Company Formations International Limited
Effective Date: from 25 May 2018
This Privacy Notice explains how Company Formations International Limited (CFI) will collect, use and disclose your personal data, and your rights in relation to the personal data which we hold.
In this Privacy Notice, “CFI”, “us”, “we” and “our” is the data controller of your personal data and is subject to the EU General Data Protection Regulation 2016/679 (the “GDPR”).
We have determined that we are not required to appoint a Data Protection Officer within the meaning of the regulations.
Our full details are:
Full name of legal entity: Company Formations International Limited
Name of Data Protection Advocate: Mr Shabbir Garana
Email address: DataProtectionAdvocate@formations.ie
Postal address: 22 Northumberland Road, Ballsbridge, Dublin 4
Telephone number: +353.1.664.11.77
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at DataProtectionAdvocate@formations.ie
This Privacy Notice supersedes any previous Privacy Notice or equivalent which you may have been provided with or seen prior to the Effective Date stated above.
Under the GDPR you have the following rights:
- To obtain access to, and copies of, the personal data that we hold about you;
- To ensure that we cease processing your personal data if such processing is causing you damage or distress;
- To stop us sending you marketing communications, if you so wish.
- To compel us to delete your personal data;
- To require us to restrict our data processing activities;
- To receive from us the personal data we hold about you which you have provided to us, in a reasonable format including, but not limited to, transmitting that personal data to another data controller; and
- To compel us to correct the personal data we hold about you if it is incorrect.
Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply.
You can find out more about your rights at www.dataprotection.ie
If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact us using the any of the following methods:
|By Post||Mr Shabbir Garana,
Company Formations International Limited,
22 Northumberland Road, Ballsbridge, Dublin 4 D04 ED73
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Data Protection Commission (DPC), the Irish supervisory authority for data protection issues (www.dataprotection.ie). However, please contact us first if you do have a complaint so that we can try to resolve it for you.
How we collect personal data
We collect personal data in a number of different ways, including but not limited to:
- From information which you provide to us when you meet us in person at our offices or elsewhere, including seminars, conferences and social events.
- From information about you provided to us by your company or an intermediary;
- When you communicate with us in writing, by telephone, fax, website registration, Cookies on our website, email, or other forms of electronic communication. In this respect, we may monitor, record and store any such communication;
- When you complete our Company Formation Instruction Sheet, CFI On-Going Services Questionnaire, CFI client on-boarding documentation or other forms used to communicate with us and from CCTV at our offices.
- From your Accountants, Lawyers, Tax Advisors, Agents, Advisers, or intermediaries of any description who may be assisting in arranging for us to provide service to you.
- From publicly available sources such as the Companies Registration Office and other public registries, or from third parties, most commonly where we need to conduct background checks in relation to our Anti Money Laundering obligations.
- Where you have submitted a CV or applied to work with Company Formations International Limited.
The categories of personal data we collect
We may collect some or all of the following categories of personal data about you:
- Your name and contact information such as your home or business address, job title, email address, telephone number; mobile telephone number, Skype ID and all other forms of electronic communication platforms.
- Biographical information which may confirm your identity, including your date of birth, tax identification number and your passport number or national identity card details, country of domicile and/or your nationality;
- Any information required by the Companies Acts to be held by a company with which you are connected and/or for submission to the Companies Registration Office.
- Information relating to your financial situation such as income, expenditure, assets and liabilities, sources of wealth, as well as your bank account details;
- A description and understanding of your goals and objectives in using our services;
- In pursuance of a service to be provided, or through a job application, information about your employment, education, family or personal circumstances, and interests, where relevant;
- Information to assess whether you may be, or may be connected with, a Politically Exposed Person (PEP)
- Information to make a determination, on a risk based assessment approach on the potential (low – medium -high) of the service(s) which we will provide to you to knowingly or unknowingly, facilitate Money Laundering and/or Terrorism Financing.
In situations where we do not have your specific consent, the basis for processing your personal data is as follows:
In the Performance of a contract with you
We process your personal data because it is required for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract.
In this respect, we use your personal data for the following:
- To prepare a proposal for you regarding the services we offer;
- To provide you with the services as set out in our Company Formation Instruction Sheet, CFI On-Going Services Questionnaire or any other Letter of Engagement completed between us.
- To deal with any concerns, complaints or feedback you may have;
- For any other purpose for which you provide us with your personal data.
In this respect, we may share your personal data with or transfer it to the following:
- Your Accountants, Lawyers, Tax Advisors, Agents, Advisers, or intermediaries of any description.
- Subject to your consent, third parties whom we engage to assist in delivering the services to you which would include but not be limited to Accountants, Lawyers, Tax Advisors, Insurance Brokers, Company Formation Agents and Registered Agents, located in the Republic of Ireland and internationally.
- Our own professional advisers where it is necessary for us to obtain their advice or assistance, including lawyers, accountants, tax advisors and IT specialists.
- Debt collection agencies, in the unlikely event that they need to be engaged to recover monies owed to us;
We also process your personal data because it is necessary for our legitimate interests, or sometimes where it is necessary for the legitimate interests of another person.
In this respect, we use your personal data for the following:
- For the general administration and management of our business, including archiving or statistical analysis;
- Training our staff or monitoring their performance;
- Seeking advice on our rights and obligations, such as where we require our own legal advice.
- For marketing to you. (Please see the separate section on Marketing below);
- In our capacity as company secretarial advisors or where we act as Company Secretary, Director or Registered Agent, to keep you informed of changes in company law, business law and/or the practices of the Companies Registration Office which may have an impact on any companies registered in Ireland with which you have a connection.
- In our capacity as company secretarial advisors or where we act as Company Secretary, Director or Registered Agent, to keep you informed of changes in company law, business law or the practices of any central registry which may have an impact on companies registered outside of Ireland with which you have a connection.
In this respect we will share your personal data with the following:
- Our accounting, taxation, legal or other advisers or agents where it is necessary for us to obtain their advice or assistance;
- With third parties and their advisers where those third parties are acquiring, or considering acquiring, all or part of our business.
We also process your personal data for our compliance with a legal obligation which we are under
In this respect, we will use your personal data for the following:
- To meet our compliance and regulatory obligations, such as compliance, particularly with anti-money laundering and terrorism financing laws,
- As required by tax authorities or any competent court, legal authority or police force.
In this respect, we will share your personal data with the following:
- Our advisers where it is necessary for us to obtain their advice or assistance;
- Our auditors where it is necessary as part of their auditing functions;
- With third parties who assist us in conducting background checks;
- With relevant regulators or law enforcement agencies where we may be required to do so.
Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).
Under the Privacy and Electronic Communications Regulations, we may send you electronic marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you have agreed to receive marketing communications and in each case you have not opted out of receiving such communications since.
Important note: We will not share your personal data with any third party for their own marketing purposes without your express consent.
You can request us to stop sending you electronic marketing messages at any time by following the Opt-Out links which we always put on marketing messages sent to you
You can also request us to stop sending you marketing messages by post at any time by writing to us at 22 Northumberland Road, Ballsbridge, Dublin 4 or by telephoning us at +353.1.664.11.77 .
If you opt out of receiving marketing communications this opt-out does not apply to personal data provided in connection with a service provided or being currently provided where are obliged to obtain a record of for the purposes of complying with our legal obligations.
International Transfers of Data
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep data for six years after the conclusion of any service provided to you in order to comply our regulatory and tax obligations.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for legal know-how, research or statistical purposes in which case we may use this information indefinitely without further notice to you.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Links to other websites
From time to time, our website www.formations.ie may contain links to other sites. Please be aware that Company Formations International Limited is not responsible for the privacy practices of such other sites. We encourage you to be aware of this when you leave our site and to read the privacy statements of each and every web site that collects personally identifiable information. This privacy statement applies solely to information collected by Company Formations International Limited
Updates to this Privacy Notice
We may update this privacy notice from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are aware of and happy with any changes.