Privacy Statement

AMOSS is committed to protecting and respecting your privacy. This Privacy Statement sets out how we collect, use, process and disclose personal information (known as “personal data”) provided to us by clients (includes current, former and prospective clients) and/or those with whom we deal on behalf of clients in the course of our business including personal data provided to us on our website www.amoss.ie (“Website”).   

Who we are

We are AMOSS Solicitors (“AMOSS”) of Warrington House, Mount Street Crescent, Dublin 2. You can contact us at this address by post or by email at law@AMOSS.ie

We may process your personal data when you are our client

Information that we collect

We may receive personal data relating to you and other parties (“data subjects”) during the course of acting for you.  We may collect personal data directly from you.  We may also receive personal data about you from third parties and/or publicly available sources such as the Companies Registration Office, the Land Registry and Registry of Deeds, bankruptcy and judgment searches. Categories of such personal data include: names, addresses, contact information and other information that is required in order for us to provide our services.  

How we use your personal data

For the purposes of providing services to you such as providing you with legal advice, assisting you with legal claims or legal proceedings, assisting you with legal rights, the legal basis for processing such personal data is for the performance of a contract with you or to comply with a legal obligation (for example, to comply with our obligations under anti-money laundering and terrorist financing legislation, to comply as appropriate with the Revenue Commissioners and other relevant governmental and/ or regulatory authorities or bodies) or where it is necessary for our legitimate interest in providing legal services to you.

There may also be limited circumstances where our legal basis for processing is your consent (where we have sought it and you have provided it to us), in which case you can withdraw your consent at any time.

Where we process special categories of data relating to you, e.g. health data that we may process in connection with a legal claim where we are acting on your behalf, our legal basis for processing will be that the processing is necessary for the establishment, exercise or defence of legal claims. In limited circumstances we may process special categories of personal data with the data subject’s explicit written consent.

When we process your personal data based on our legitimate interests, we make sure to consider and balance any potential impact on you and your data protection rights. We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law). 

Prior to the use of your personal data for marketing purposes we will seek your consent and we will renew this consent periodically. We will always include an option for you to opt-out of receiving such communication. You have the right to withdraw your consent at any time. 

Processing personal data for you as a data processor

Where we process personal data on your behalf as a data processor we shall act in accordance with the contractual arrangements we have in place in accordance with Article 28 of the General Data Protection Regulation (the “GDPR”) (Processing by a data processor must be governed by a contract which must contain the stipulations as set out in Article 28 of the GDPR).

We may process your personal data that we collect from you or that you provide to us on our Website 

Information that we collect

We only collect personal data about you which you volunteer to us when you email us, telephone us or via our Website. When you contact us, we may keep a record of that correspondence. We may collect and process the following information about you:

  • your name;
  • your email address;
  • information that you provide in correspondence.

How we use your personal data

We may use personal data that you provide to us for our legitimate business interests including:

  • for the purpose for which it was provided by you;
  • to provide you with information, products and services that you request from us;
  • to notify you about changes to our service;
  • to comply with legal obligations;

When we process your personal data based on our legitimate interests, we make sure to consider and balance any potential impact on you and your data protection rights. We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law). 

Disclosure of your personal data

We may disclose your personal data to third parties who provide a service to us or are retained on your behalf to provide a service to you and are bound by confidentiality provisions such as our IT service providers, our practice management system provider, professional advisers retained on your behalf, regulators, barristers and experts retained on your behalf or where required by law, where necessary to administer our working relationship with you or where we have a legitimate interest in doing so, or in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets or if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or where necessary for our legitimate business interests to protect the rights, property, or safety of AMOSS, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Retention

We will retain personal data only for as long as necessary for the purposes for which it was collected; as required by law or regulatory guidance to which we are subject; and for the exercise or defence of legal claims that may be brought by or against us. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of personal data, the purposes for which we process personal data and whether we can achieve those purposes through other means and the applicable legal requirements.

Security and where we store your personal data

We use a variety of security technologies and procedures to help protect your personal data from unauthorised access and use. As effective as modern security practices are, no physical or electronic security system is entirely secure. We cannot guarantee the complete security of our database, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet.

We have implemented strict internal guidelines to ensure that your privacy is safeguarded at every level of our organisation. We will continue to revise policies and implement additional security features as new technologies become available.  

Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website. Any transmission of personal data is at your own risk. Once we receive your personal data, we use appropriate security measures to seek to prevent unauthorised access or disclosure.

Transfers of personal data

In the event that it is necessary to transfer personal data outside the EEA, we will ensure appropriate safeguards are in place to protect the privacy and integrity of such personal data. Please contact us if you wish to obtain information concerning such safeguards (please see ‘Contact Us’ below).   

Personal data provided about third parties

Where you provide personal data about another individual you must ensure that you have obtained any necessary permissions from that individual, that you are entitled to disclose the personal data relating to that other individual to AMOSS, that the individual is aware of the contents of this privacy statement and that AMOSS may process that personal data in accordance with this privacy statement without having to take any further steps.

Your rights relating to personal data

You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data:

  • right to access the data - you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
  • right to rectification - you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
  • right to erasure - you have the right to request us to delete personal data that we hold about you. 
  • right to restriction of processing or to object to processing - you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
  • right to data portability - you have the right to request us to provide you, or a third party, with a copy of your personal data in a structured, commonly used machine-readable format
  • right to object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and you want to object to processing on this ground.

In order to exercise any of the rights set out above, please contact us (see ‘Contact Us’ below). We may request that you provide proof of your identity for security reasons. We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests.  We have the right to refuse your request where there is a basis to do so in law, or if your request is manifestly unfounded or excessive, or to the extent necessary for important objectives of public interest.

If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.

If you are unhappy with how we process personal data, we would ask you to contact us so that we can rectify the situation.

You may lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes the GDPR. The Irish supervisory authority is the Data Protection Commission.

Automated decision-making and profiling

We do not use any personal data for the purpose of automated decision-making or profiling.

Links to other sites

Our Website may, from time to time, contain links to and from other websites. If you follow a link to any of those websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those policies. Please check those policies before you submit any personal data to those websites.

Changes to this privacy statement

We reserve the right to change this privacy statement from time to time at our sole discretion. If we make any changes, we will post those changes here and we will update the “Updated” date at the bottom of this statement. When you use our Website after any such change you will be deemed to have consented to the current version of the privacy statement and accordingly you should review the privacy statement from time to time.

Contact Us

Questions, comments, requests and complaints regarding this privacy statement and the personal data we hold should be addressed to law@AMOSS.ie or by writing to AMOSS Solicitors, Warrington House, Mount Street Crescent, Dublin 2.

Updated:

22 May 2018