an “adequacy decision.” An adequacy decision is a decision by the European Commission that an adequate level of protection exists for the personal data in the country, territory, or organisation where it is being transferred. The Privacy Shield framework constitutes one such example of an adequacy decision. MailChimp participates in and has certified its compliance to the Privacy Shield framework, and are committed to treating all personal data received from EU member countries in accordance with the Privacy Shield framework’s applicable principles.
When sending emails, we may carry out certain analytics on the messages sent, such as whether the message has been opened, how many times it has been opened, and your topic preferences.
We may use a third party fulfilment company for the posting of large volume emailers or invitations. In such instances we would ensure their data protection policies are in compliance with all relevant data protection legislation.
We have no intent or interest in sharing your personal data with other services, other than the above, without your permission.
We use Datto’s cloud storage system to back up our data. Datto, Inc. is an American cybersecurity and data backup company. Our system is backed up on hardware located in our secure server room in our Limerick offices. This is synchronised with Datto’s cloud storage system. This is a third-party service where we have uploaded our data via a secure channel. By virtue of them storing our data, Datto are therefore considered a Data Processor. We have agreed with Datto that all our data is to be stored in servers located within the EU and compliant with GDPR legislation. At present these servers are located in Germany. Datto provides a secure backup facility they do not access our files directly but if required they can recreate our IT environment.
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the address below. We may have to apply an appropriate charge for this service depending on the circumstances.
You may be asked for additional data to verify your identity as part of processing the request to exercise your rights. We will endeavour to respond to all requests within 30 days of receiving the initial request. If we are unable to complete the request within the 30 day limit, we will notify you within the required time limit.
We want to make sure that your personal information is accurate and up to date. You have the right to ask us to correct or remove information you think is inaccurate.
You also have other rights, including: the right to erasure, right to restrict processing of your information; the right to data portability; and the right to object to certain uses of your information.
We do not carry out any automated decision making or profiling activities, so the rights in relation to automated decision making and profiling would not apply.
We have implemented generally accepted standards of technology and operational security in order to protect personal data and information from loss, misuse, alteration or destruction. In particular, we ensure that all appropriate confidentiality obligations and technical and organisational security measures are in place to prevent any unauthorised or unlawful disclosure or processing of such information and data and the accidental loss or destruction of or damage to such information and data.
We retain personal data only for the length of time necessary to provide services to customers, engage in consented to marketing activities, as required by law, and other legitimate purposes of our business.
Detailed data retention policies are available on request.
We will periodically ask our clients and contacts to renew their consent to receiving communications from us.
We use CCTV to control the exterior of our building in Nenagh for security purposes affecting property belonging to the company and our clients. The system is intended to capture images of intruders or of individuals damaging property or removing goods without authorisation and to increase the safety of staff, clients and visitors. The images are stored on a secure DVR and are held for a period of 30 days. In the event images have identified an issue e.g. break-in or theft then it is retained specifically in the context of an investigation of that issue. Requests from An Garda Siochana to download footage will be acceded to, where a formal written request is provided to the Privacy Officer stating that An Garda Siochana is investigating a criminal matter. Any person whose image is recorded on our CCTV system has a right to seek and be supplied with a copy of their own personal data from the footage. To exercise that right, the data subject must make an application in writing to the Privacy Officer with a reasonable indication of the approximate time and specific date(s) on which their image was recorded.
Our website uses Google Analytics Tracking and WordPress cookies.
We use Google Analytics on our website. Google Analytics writes cookies to your device (detailed above).
Other purposes for which we might process personal data can include:
Where necessary we will process personal data provided to us for the purposes of seeking legal advice or other legal purposes. Examples of such processing would include providing information to debt collection agencies in the event of persistent non-payment for products or services.
Also, where we receive a formal request under Section 8 of the Data Protection Acts 1988 and 2003 or Article 23 of the General Data Protection Regulation (GDPR) we may be required to disclose personal data of website users, business contacts and/or clients to An Garda Síochána, the Revenue Commissioners, or other relevant organisations.
Cross-border data transfer
Our use of MailChimp means that names and e-mail addresses are stored on servers hosted in US based data centres. Full details of MailChimp’s security set-up is available on their website here https://mailchimp.com/about/security/. Our use of Google Analytics involves the transfer of some data to servers in the United States. For more information on how it collects and processes data click this link to see Google’s Privacy & Terms and click this link to see Google’s Safeguarding your data practices and commitment.
Our unstructured data (documents, spreadsheets, etc.), which may occasionally contain personal data, is stored on servers at our premises.
Our use of Datto means that our data is backed up to a cloud system (data centre) based in Germany. We have a service level agreement with Datto detailing the location of our stored data and compliance with all relevant EU legislation. Certain data related to technical and administrative support for a Product or its management portal (“Metadata”) may be hosted in the U.S. even if Datto’s customer uses a data centre located in the EEA or the UK. Datto, Inc. and its U.S. subsidiaries self-certify to and comply with the EU-U.S. and Swiss-U.S. Privacy Shield as a transfer mechanism regarding the transfer of Personal Data from the European Union, the EEA, Switzerland and the United Kingdom to the U.S.. Transfers of Metadata and Personal Data to the U.S. are validated through Datto’s EU-U.S. and Swiss-U.S. Privacy Shield certification. Datto’s Privacy Shield Notice can be viewed here https://www.datto.com/legal/privacy-shield.
Our website is hosted in Ireland and we do not use any other service (other than those detailed above) that is outside of the EU for processing of Personal Data.
HOW TO CONTACT US
Please contact Infinity Vision Ltd t/a McKeogh Gallagher Ryan in writing at either our postal or email address
McKeogh Gallagher Ryan, 45 O’Connell Street, Limerick
UPDATES OR QUESTIONS
It would also be reviewed each time we add functionality to our website.
This privacy notice was last updated on 3 September 2020.