.The purpose of this Privacy Policy is to ensure individuals and data subjects understand how we process their information.
We endeavour to comply with the General Data Protection Regulation (GDPR), Data Protection Act 2018 and data protection best practices. This Privacy Policy is governed by the laws of the Republic of Ireland.
We process personal information provided to us by individuals, whether it be provided through our website, by any form, correspondence, telephone, consultation, teleconference, post, email or by any other means, or otherwise processed by us in relation to you, in the manner set out in this policy.
By submitting your information to us, and or engaging with our services and or by using the Website you consent to the use of your personal information as set out by this Privacy Policy. If you do not agree with the terms of this Privacy Policy please do not use the Website or volunteer or provide us with any personal information.
Information collected by us
The information about you that we may collect, use and store (process) includes:
• Information necessary in order to enter into a contract and or perform a contract with Dillon & Co. Solicitors;
• Information necessary in order to provide legal advice and or legal services as required;
• Information necessary in order to facilitate, process, invoice or collect monies related to any agreed transaction with Dillon & Co. Solicitors (of which such data may include name, address, contact details, billing details, etc.) for the benefit of a client, Dillon & Co. Solicitors or for a third-party on instruction of a client;
• Information you provide to us by filling out any forms on the website or by way of emailing us or by any other form communication;
• Records of correspondences whether by email, telephone, teleconferencing, post, through any form on our website or by any other means;
• Information you provide to us in person;
• Details of any personal or business instructions or transactions you carry out with us, whether through email, the website, telephone, teleconferencing, post or by any other means;
• Information provided to us by a client or potential client relating to a third-party data subject(s) who may be, and or is being, subjected to any form of legal action and or relating to the provision of legal advices and or legal services and the processing of such data is necessary under the circumstances; and,
• Details of your visits to our website including traffic data, location data, weblogs and other communication data in accordance with our Cookie Policy that may identify personal information (e.g. cookies) and non-personal information (e.g. information of an anonymised or technical nature).
Such information includes contact details (name, address, phone number, etc.) and may include special categories of personal data (e.g. medical records, etc.) that are necessary to process in order to provide proper legal advice and or legal services.
How we use your personal information
We may use your personal information for the purposes of:
i. Processing any enquiry requested by a you;
ii. Entering into and or completing any legal, commercial or business-related requests or transactions requested by you;
iii. Complying with any contractual obligation relating to any legal advice and or legal service including but not limited to drafting, representation, advocacy, negotiation, medication, arbitration and or settlement, as the case may be;
iv. Engaging with third-parties on the instructions of a client, acting as agent, intermediary and or attorney of a client, including but not limited to instructing counsel(s), accountant(s), surveyor(s), doctor(s) and or any other expert and or body as is required on a case-by-case basis;
v. Setting up, operating and managing any account or line of credit with Dillon & Co. Solicitors, if applicable;
vi. Setting up, operating and managing any asset, funds or line of credit for any client and or third-party, on the instructions of a client, including but not limited to, any offer, settlement, lodgement, security, mortgage and or any charge, lien, covenant, deed, assignment, and or lis pendens, as necessary on a case-by-case basis;
vii. Complying with our legal duties and responsibilities as registered solicitors under the Solicitors Act and the Legal Services Regulation Act 2015;
viii. Complying with any direction, instruction and or investigation by the Law Society of Ireland and or the Legal Services Regulation Authority;
ix. Complying with any mandatory disclosures required by law (e.g. anti-money laundering);
x. Complying with any court order made against us;
xi. Complying with any direction and or judgment of a court when acting for a client;
xii. Debt collection and the collection of outstanding monies for the benefit of Dillon & Co. Solicitors, a client and or a third party when acting on behalf of a client;
xiii. Monitoring any billing or credit transactions for the purpose of preventing fraud;
xiv. Provision of security to, and ensuring the health, safety and wellbeing of employees, customers, clients and visitors to our premises;
xv. to protect the health safety and wellbeing of any minor and or any vulnerable adult;
xvi. Setting up, operating and managing any marketing and or advertising services subject to your explicit consent (please see Marketing & Advertising section below);
xvii. Providing, monitoring, reviewing and supporting our online presence via our website and social media when you consent to such use (please see our Cookie Policy);
We normally obtain consent to process personal data by way of notification on our website that requires an explicit acceptance of this Privacy Policy and associated Cookie Policy to use the website. Consent for data processing purposes can also be obtained by way of a physical form, engagement letter, acceptance of our standard terms and conditions of business any or other paperwork of Dillon & Co. Solicitors that refers to our privacy policy on this website and or by any verbal statement and or physical act of acceptance.
All personal data processed will be held as confidential and secure. Personal data will be used only for the purposes for which it was collected and will be destroyed or deleted once is it no longer necessary in accordance with our data retention policy. Our standard data retention period is seven years.
Dillon & Co. Solicitors does not engage in any automated decision-making processes nor do we use any personal data as a basis for any such automated decisions.
To whom we share data
We will share the minimum amount of personal data required with the following parties in accordance with ‘how we use your personal information’ as identified above:
• Any third party that you instruct us to engage with for any lawful purpose that you instruct (e.g. Counsel, expert witnesses, etc.);
• Any third party that we are mandated to disclose data to (see mandatory disclosures below);
• Any contractor and or agent that we may outsource a business or commercial function to, e.g. a town agent for stamping and or filing documents, debt collection agency, etc.; and,
• Any Commissioner for Oaths, practising solicitor entitled to sign affidavits, Peace Commissioner and or Public Notary, as is necessary when we are acting on behalf of a client and an affidavit, statutory declaration and or other legal documents need(s) to be signed and or witnessed by an independent third party.
Mandatory disclosures
State Bodies
Depending on the circumstances, we may be mandated under law to disclose certain acts and or concerns thereof to certain State Bodies and or organs of the State, e.g. the reporting of child abuse to An Garda Síochána.
The court and or an opposing party of a case
In certain cases, if you are a client and are engaged in litigation, there may be mandatory requirements under law to be disclosed to the other side and or to the court (e.g. some medical reports in personal injuries cases), however, all this will be explained to you as your case progresses.
In cases of interrogatives and or discovery (which are a normal part of the ligation process but are not always applicable) we may be required and or compelled by way of court order to furnish personal data and or sensitive categories of personal data that are necessary for litigation purposes. This will be explained to you if it is required in your case.
We may be required and or compelled by way of court order to furnish personal data and or sensitive categories of personal data to the court as the court has jurisdiction to make any enquires it deems fit to prevent perjury, fraud, deceit and or any criminal act.
The Legal Services Regulatory Authority & Law Society of Ireland
The Legal Services Regulatory Authority and the Law Society of Ireland and entitled to investigate solicitors and or complaints relating to legal advice and or legal services under the Legal Services Regulation Act 2015 and Solicitors Acts respectively.
In order to comply with any directions and or investigation it may be necessary to share certain personal data and special categories of personal data, as the case may be, in order to discharge our duties under the Acts.
Data Storage & Transfers
We will take reasonable steps to ensure that your information is kept secure and protected, including but not limited to electronic data being protected using appropriate software, relevant networks safety and security checks to include two-step authentication, and, where applicable, any physical data records will be kept in an appropriately secure environment.
Dillon & Co. Solicitors are based in the Republic of Ireland and does not routinely transfer data outside of the European Union.
However, on the instructions of a client or where necessary on a case-by-case basis we may transfer data within the EU subject to the provisions of the Data Protection Commissions ‘One-Stop Shop Mechanism’ with the Irish Data Protection Commission being the nominated supervisory authority.
In the event where, on the instructions of a client or where necessary on a case-by-case basis, we transfer data outside of the EU we will have adequate safeguard in place and rely on the provisions of Art. 49 of GDPR with specific conditions of which at least one of the following is applicable:
• Where you explicitly consent to the proposed transfer having been informed, and are hereby informed via this policy, that at the time of drafting this policy there is no adequacy decision pursuant to Article 45(3) of GDPR in place nor any specified measures under Article 46 in place;
• The transfer is necessary for the performance of a contact with Dillon & Co. Solicitors, or for implementation of pre-contractual measures taken at your request with Dillon & Co. Solicitors;
• The transfer is necessary for the establishment, exercise or a defense of a legal claim;
• The transfer is necessary in order to protect the vital interest of the data subject or of other persons, where the data subject is physically or legally incapable or giving consent, including but not limited to the following categories of data subjects: a minor; vulnerable adult; a donor of a power of attorney; and or a donor of an enduring power of attorney.
Dillon & Co. Solicitors may outsource some commercial activities and or and or engage with some third-party service providers based within the EU that may share data within other EU member states (e.g. back up, storage facilities, etc.) and such third-party suppliers are also subject to the ‘One-Stop Shop Mechanism’ as identified by the Irish Data Protection Commission.
We may also outsource some commercial actives to third parties that are based outside the EU but GDPR still applies to any data processed as a result, in accordance with GDPR, the Data Protection Act 2018 and practice directives issued by the Irish Data Protection Commission.
For example, we may use Mailchimp for processing marketing emails (if you give us your explicit consent to do so) but Mailchimp also uses Standard Contractual clauses and an EU-US Privacy Shield Framework in place to ensure GDPR compliance. Mailchimp’s data protection practices please see their privacy policy available at www.mailchimp.com/legal/privacy.
For more information about the One Stop Shop Mechanism, Privacy Shield Framework or Standard Contractual Clauses applicable to personal data processed outside the Republic of Ireland and or the EU, please visit the Data Protection Commission website at www.dataprotection.ie.
Data Processing Agreements
A Data processing agreement, which ensures compliance with the Data Protection Act 2018 and GDPR, between a data controller and data processer, is incorporated into our standard terms of business for all clients.
For the avoidance of doubt, we have an applicable data processing agreement / terms of service for when we act as a data controller and, separately, for when we act as a data processor on behalf of a data controller in the provision of services.
Where we act as data processor for a data controller
At times we may act as a data processor for a data controller, e.g. in the provision of legal advice or on the specific instructions of a client to act but the act necessitates the processing of personal data.
As such, we may process personal data that originated from the data controller and we rely on the veracity, accuracy, truthfulness and lawful processing identified by the data controller.
Notwithstanding our obligations under GDPR and the Data Protection Act 2018, nor any data protection agreement or terms of service in place, in cases where we act as data processor it is up to the data controller to inform us of any updates or changes to personal data.
For the avoidance of doubt, this policy and our data protection practices also applies for when we act as a data processor.
Marketing & Advertising
As part our marketing and advertising practices, we may use promotional emails, text messages and or phone calls to people who have consented to being contacted for marketing and advertising purposes.
In terms of data processing, subject to your explicit consent, we may use your personal information for the purpose of:
i. Marketing and Sales promotions;
ii. Providing you with information about promotional offers on our products and services;
iii. Carrying out any service user or customer research, survey and analysis;
iv. Commercial activities, including brand or event awareness or participation in service launches.
At some interactions with Dillon & Co. Solicitors you may be asked to consent to your data being used for marketing purposes. In such cases, consent will require positive action on your part. For example, on an enquiry form you would have to tick a box stating that you consent to your data being processed for marketing purposes in according with this privacy policy in order to receive personalised targeted marketing emails, text messages and or phone calls.
At times, Dillon & Co. Solicitors may host or organise events in which data subjects may interact with us face-to-face, e.g. at a talk or presentation. In such cases, we may verbally ask if you consent to your data being processed for marking and advertising purposes subject to this policy. We may also announce that photographs may be taken for social medical purposes but please refer to the social media section below.
Dillon & Co. Solicitors may use Mailchimp for our email marketing who are GDPR compliant by way of an EU-US Privacy Shield. Please note that if you do not consent to your email being used for marketing purposes then we do not contact you by email for marketing or advertising purposes and the privacy shield stated here is not applicable. For more information on Privacy Shield please see the Data Protection Commission’s website www.dataprotection.ie
and Mailchimp at https://mailchimp.com/help/about-mailchimp-the-eu-swiss-privacy-shield-and-the-gdpr/
Dillon & Co. Solicitors is committed to privacy by design and privacy by default. As such, you will never have to ‘opt-out’ of our marketing processes; you will only ever have the option of ‘opting in’ if you’d like to be included. We do not engage in ‘pre-ticked’ boxes on consent forms nor do we ever assume you would consent to your data being processed. You are free to withdraw consent for any marketing matters at any time you want.
Social media
Dillon & Co. Solicitors engages in a number of social media services and we strive to uphold privacy rights online, however, each social media service has their own privacy policy in place and engagement with us via any social media means you accept the terms of that social media’s respective privacy policy along with our privacy and cookie policy.
For informational purposes we have provided links below to the most common social media services, which are provided without any warranty or representation as to the truthfulness, veracity or relevance of the content therein:
Sometimes members of the public may post something objectionable and beyond our control to our social media page and or forum. In such cases, we cannot be held liable for any act of a third party but we will try to rectify any difficulties as soon as we are notified or become aware of a problem. We do not provide a continuous monitoring of social media page or forum so there may be a delay from the initial post to when we become aware of a problem.
On occasion, Dillon & Co. Solicitors may hold marketing events in which clients, visitors or employees may be present. Sometimes we may wish to take a photograph at such events to promote our brand or event on social media. In such cases, it is our policy for our photographer/social media handler to announce their presence and provide additional instructions and assistance. However, we do not have any control over private individuals or their personal social media accounts, as such we cannot stop or prevent private individuals from posting materials to their own personal social media accounts that others may find objectionable.
For convenience we offer teleconferencing via Facetime (Facebook) and Skype to clients and or potential clients as a method of communication subject to Facebook’s and or Skype’s privacy policy.
For further information relating to social media usage, cookies or widgets, please see our Cookie Policy
Requesting your data
Any data subject has the right to find out whether an organisation has any personal data about them, what they use the personal data for and ask for copies of personal information held by that organisation.
If you wish to access your personal data, please write a letter stating that you wish to get a copy of your personal data and address it to:
Data Protection
Dillon & Co. Solicitors
5 Scarlet Row
Essex Street West
Dublin 8
In order to process your request, we may request that you send us a copy of your identification (passport, driver’s licence, etc.). The reason we ask for personal identification is to ensure that you are the correct person making the request for your personal data.
Unfortunately, verbal access requests cannot be entertained.
In response to any data access request, you have the right to refer the matter to the Data Protection Commission if you are unhappy with the outcome, however, we ask that you notify us first of any issue so that we may help resolve it as quickly as possible.
Rectifying mistakes
You have the right to rectify any incorrect or inaccurate personal data at no cost to you.
If you believe that we are incorrectly processing any of your personal data, please inform us by writing to the above address or email info@dillonandcosolicitors.com
Queries or complaints
If you have any queries or complaints regarding our Privacy Policy or any data protection matter, please let us know by writing to the above address or email info@dillonandcosolicitors.com
Individuals have the right to refer any matter to the Data Protection Commission by contacting them at www.dataprotection.ie
or by writing to:
Data Protection Commission
Office of the Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
If, for whatever reasons, you are considering contacting the Data Protection Commission about us we would ask that you inform us of your difficulty first so that we can try to resolve it to your satisfaction.
Changes to our Privacy Policy
Any changes we may make to our Privacy Policy in the future will be posted on our website.
Any changes will become effective upon posting the revised Privacy Policy on our website. If we make any material or substantial changes to this Privacy Policy we will use reasonable endeavours to inform you by email, notice on the Website or any other agreed communications channels.
Privacy Policy last reviewed: May 2020