At Paul Foley Law we are committed to ensuring that your privacy is protected. This privacy notice together with our cookies policy, and our general terms and conditions where provided to you sets out the basis on which any personal data we collect from and about you, or that you provide to us, will be processed by us.
Please read this privacy notice, our cookies policy and any other document we provide to you, such as our general terms and conditions carefully so you understand our views and practices regarding your personal data and how we will treat it.
This notice is being provided to you in line with our obligations from 19 July 2019 under the General Data Protection Regulation (GDPR).
1. Who we are
We are Paul Foley Law of 22 Northumberland Road, Ballsbridge, Dublin 4 and we are your data controller. You can contact us at this address by post or by email. For queries in relation to your personal data, you can contact us at these contact details or by email to firstname.lastname@example.org.
2. Personal data we collect and process
We will collect and process the following data about you:
2.1 Information you give us
This is information about you that you give us by corresponding with us by phone, e-mail or otherwise. It includes the information you supply us with when you seek employment with us or you engage us to provide legal services or when you wish to be provided with relevant information to you and your business or legal updates. The information you give us may include, but is not limited to, your name, address, e-mail address, phone number, financial and credit card information, bills, photograph, passport, driving licence or other identification documents, medical records, etc.
2.2 Information we collect about you
Depending on the circumstances, we might also obtain personal data about you from other sources such as public registers, government and regulatory authorities, business partners, financial and insurance advisors, service providers, etc.
You are not obliged to provide us with your personal information. However, if you do not, we might not be able to carry out the services you have requested of us.
For persons who view and interact with our Site, we process your personal data (i) to respond to your query when sent through our ‘contact us’ form and or (ii) to sign up to a newsletter or information when you ask to do so, through our Site should we in the future introduce that facility in our Site.
3. Why we process personal data
We process personal data to comply with legal obligations to which we are subject, to perform the services you have requested of us or to take steps at your request prior to undertaking to provide services for you and because we have a legitimate interest in the administration and operation of our legal services as well as our legitimate interest in marketing and promoting our firm’s legal services. Should we ever issue any unsolicited communications, we will include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
Additionally, for our potential clients, we process personal data in order to market the services of our firm, to provide quotations for fees and or to provide you with legal updates and newsletters to which you have subscribed
The legal basis for the processing of this personal data is for the purpose of the legitimate interests of our firm in promoting our services. Should we issue such communications, we shall include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
For job applicants to the firm, we process your personal data to recruit new employees and to ascertain your suitability for a specific role
The legal basis for this processing is for the purpose of the legitimate interests of our firm in recruiting new staff. Please see the privacy notice in the any job advertisement we might post for further information about how we process applicant data.
We may share the information you provide in your application with our contracted recruiter i to make a shortlist of candidates. This recruiter will not be permitted to use this personal data other than on our behalf. We may also send you emails about your application through our email service provider.
4. How we use your personal data
We gather and use your personal data to:
4.1 allow us to provide you with the legal services you request from us
4.2 comply with legal obligations we might be subject to (such as anti-money laundering, sanctions or financial sanctions)
4.3 provide you with information about other services we offer that are similar to those you have already requested of us or enquired about
4.4 to notify you of any changes to our services
4.5 to monitor and improve the quality of our services
4.6 to allow you to participate in events organised by us or our partners
5. Who we share data with
We may share your personal data with agents, contractors (including any client relationship management system provider we may appoint) or partners of McKeever Solicitors in connection with services that these individuals or entities perform for or with McKeever Solicitors. These include but are not limited to providers of archiving services, barristers, overseas counsel, third party experts, accountants, financial and tax advisors or external auditors.
We may in the future share information such as your name and email address with a newsletter services provider who may send out newsletters on our behalf. Any such provider is not permitted to use this data other than on our behalf.
We may disclose your personal data if we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
We may disclose or share your data to comply with any legal obligation or to enforce or apply our general terms and conditions.
6. Personal data retention
It is our aim to only hold your personal data for as long as this is necessary. Unless otherwise required under applicable law, we store your personal data for as long as we provide services to you and for a period of no less than six years beginning on the date we archive your file.
7. Data security
We take our personal data security responsibilities seriously, employing the most appropriate physical and technical measures, including staff training and awareness. We review our personal data security measures and procedures regularly.
Unfortunately, the transmission of information by means of the internet, including through e-mail, is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to or from us by means of e-mail and any such transmission is at your own risk.
We may contact you by mail, email and telephone about our services and other events involving or relating to Paul Foley Law which may be of interest to you. You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, please send us an email to email@example.com with a header that says “Unsubscribe”.
9. Where we store your information
We might store your information in different places. Physical files are stored in our office and our archives. Electronic files are stored on our secure servers. You may contact us via e-mail, letter or telephone in case you wish to find out more or to obtain a copy of the appropriate safeguards.
10. Transfers of data outside the European Economic Area
If we transfer your personal data out of the EEA, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
10.1 We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
10.2 Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
10.3 Where we may use service providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
11. Your rights relating to personal data
11.1 You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:
11.1.1 right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
11.1.2 right to rectification- you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
11.1.3 right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
11.1.4 right to restriction of processing or to object to processing – you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
11.1.5 Right to data portability – you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine readable format.
11.2 In order to exercise any of the rights set out above, please contact us at the contact details at the start of this privacy notice.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.
11.3 If you are unhappy with how we process personal data, we ask you to contact us so that we can rectify the situation. You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commissioner.
12. Requirement to process personal data
You may browse our Site without providing us with any personal data and this will not affect your ability to view our Site.
If you do not provide us with your information for the purposes described above, we cannot send you our newsletter, respond to your queries sent through our ‘contact us’ form, liaise with you on client matters, progress a matter for you or assess your suitability for a role within our firm.
13. Automated decision-making and profiling
We do not use any personal data for automated decision-making or profiling.
14. Changes to this privacy notice
We may update this privacy notice from time to time and will publish such updated version on our Site, as appropriate.