This statement relates to our privacy practices in connection with Bluett Byrne services and website www.bluettbyrne.com. We are not responsible for the content or privacy practices of other websites. Any external links to other websites are clearly identifiable as such.

 

General Statement

Bluett Byrne fully respects your right to privacy and are committed to ensuring that your privacy is protected. Bluett Byrne will not collect any personal information about you without your clear permission. Any personal information which you volunteer will be treated with the highest standards of security and confidentiality, strictly in accordance with General Data Protection Regulations (GDPR).

This Privacy Policy was most recently updated on 16 April 2018.

 

Collection and Use of Personal Information

Bluett Byrne does not collect any personal data about you on this website. Bluett Byrne does hold and process personal client data in both digital and physical form.

Bluett Conran adheres to the Data Protection rules outlines in the Data Protection Act 2018: https://www.dataprotection.ie/docs/Data-Protection-Rules/y/21.htm

Specifically, Bluett Byrne is required to:

  1. Obtain and process personal data information fairly.
  2. Keep the personal data only for one or more specified purposes.
  3. Process it in ways compatible with the purposes for which it has been supplied to Bluett Byrne initially.
  4. Keep it safe and secure.
  5. Keep it accurate and up to date.
  6. Ensure that it is adequate, relevant and not excessive.
  7. Retain it for no longer than it is necessary for the specified purpose or purposes.
  8. Give a copy of her/his personal data to any individual on request.

For more GDPR information check out: www.dataprotection.ie

 

Anti Money Laundering (AML) Regulations

The Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 designates accountants and tax advisors for the purposes of anti-money laundering provisions of the Act. Bluett Byrne’s responsibility relates to acquiring personal address and personal identification documentation from individuals either for the purposes of dealing with them as individuals or where they act as responsible officers for partnerships or corporate entities. The personal data is retained in accordance with AML legislation and the Data Protection rules outlined above.

 

Consent

At the time when Bluett Byrne collects information about individuals, in accordance with the terms of our engagement as service providers, Bluett Byrne will make them aware of the uses for that information.

We include a paragraph in our letter of engagement outlining, the reason why we gather this information which is for the purposes of allowing us meet the terms of the engagement and for no other reason, and requesting that the individual to opt in to this process.

Bluett Byrne does not disclose GDPR client personal data to third parties without the express opt-in permission of the individual.

 

Data retention – client data

Bluett Byrne retains personal data of individual clients in accordance with the following legislative time limits:

  • Client tax and accounts files; records of transactions are retained for six years and six months (Revenue Commissioners guidance).
  • Grants files; data is retained for a minimum of seven years and six months after the finish date of the grant funded project (EU regulations).
  • AML data; seven years and six months after the last date Bluett Byrne acted for the client.
  • Where GDPR client data is retained for longer than the time periods specified above, it is based on a client’s informed opt-in consent. Data is only retained for a longer timeframe because it is considered useful to the performance of the terms of our engagement with the client.
  • If a client who has opted-in to a longer time retention period, chooses to opt-out, standard data retention time limits are re-imposed.

 

Data retention – employee data

  • Records and interview notes of unsuccessful applicants are retained for 12 months from the date the successful candidate is appointed (Data Protection Commissioner recommendation).
  • Employment files are retained for 7 years and six months from the date the staff member finishes employment with Bluett Byrne (Statute of Limitations under Unfair Dismissals Act 1977-2017).
  • Employee records of salaries and tax payments are retained for six years and six months (Revenue Commissioners guidance).

 

Data retention – health & safety records

  • Records of major accidents and dangerous occurrences are retained for 10 years under the Safety, Health and Welfare at Work Act 2005.

Under section 4 of the Data Protection Acts, on making a written request to Bluett Byrne any individual about whom Bluett Byrne keeps personal information on computer or in a relevant filing system is entitled to:

  • (a) a copy of the data,
  • (b) a description of the purposes for which it is held,
  • (c) a description of those to whom the data may be disclosed and
  • (d) the source of the data unless this would be contrary to public interest

 

Data Controller / Data Processor

Data Processor

Bluett Byrne is a Data Processor for all personal data obtained from clients.

In the case of tax and accounts etc. information held and processed on behalf of individuals, Bluett Byrne is acting as a Data Processor. Bluett Byrne when providing services does not normally exercise responsibility for or control over the data it is processing.

 

Data Controller – clients

In limited circumstances where Bluett Byrne has flexibility over the manner in which it provides services to clients covered by GDPR and is not simply acting on their instructions, Bluett Byrne acts as a Data Controller.

 

Data Controller – employees

Bluett Byrne keeps and processes information about its employees. It acts as a Data Controller for this information.

 

Right of Access to Personal Data

Under section 4 of the Data Protection Acts, on making a written request to Bluett Byrne any individual about whom Bluett Byrne keeps personal information on computer or in a relevant filing system is entitled to:

  • (a) a copy of the data,
  • (b) a description of the purposes for which it is held,
  • (c) a description of those to whom the data may be disclosed and
  • (d) the source of the data unless this would be contrary to public interest

 

Complaints

Applicants have the right to lodge a complaint with the data protection commissioner if they feel there has been a breach at www.dataprotection.ie

 

Change of Policy

This Privacy Policy is subject to change and we reserve the right to amend this policy at any time.

This Privacy Policy was most recently updated on the 16 April 2018.

 

Data Protection co-ordination and compliance

Bluett Byrne has appointed Tom Bluett with responsibility for co-ordination and compliance with the Data Protection Regulations

 

Contact

All comments, queries and requests relating to our use of your information are welcomed and should be addressed to accountants@bluettbyrne.com