The McGarrell Reilly Group and its subsidiaries ("McGarrell Reilly") fully respects your right to privacy and we are committed to ensuring that your privacy is protected. Whether you deal with McGarrell Reilly as a purchaser, tenant, employee, supplier, or otherwise, you are entitled to the protection of your personal information. This data may relate to your name, telephone number, email address or any other information relating to you.
Please read the following Privacy Statement to learn more about how we collect, store, use and disclose information about you when you interact with McGarrell Reilly. This Privacy Statement applies to all your Personal Data collected by (or on behalf of) McGarrell Reilly.
What does this Privacy Statement cover?
This Privacy Statement sets out how, and for what purposes, we use the information collected about you directly, indirectly or via www.mcgarrellreilly.ie website. This Privacy Statement covers our treatment of your personal information that we gather when you are interacting with McGarrell Reilly as a purchaser, tenant, employee, supplier, or otherwise, (a "Data Subject"). In the course of our business, we gather various types of information about our Data Subjects, including information that identifies you as an individual ("Personal Data") as explained in more detail below. This website is not intended for children and we do not knowingly collect data relating to children.
Who is responsible for the processing of your Personal Data?
For the purpose of the EU General Data Protection Regulation 2016/679 (the "GDPR"), the data controller is McGarrell Reilly Management whose registered office is Charter House, 5 Pembroke Row, Dublin 2.
Who can you contact if you have Questions or Requests?
Our Data Protection Manager will handle any questions or requests relating to this Privacy Statement or your Personal Data. For any questions or requests or complaints concerning the application of this Privacy Statement or to exercise your rights, as described in this Privacy Statement, you may contact the Data Protection Manager at: firstname.lastname@example.org.
We value your Personal Data entrusted to us and we are committed to processing your Personal Data in a fair, transparent and secure way. The key principles that McGarrell Reilly applies when dealing with your Personal Data are as follows:
- Lawfulness: we will only collect your Personal Data in a fair, lawful and transparent manner.
- Data minimisation: we will limit the collection of your Personal Data to what is directly relevant and necessary for the purposes for which they have been collected.
- Purpose limitation: we will only collect your Personal Data for specified, explicit and legitimate purposes and not process your Personal Data further in a way incompatible with those purposes.
- Accuracy: we will keep your Personal Data accurate and up to date.
- Data security and protection: we will implement technical and organisational measures to ensure an appropriate level of data security and protection considering, among others, the nature of your Personal Data to be protected. Such measures provide for the prevention of any unauthorised disclosure or access, accidental or unlawful destruction or accidental loss, or alteration and any other unlawful form of Processing.
- Access and rectification: we will process your Personal Data in line with your legal rights.
- Retention limitation: we will retain your Personal Data in a manner consistent with the applicable data protection laws and regulations and for no longer than is necessary for the purposes for which it has been collected.
- Protection for international transfers: we will ensure that any of your Personal Data transferred outside the EEA is adequately protected.
- Safeguards re third parties: we will ensure that Personal Data access by (and transfers to) third parties are carried out in accordance with applicable law and with suitable contractual safeguards.
- Lawfulness of direct marketing and cookies: if we send you promotional materials or place cookies on your computer, we will ensure that we do so in accordance with applicable law.
What information do we Collect?
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data including first name, last name, PPS number, passport, car registration, username or similar identifier;
- Contact Data including residential address, email address and telephone number(s);
- Financial Data including bank details, pay slip, insurance details;
- Reference Data including a previous landlord reference and/or employer reference;]
- Technical Data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;
- Usage Data including information about how you use our website, products and services; and
What is the legal basis for possessing my Personal Data?
The principal legal basis for this processing is our legitimate interest in the provision of our four core business activities; McGarrell Reilly New Homes, Property Investment, Property Development and Contracting. In addition, please note that in accordance with applicable data protection law, your Personal Data can be processed if:
- you have given us your consent for the purposes of the Processing. For the avoidance of doubt, you will always have the right to withdraw your consent at any time;
- it is necessary for the performance of a contract to which you are a party; or
- it is required by law.
How do we use the information?
We will only process your Personal Data for specified, explicit and legitimate purposes and we will not process your Personal Data further in a way that is incompatible with those purposes. We may use the personal data collected from you for the following purposes:
- Contacting you in relation to property sales and lettings.
- Providing you with information relating to property sales and lettings.
- Responding to your queries sent to us.
- Sending you newsletters or other forms of communication where you have provided us with an email address and requested such information.
- Sending you messages or data to your mobile phone where you have provided us with mobile phone details and requested such information.
- Statistical analysis
- We may provide non-personal data to third parties. As such information is combined on an aggregate level it cannot be used to identify you.
Is my Personal Data secure?
We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration and destruction. These measures have been designed taking into account our IT infrastructure, the potential impact on your privacy and the costs involved and in accordance with current industry standards and practice.
Maintaining data security means protecting the confidentiality, integrity and availability of your Personal Data:
- Confidentiality: we will protect your Personal Data from unwanted disclosure to third parties.
- Integrity: we will protect your Personal Data from being modified by unauthorised third parties.
- Availability: we will ensure that authorized parties are able to access your Personal Data when needed.
Our data security procedures include: access security, backup systems, monitoring, review and maintenance, management of security incidents and continuity, etc. Your Personal Data will only be processed by a third party data processor if that data processor agrees to comply with those technical and organisational data security measures.
How long will we use your Personal Data for?
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Information We Automatically Collect:
When you visit our Website we collect certain information related to your device, such as your device's IP address, referring website, what pages your device visited, and the time that your device visited our Website.
Disclosure of Personal Data
Depending on the purposes for which we collect your Personal Data, we may disclose it to the following categories of recipients, which will then process your Personal Data only for one of the following purposes:
- Within our organisations:
- Our authorised staff members;
- Our affiliates and subsidiary companies;
- Other third parties:
- We will not disclose your personal data to third parties unless the third party is required to fulfill a service you have requested. For example, our appointed property agent may contact you in relation to an enquiry that you submit regarding a property on our website. In such circumstances, the third party is bound by similar data protection requirements.
- when required by law or as lawfully necessary to protect McGarrell Reilly:
- to comply with the law, requests from authorities, court orders, legal procedures, obligations related to the reporting and filing of information with authorities, etc.;
- to verify or enforce compliance with McGarrell Reilly's policies and agreements; and
- to protect the rights, property or safety of McGarrell Reilly and/or its customers;
- in connection with corporate transactions: in the context of a transfer or divestiture of all or a portion of its business, or otherwise in connection with a merger, consolidation, change in control, reorganisation or liquidation of all or part of McGarrell Reilly's business, provided that the third party agrees to adhere to the terms of the Privacy Statement and provided that the third party agrees to only use your personal data for the purposes that you provided it to us.
How can I Exercise my Data Subject Rights?
Under the General Data Protection Regulation, you have the following rights:
- Right to object: If we are using your data because we deem it necessary for our legitimate interests to do so, and you do not agree, you have the right to object. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases). Generally, we will only disagree with you if certain limited conditions apply.
- Right to withdraw consent: Where we have obtained your consent to process your Personal Data for certain activities, or consent to market to you, you may withdraw your consent at any time.
- Right to Rectification: if your Personal Data that we hold is inaccurate or incomplete, you have the right to request the rectification of your Personal Data.
- Data Subject Access Requests: Just so it's clear, you have the right to ask us to confirm what information we hold about you at any time, and to provide you with copies of that information. We will respond to your request within 30 days. At this point we may comply with your request or, additionally do one of the following:
- we may ask you to verify your identity, or ask for more information about your request; and
- where we are legally permitted to do so, we may decline your request, but we will explain why if we do so.
- Right to erasure: In certain situations (for example, where we have processed your data unlawfully), you have the right to request us to "erase" your Personal Data. We will respond to your request within 30 days (although we may be allowed to extend this period in certain cases) and will only disagree with you if certain limited conditions apply. If we do agree to your request, we will delete your data.
- Right of data portability: If you wish, you have the right to transfer your data from us to another data controller. We will help with this – either by directly transferring your data for you, or by providing you with a copy in a commonly used machine-readable format.
- Right to lodge a complaint with a supervisory authority: You also have the right to lodge a complaint with the Data Protection Commission.
Automated decision-making and profiling
We do not use any personal data for the purpose of automated decision-making or profiling.
Transfers Outside The EEA
Your Personal Data may be transferred to recipients which may be outside the EEA, and may be processed by us and these recipients outside the EEA. In connection with any transfer of your Personal Data to countries outside the EEA that do not generally offer the same level of data protection as in the EEA, RAPT will implement appropriate specific measures to ensure an adequate level of protection of your Personal Data. These measures can for instance consist in agreeing with recipients on binding contractual clauses guaranteeing such adequate level of protection.
McGarrell Reilly does not currently intend to transfer your Personal Data to recipients outside the EEA. However, if we need to transfer your Personal data to a country outside the EEA that does not generally offer the same level of data protection as in the EEA, we will implement appropriate measures to ensure an adequate level of protection of your Personal Data equivalent to the protections available in the EEA. These measures can for instance consist in agreeing with recipients on binding contractual clauses guaranteeing such adequate level of protection.
Changing this Privacy Statement
We may need to change this Privacy Statement from time to time. We will alert you to material changes by, for example, placing a notice on our websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law.
This Privacy Statement was most recently updated on 17th October 2018.