Introduction This Privacy Statement (“Statement”) explains how and why Beresford McArdle processes personal information (known as “Personal Data” under applicable data protection law) that we collect from or that is provided to us by clients and/or those with whom we deal on behalf of clients, as part of our business operations, including via our website, https://bmca.ie (the “Website”).
Who are ‘we’? When we refer to ‘we’ (or ‘our’ or ‘us’), that means Beresford McArdle Chartered Accountants. Our headquarters are at Block 3, Airvista Office Park, Swords Rd, Santry, Dublin, D09 VK65.
Our principles of data protection When we say ‘personal data’ we mean identifiable information about you, like your name, email, address, telephone number, bank account details, payment information, support queries, community comments, and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. Our approach to data protection is built around four key principles.
Transparency: We take a human approach to how we process personal data by being open, honest and transparent.
Enablement: We enable connections and efficient use of personal data to empower productivity and growth.
Security: We champion industry-leading approaches to securing the personal data entrusted to us.
Stewardship: We accept the responsibility that comes with processing personal data.
How we collect your data When you visit our websites or use our services, we collect personal data. The ways we collect it can be broadly categorised into the following:
Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, respond to a job application or an email offer, participate in community forums, subscribe to our newsletter, take part in training and events, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
Our principles of data protection When we say ‘personal data’ we mean identifiable information about you, like your name, email, address, telephone number, bank account details, payment information, support queries, community comments and so on. If you can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply. Our approach to data protection is built around four key principles.
Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).
Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like the Revenue or the Companies Registration Office. We use this information to supplement the personal data we already hold about you, in order to better inform, personalise and improve our services, and to validate the personal data you provide. Where we collect personal data, we’ll only process it:
- to perform a contract with you, or
- where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
- in accordance with a legal obligation, or
- where we have your consent.
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
How we use your data We process your Personal Data where it is necessary to enter into and perform our agreement with you, and in particular:
- to incept you as a client of Beresford McArdle
- to provide services or matters that have been requested;
- managing and administering your or your organisation’s business relationship with us, including processing payments, accounting, auditing, billing, surveying and support services; and
- for purposes related and/or ancillary to any of the above or any other purpose for which your Personal Data was provided to us.
It is necessary to provide us with your Personal Data on this basis as it is necessary to provide our services to you. The consequence of not doing so is that we will not be able to perform the services for which you or your organisation engage us. We also process your Personal Data in order to comply with legal obligations to which we are subject. We process your Personal Data:
- to comply with our legal and regulatory obligations (e.g. record-keeping obligations);
- to comply with our obligations as a company registered in Ireland;
- to comply as appropriate with the Institute of Chartered Accountants, Irish Company law and where relevant European Union Law;
- to conduct conflict checks;
- to establish, exercise and defend our legal rights and any legal proceedings which may arise; and
- to prevent, detect and respond to actual or potential fraud or other illegal activities.
We also use your personal data for other purposes, which may include the following:
To communicate with you. This may include:
- providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you
- operational communications, like changes to our websites and services, security updates, or assistance with using our websites and services
- marketing communications (about Beresford McArdle or another product or service we think you might be interested in) in accordance with your marketing preferences
- asking you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email or otherwise.
To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools.
To protect: So that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our terms of business.
To market to you: In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third-party websites and their platforms.
To analyse, aggregate and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.
How we can share your data There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
- third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure
- an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business
- other people where we have your consent.
International Data Transfers When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different from what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected. For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties). For further information, please contact us using the details set out in the Contact us section below.
Security Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens.
Retention The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements). We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it. We shall keep the Personal Data we process on the instructions of our clients for a minimum period of 8 years from disclosure of the relevant information to us. Following that period, we’ll make sure it’s deleted or anonymised.
Your rights It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to hello @ bmca.ie You also have rights to:
- know what personal data we hold about you, and to make sure it’s correct and up to date
- request a copy of your personal data, or ask us to restrict processing your personal data or delete it
- object to our continued processing of your personal data
You can exercise these rights at any time by sending an email to hello @ bmca.ie
How to contact us We’re always keen to hear from you. If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch. Our email is hello @ bmca.ie