Privacy Policy

Introduction

Hayes McGrath LLP is committed to protecting your personal data.  This Notice sets out important information about how Hayes McGrath LLP may collect and use your personal data.  Our policy, and this notice, are based on European data protection principles.

Hayes McGrath LLP is an Irish legal business which operates through a regulated legal entity providing legal and/or claims handling services in accordance with the relevant laws of the jurisdiction in which it operates.

You should read this Notice carefully and raise any questions you may have with the Data Protection Enquiry Team (contact details are listed below).

 

Scope

This Notice applies to all persons whose personal data we collect and use (except as set out below).  This includes individuals in the categories below or any individuals who work for any of the following:

  • Our clients;
  • Insurers and/or their insureds;
  • Intermediaries (for example, loss adjusters, investigators, claims management suppliers, cover-holders etc.);
  • Claimants/Plaintiffs;
  • Defendants;
  • Third parties;
  • Experts;
  • Witnesses;
  • Counsel;
  • Third party solicitors;
  • Individuals who are involved in court or other legal proceedings (including legal claims, criminal actions, inquests, tribunals, arbitrations, mediations and regulatory actions) and/or the provision of related legal advice and/or claims handling services;
  • Individuals who are involved in contracts and transactions we are working on (for example other businesses/individuals our clients are contracting or working with);
  • Our business contacts;
  • People who attend our seminars, receive our legal updates, and/or who visit our website;
  • Service providers (for example recruitment consultants, general office services, library services and/or IT service providers); and/or
  • Our regulators, insurers, auditors, professional advisers, governmental bodies (for example the National Crime Agency in the UK and the Garda National Bureau of Criminal Investigation/An Garda Siochana in Ireland) and/or certification bodies (for example The Solicitors Regulation Authority in the UK and the Law Society of Ireland and in relation to our ISO27001, ISO9001 and Cyber Essentials Plus certifications).

This Notice does not apply to:

  • Job applicants, as the way we collect and handle their personal data is governed by our Application and Recruitment Candidate Privacy Notice; and
  • Our employees, as the way we collect and use their personal data is governed by our Employee Privacy Notice.

 

What Personal Data do we collect?

Personal data means information which identifies you and relates to you as an individual.  Hayes McGrath LLP may collect, store and use your personal data for a variety of reasons in connection with your relationship with us.  We have set out the main categories of personal data which we process on a day to day basis:

  • Personal contact information (including your name, home address, personal telephone number(s) and/or personal e-mail address);
  • Policy number/policy inception date;
  • Claim number;
  • Bank Account details;
  • Location identifiers (for example photographs and/or GPS location);
  • Loss details/claim and/or personal circumstances;
  • Vulnerabilities;
  • Online identifiers;
  • Date of birth;
  • Gender; and/or
  • Information gathered through correspondence with us (for example, in relation to parties and/or third parties to a claim).

The personal data that we collect will depend on your relationship with us.   The list set out above is not exhaustive and there may be other personal data which Hayes McGrath LLP collects, stores and uses in the context of the relationship.  We will update this notice from time to time to reflect any notable changes in the categories of data which are processed.

 

What special categories of data do we store?

Certain categories of data are considered “special categories of data” and are subject to additional safeguards.  The special categories of personal data which we process may relate to:

  • Racial or ethnic origin;
  • Political opinions;
  • Religious or philosophical beliefs;
  • Trade union membership;
  • Genetic and/or biometric data;
  • Physical and mental health; and/or
  • Sex life and/or sexual orientation.

The special personal data that we collect will depend on your relationship with us.

 

When could we share your personal data?

Hayes McGrath LLP may share your personal data with other parties in certain circumstances where it is necessary to achieve the purposes detailed above or to comply with a legal and/or regulatory obligation, or otherwise in pursuit of its legitimate business interests, such as:

  • Our clients;
  • Insurers and their insureds;
  • Intermediaries (for example, loss adjusters, investigators, claims management suppliers and/or coverholders etc);
  • Claimants/Plaintiffs;
  • Defendants;
  • Third parties;
  • Experts;
  • Witnesses;
  • Counsel;
  • Third party solicitors;
  • Individuals who are involved in court or other legal proceedings (including legal claims, criminal actions, inquests, tribunals, arbitrations, mediations and/or regulatory actions) or the provision of related legal advice and/or claims handling;
  • People who are involved in contracts and transactions we are working on (for example other businesses/individuals our clients are contracting or working with);
  • Service providers (for example recruitment consultants, general office services, library services and/or IT service providers); and/or
  • Our regulators, insurers, auditors, professional advisers, governmental bodies (for example the National Crime Agency in the UK and the Garda National Bureau of Criminal Investigation/An Garda Siochana in Ireland) and/or certification bodies (for example The Solicitors Regulation Authority in the UK and the Law Society of Ireland and certification bodies in relation to our certifications). This list is not exhaustive.

In all cases, your personal data is shared under the terms of a written agreement between Hayes McGrath LLP and the third party, which includes appropriate security measures to protect the personal data in line with this Notice and also our obligations or as permitted by applicable law and/or regulation.

 

For how long may my data be retained?

Hayes McGrath LLP’s policy is to retain personal data only for as long as is needed to fulfil the purpose(s) for which it was collected, or otherwise required under applicable jurisdictional laws and/or regulations and/or business continuity purposes.  Under some circumstances we may anonymise your personal data so that it can no longer be associated with you.  We reserve the right to retain and use such anonymous data for any legitimate business purpose without further notice to you.

Hayes McGrath LLP will typically retain data for periods subject to any exceptional circumstances and/or to comply with particular jurisdictional laws or regulations and/for business continuity purposes: unless there is any other valid legal, regulatory, client or business reason to retain it beyond that timescale; standard litigation matter files will usually be destroyed at approximately 7 years after the matter has been closed.

 

What are my rights in relation to personal data and how does Hayes McGrath LLP comply with my rights?

Hayes McGrath LLP will always seek to process your personal data in accordance with our obligations and rights, and most importantly your rights.

You will not be subject to decisions based solely on automated data processing without your prior consent.

In certain circumstances, you have the right to seek the erasure or correction of your personal data, to object to particular aspects of how your data is processed, and otherwise to seek the restriction of the processing of your personal data.  You also have the right to request the transfer of your personal data to another party in a commonly used format. If you have any questions about these rights, please contact our Data Protection Enquiry Team (outlined below in the Notice).

You have a separate right of access to your personal data processed by Hayes McGrath LLP.  You may be asked for information to confirm your identity and/or assist Hayes McGrath LLP to locate the data you are seeking as part of Hayes McGrath LLP’s response to your request.  If you wish to exercise your right of access, please contact our Data Protection Enquiry Team (outlined below in the Notice).  We will always endeavour to assist you as quickly and helpfully as possible.

Given the location of our European offices, if you are an individual located in the EU, you have the right to raise any concerns about how your personal data is being processed with

 

Where can I get further information ?

If you have any questions about this Notice, want to exercise your right to see a copy of the information that we hold about you, or think that information we hold about you may need to be corrected, want to delete all or any part of it or to object to data processing on legitimate grounds, please contact us by email on dataprotectionenquiryteam@hayesmcgrath.ie or by post to:

 

Data Protection Enquiry Team

Hayes McGrath LLP

91 Lower Baggot Street

Dublin 2

 

Silhouettes of group of business people standing talking

Strong relationships, strategic advice

Get In Touch
Hayes McGrath logo

© 2021 Copyright Hayes McGrath LLP

About

Hayes McGrath LLP was established in 1990. We are a leading law firm for the insurance industry.