This privacy notice (“notice”) provides an overview of how we manage and protect the personal data of both our private clients and the officers and employees of our corporate clients and third parties related to a client (eg a trustee, dependent or beneficiary or beneficial owner) (“data”), as required by law. This notice tells you who we are, what data about we collect, and what we do with that data.

Click “find out more”, where available, to view further details.

We are a partnership of chartered accountants, certified public accountants and tax principals trading as:

  1. Saffery under registered business number 638654 whose business address is at 99 St Stephen’s Green, Dublin 2; and
  2. Saffery Audit Limited under registered business number 692442 whose business address is at 99 St Stephen’s Green, Dublin 2.

Details of how to contact us can be found below in the “Who should you contact with questions?” section of this notice.

We use your data for various purposes connected with the services that we provide to you or your employer.

We generally collect data from you directly but we may also collect data from third parties such as:

  • Other advisers and intermediaries (such as solicitors, banks, land agents and independent financial advisers), both current and previous.
  • Office of the Revenue Commissioners (“Revenue”).
  • Public and Government authorities.
  • Company information databases.
  • Client identification and verification services such as Smartsearch, Search4less and Worldcheck
  • Your family or estate office.
  • Publicly available sources, such as the Companies Registration Office databases.
  • Your agents and representatives, such as your power of attorney.
  • Other professional services providers that provide services to you.
  • Other third parties.

What data we collect and for what purpose will depend on whether you are a private client or a representative of a corporate client.

Data we collect may include:

  • Basic contact information, proof of age and identity information.
  • Financial information and client data obtained from Revenue.
  • Trust information.
  • Referral letters from third party institutions.
  • Sensitive data.
  • Additional information applicable only to our private clients, such as beneficiary details and powers of attorney.
  • Information relating to your use of our website, further details of which can be found in our cookies policy.

Find out more

We will use data about you for the following purposes:

  • To provide such services to you.
  • To make payments on your behalf.
  • To make insurance claims on your behalf.
  • To create and manage records of your involvement with us and to communicate with you.
  • To contact you with respect to the services that we provide.
  • Sending you marketing information (but only to the extent you have consented).
  • If you provide your consent to share data with financial institutions, employers or landlords for the purposes of mortgages, leases and other financial references.
  • To verify your residence and identity in order to comply with our legal and regulatory requirements.
  • To comply with legal and or regulatory obligations.

The legal basis for our use of data about you is one of the following. The processing of your data is necessary for:

  • The performance of a contract to which you are a party.
  • Compliance with a legal obligation to which we are subject.
  • A legitimate business interest that is not overridden by your interests, rights and freedoms which require protection.

Where none of the above applies, we will ask for your consent to process data.

We may share data about you with:

  • Saffery LLP in the United Kingdom, Saffery Registered Fiduciaries in Guernsey, Saffery Fund Services Limited in Guernsey and Saffery Guernesy Audit and Tax;
  • Our insurers in the event of a potential insurance claim;
  • Your other professional advisers;
  • We may share sensitive data with other service providers or Revenue, for example to provide a reasonable excuse claim to Revenue;
  • Financial institutions;
  • Family and estate offices;
  • Third parties interested in acquiring you (in respect of corporate clients only);
  • Third parties who provide us with products or services; and
  • Other third parties, where required or permitted by law.

It may be necessary for us to transfer data outside the country or territory where it was collected, including to a country, territory or international organisation that has not been declared adequate by the European Commission for data protection standards.

We implement appropriate technical and organisational measures to protect personal data that we hold from unauthorised disclosure, use, alteration or destruction. Where appropriate, we use encryption and other technologies that can assist in securing the data you provide. We also require our service providers to comply with strict data privacy requirements.

We store data in accordance with legal, regulatory, financial and best-practice business requirements. Once our contract with you ends, we will securely delete/destroy your data in line with our data retention policies.

You may have the following rights in respect of data about you that we hold:

  • Request us to give you access to it.
  • Request us to rectify it, update it, or erase it.
  • Request us to restrict our using it, in certain circumstances.
  • Object to our using it, in certain circumstances.
  • Withdraw your consent to our using it.
  • Data portability, in certain circumstances.
  • Opt out from our using it for direct marketing.
  • Lodge a complaint with the Data Protection Commission in Ireland or relevant supervisory authority if you are located elsewhere in the European Union.

You are able to exercise these rights by contacting us using the details set out below.

If you have any questions, or wish to exercise any of the rights detailed above, please contact us at [email protected]

You have a right to contact the Data Protection Commission in Ireland at www.dataprotection.ie or your local supervisory authority if you are located elsewhere in the European Union with any questions or concerns.

We may update this notice (and any supplemental privacy notice), from time to time. We will notify you on our website www.saffery.com/ie/ of changes to this notice.

Last modified 11 June 2021.

Find out more:

Further information on the data we collect about you

Basic contact information, proof of age and identity information
If you instruct us to provide services to you, we will collect your name, gender, nationality and address, including country of residence, during your client onboarding. We are also required to collect information such as passport information, driving licence or ID card details and PPS number. You also may provide us with additional contact information (such as your mobile number).

Financial information and client data from Revenue
We will collect information such as your sort code(s), account number(s), pension information and bank statements. We may also collect certain financial information from Experian, the Irish Credit Bureau or other credit checking service providers.

We will also collect any financial information necessary to provide our services to you, which may include (but is not limited to) pension information, details of your income and expenses, and of gains on the disposal of assets. You or Revenue may provide us with your Revenue client data, such as your unique taxpayer reference.

Trust information
We may need to collect information about trusts that relate to you, such as trusts deeds and trust minutes.

Referral letters from third parties
We may collect a referral letter from a third party (such as a financial institution or adviser (current or previous).

Sensitive data
We may collect health and medical information, information regarding criminal and civil offences, court orders and other legal documentation.

Private client information
If you are a private client, we may collect information contained in your will, details of your dependant(s), marriage certificate and details of your PPS number and MyGovID account for the Child Benefit Scheme.

Website usage information
If you visit our website, then we will install certain cookies on to the device that you are using. Further details about how we use cookies is set out in our cookie policy.

Back to top


Further information on the purpose(s), methods of collection and legal basis for processing your data

The purposes for which we use your data, and the corresponding methods of collection and legal basis for its use, are described below:

Purpose: To provide certain services to both private and corporate clients

Services include:

  • Advisory work
  • Valuation work
  • Trust entry, 10-year and exit charge returns
  • Payroll and benefit in kind information
  • VAT registration and returns
  • Account completion
  • FATCA/CRS and other regulatory reporting
  • Investment tracking
  • Wealth reviews
  • Completion of tax returns and related filings
  • Invoice processing (supplier, self-employed and sales)
  • Bank transaction processing
  • Pension valuation
  • Management reporting
  • Grant applications
  • Bank form completion
  • Audit work
  • iXBLR accounts
  • Companies Registration Office returns and other company secretarial services
  • Cultural tests
  • Company tax returns
  • Due diligence
  • Lead advisory
  • Reporting accountants
  • Employment related securities filing
  • Tax claims and elections
  • DT1 form completion

Method of collection and legal basis for processing

The data relevant to these purposes is generally provided to us by you directly, during your initial onboarding as a client, or in order for you to enter into a contract with us and/or in order for us to perform our contract with you.

We use it in order to perform our obligations contained in our contract with you.

The contract in question will be our letter of engagement.

Purpose: To create and manage records of your involvement with us and to contact you with respect to the services that we provide

Method of collection and legal basis for processing

The data relevant to these purposes is generally provided to us by you directly, during your initial onboarding as a client, or in order for you to enter into a contract with us and/or in order for us to perform our contract with you.

We have a legitimate business interest in managing records of your involvement with us and in being able to contact you with respect to the services that we provide.

Sometimes your data will be processed automatically, for example when you leave telephone voice messages on our system it will automatically be sent to the recipient as an email file.

Meetings are sometimes recorded in order to enable minute takers to fulfil their task or to enable meeting participants (or non-attendees) to access a recording of a meeting. Depending on how the meeting is held this may include the recording of audio or video of the attendees for meetings.

Webinars we host are sometimes recorded. However only the presenter or panel participants of these webinars will be recorded by us. We do not make any audio or video recordings of attendees at webinars. However, if you choose to contribute to a webinar, such as by submitting questions, we may record your interaction with the webinar host and panel. We also record that you attended our webinar.

Parts of recordings may constitute personal data according to data protection laws. Personal data in recordings would include images of you (i.e. webcam footage of you), any opinions you contribute and anything you say about yourself.

The lawful basis for processing personal data through audio and/or video recordings is that it is in Saffery’s legitimate interests to do so. We have considered the implications of processing data in this way and concluded that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. You will not be requested to give consent for the recording as that is not the lawful basis upon which we are operating. Clearly presenters for webinars and meeting chairs must be recorded, but to ensure that meeting or webinar attendees who do not wish to be recorded are not recorded by accident, then you can choose to mute your microphone and/or turn off your webcam. This will, as a consequence, restrict your ability to contribute to the relevant meeting or webinar.

The recordings will be kept securely on servers, which are provided by Saffery LLP in the United Kingdom. The recordings will kept in an appropriate place with access rights limited by reference to the purpose of the recording and who needs to have access to it. Once the need for the recording has been completed, the recording will be deleted. The meeting host/minute taker will be responsible for deleting the recordings, but the Chair of the relevant meeting or webinar will also be responsible for checking that this deletion is carried out in a timely way. Saffery will not share the recordings with any other organisation unless required to by law. Those given access to the recordings will not be allowed to make duplicates, nor download any recordings to personal devices or a third party cloud storage facility.

Purpose: Sharing data with financial institutions, employers and landlords for the purposes of mortgages, leases and other financial references.

Method of collection and legal basis for processing

The data relevant to these purposes is generally provided to us by you, during your initial onboarding as a client, or in order for you to enter into a contract with us and/or in order for us to perform our contract with you.

We are reliant upon our contract with you and/or obligations under law in order for us to use your data for this purpose.

Purpose: Sharing data with other third parties, such as land agents, solicitors, valuers, brokers, IFAs, other professional services firms you may use and our service providers.

Method of collection and legal basis for processing

The data relevant to these purposes is generally provided to us by you or your other service providers, during your initial onboarding as a client, or in order for you to enter into a contract with us and/or in order for us to perform our contract with you.

This information may be shared for the purpose of tax planning, compliance or at your request.

Purpose: Sending you marketing information (but only in accordance with applicable law).

Method of collection and legal basis for processing

The data we process to send you marketing information will only be used for this purpose with your consent or based on our legitimate business interest in conducting and managing our marketing activities.

Purpose: To comply with legal and or regulatory obligations, such as anti-money laundering regulations and know your client checks or to respond to requests from Revenue, Government Department and/or law enforcement agencies.

Method of collection and legal basis for processing

The data relevant to these purposes is generally provided to us by you directly, during your initial onboarding as a client, or in order for you to enter into a contract with us and/or in order for us to perform our contract with you.

The data may be processed automatically, for example when we use identification and verification to comply with anti-money laundering regulations.

We are under certain legal and/or regulatory obligations (eg law enforcement requests for information) and in order to meet various legal compliance and regulatory obligations, as applicable.

Where we do not base our use of data about you on one of the legal bases described above, we will ask for your consent before we process the data. We may from time to time ask for your explicit consent to process sensitive data (such as health and medical information) or data relating to criminal offences. In these circumstances we will provide specific information to you about both the relevant processing activities and your rights in relation to them.

As part of our client engagement and acceptance procedures we may process data to identify politically exposed persons and heightened risk individuals and organisations and check that there are no issues that would prevent us from working with a particular client (such as sanctions, criminal convictions (including in respect of company directors), conduct or other reputational issues). We will only process such personal data with the individual’s consent or as otherwise required by law or regulation.

In some instances, we may use data about you in ways that are not described above. Where this is the case, we will provide a supplemental privacy notice that explains such use. You should read any supplemental notice in conjunction with this notice.

Back to top


Further information on who we share your data with and for what purpose(s)

Sharing data with third parties

  • We may share data about you with our insurers, your other personal advisers and third parties interested in acquiring you (in respect of corporate clients only).
  • We may share data about you with third parties who provide us or you with products or services, such as:
    • Other member firms in the Nexia International network that assist with the services that we provide to you (such as providing accounting or tax advice in other countries);
    • Data analytics providers who we may use to support audit services; and
    • SKP Group – a third party supplier and Nexia International member firm that assists with services we provide to you (such as the processing of personal tax returns for you on our behalf).
  • We may share data about you with other third parties, where required or permitted by law, for example: regulatory authorities (such as the Institute of Chartered Accountants in Ireland and the Institute of Chartered Accountants in England & Wales), government departments and Revenue; (such in response to a request from law enforcement authorities or other government officials; when we consider disclosure to be necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation of suspected or actual illegal activity; when permitted by law to do so in respect of your agents and representatives (such as your power of attorney); and in the context of a restructuring of our organisation.

Back to top


Further information on where data about you might be sent?

When using data as described in this notice, it may be transferred either within or outside the country or territory where it was collected, including to a country, territory or international organisation that may not have the same data protection standards.

For example, we may transfer your personal data to:

  • Our offshore offices in Guernsey and Switzerland;
  • Our third party service providers that are based outside of the EU (such as SKP Group based in India); and
  • The USA, in order to comply with FATCA.

In all cases, the transfer will be on the basis of a European Commission adequacy decision or we will implement adequate measures, for example the EU Model Contracts, including appropriate security measures, for the protection of personal data in those countries, territories or international organisations in accordance with applicable data protection laws. To obtain further information on the data transfer mechanisms on which we rely, please contact us as set out here.

Back to top


Further information on your rights in respect of the data we hold about you

In respect of personal data we hold about you, you will have the rights set out below (Note: certain legal limits apply to all these rights. Please also note: if you wish to make such a request or you are concerned that any of the information we possess about you is incorrect, please contact [email protected]).

To request that we give you access to your data

This is confirmation of:

  • Whether or not we process personal data about you;
  • Our name and contact details;
  • The purpose of the processing of your personal data;
  • The categories of personal data concerned;
  • The categories of persons with whom we share the personal data and, where any person is outside the EU and does not benefit from a European Commission adequacy decision, the appropriate safeguards for protecting the personal data;
  • (If we have it) the source of the personal data, if we did not collect it from you;
  • (To the extent we do any, which will have been brought to your attention) the existence of automated decision-making, including profiling, that produces legal effects concerning you, or significantly affects you in a similar way, and information about the logic involved, as well as the significance and the envisaged consequences of such processing for you; and
  • The criteria for determining the period for which we will store the personal data.

On your request we will provide you with a copy of the personal data we hold about you that we are a controller of.

To request that we rectify or update your personal data

This applies if the personal data we hold is inaccurate or incomplete.

To request that we erase your personal data

This applies if:

  • The personal data we hold is no longer necessary in relation to the purposes for which we use it;
  • We use the personal data solely on the basis of your consent and you withdraw your consent (in this case, we will remember not to contact you again, unless you tell us you want us to delete all personal data about you in which case we will respect your wishes);
  • We use the personal data on the basis of legitimate interest and we find that, following your objection, we do not have an overriding interest in continuing to use it;
  • The personal data was unlawfully obtained or used; or
  • To comply with a legal obligation.

To withdraw your consent to our using your personal data

  • This right applies to any personal data which we have collected and process based on your consent.
  • You have the right at any time to withdraw the consent you have provided to us.

To request that we restrict our processing of your data

This right applies, temporarily while we look into your case, if you:

  • Contest the accuracy of the data we use; or
  • Have objected to our using the data on the basis of legitimate interest.

(If you make use of your right in these cases, we will tell you before we use the data again).

This right applies also if:

  • Our use is unlawful and you oppose the erasure of the data; or
  • We no longer need the data, but you require it to establish a legal case.

To object to our processing of your data

You have two rights here:

  1. If we use data about you for direct marketing: you can “opt out” (without the need to justify your decision) and we will comply with your request; and
  2. If we use the data about you on the basis of legitimate interest for purposes other than direct marketing, you can object to our using it for those purposes, giving an explanation of your particular situation, and we will consider your objection.

To portability of your personal data

This right applies:

  1. To personal data that you have provided to us; and
  2. If we use that personal data on the basis either of your consent, or on the basis of discharging our contractual obligations to you.

If both (1) and (2) apply, you have the right to receive the data back from us in a commonly used format, and the right to require us to transmit the data to someone else.

To lodge a complaint with the supervisory authority in your country

Each EU country must provide for a regulator for this purpose. You can find their contact details here.

Back to top

Loading