Privacy Policy

INTRODUCTION

This website is operated by Laura Lynch & Associates (“LLA” / “we” / “us” / “our”) located at 3rd Floor, Dockgate, Merchants Road, Galway, Ireland.

Under this Privacy Policy (the “Policy”), we will be what’s known under General Data Protection Regulation (EU) 2016/679 (the”GDPR”) as the “controller” of the personal data you provide to us.

We respect your right to privacy and take seriously our responsibilities in relation to the processing of personal data.  We do not collect or process personal data unnecessarily.  We do not knowingly attempt to solicit or receive information from children.

This Policy sets out important information about:

  • how we process your personal information in connection with your use of this website (lauralynch.ie) (“our Site” or “the Site”) and/or in providing our services (the “Services”) to you;
  • the legal basis we rely upon to do this; and
  • your rights

Please read this policy to learn more.

WHO WE ARE AND WHAT WE DO

Laura Lynch is the Managing Director of Laura Lynch & Associates.  Laura is a Council Member and Fellow of the Irish Tax Institute, Chartered Tax Advisor (CTA), a Fellow of Chartered Accountants Ireland, Chartered Accountant and has lectured extensively for the Irish Tax Institute.

Laura Lynch & Associates is a professional registered firm which provides strategic tax and business advisory services.  We are Galway-based with a national client base and international tax knowledge.  We provide both personal and corporate clients with commercially focused tax, financing and structuring advice on issues such as wealth protection, corporate structuring, succession planning, pensions, cross border matters, VAT and tax efficient employee remuneration.  We also work with investors and investee companies, facilitating investments in start-up and expanding companies.  We provide practical, to-the-point advice along with decision making support at the highest professional standards.

THE INFORMATION WE COLLECT

We will collect and process the following data about you for the following purposes:

Information you provide to us

Your Data

This is information about you that you provide to us by filling in forms on our site or by corresponding with us by telephone, email, post, in person, through a third party (e.g. your accountant, solicitor, financial advisor, banker etc.) or otherwise.  This is information which is provided to us based on your consent and/or as required for the performance of a contract between us.  It also includes information you provide when you use our site, our services or report a problem with our site.

The information provided to us may include:

  • Identity Data: your full name, address, email address, telephone number, age, title and personal description
  • AML Data:your identity data, passport details including copy of passport, passport number, nationality, photograph, proof of address and other customer identification information
  • Financial Data:your personal financial data, including your bank account details, billing contact postal address or email address, employment details, tax type and status, and tax registration number

The information we may collect about you may include:

Automatically Collected Information

Regarding each of your visits to our site we may collect the following information:

  • Technical Data: technical information to include the internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, how often you use the application and other performance data; and
  • Usage Data: information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), methods used to browse away from the page, and any phone number used to call us.

 We do not require or collect any personal data that is your sensitive personal data or any special category of personal data under the GDPR, unless you decide to provide this information to us.

Our Website may host various blogs, forums, wikis and other social media applications that allow you to share content with other users (collectively “Social Media Applications”).  Importantly, any personal information that you contribute to these Social Media Applications can be read, collected and used by other users of the application.  We have little or no control over these other users and, therefore, we cannot guarantee that any information which you contribute to any Social Media Applications will be handled in accordance with this privacy statement.

COOKIES

What are cookies and why we use them

“Cookies” are small text files which are stored by your browser on your computer and are normally used to gather statistical information and to analyse trends of use or access to a website.

Cookies may be placed on your computer or internet-enabled device whenever you visit us online.  This allows the site to remember your computer or device and serves several purposes.  For example, cookies may be used to save your personal preferences so you do not have to re-enter them each time you access the site.

Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings (often found in your browser’s tools or preferences menu).  You may also delete cookies from your device at any time.

For more information about cookies and how to disable them, please see our Cookie Policy.  You will also find information about managing cookies in your browser’s help file or though site such as www.allaboutcookies.org.  Please keep in mind however, that if you do not accept cookies, you may not be able to fully experience some of our site’s features.

WHAT WE DO WITH YOUR INFORMATION

We will only use your personal information when the law allows us to.  Most commonly, we will use your personal data in the following circumstances:

  • When we need to perform the contract we are about to enter into or have entered into with you
  • Where it is necessary for our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests
  • Where we need to comply with a legal or regulatory obligation

We have set out in the table below a description of the way we plan to use your personal data and the legal basis we rely on to do this.  Where you see legitimate interests mentioned in the table below, we have included additional information about the legitimate interests pursued.

Purpose / Activity Type of Data Legal Basis for Processing
To respond to your queries and to provide you with the services and/or the information you request from us in relation to our services – Identity Data

– AML Data

– Financial Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to respond to new or existing customer queries and grow our business)

– Performance of a contract with you

– Necessary to comply with a legal obligation (AML / Customer Identification compliance)

To make or manage payments, fees, charges, taxes or duties and to collect and recover money owed to us – Identity Data

– AML Data

– Financial Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to recover debts due)

– Performance of a contract with you

– Necessary to comply with a legal obligation

To comply with professional obligations to which we are subject to, including

– providing information to various enforcement agencies

– verification of your personal information to meet our professional and compliance obligations including detecting and preventing money laundering, tax avoidance and financing of terrorism

– Identity Data

– AML Data

– Financial Data

 

– Performance of a contract with you

– Necessary to comply with a legal obligation

To manage our relationship with you, including notifying you about changes to the services or our privacy policy – Identity Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to keep our records updated and to study how client’s use our products and services)

– Performance of a contract with you

– Necessary to comply with a legal obligation

To provide you with information about services we offer that are similar to those that you have enquired about – Identity Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to develop our products or services and grow our business)
Where you have given us your consent to do so, to provide you with information about other services we feel may interest you – Identity Data

– Technical Data

– Usage Data

 

– Consent
To ensure that content is presented to you in the most effective manner for you and for your computer or device – Identity Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to keep our site and the services updated and relevant and to develop and grow our business)
To administer and protect our business and our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes – Identity Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (for running our business and as part of our efforts to keep our site and services safe and secure)
To use data analytics to improve or optimise our site, marketing, client relationships and experiences – Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to define types of clients for our products and services, to keep our site and services updated and relevant, to develop and grow our business and inform our marketing strategy)
To measure or understand the effectiveness of the advertising we serve to you and others and, where applicable, to deliver relevant advertising to you – Identity Data

– Technical Data

– Usage Data

 

– Necessary for our legitimate interests (to study how customers use our products or services, to develop them, to grow our business and to inform our marketing strategy)

 Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is comparable with the original purpose.  If you wish to get an explanation as to how the processing for your new purpose is compatible with the original purpose, please contact us at info@lauralynch.ie.  If we need to use your personal data for any unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.  Please note that we may process your personal data without your knowledge or consent, in compliance with this policy, where this is required or permitted by law.

How long we keep your information

We only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.  This means that the period of time for which we store your personal data may depend on the type of data we hold.  To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  For more information about our date retention policies please contact us at info@lauralynch.ie.

DISCLOSURE OF YOUR INFORMATION

We do not sell your personal data to third parties for marketing purposes.

We may disclose information to third parties if you consent to us doing so as well as in the following circumstances:

You agree that we have the right to share your personal information with the following recipients or categories of recipients:

  • Any authorised person within our company
  • Selected third parties including:
    • business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you in relation to the services;
    • our financial and legal auditors and any other regulatory or government agency, authority or department whose rules, regulations or orders apply to the conduct of our business and/or the provision of our services;
    • analytics and search engine providers that assist us in the improvement and optimisation of our site;
    • credit reference agencies for the purpose of assessing your credit score to the extent this is a condition of us entering into a contract with you

We will disclose your personal information to third party recipients:

  • in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of our business or assets
  • if all or substantially all of our business or assets are acquired by, or transferred to, a third party whether in the event of a merger, reorganisation, transfer of undertakings, winding up or dissolution or any other similar circumstances, in which case personal data held by it about our clients will be one of the transferred assets
  • if we are under a duty to disclose or share your personal data in order to comply with any law, legal obligation or court order, or in order to enforce rights under the GDPR or other agreements
  • to protect our rights, property or safety, our customers, or others.  This includes exchanging information with other companies and organisations for the maintenance and security of the site and services

INTERNATIONAL TRANSFERS

Personal data may be transferred to our trusted partners and the service providers who maintain their servers outside of the European Economic Area (“EEA”), where the privacy and data protection laws may not be as protective as those in our jurisdiction.  This is only for the purposes of providing, and to the extent necessary to provide, the services to you.

We appreciate that there are special requirements set out under Chapter V of the GDPR (with which we would comply) to regulate such data transfers and ensure that adequate security measures are in place to safeguard and maintain the integrity of your personal data on transfer.

For more information about this and the safeguards in place relating to the transfer, please contact us at info@lauralynch.ie.

SECURITY MEASURES

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.  They will only process your personal data on instruction, and they are subject to a duty of confidentiality.

Although we use appropriate security measures once we have received your personal information, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavour to protect personal information, but we cannot guarantee the security of data transmitted to us or by us.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

YOUR PERSONAL DATA AND YOUR RIGHTS

Accessing your Personal Data

You may request access at any time to a copy of the personal data we hold about you.  Any such request should be submitted to us in writing and sent to info@lauralynch.ie.  We may need to verify your identity in such circumstances and may request more information or clarifications from you if needed to help us locate and provide you with the personal data requested.

There is not usually a charge applied to access your personal data (or to exercise any of the other rights).  However, if your request is clearly unfounded, repetitive or excessive, we may charge a reasonable fee.  Alternatively, we may refuse to comply with your request in these circumstances.

Right of Restriction

You may restrict us from processing your personal data in any of the following circumstances:

  • you have contested the accuracy of the personal data we hold on record in relation to you or for a period of time to enable us to verify the accuracy of the personal data;
  • the processing of your personal data is unlawful and you request the restriction of use of the personal data instead of its erasure;
  • we no longer require your personal data for the purpose of processing but you require this data for the establishment, exercise or defence of legal claims; or
  • where you have contested the processing (under Article 21(1) of the GDPR) pending the verification of our legitimate grounds

Corrections or Erasure (Right to Rectification and Right to Be Forgotten)

If we hold personal data concerning you which is no longer necessary for the purposes for which it was collected or if you withdraw consent for us to process your personal data, you can request the deletion of this personal data.  This right, however, will not apply where we are required to process personal data in order to comply with a legal obligation or where the processing of this information is carried out for reasons of public interest in the area of public health.  If the personal information we hold about you is inaccurate, you may request to have your personal information updated and corrected.  To do so at any time, please contact us at info@lauralynch.ie.

Your Right to Object

You have the right to object to the processing of your personal data at any time:

  • for direct marketing purposes
  • for profiling to the extent it relates to direct marketing
  • where we process your personal data for the purposes of legitimate interests pursued by us, except where we can demonstrate compelling legitimate grounds for this processing which would override your interests, rights and freedoms or in connection with the enforcement or defence of a legal claim

To exercise your right to object at any time, please email us at info@lauralynch.ie.

Should this occur, we will no longer process your personal data for these purposes unless doing so is justified by a compelling legitimate ground as described above.  For more information about our marketing practices, please see the Marketing Communications section below.

Data Portability

Where we process your personal data by automated means (i.e. not on paper) and this processing is based on your consent or required for the performance of a contract between us, you have the right to request from us a copy of your personal data in a structured, commonly used machine-readable format and, where technically feasible, to request that we transmit your personal data in this format to another controller.

Profiling

Profiling is an automated form of processing of personal data often used to analyse or predict personal aspects about an individual person.  This could relate to a person’s performance at work, economic situation, health, personal preferences, reliability, behaviour, location or movements.  An example of this would be where a bank uses an automated credit scoring system to assess and reject a loan application.

We, however, do not engage in profiling or automated processing for profiling purposes.

Personal Rights

The rights described in this section are personal rights and are exercisable only by the individual person (or data subject) concerned.

MARKETING COMMUNICATIONS

General

We will not use your data to send marketing communications to you about promotions, competitions, updates and new products or services that may be of interest to you, unless we have your permission to do so.

Your Right to Object

You have the right to object to the processing of your personal data for our marketing purposes.  To object, or if you change your mind at any later time, you can withdraw your consent to the processing of your personal data for such marketing purposes by contacting us at info@lauralynch.ie.  You may also opt out of receiving marketing communications at any time by selecting the unsubscribe option when you receive an electronic marketing communication from us.  The withdrawal of your consent will not impact upon the lawfulness of processing based on your consent prior to the withdrawal.

THIRD PARTY MATERIAL

We always endeavour to deal with vendors and other third parties who are GDPR compliant or, in the case of the third parties located outside of the EEA, who are certified as compliant with the EU-US Privacy Shield, as applicable, or who have adequate security measures in place to safeguard the security of personal data.  That said, we, our employees, agents, holding company and subsidiaries, accept no liability howsoever arising for the content or reliability of any third party materials or websites referenced by hyperlink or other means on the site or for the data collection and use practices or security measures used by such third parties.  If you submit personal data to any of those sites, your personal data is governed by their privacy policy.  We encourage you to carefully read their privacy policies.

CHANGES TO THIS POLICY

Any changes made to this policy from time to time will be published on our site.

Any material or other change to the data processing operations described in this policy which is relevant to or impacts on you or your personal data, will be notified to you in advance by email.  In this way, you will have an opportunity to consider the nature and impact of the change and exercise your rights under the GDPR in relation to that change (e.g., to withdraw consent or to object to the processing) as you see fit.

You are advised to review this Privacy Policy periodically for any changes.  Changes to this Privacy Policy are effective when they are posted on this page.

QUESTIONS

If you have any questions relating to this policy, please contact us at:

Laura Lynch & Associates, 3rd Floor, Dockgate, Merchants Road, Galway – info@lauralynch.ie

SUPERVISORY AUTHORITY

We are committed to complying with the terms of the GDPR and to the processing of personal data in a fair, lawful, transparent and responsible way.  If, however, you believe that we have not complied with our obligations under the GDPR, you have the right to lodge a complaint with the Data Protection Authority (“DPA”).