Data Protection Statement

This Data Protection Statement is effective as and from 01 October 2021

This statement describes how we process your personal information. Please take the time to read it carefully.  You have a number of rights in relation to your information including the right to object to processing of your personal information where that processing is carried out for our legitimate interests.

In this statement we use the terms “we” and “our” to refer to Branigan Cosgrove Finnegan Solicitors LLP.

1. Who we are and how to contact us.

Branigan Cosgrove Finnegan Solicitors LLP is a law firm and is regulated by the Law Society of Ireland and the Legal Services Regulatory Authority. We are the controller responsible for your personal data.

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this data protection statement and our approach to privacy.  If you have any questions about this data protection statement, including any request to exercise your legal rights, please contact the DPO using the details set out below:

Data Protection Officer
Branigan Cosgrove Finnegan Solicitors LLP
31 Pembroke Road,
Dublin 4

2. The purpose and legal basis for processing your information.

We collect your information for a number of purposes and rely on a number of different legal bases to use your personal information.

a)  To enter into and perform a contract with you

When we are engaged to carry out legal services it is necessary to collect personal information from you in order to seek and receive your instructions in relation to those legal services and to carry out those legal services.

b)  To comply with our legal obligations

We are required to process your personal information to comply with certain legal obligations to which we are subject, including:
Providing information to An Garda Siochana, the Revenue Commissioners and other enforcement agencies under various pieces of legislation which apply to us.

To verify your personal information provided to us and to meet our legal and compliance obligations, including detecting and preventing money laundering, tax avoidance and financing of terrorism.

c)  For our legitimate business interests

Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms.

We may use your personal information to manage our everyday business needs including accounting, internal reporting needs, market research, to progress and respond to legal claims, to ensure appropriate IT security and to prevent fraud, in our legitimate interest.  Our legitimate interest is the effective management of our business.

We may use your personal information to update you on legal developments, firm developments or to invite you to events that we feel may interest you in our legitimate interest.  Our legitimate interest is to connect with our clients and to update our clients on services which we provide. We may monitor whether such emails have been opened by you.

d)  For the establishment, exercise or defence of legal claims

We sometimes process your personal information, including sensitive personal information, such as information concerning health, trade union membership and criminal convictions/offences where it is necessary for the establishment, exercise or defence of legal claims.

e)  Consent

We will, in certain circumstances, rely on your explicit consent to process your personal data, including sensitive personal data. This consent can by withdrawn at any time by using the contact details of the DPO set out above.

3. Consequences of failing to provide information

Where we need to collect personal data by law, or under the terms of a contract/retainer with you and you fail to provide that data when requested we may not be able to perform the contract/retainer we have or are trying to enter in to with you.  For example we may require certain information from you in order to fulfil our requirements under both Irish and European Anti-Money Laundering Legislation before carrying out certain legal services.  As such we may not be able to carry out those legal services absent that information but we will notify you of this at the time if this is the case.

4. Types of Information we collect and some examples of how we use it

We may collect, use, store and transfer different kinds of personal information about you as follows and use it for a variety of different purposes

Information type Example of how we use it
Address, email address, telephone numbers We use this information to carry out instructed legal work, to send you information about legal developments and services and to respond to your queries.
Name, date of birth, PPSN, marital status, nationality, driving licence, passport We use this information to carry out instructed legal work and to verify your identify and to comply with our obligations under anti-money laundering legislation
Occupation and income details such as employer name, employment status, your salary, other incomes, expenses.

Information concerning marital and family status.

The activity and balances on your bank accounts.

We use this information to carry out instructed legal work.
Interactions with our staff and partners We use this information to keep a record of your interactions with us, to monitor and train our staff or to provide you with legal services.
Information on your physical or mental health, trade union membership, criminal offences/convictions We use this information for the establishment, exercise or defence of legal claims or to provide you with legal advice.
5. Your information and Third Party Service Providers

Third Party Service Providers: We may share your personal information with third party service providers that perform services and functions at our direction and on our behalf such as accountants, IT service providers, printers, debt collection agencies, business advisors, marketing companies who carry out marketing campaigns on our behalf and providers of security and administrative services.

Potential sale or merger of Branigan Cosgrove Finnegan solicitors LLP: we may also transfer your personal information to law firms we plan to merge with or be acquired by.

An Garda Síochána, government bodies, or other government officials: we may share your personal information with An Garda Síochána, or other government bodies or agencies including but not limited to the Revenue Commissioners, where required to do so by law.

The Law Society and The Legal Services Regulatory Authority: we may share your personal information with the Law Society and/or the Legal Services Regulatory Authority, where required to do so by law.

Third Parties: We may provide your information to third parties to facilitate your instructions to us, such as lawyers, parties to any legal claim, parties with whom you have a legal issue or complaint and third parties who you instruct us to communicate with on your behalf.

Legal Directories: We may, with your consent, furnish your personal information to legal directories.

6. Storage Periods

We will retain your personal information for the purpose of satisfying any legal, accounting or reporting requirements.  How long certain information is stored depends on the nature of the information we hold and the purpose for which it is processed. For example we may hold some personal information for a period of seven years from the date of completion of any contract with you.  In other instances, such as in relation to conveyancing matters, it may be necessary to hold some personal information for a period of twelve years from the date of completion of any contract with you.

7. Transfers outside the European Economic Area

We may transfer your personal data outside the European Economic Area.  These countries do not always afford an equivalent level of privacy protection and in such circumstances we take specific steps, in accordance with data protection law to protect your personal information.  In particular, for transfers of personal data outside the EEA where there is no adequacy decision by the European Commission we may rely on contractual protection approved by the European Commission.

8. Your Rights

You have several rights under data protection law in relation to how we use your personal information.  You have the right free of charge to:

  • Request a copy of the personal information we hold about you.
  • Rectify any inaccurate personal data we hold about you.
  • Erase personal information we hold about you.
  • Restrict processing of your personal information.
  • Object our use of your personal information for our legitimate interests.
  • Receive your personal information in a structured commonly used and machine readable format.
  • To have that data transmitted to another data controller.

These rights are in some circumstances limited by data protection legislation.  If you wish to exercise any of these rights please contact us using the contact details contained in this form.  We will endeavour to respond to your request within a month.  If we are unable to deal with your request within a month we may extend this period by a further period of two months and we will explain why.

You also have the right to lodge a complaint to the Office of the Data Protection Commission.

9. Contacting you

If you do not wish to hear from us with updates on the firm, legal updates and information about our services please contact the DPO at the details set out at 1 above.

10. Updates

We will update this data protection statement from time to time. Any updates will be made available and, where appropriate notified to you.