InCtrl Finances Limited (“INCTRL”) are data controllers and processors and the firm and its staff are committed to protecting your rights to privacy and confidentiality. We will ensure that your personal data is processed fairly and lawfully, and that appropriate security measures are in place to protect the integrity and security of the data we hold. The objective of this section of our website is to provide you with information so that you understand how personal data concerning you is collected, processed and retained by us and how you can exercise your rights in relation to your data.
Why do you gather personal data?
The principal activities of INCTRL are the provision a range of professional services to its clients with a particular focus on small and medium enterprises. We require personal data to facilitate the provision and promotion of these services.
What personal data do you collect?
The type and level of personal data collected by us depends on the relationship we have with you. In all cases the information collected will be adequate, relevant and limited to what is necessary in relation to the purposes for which it will be processed. The personal data we require is predominantly obtained directly from you, however, it may also be obtained from publicly available sources or from relevant third parties such as your solicitor, financial institutions or employers. You should also be aware that telephone conversations on landlines may be recorded for verification purposes.
What will you use my personal data for?
The personal data we hold will be used for the following purposes:
1. to meet legal and regulatory obligations
2. to develop and deliver efficient services to you
3. to assess your requirements and provide relevant services and opportunities
4. to keep you informed of our services
5. for other related or compatible purposes
Who will it be disclosed to?
We do not disclose your information to anyone outside of INCTRL except where this is necessary to fulfil the above purposes or where we have your permission to do so. There may be circumstances where we are required or obliged to share your information with government entities or regulatory bodies in order that those entities may discharge their responsibilities and obligations or exercise their powers or functions. There are measures in place to ensure that your information is only shared between other entities and INCTRL where there is a lawful basis for us to do so and it is required for the purpose of providing relevant services to you.
Will my personal data be transferred outside the EU?
We may transfer your information to other countries inside and outside the EU. The transfer of information outside the EU will only occur where it is necessary for the provision of our services and we can reasonably ascertain that anyone to whom we pass it provides an adequate level of protection that is ensured within the EU. For example, if we transfer personal data to the United States, we will ensure that appropriate measures required by EU law are in place to govern the transfers.
How long will my personal data be retained for?
We will hold your information for the duration of your relationship with us and thereafter for the minimum periods set down by the various legislative requirements to which we are subject. Thereafter we will retain your data as documented in our Retention Policy. In most cases, this will mean a minimum period of retention of at least six years after the expiry of our relationship, unless we are required to retain it for a longer period to meet legal, regulatory or evidential requirements. On expiry of the relevant minimum period, and once it has been verified that there is no longer a known and lawful purpose for continued retention of your data, it will be scheduled for destruction. We may retain your contact details for the purposes of keeping you informed of our products and services where we have your consent to do so.
What rights as a data subject do I have?
The General Data Protection Regulation sets out the rights for individuals which include the rights to:
1. access your personal data that we retain and process
2. have inaccuracies corrected
3. have your personal data erased
4. object to processing of your personal data
5. data portability
6. withdraw your consent (e.g. to marketing contact)
7. lodge a complaint with the Data Protection Commission
These rights are not an absolute and do not apply where they would adversely affect the rights and freedom of others or where the controller is required to comply with a legal obligation which requires processing. For example, due to the nature of our business, most of the information we hold is subject to other legal requirements so the right of erasure may not always apply. We do not make automated decisions which produce legal effects.
How do I complain or submit requests?
Complaints and requests to exercise the above rights can be made directly to INCTRL by submitting your request to firstname.lastname@example.org. When doing so, please provide us with relevant information to allow us to deal with your complaint or request. We will acknowledge your request within five working days.
If you think that we are not meeting our data protection obligations, and if you are not satisfied with our response to your concerns, then you may complain directly to the office of the Data Protection Commission who will look into the matter for you. Full details of their complaints process is available on their website.
How do I object to the processing of my personal data for marketing?
As a valued client of INCTRL we may like to send you notifications of upcoming events and news that we feel are relevant to you and may be of interest. We will respect your contact preferences so if you do not want to receive any such notifications from us you can do so by emailing email@example.com or telephoning us on (+353) 87 210 9434.
How secure is my data?
INCTRL takes its data security responsibilities seriously and employs appropriate physical and technical measures. INCTRL has suitable resources in place and reviews its IT security measures periodically including employing third parties to carry out reviews as may be required. In the event of a personal data breach, we will comply with our reporting obligations under applicable law.
What personal data is collected via your website?
The INCTRL website does not collect personal information from you and you can visit our website without telling us who you are or revealing any information about yourself. We only measure and analyse non-identifying, aggregate usage data in order to administer the site, and to constantly improve the quality of our service and site performance. INCTRL may collect data from you on its website in the future but will only do so where you have chosen to give it to us in which case we will process it to address the issues you have raised.
Cookies are small text files placed on your computer and are commonly used on the internet. INCTRL does not use “temporary cookies” which are necessary for the operation of our website.
Where do I get further information?
If you have any questions in relation to this Privacy Statement or would like more information on the policies referenced herein please contact us on (+353) 87 210 9434 or email firstname.lastname@example.org.
INCTRL reserves the right to amend our Privacy Statement at any time. The up-to-date statement will be on our website at all times.
InCtrl Finances Limited, 9 Chestnut Grove, Ballinteer, Dublin 16.
The content of this website is for information purposes only, is intended solely for persons who are permitted to receive such information under applicable laws and may not be reproduced, photocopied or disseminated to any other person without the express prior written consent of InCtrl Finances Limited.