4. What Kind Of Data Does CLS Chartered Secretaries Collect?
You may give us your personal data in many ways. CLS Chartered Secretaries may process the following categories of data:
Privacy Statement
1. Our Commitment To Privacy
1.1 Your privacy is very important to us. To better protect your privacy we provide this statement explaining our online and company practices and the choices you can make about the way your information is collected and used. To make this statement easy to find, we make it available on our homepage of our website and at every point where personally identifiable information may be requested.
1.2 This privacy statement sets out how we will protect your data, in line with current Irish and EU legislation, (General Data Protection Regulation) through appropriate organisation and technical security measures/processes. It also describes your rights in relation to that data.
1.3 When we collect data from you we will ensure it is adequate for the purpose and never excessive, we will only ask for the minimum amount of personal data which we require to achieve our purpose(s) You may be contacted by e-mail with details of future events, courses organised or promoted by CLS Chartered Secretaries or with information that may be of interest to you, for example any updates to the range of services available to you. You may opt out of this type of communication at any time, by following the directions included in those communications. Or you can always contact CLS Chartered Secretaries by phone (059-91-86776) or email DataProtection@CLSCS.ie.
1.4 Should you access our services, we will seek additional explicit consent to this statement, usually by means of written communications such as a letter of engagement & our Terms of Business where the scope and price of the service will be mutually agreed and the purposes for which we collect and process your data will be clearly set out in writing for you.
1.5 CLS Chartered Secretaries reserves the right to make changes to this statement, as necessary. When we do so we’ll make previous versions available, on request, so you can see what these changes are. If any such changes alter key aspects of the statement or its meaning, we will notify you of those changes in advance. We encourage you to occasionally review this page for information on our latest practices.
1.6 A full list of your rights under GDPR is shown below – see Point 12.
2. Definitions
2.1 “Agent”– Relevant Third Party: 1. A Credit Institution, 2. A financial institution, 3. An external accountant or auditor and who is a member of a designated accountancy body,4. a tax advisor and who is also a solicitor or a member of a designated accountancy body or of the Irish Tax Institute,5.a relevant independent legal professional, 6.a trust or company service provider and who is also a member of a designated accountancy body, a solicitor authorised to carry on business by the Central Bank of Ireland
2.2 “Direct Client” – Client who does not fit any of the definitions of an agent.
2.3 “GDPR” – General Data Protection Regulation
3. Information We Collect About You
3.1 We need to know some basic personal data to provide you with our services, and to claim our right to be paid in return for our services, under our standard terms of engagement/business we have with you. If you choose to register online or fill out an order form for example, we ask you to provide limited personal information, such as your name, telephone number and/or email address, company name and address, we also collect information that will allow you to establish a username and password (in order to allow you to download the purchased templates/documents). For More information on types of data we collect, see point 4 below.
3.2 If you do not provide this information, then we will be unable to provide the services you have requested. We will not collect any personal data from you that we do not need to provide and oversee the services that we have agreed to provide. If we have difficulty processing an order, we will use this information to contact you.
4.1.1 If you are a direct client of CLS Chartered Secretaries, we will collect and use information relating to you or if you are an agent / relevant third party we will process your clients’ data. (Please see Point 6) While much of this information will relate specifically to the type(s) of services we provide to you, we will also use information as part of our administrative, financial and operational processes. This information may include your contact details, PPS Number, Company details –all information required for the service in question which may include financial, ARD, shareholders and directors details, supporting documents for district court applications – which may include doctors notes or other supporting evidence for the case, payment and related/company in question, information, marketing profiles, including what events and communication we think you might be interested in, and client relationship management and feedback information, in addition to the information you give us so we can provide our company secretarial/formation services to you. We will occasionally use your information to help provide us with insights as to future services you or others may require. In order to provide you with the service we will also collect and process AML information (see point 4.2).
4.1.2 In carrying out this processing we rely on the following legal basis: (b). The processing is necessary: in relation to a contract which the individual has entered into; or because the individual has asked for something to be done so they can enter into a contract (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party,
4.1.3 If you are not a client of CLS Chartered Secretaries, we may also collect, use and otherwise process your information in the course of providing company secretarial advise and assistance to our clients where your information is considered by us or our clients to be relevant to the advice and assistance we provide to our clients. The precise information in this regard will depend on what advice and assistance we are giving. For instance, if we are advising on a company formation or company secretarial matter that involves you, the information will include any information about you that is relevant to that job. Also see point 6.1
4.1.4 In carrying out this processing we rely on the following legal basis: (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
4.2.1 We may collect and use your information in the context of compliance with Anti-Money Laundering (AML) laws and our regulatory obligations. This includes your I.D. and proof-of-address information. Shareholders with more than 25% interest in a company, who live outside of Ireland, are required to complete a Politically Exposed Persons (PEP) Questionnaire. If you are a “relevant third party” as defined in the Act, then we may as a designated person rely on the due diligence measures already taken by that third party. We will agree these terms in writing under a separate agreement.
4.2.2 Please note if you fail to provide CLS with requested documents such as identification and proof-of-address for AML or any other information which we require for legal purposes we will be unable to carry out the services in question to you
4.2.4. Disclosures required by law: The law can require the disclosure of information for various reasons, in such circumstances CLS Chartered Secretaries must comply with those requests.
4.2.5 In carrying out this processing we rely on the following legal basis: (c) processing is necessary for compliance with a legal obligation to which the controller is subject;
4.3.1 CLS Chartered Secretaries use the services of Google Analytics, and may use other similar services, to collect and analyze statistical data about visitors to our website. Any domain name information that we collect is not used to personally identify you but is instead aggregated to measure the number of visits, average time spent on the Website and the web pages viewed. We use this information to measure Website use and to improve its contents. We process the following information:
- The name of the domain and host from which you access the internet;
- The internet protocol (IP) address of the computer which you are using
- The browser software you are using; the operating system you are using; and
- The date and time at which you are using the website
4.3.2 CLS Chartered Secretaries will also collect and process information about your interaction with our website using cookies. For more information on Cookies please see our Cookie policy
4.3.3 This statement applies to all information collected or submitted on the CLS Website You may use the website to purchase a template or document, if so we collect information that will allow you to establish a username and password (in order to allow you to download the purchased templates/documents) You may also register through the website to receive our regular newsletter or marketing email or when making enquiries about our services. See point 4.6 for more info on this. If you use the website to fill out one of our order forms we will ask for all information necessary to carry out the service, for more information on this see point 4.1
4.3.4 We use the secure website Stripe for all of our online purchase transactions. We do not collect, store or have access to any of your payment details directly. You can read Stripes Privacy Statement Here
4.3.5 We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
4.3.6 We use non-identifying and aggregate information to better design our website. We may tell our developers that X number of individuals visited a certain area on our website, or that Y number of men and Z number of women filled out our registration form, but we would not disclose anything that could be used to identify those individuals.
4.3.7 We never use or share the personal data provided to us online in ways unrelated to the ones described above without also providing you an opportunity to opt-out or otherwise prohibit such unrelated uses.
4.3.8 Links to Other Sites – We want to provide you with valuable information and services. Featured articles and other site content within the CLS Chartered Secretaries website may link our users to third party websites. CLS Chartered Secretaries do not control and is not responsible for practices of any third-party websites.
4.3.9 Social media features and widgets found on the CLS Website are either hosted by a third party or hosted directly on our site. Your interactions with these features are governed by the privacy policy of the company providing that service. Depending on your own settings or the policies of social media and messaging services such as, LinkedIn or Twitter, you may be providing CLS Chartered Secretaries and other organisations, access to certain information. You should check with those services to ensure you are happy with that information being shared.
4.3.10 In carrying out this processing we rely on the following legal Basis: (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party or (a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; or (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
4.4.1 Should you organise an event and engage one of our staff to speak at the event, or organise the event in conjunction with CLS, we will process details needed to organise such as event/training seminar details, location, time, date, billing information, company/client name (running the seminar/training), client email address, correspondence involved.
4.4.2 If you attend the seminar/training or event, we will ask you if you wish to sign up to our newsletter and present you with a consent form – asking for your name, your company name and your email address. If you sign up we will email you updates about future events or services & other company secretarial or company law information we think you may be interested in.
4.4.3 If you attend an event, we may capture your image in photographs and videos. If you object to this, please contact us at DataProtection@CLSCS.ie or inform one of our staff at the event (for instance you can tell the photographer at the time they are taking the photo.
4.4.4 For this kind of processing we rely on the legal basis: (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party or (a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes; or (b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
4.5.1 If you are a current or former client or have agreed that we may stay in touch with you in relation to updates and events, we will include your information in our database. We do so to keep in touch with you such as to send you communications, surveys and marketing about our events and services; to identify what other events or services we think you may be interested in; and understand how you use our services. If you sign up to our newsletter (see point 4.6) your information will be entered into a database and will be used to compile an electronic list. The information may be used for marketing purposes;
4.5.2 We also keep business contact information including information about meetings and communications between our staff and you in the past for business intelligence purposes. We may receive your business contact information directly from you, as a client or from a relevant third party/Agent or from other third parties such as your website or professional network profile.
4.5.3 We also may produce internal documents such as management reporting and business planning, analysing our interaction with clients, to monitor our own activities. In carrying out this processing we rely on the following legal basis:
4.5.4 (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
4.6.1 We will only send e-mail electronic communications. We will record your mailing preferences. We will use this information to keep the quantity of communications appropriate and to make sure any communications are as relevant as possible.
4.6.2 If you choose to sign up to our newsletter (Email Updates) your information will be entered into a database and will be used to compile an electronic list. You will be asked for your name, company name and email address. We use our newsletter to update clients and people who have opted in to updates of CLS, services and information we think will be useful to them. People sign up electronically to this, double verification is needed to sign up and you need to tick a box accepting email as the method of communication.(unless you’re already a client of CLS Chartered Secretaries in which case you’re made aware we will send you these updates and you may always opt out easily if you want – you will find links at the end of communications we send you and you can always Contact Us directly)
4.6.3 In carrying out this processing we rely on the following legal basis: (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party or (a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
4.6.4 We use MailChimp to send our marketing emails. At this time all of MailChimp’s servers are within the United States. In order to comply with regulation they adhere capabilities within the EU.to the Swiss-U.S. Privacy Shield Framework which allows them to operate without data storage. Click here for more information About MailChimp, the EU/Swiss Privacy Shield, and the GDPR
4.7.1 In order to provide our Company Secretarial services we use the Companies Registration Office’s Website (including CORE) and Company Search/Information Websites to access and process data pertaining to the service in question, such as Company History, Filings, CRO Company Report/Printout, Company Cert of incorporation, Company Constitution, Accounts and Forms which are listed on the CRO Website.
4.7.2 In carrying out this processing we rely on the following legal basis: (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party or (a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
4.8.1 CLS Chartered Secretaries always strives for the highest level of accuracy in the data we hold. This includes contacting you directly to check the data we hold is accurate. This minimises the possibility of sending information to you at an incorrect e-mail address.
4.8.2 In carrying out this processing we rely on the following legal basis: (f) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party
5. Personal Data Which You Provide To Us
5.1 It is your responsibility to ensure that all personal data you provide us with is complete, accurate and up-to-date in all respects and not misleading. Our ability to provide our advise and services, and the quality thereof, may be negatively affected if you fail to do so
nd assistance. For more information on this see point 4.1.3
6. Information You Give Us About Other People
6.1 If you provide information to us about any person other than yourself, (for example if you are an agent acting on behalf of a client or if you provide us information about any person believed to be relevant to the advice and assistance we provide you) you should ensure that you have a legal basis to do so and that you have complied with your transparency obligations under data protection law. You must ensure we may process that personal data in accordance with this Privacy Statement without having to take further steps. It is your responsibility to make sure that the person concerned is aware of the content of this Privacy Statement. You should also try to limit the personal information you give us to what you think is necessary for us to provide you with advise a
7. When Do CLS Transfer User Data Outside The User Jurisdiction?
7.1 To provide the website service to you, we may need to transfer User Data to locations outside the jurisdiction in which a visitor is viewing the website (the User Jurisdiction) and process User Data outside the User Jurisdiction. If the User Jurisdiction is within the European Economic Area (the EEA) please note that such transfers and processing of personal data may be in locations outside the EEA. Any data sent or uploaded by users may be accessible in jurisdictions outside the User Jurisdiction (including outside the EEA). The level of data protection offered in such jurisdictions may be less than that offered within the User Jurisdiction or (as the case may be) within the EEA.
7.2 User Data may be controlled and processed from time to time, outside the EEA. By continuing to use the website and by providing any personal data (including sensitive personal data) to us via the website or email addresses provided on the website, visitors are consenting to such transfers, provided that they are in accordance with the purposes set out above and elsewhere in this Privacy Notice. Please do not send us any personal data if you do not consent to the transfer of this information to locations outside the User Jurisdiction (including, if applicable, outside the EEA).
7.3 There are several places throughout the CLS website that may link to other Websites that do not operate under CLS Chartered Secretaries privacy practices. When visitors link to other Websites, CLS Chartered Secretaries privacy practices no longer apply. We encourage visitors to review each site’s privacy notice before disclosing any personally identifiable information.
7.4 We use MailChimp (see point 4.6) to send our marketing emails. At this time all of MailChimp’s servers are within the United States. In order to comply with regulation they adhere to the Swiss-U.S. Privacy Shield Framework which allows them to operate without data storage capabilities within the EU.
Click here for more information about MailChimp, the EU/Swiss Privacy Shield, and the GDPR.
8. Does CLS Chartered Secretaries Ever Share My Data?
8.1 While doing business with you, CLS Chartered Secretaries may share information with carefully selected organisations we engage with to provide certain services. These include:
8.1.1 Data storage services, email providers, various software providers such as accounts software, client management software, cloud storage, document and data management, credit card processing apps, IT providers,
8.1.2 Other third parties from time to time if necessary such as Solicitors, CRO, Company Seal Companies
8.1.3 Shredding Company – CLS use a company to safely and securely ensure all printed data is destroyed
8.1.4 Courier Company – for delivery of various documents, who may contact you if necessary
8.1.5 Financial organisations such as banks and building societies.
8.2 Please note that outside of the EU member states, privacy laws may not be equivalent to those provided by the GDPR. See point 7 for more information on this.
9. How Does CLS Chartered Secretaries Protect My Data?
9.1 We exercise great care to protect your personal information both online and offline. This includes, among other things, using industry standard techniques such as firewalls, encryption, and intrusion detection. As a result, while we strive to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us or receive from us. This is especially true for information you transmit to us via email since we have no way of protecting that information until it reaches us since email does not have the security features that are built into our websites.
9.2 In addition, we limit CLS Chartered Secretaries employees and contractors’ access to personal information. Only those employees and contractors with a business reason to know have access to this information. We educate our employees about the importance of maintaining confidentiality of customer information.
9.3 We review our security arrangements from time to time as we deem appropriate and carry out regular reviews of all security measures and policies.
10. For How Long Does CLS Chartered Secretaries Keep my Personal Data?
10.1 To ensure we can perform our services, we will retain basic data provided to us normally for a minimum of 6 years. In order to comply with Revenue Commissioners, AML requirements and the GDPR CLS Chartered Secretaries are required to retain all books, records and documents relevant to the business for this period. It is in the legitimate interests of CLS Chartered Secretaries to be able to do so and to ensure that we can provide support to you for the minimum period allowed under Irish law and regulation. For this reason, we will retain these records only for the period allowed under Irish and EU law and regulation. Should you object or request to engage your right to be forgotten. we will delete your data as requested unless CLS are required to retain the data for compliance with a legal obligation which requires processing by Union or Member State law to which CLS Chartered Secretaries is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in CLS Chartered Secretaries (Article 17 of the GDPR)
11. Children
11.1 We do not normally collect information from children. In accordance with data protection legislation, if and when we collect information from children, we will process that information in an age appropriate manner.
11.2 If a child is under 16 years of age, we will seek consent from a parent or guardian.
12. What are My Rights?
12.1 Current legislation provides the following rights for individuals in relation to their personal data:
The right to access the personal data we hold on you;
The right to correct and update the personal data we hold on you;
The right to have your personal data erased;
The right to object to processing of your personal data;
The right to data portability;
The right to withdraw your consent to the processing at any time for any processing of personal data to which consent was sought;
The right to object to the processing of personal data where applicable;
The right to lodge a complaint with the Irish Data Protection Commissioner’s Office.
12.2 For more information on this click here
13. How Can I Access or Correct My Information?
13.1 You can access all your personal data that we collect and maintain by requesting it via email to dataprotection@clscs.ie We use this procedure to better safeguard your information. You can correct factual errors in your personal data if required by sending us a request that credibly shows error. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections. The request will be dealt within one month unless the request is particularly complex, or where many requests have been received at the same time in which case this time frame will be lengthened by a further 2 months.
13.2 You have the right to withdraw consent where given at any time and the right to be forgotten, unless CLS Chartered Secretaries are required to retain the data for compliance with a legal obligation which requires processing by Union or Member State law to which CLS Chartered Secretaries is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in CLS Chartered Secretaries (Article 17 of the GDPR)
14. Irish Data Protection Commissioner
14.1 Further information on your data privacy rights is available on the website of the Irish data protection commissioner here.
14.2 If you are unhappy about our use of your information, you can contact us at the address or email address found at the end of this statement. You are also entitled to lodge a complaint with the Irish Data Protection Commissioners Office using any of the below contact methods
Telephone: +353 (0761) 104 800
Email: info@dataprotection.ie
Post: Office of the Data Protection Commissioner
Canal House
Station Rd
Portarlington
Co. Laois
R32 AP23
15. Contact CLS Chartered Secretaries
15.1 If you feel that we are not abiding by this privacy policy in any way, you should contact us immediately using the contact details provided below.
15.2 If you have any questions regarding this statement or you wish to discuss your data, you can contact CLS Chartered Secretaries Data Protection Representative Conor Sweeney at:
or by writing to:
Conor Sweeney
CLS Chartered Secretaries
Enterprise House,
O’Brien Road,
Carlow,
R93,YOY3