The General Data Protection Regulation (“GDPR”) is effective from 25th May 2018 and is the first major revision of data protection rights and responsibilities at European level since 1995. This regulation, along with applicable Irish legislative changes, amends existing data protection law in Ireland and creates enhanced accountability and transparency obligations for all companies who process personal data, as well as granting new and enhanced rights for individuals.
Thomond Asset Management is committed to ensuring that its business is conducted in an honest, professional and transparent manner. As part of this commitment we adhere to the principles as set out in this document for the protection of the rights and freedoms of data subjects and to assist data subjects in the exercise of their rights.
The purpose of this notice is to explain how we collect personal information about you, how we use such data and how you can interact with Thomond Asset Management in relation to your rights.
Thomond Asset Management is based at 82 O’Connell Street Limerick. Any queries in relation to this notice or your data protection rights can be addressed to the Head of Compliance.
How We Collect Data
We collect data about you when you apply for products or services and during the course of your relationship with us, for example, when you request or complete transactions, when you request additional services or products, when you use our website, or from third parties. We may also collect data about you if you are representative of a person applying for or using our products or services or are a beneficiary of a trust.
What Data Do We Collect?
We may collect data under a number of categories, including: Identification & Contact Information, including your Name, Date of Birth, Gender, Marital Status, PPS Number, Address, Email Address, Home Phone Number, Work Phone Number, Mobile Number, Fax Number. Financial Details & Financial Information, including your Occupation, Job Title, Total Remuneration, Date Employment Commenced, % Shareholding, Existing Pension Benefits, Employer Name, Bank Details, Tax residence, Date Employment Ended.
Special Categories of Personal Data, including Health Data or Data Relating to Criminal Convictions. Such data will only be processed where this is a requirement in order to provide our services to you or where it is required under a legal obligation to which Thomond Asset Management is subject. Other Personal Information, including information provided by you during the course of your relationship with us such as data to complete a transaction or enter an investment on your behalf, or data collected from online activities, such as cookies.
The Purposes for Which We Use Your Data
Thomond Asset Management will only ever use your information for a limited number of purposes, including: To provide our products and services to you in line with the contract between us, including pensions, other financial products and other services including, but not limited to, financial and wealth management advice. We may require your data to confirm your eligibility for certain products, to process transactions at your request, to perform accounting and other record keeping functions, or to provide pension administration services, or to contact you in respect of such matters.
To comply with our legal and regulatory obligations, including establishing your identity, residence and tax status in order to comply with laws and regulations in the areas of taxation, financial crime, anti-money laundering and counter-terrorist financing, or to comply with court orders, enactments or rules of law or the instructions of regulatory bodies.
To operate our business in line with our legitimate interests, including managing and improving customer service, risk and compliance monitoring, identifying improvements which can be made to our products and services, maintaining and improving our security systems and for conducting marketing activities.
To protect your vital interests or those of another natural person. Where you have given your consent, including for direct marketing, push notifications, or cookies from our website.
Sharing Your Data
We will keep your personal data confidential but may disclose it to third parties where necessary for the purpose of providing the products or services that you have requested, including associated companies, financial institutions, your authorised representatives including your legal or taxation advisors.
We may also share your data with regulatory and other governmental bodies where required by or under any enactment or rule of law or court order, including, but not limited to, the Revenue Commissioners, An Garda Siochana, the Companies Registration Office, the Incorporated Law Society, the Irish Taxation Institute, the Pensions Authority, the Financial Services & Pensions Ombudsman or the Central Bank of Ireland. If we are required to make such a disclosure, we may not be able to tell you that a disclosure has been made and we may have to stop providing our services to you for a period of time and may not be able to tell you why.
Your Personal Data will be held on secure servers. The nature of the Internet is such that we cannot guarantee or warrant the security of any information you transmit to us via the Internet. No data transmission over the Internet can be guaranteed to be 100% secure. However, we will take all reasonable steps (including appropriate technical and organisational measures) to protect your Personal Data and we treat all the data held with the utmost care and security.
International Transfers of Data
Thomond Asset Management may transfer your data to countries outside of the European Union in order to provide our products or services to you but will only do so where we have arrangements in place to ensure that an equivalent level of protection is in place to protect your privacy rights.
For How Long Will Thomond Asset Management Keep Your Data?
Thomond Asset Management is committed to keeping your information for no longer than is necessary. This depends on the type of product or service provided to you, regulatory rules or the potential existence of legal disputes. In general Thomond Asset Management will not retain your information for more than seven years from the end of the relationship between us however this is extended to twelve years in cases where trusts are executed by way of sealed deed.
Not Providing Data
Where the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, and such data is not provided by you to us, we may not be able to provide or continue to provide the products or services you have requested.
Exercising Your Data Protection Rights
You have a number of rights in respect of how Thomond Asset Management uses your data and these are as follows:
Access – You have the right to be informed of how we collect, share and use your personal information and to request a copy of the data we hold about you.
Rectification – You have the right to have inaccurate information corrected and incomplete information updated.
Erasure – Under certain circumstances you have the right to have your data or a portion of it deleted.
Restriction – Under certain circumstances you have the right to have the use of your data restricted.
Objection – Under certain circumstances you have the right to object to the processing of your data.
Portability – Under certain circumstances you have the right to obtain a transferable copy of certain data to which can be transferred to another provider.
Withdrawal of Consent – You have the right to withdraw consent to the use of your data at any time where this is the legal basis for its use.
If you wish to exercise any of these rights please contact the Head of Compliance, Thomond Asset Management, 82 O’Connell Street Limerick. We are obliged under the GDPR to respond to your request without undue delay and will endeavour to respond within one calendar month. If we are unable to deal with your request fully within a calendar month we may extend this period by a further two calendar months. Should this be necessary, we will explain the reasons why. Where you make a request electronically, we will provide the information by electronic means where possible.
If You Have a Complaint
You have the right to complain to the Office of the Data Protection Commissioner at: Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co Laois. R32 AP23 Phone: +353 (0761) 104 800 LoCall 1890 25 22 31 Fax: +353 57 868 4757 Email: firstname.lastname@example.org Website: http://www.dataprotection.ie