So, if you are looking for more information on how we collect, store, use and share your personal data we collect, this is the place for you.
Now to start us off with, a couple of practical but highly important details for you to take note of!
Who we are
O’Loghlin Hughes is a boutique advisory law firm specialising in the areas of health, insurance, commercial and EU & competition laws. When we use “we”, “us” or “our” in this policy, we are talking about O’Loghlin Hughes.
How to contact us
If you have any questions about this policy, please contact us by telephone or post at:
51 Sir John Rogerson’s Quay,
Telephone: + 353 1 554 7211
or by email: email@example.com
Why we process your data, (the lawful basis for processing your data and who we share it with)
The privacy and integrity of your personal data is critical, and we are committed to taking all necessary steps to ensure that we maintain same in accordance with our legal obligations under GDPR and the law in general.
As a legal services firm we are required to receive and/or process and/or store and/or transfer personal data in relation to our clients. Data relating to clients may be subject to categories of privilege, including but not limited to legal professional privilege and/or litigation privilege which may take precedence over data protection requirements.
For people who view and interact with our website, we process data.
To respond to/deal with your query when sent through our email firstname.lastname@example.org
The legal basis for this processing is our legitimate interest in the administration and operation of our legal services as well as a legitimate interest in marketing and promoting our firm’s legal services. In the event of you signing up to any subscription-based communication with us we shall also include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time.
We share this data with our client relationship management system provider1. They may only process this data for the purpose of providing us with their services and for no other purpose. We will retain this data for as long as necessary to enable us to provide all necessary services and/or as long as required by the applicable law at any given time.
For our potential clients, we process data:
- in order to market the services of our firm; and
- to provide you with legal updates and whenever produced, newsletters to which you have subscribed.
The legal basis for the processing of this data is processing necessary for the purpose of the legitimate interests of our firm in promoting our services. In the event of you signing up to any subscription-based communication with us, we shall also include an unsubscribe button in our communications, so you can opt out of receiving such communications at any time
In the event of you signing up to any subscription-based communication with us, we shall share this information such as your name and email address with our newsletter services provider which sends out our newsletters. This provider is not permitted to use this data other than on our behalf. We will retain this data for as long as necessary to enable us to provide all necessary services and/or as long as required by the applicable law at any given time.
For future employees to the firm, we process data:
- To recruit new employees; and
- To ascertain your suitability for a specific role.
The legal basis for the processing of same is processing necessary for the purposes of the legitimate interest pursued by our firm in recruiting new staff. Please see the privacy notice in the job at retirement or further information about how we process applicant data.
We may, on occasion retain the services of an external recruiter to make a shortlist of candidates and to assist with specific aspects of the recruitment process This recruiter, where so retained, is not permitted to use this data other than on our behalf. They may also send you emails about your application through our email service provider. We will retain this data for as long as necessary to enable us to provide all necessary services and/or as long as required by the applicable law at any given time.
Transfer of data outside the European Economic Area
On occasion we may be required to transfer data relating to our legal services to service providers outside the EEA. Where such a transfer is required, we shall put in place safeguards necessary to protect the privacy and integrity of such personal data, including standard contractual clauses under Article 46.2 of GDPR.
Information received from 3rd parties and the source of that data
During the course of the legal services we provide for you, we may need to obtain your personal data, including but not limited to your medical records, employment records, bank details and bank records, Court records from various 3rd parties including, hospitals, the HSE, banks, the Property Registration Authority, Revenue Commissioners, the Courts Service and/or other State bodies.
Disclosing Personal Information
We may be required to disclose your personal data to 3rd parties, including but not limited to:
- State bodies and/or 3rd parties where we are required to do so by law;
- A 3rd party to whom we have a legal duty to transfer the data; or
- A 3rd party where the disclosure is required to protect the vital interests of the data subject or another (natural) person.
Your rights as a someone we have personal data about (Data Subject).
At any point while we are in possession of or processing your personal data, you have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. If we are legally obligated to keep the information, or if it is impossible or not proportionate, we will not delete it but we will only keep it for as long as it is needed and we have time limits on our data systems.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organization.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to have a computer make decisions about you directly (this does not include general marketing based on your age or gender).
- Right to judicial review – if we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain.
One thing to bear in mind before contacting us – our sites and applications may contain links to other sites not owned or controlled by us. It could as an example be social media platforms/services. We are not responsible for the privacy practices of those sites, so if you have questions regarding such sites, you need to contact the site directly. We also really encourage you to be aware and read the privacy policies of other sites because they may very easily be collecting, storing, using and sharing your personal information.
Complaints about our behaviour
You have the right to complain if you do not feel we are living up to our responsibilities when it comes to your data.
We take your complaint very serious. You can contact our Data Protection Manager on this email email@example.com. We will send you a confirmation within 5 days and do our very best to deal with the issue within 1 calendar month. If the issue is difficult or requires a lot of work it may take longer, but we will keep you updated.
You always have the right to complain to the authorities as well, but because we take privacy matters very seriously, we would really appreciate it, if you would talk to us. The authority having the right to look at us, is the Data Protection Commission. You can see further information on their webpage: https://www.dataprotection.ie/
You can complain about:
- how your personal data has been processed;
- how your request for access to data has been handled;
- how your complaint has been handled;
- appeal against any decision made following a complaint.
Changes to this Privacy Notice
We reserve the exclusive right to make changes to this Statement from time to time and will do so as required by law. Notifications of such changes shall be displayed on our website in advance of the date the changes come into effect.
 Client management system currently been reviewed with possible implementation in 2021. Currently not active at present at the time of documenting this policy.