4. What Kind Of Data Does CLS Chartered Secretaries Collect?
You may give us your personal data in many ways. CLS Chartered Secretaries may process the following categories of data:
1.1 Your privacy is very important to us. To better protect your privacy we provide this statement explaining our online and company practices and the choices you can make about the way your information is collected and used. To make this statement easy to find, we make it available on our homepage of our website and at every point where personally identifiable information may be requested.
1.2 This privacy statement sets out how we will protect your data, in line with current Irish and EU legislation, (General Data Protection Regulation) through appropriate organisation and technical security measures/processes. It also describes your rights in relation to that data.
1.3 When we collect data from you we will ensure it is adequate for the purpose and never excessive, we will only ask for the minimum amount of personal data which we require to achieve our purpose(s) You may be contacted by e-mail with details of future events, courses organised or promoted by CLS Chartered Secretaries or with information that may be of interest to you, for example any updates to the range of services available to you. You may opt out of this type of communication at any time, by following the directions included in those communications. Or you can always contact CLS Chartered Secretaries by phone (059-91-86776) or email DataProtection@CLSCS.ie.
1.4 Should you access our services, we will seek additional explicit consent to this statement, usually by means of written communications such as a letter of engagement & our Terms of Business where the scope and price of the service will be mutually agreed and the purposes for which we collect and process your data will be clearly set out in writing for you.
1.5 CLS Chartered Secretaries reserves the right to make changes to this statement, as necessary. When we do so we’ll make previous versions available, on request, so you can see what these changes are. If any such changes alter key aspects of the statement or its meaning, we will notify you of those changes in advance. We encourage you to occasionally review this page for information on our latest practices.
2.1 “Agent”– Relevant Third Party: 1. A Credit Institution, 2. A financial institution, 3. An external accountant or auditor and who is a member of a designated accountancy body,4. a tax advisor and who is also a solicitor or a member of a designated accountancy body or of the Irish Tax Institute,5.a relevant independent legal professional, 6.a trust or company service provider and who is also a member of a designated accountancy body, a solicitor authorised to carry on business by the Central Bank of Ireland
2.2 “Direct Client” – Client who does not fit any of the definitions of an agent.
2.3 “GDPR” – General Data Protection Regulation
3.1 We need to know some basic personal data to provide you with our services, and to claim our right to be paid in return for our services, under our standard terms of engagement/business we have with you. If you choose to register online or fill out an order form for example, we ask you to provide limited personal information, such as your name, telephone number and/or email address, company name and address, we also collect information that will allow you to establish a username and password (in order to allow you to download the purchased templates/documents). For More information on types of data we collect, see point 4 below.
3.2 If you do not provide this information, then we will be unable to provide the services you have requested. We will not collect any personal data from you that we do not need to provide and oversee the services that we have agreed to provide. If we have difficulty processing an order, we will use this information to contact you.
5.1 It is your responsibility to ensure that all personal data you provide us with is complete, accurate and up-to-date in all respects and not misleading. Our ability to provide our advise and services, and the quality thereof, may be negatively affected if you fail to do so
nd assistance. For more information on this see point 4.1.3
6.1 If you provide information to us about any person other than yourself, (for example if you are an agent acting on behalf of a client or if you provide us information about any person believed to be relevant to the advice and assistance we provide you) you should ensure that you have a legal basis to do so and that you have complied with your transparency obligations under data protection law. You must ensure we may process that personal data in accordance with this Privacy Statement without having to take further steps. It is your responsibility to make sure that the person concerned is aware of the content of this Privacy Statement. You should also try to limit the personal information you give us to what you think is necessary for us to provide you with advise a
7.1 To provide the website service to you, we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the website (the User Jurisdiction) and process User Data outside the User Jurisdiction. If the User Jurisdiction is within the European Economic Area (the EEA) please note that such transfers and processing of personal data may be in locations outside the EEA. Any data sent or uploaded by users may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA.
7.2 User Data may be controlled and processed from time to time, outside the EEA. By continuing to use the website and by providing any personal data (including sensitive personal data) to us via the website or email addresses provided on the website, visitors are consenting to such transfers, provided that they are in accordance with the purposes set out above and elsewhere in this Privacy Notice. Please do not send us any personal data if you do not consent to the transfer of this information to locations outside the User Jurisdiction (including, if applicable, outside the EEA).
7.3 There are several places throughout the CLS website that may link to other Websites that do not operate under CLS Chartered Secretaries privacy practices. When visitors link to other Websites, CLS Chartered Secretaries privacy practices no longer apply. We encourage visitors to review each site’s privacy notice before disclosing any personally identifiable information.
7.4 We use MailChimp (see point 4.6) to send our marketing emails. At this time all of MailChimp’s servers are within the United States. In order to comply with regulation they adhere to the Swiss-U.S. Privacy Shield Framework which allows them to operate without data storage capabilities within the EU.
Click here for more information about MailChimp, the EU/Swiss Privacy Shield, and the GDPR.
8.1 While doing business with you, CLS Chartered Secretaries may share information with carefully selected organisations we engage with to provide certain services. These include:
8.1.1 Data storage services, email providers, various software providers such as accounts software, client management software, cloud storage, document and data management, credit card processing apps, IT providers,
8.1.2 Other third parties from time to time if necessary such as Solicitors, CRO, Company Seal Companies
8.1.3 Shredding Company – CLS use a company to safely and securely ensure all printed data is destroyed
8.1.4 Courier Company – for delivery of various documents, who may contact you if necessary
8.1.5 Financial organisations such as banks and building societies.
8.2 Please note that outside of the EU member states, privacy laws may not be equivalent to those provided by the GDPR. See point 7 for more information on this.
9.1 We exercise great care to protect your personal information both online and offline. This includes, among other things, using industry standard techniques such as firewalls, encryption, and intrusion detection. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or receive from us. This is especially true for information you transmit to us via email since we have no way of protecting that information until it reaches us since email does not have the security features that are built into our websites.
9.2 In addition, we limit CLS Chartered Secretaries employees and contractors’ access to personal information. Only those employees and contractors with a business reason to know have access to this information. We educate our employees about the importance of maintaining confidentiality of customer information.
9.3 We review our security arrangements from time to time as we deem appropriate and carry out regular reviews of all security measures and policies.
10.1 To ensure we can perform our services, we will retain basic data provided to us normally for a minimum of 6 years. In order to comply with Revenue Commissioners, AML requirements and the GDPR CLS Chartered Secretaries are required to retain all books, records and documents relevant to the business for this period. It is in the legitimate interests of CLS Chartered Secretaries to be able to do so and to ensure that we can provide support to you for the minimum period allowed under Irish law and regulation. For this reason, we will retain these records only for the period allowed under Irish and EU law and regulation. Should you object or request to engage your right to be forgotten. we will delete your data as requested unless CLS are required to retain the data for compliance with a legal obligation which requires processing by Union or Member State law to which CLS Chartered Secretaries is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in CLS Chartered Secretaries (Article 17 of the GDPR)
11.1 We do not normally collect information from children. In accordance with data protection legislation, if and when we collect information from children, we will process that information in an age appropriate manner.
11.2 If a child is under 16 years of age, we will seek consent from a parent or guardian.
12.1 Current legislation provides the following rights for individuals in relation to their personal data:
The right to access the personal data we hold on you;
The right to correct and update the personal data we hold on you;
The right to have your personal data erased;
The right to object to processing of your personal data;
The right to data portability;
The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought;
The right to object to the processing of personal data where applicable;
The right to lodge a complaint with the Irish Data Protection Commissioner’s Office.
12.2 For more information on this click here
13.1 You can access all your personal data that we collect and maintain by requesting it via email to email@example.com We use this procedure to better safeguard your information. You can correct factual errors in your personal data if required by sending us a request that credibly shows error. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections. The request will be dealt within one month unless the request is particularly complex, or where many requests have been received at the same time in which case this time frame will be lengthened by a further 2 months.
13.2 You have the right to withdraw consent where given at any time and the right to be forgotten, unless CLS Chartered Secretaries are required to retain the data for compliance with a legal obligation which requires processing by Union or Member State law to which CLS Chartered Secretaries is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in CLS Chartered Secretaries (Article 17 of the GDPR)
14.1 Further information on your data privacy rights is available on the website of the Irish data protection commissioner here.
14.2 If you are unhappy about our use of your information, you can contact us at the address or email address found at the end of this statement. You are also entitled to lodge a complaint with the Irish Data Protection Commissioners Office using any of the below contact methods
15.2 If you have any questions regarding this statement or you wish to discuss your data, you can contact CLS Chartered Secretaries Data Protection Representative Conor Sweeney at:
or by writing to:
CLS Chartered Secretaries