Effective from 8th January 2019
We at CS consulting respect your right to privacy and comply with our obligations under the General Data Protection Regulation EU 2016/679 (“GDPR”). The purpose of this Privacy Statement is to outline what personal data we process, how and why we process the data and what your rights are in respect of your personal data.
- WHO WE ARE
When we refer to “CS consulting”, “we” or “us” in this document, it means:
- CS consulting which is incorporated in Ireland with limited liability with registered company number 534323
- DATA PROTECTION OFFICER
If you have any questions or queries about how CS consulting gathers, stores, shares or uses your personal data or if you wish to exercise any of your personal data rights, please contact CS consulting Data Protection Officer:
Telephone: [086 814 6570]
- THE PERSONAL DATA WE PROCESS
In conducting our business, we process information relating to you and information from which you can be identified, including:
- online information and activity, based on your interaction with us and our website, including for example, Internet Protocol (IP) address, searches, site visits and spending patterns
- HOW WE COLLECT YOUR PERSONAL DATA
Information about you, including your personal data, is gathered both directly and indirectly from third parties as you apply for our products, use our products and services and engage with us.
We collect your personal data:
- Directly from you. Examples include when:
- You submit inquiries and information via our website;
- You access our website and we use technology to help us make the site work and help us understand how you use it.
- PURPOSES AND LEGAL BASIS FOR PROCESSING
We use your personal information:
To enter into and for the performance of a contract with you in relation to the provision of a product or service, for example:
- Processing sales enquiries
To comply with our legal, statutory and regulatory obligations, for example:
- Submitting returns to the Revenue Commissioners in order to comply with taxation legislation;
- Audits of our financial statements and reporting to the Companies Registration Office in compliance with company law;
- Complying with legally binding requests or orders from regulatory bodies, law enforcement agencies, the courts or otherwise.
To enable us to manage our business in line with our legitimate interests.
In the day-to-day running of our business, we may process your personal data to:
- Providing servicing information to you relevant to you.
- Conducting marketing activities, including direct marketing (unless you have objected to us using your personal data for this reason);
- Monitor, maintain and continuously improve our business processes, technology, communications, customer service, information and data management;
- Keep our networks and information secure;
- Manage, monitor and protect our physical properties and assets;
- Protect our business, reputation and resources;
- Protect our legal rights and interests;
- To carry out financial analysis, accounting and reporting;
- Facilitate our business continuity and disaster recovery plans and procedures;
- Allow us to conduct work on our strategy and planning;
In order to continuously develop and improve our business, our products and services, our reputation and our internal processes, we may use your personal data to:
- Identify new business opportunities, develop enquiries, generate new business leads and develop a business relationship with you;
- Send you relevant marketing material, including by way of direct marketing unless you have objected to your personal data being used by us in this manner;
- Monitor our customer service processes so we can improve, including the use in staff training;
- Perform analysis of complaints in order to mitigate risk or reoccurrence and to identify and implement prevention solutions;
Where you have provided us with consent (which you may withdraw at any time)
Where you have provided us with consent, we may process your personal data to:
- Directly market to you about offers from the group and/or selected partners;
- Share your personal data with third parties so that they may conduct direct marketing to you about their products, services and offers;
Any requests for your consent will include more information on how we will use your data specific to that consent.
- HOW LONG WE KEEP YOUR PERSONAL DATA FOR
As a principle, we do not hold your personal data for longer than is necessary. The length of time we hold the data depends on the type of data and also on a number of other factors, including to meet our legal, regulatory and statutory obligations. In most cases, we retain customer data for 3 years after the date upon which a transaction completed or when the customer relationship ceased.
- HOW WE KEEP YOUR PERSONAL DATA SAFE
CS consulting has a range of technical and organisational measures in place to protect information and keep your personal data secure across our IT systems and networks and physical storage locations.
In the event of certain types of personal data breaches, we are legally obliged to notify the Data Protection Commission and affected individuals to whom the personal data belong. We have implemented internal procedures to manage personal data security breaches in accordance with our legal obligations.
- SHARING YOUR PERSONAL DATA WITH THIRD PARTIES
We do not share your personal data with third parties unless it is necessary. Sharing occurs with a limited set of individuals and organisations and in limited circumstances. Examples of when sharing may occur and the third parties to whom we share your personal data are as follows:
- To third parties who are providing services to us in relation to the provision of a product or service to you (for example, our appointed legal advisors), to assist with our own compliance with legal obligations (for example, our financial statement auditor) and/or for our own legitimate business interests (for example, IT security, business continuity and data processing service providers). Where we enter into agreements with third parties to process your personal data on our behalf, we will ensure that appropriate contractual protections are in place to protect the security of the data.
- To statutory, regulatory, government or law enforcement bodies as required by law. For example, we transmit personal data to the Central Credit Register in order to comply with our legal obligations under the Credit Reporting Act 2013;
- To any relevant third party where required for a proposed sale or other transaction relating to our business and/or assets owned by our business;
- TRANSFERS OUTSIDE OF THE EEA
We rarely transfer your personal data to organisations located in countries outside of the European Economic Area (“EEA”, being the EU plus Iceland, Liechtenstein and Norway). In the event we do, we only do so where the organisation agrees to act solely on our instructions and to protect the personal data in line with Irish standards, where there is a legal basis to do so and where the transfer is being made pursuant to one of the transfer mechanisms allowable under Data Protection Law to protect the security of the data (e.g. model clauses)
- YOUR RIGHTS
You have a number of rights in respect to the personal data we process about you. These are:
- The right to access your personal data, which includes receiving confirmation on whether the personal data are being processed and if so, receiving the personal data and related information about why they are being processed, the categories of personal data involved, to whom the personal data have been or will be shared and how long the data will be kept for.
- The right to request that we rectify inaccurate data or update incomplete data. You may also request that we restrict the processing of the personal data until the rectification or updating has been completed, although please be aware that we may have to suspend the operation of your account or the products or services that we provide.
- The right to request that we erase your data under certain circumstances, including where you want to withdraw the consent you previously gave to us, where you object to CS consulting processing the data for its own legitimate interests (e.g. direct marketing) or where CS consulting processing of the data is unlawful. In the case of unlawful processing, you can also request that this processing is restricted rather than the personal data being erased. Please be aware that we may have to suspend the operation of your account or the products or services that we provide where data processing is restricted.
- The right to object to the processing of your personal data, where such processing is being conducted for the purpose of:
- Direct marketing;
- Establishing, exercising or defending ourselves or others from legal claims; or
- Our legitimate interests, unless we can demonstrate that our interests override your interests and rights. You may request that we restrict the processing of the personal data until this analysis of legitimate interests has been concluded, although please be aware that we may have to suspend the operation of your account or the products or services that we provide where data processing is restricted.
- The right to receive your data in a portable format or, subject to it being technically feasible, have us transfer it directly to a third party. This applies where you have provided us with consent for the processing or where the processing is necessary for entering a contract with us.
- The right, at any time, to withdraw consent you have provided to us to process your personal data.
- The right to lodge a complaint to the Data Protection Commission or another supervisory authority.
If you wish to raise a complaint in relation to how we processed your personal data, please contact our Data Protection Officer. We take your privacy and data protection very seriously in CS consulting and we endeavour to address your complaint as expediently and as thoroughly as we can in order to find a satisfactory resolution for you.
You also have the right to escalate the matter to the Data Protection Commission or other supervisory authority.
The Office of the Data Protection Commission can be contacted at:
Telephone: +353 (0)761 104800
Lo Call Number: 1890 252 231
Postal Address: Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23, Co. Laois
- CHANGES TO THIS PRIVACY STATEMENT
We will update this Privacy Statement from time to time. Changes will be communicated to you and will be made available on our website
CS consulting respects the privacy of all visitors to our website and users of our applications.
What are “cookies”?
Cookies are small text files that are used to store or retrieve information to perform certain functions and remember visits to a website. There are 2 distinct types of cookies – session cookies and persistent cookies. A session cookie is only accessible while your browser is open, and is deleted as soon as you navigate away from our website. A persistent cookie can remain on your computer for a pre-defined period of time, or until they are forcibly deleted. Other technologies including pixels, tags, web beacons or local storage also store and retrieve data on a device and are similar to cookies. A further explanation about cookies is available on: http://www.allaboutcookies.org/
If you do not want to accept a cookie you can use your in-built browser or device settings to deny or accept individual or all cookies. The procedure varies depending on browser or device so please visit your browser or device’s settings or help section for more details.
We use information gathered from cookies to help improve your experience on our website, for security and to personalise content and advertising. For example, they help us to identify and customise the experience for you, or to determine the most relevant related products to show you when you’re browsing.