Who we are:
We are Kent Carty Solicitors LLP of 47/48 Parnell Square, Dublin 1. You can contact us at this address by post or by email at info@kentcarty.com.
Our data protection representative is Lorraine O’Hanlon, who can be contacted at the above address, by phone on 01 8658800 or by email at info@kentcarty.com.
Why we process your data, the lawful basis for processing your data and who we share it with:
For people who view and interact with our website, we process data:
- To respond to your query when sent through our ‘contact us’ form.
The legal basis for this processing is our legitimate interest in the administration and operation of our legal services as well as our legitimate interest in marketing and promoting our firm’s legal services.
We will retain this data for as long as necessary to fulfil the purpose we collected it for (see further information below).
We share this data with our client relationship management system provider. They may only process this data for the purpose of providing us with their services, and no other purpose.
For our potential clients, we process data:
- In order to market the services of our firm
- To provide you with legal updates
We will retain this data for as long as necessary to fulfil the purpose we collected it for (see further information below).
The legal basis for the processing of this data is processing necessary for the purpose of the legitimate interests of our firm in promoting our services.
For solicitors and barristers that we liaise with on client matters, we process data:
- In order to liaise with you about our client matters
We will retain this data for as for as long as necessary to fulfil the purpose we collected it for (see further information below). It is our normal practice to destroy our correspondence files, draft documents and other papers which are more than 6 years old.
The legal basis for the processing of this data is processing necessary for the purposes of the legitimate interests pursued by our firm in representing our clients.
We share the information you provide with our practice management system in order to store your contact information with our client file. We may also send you emails through our email service provider.
For job applicants to the firm, we process data:
- To recruit new employees
- To ascertain your suitability for a specific role
The legal basis for this processing is processing necessary for the purpose of the legitimate interests of our firm in recruiting new staff. Please see the privacy notice in the job advertisement for further information about how we process applicant data.
We share the information you provide in your application with our contracted recruiter in order to make a shortlist of candidates. This recruiter is not permitted to use this data other than on our behalf. We may also send you emails about your application through our email service provider.
We will retain this data for as long as necessary to fulfil the purpose we collected it for, including the purpose of satisfying any legal accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purpose for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. It is our normal practice to destroy our correspondence files, draft documents and other papers which are more than six years old.
By law, we have to keep basic information about our customers (including Contact details, Identity, financial and transaction data) for six years after they cease being customers, for tax purposes.
Transfer of data outside the European Economic Area:
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfer of personal data outside of the EEA unless the transfer meets certain criteria.
Whenever we transfer your personal data outside of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguard is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanism approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Information received from third parties and source of that data:
We may receive personal data about you from various third parties and public sources as set out below:
- Analytic providers such as Google based outside the EU;
- Advertising networks based inside and outside the EU; and
- Search information providers based inside and outside the EU.
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services based inside and outside the EU.
- Identity and Contact Data from data brokers or aggregators based inside and outside the EU.
- Identity and Contact Data from publicly available sources such as the Companies Registration Office, the Law Society of Ireland and the Electoral registers based inside the EU.
Your rights relating to personal data
You have the following rights under the GDPR, in certain circumstances and subject to certain exemptions, in relation to your personal data;
- Right to access the data – you have the right to request a copy of the personal data that we hold about you, together with other information about our processing of that personal data.
- Right to rectification – you have the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete.
- Right to erasure – you have the right to request us to delete personal data that we hold about you. This is sometimes referred to as the right to be forgotten.
- Right to restriction of processing or to object to processing – you have the right to request that we no longer process your personal data for particular purposes, or to object to our processing of your personal data for particular purposes.
- Right to data portability – you have the right to request us to provide you, or a third party, with a copy, of your personal data in a structured, commonly used machine-readable format.
In order to exercise any of the rights set out above, please contact us at the contact details at the start of this privacy notice.
If we are processing personal data based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing which took place prior to its withdrawal.
If you are unhappy with how we process personal data, we ask you to contact us so that we can rectify the situation.
You may lodge a complaint with a supervisory authority. The Irish supervisory authority is the Data Protection Commission.
Requirement to process personal data:
You may browse our website without providing us with any personal data and this will not affect your ability to view our website.
If you do not provide us with your information for the purposes described above, we cannot respond to your queries sent through our contact us form, liaise with you on client matters or assess your suitability for a role within our firm.
Automated decision-making and profiling:
We do not use any personal data for the purpose of automated decision-making or profiling.
