If you are a R. Hendy & Co. customer or you’re just browsing our website, this policy applies to you.
Our Commitment to Privacy
Your privacy is important to us. To better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used.
This privacy notice sets out how we will protect your data, in line with current Irish and EU legislation, through appropriate organisation and technical security measures/processes. It also describes your right in relation to that data.
R. Hendy & Co. reserves the right to make changes to this statement as necessary. When we do so we’ll make previous versions available, on request, so you can see what the changes are. If any such changes alter key aspects of the notice or its meaning, we will notify you of those changes in advance.
Should you access our services, we will seek additional explicit consent, usually by means of written communications such as a letter of engagement where the scope of our service will be mutually agreed and the purposes for which we collect and process your data will be clearly set out in writing for you.
If you are a registered R. Hendy & Co. customer or a visitor to our website we act as the ‘data controller’ of personal data. This means we determine how and why your data are processed. If you are a customer who uses one of our outsourced services then we act as the ‘Data Processor’.
- If you are our customer, please also check the engagement letters between us: they may contain further details on how we collect and process your data.
When and how we collect Data
From the moment you interact with R. Hendy & Co we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.
Types of Data we collect
Personal data: name and title, VAT and PPS numbers and on occasions date of birth, date of marriage.
Contact data: postal address, email address and telephone numbers.
Your bank account number and sort code.
Data that identifies you
Your IP address, geolocation information about where you might be.
Data on how you use our website
Your URL clickstreams (the path you take through our site), products/services viewed, page response times, how long you stay on our pages, what you do on those pages and how often.
What about children’s data?
R. Hendy & Co. is a business-to-business service directed to and intended for use only by those who are 18 years of age or over. We do not target at children, and we do not knowingly collect any personal data from any person under 16 years of age.
What about really sensitive data?
We don’t collect any “sensitive data” about you (such as racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when we have your specific consent, or when we have to comply with the law.
How and why we use your data
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
Legal basis: contract & legitimate interests
Notifying you of any changes to our services, solving issues via telephone support, phone or email or post.
Legal basis for this data usage: contract
Marketing purposes (with your consent)
Sending you emails and messages about new features, products and services, and content.
Legal basis for this data usage: consent
Here is what each of these “legal terms of basis” mean:
You have given clear consent for us to process your personal data for a specific purpose.
You can change your mind!
If you have previously given consent to our processing of your data you can freely withdraw such consent at any time. You can do this by emailing us at email@example.com. If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another overriding legal basis for processing your information, then we may continue to do so subject to your legal rights.
Processing your data is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
• gaining insights from your behaviour on our website
• developing and improving our services
• enabling us to enhance, customise or modify our services
• determining whether marketing campaigns are effective
• enhancing data security
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
Your privacy choices and rights
You can choose not to provide us with personal data. If you choose to do this, you can continue to use the website and browse its pages, but we will not be able to process transactions without personal data.
You can turn off cookies in your browser by changing its settings
You can ask us not to use your data for marketing
We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by emailing firstname.lastname@example.org.
You can exercise your rights by sending us an email to email@example.com
You have the right to access information we hold about you
This includes the right to ask us supplementary information about:
• the categories of data we’re processing
• the purposes of data processing
• the categories of third parties to whom the data may be disclosed
• how long the data will be stored (or the criteria used to determine that period)
• your other rights regarding our use of your data
We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We will tell you if we can not meet your request for that reason.
You have the right to make us correct any inaccurate personal data about you
You can object to us using your data for profiling you or making automated decisions about you We will use your data to determine whether we should let you know information that
might be relevant to you (for example, tailoring emails to you based on your behaviour). Otherwise, the only circumstances in which we will do this is to provide our services to you.
You have the right to port your data to another service
We will give you a copy of your data in CSV or HTML so that you can provide it to another service. However, where there is a possibility that the rights and freedoms of a third person would be at risk by providing the data, we may exercise our right to refuse your request.
You have the right to be ‘forgotten’ by us
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data we will erase your data.
You have the right to lodge a complaint regarding our use of your data
Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the Irish Data Protection Commissioner’s Office, you can find their contact details directly below;
Postal Address: Canal House, Station Road, Portarlington, R32 AP23, Co. Laois
Telephone: +353 57 8684800 | +353 (0)761 104 800
Lo Call Number: 1890 252 231
Fax: +353 57 868 4757
How secure is the data we collect?
We have physical, electronic, and managerial procedures to safeguard and secure the information we collect. For more information on our efforts to ensure your data is held in a secure manner, please see our data security policy.
And please remember:
• You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure
• You are responsible for your username and password: keep them secret and safe!
• If you believe your privacy has been breached, please contact us immediately at firstname.lastname@example.org
Where do we store the data?
How long do we store your data?
Where there is no statutory requirement to retain your data, we will archive and stop actively using any personal information about you within 6 years from when you last engaged the services of
R. Hendy & Co. We will delete your personal data from our archives no later than 6 years from when you last engaged the services of R. Hendy & Co. or as agreed with you in a separate contract. Where data must be retained for statutory reasons (for example revenue / tax purposes) the data will be retained for the statutory period.
Third parties who process your data
How can I block cookies?