Privacy Policy

This statement relates to our privacy practices in connection with Prodomo Ltd trading as Bluett & O’Donoghue services and website www.boda.ie. We are not responsible for the content or privacy practices of other websites. Any external links to other websites are clearly identifiable as such.

 

General Statement

Bluett & O’Donoghue fully respects your right to privacy and is committed to ensuring that your privacy is protected. Bluett & O’Donoghue will not collect any personal information about you without your clear permission. Any personal information which you volunteer will be treated with the highest standards of security and confidentiality, strictly in accordance with General Data Protection Regulations (GDPR).

This Privacy Policy was most recently updated on 25th May 2018.

 

Collection and Use of Personal Information

Bluett & O’Donoghue does not collect any personal data about you on this website.

Bluett & O’Donoghue does hold and process personal client data in both digital and physical form.

Bluett & O’Donoghue adheres to the Data Protection rules outlines in the Data Protection Act 2018:
https://www.dataprotection.ie/docs/Data-Protection-Rules/y/21.htm

Specifically, Bluett & O’Donoghue is required to:

  1. Obtain and process personal data information fairly.
  2. Keep the personal data only for one or more specified purposes.
  3. Process it in ways compatible with the purposes for which it has been supplied to Bluett & O’Donoghue initially.
  4. Keep it safe and secure.
  5. Keep it accurate and up to date.
  6. Ensure that it is adequate, relevant and not excessive.
  7. Retain it for no longer than it is necessary for the specified purpose or purposes.
  8. Give a copy of her/his personal data to any individual on request.

For more GDPR information check out: www.dataprotection.ie

 

Consent

At the time when Bluett & O’Donoghue collects information about individuals, in accordance with the terms of our engagement as service providers, Bluett & O’Donoghue will make them aware of the uses for that information.

We include a paragraph in our letter of engagement outlining, the reason why we gather this information which is for the purposes of allowing us meet the terms of the engagement and for no other reason, and requesting the individual to opt in to this process.

Bluett & O’Donoghue does not disclose GDPR client personal data to third parties without the express opt-in permission of the individual.

 

Data retention – client data

Bluett & O’Donoghue retains personal data of individual clients in accordance with the following legislative time limits:

  • Client files; records are retained for 8 years following closing file  unless an opt in to retain longer is agreed.
  • Where GDPR client data is retained for longer than the time periods specified above, it is based on a client’s informed opt-in consent. Data is only retained for a longer timeframe because it is considered useful to the performance of the terms of our engagement with the client.
  • If a client who has opted-in to a longer time retention period, chooses to opt-out, standard data retention time limits are re-imposed.

 

Data retention – employee data

  • Records and interview notes of unsuccessful applicants are retained for 12 months from the date the successful candidate is appointed (Data Protection Commissioner recommendation).
  • Employment files are retained for 7 years and six months from the date the staff member finishes employment with Bluett & O’Donoghue (Statute of Limitations under Unfair Dismissals Act 1977-2017).
  • Employee records of salaries and tax payments are retained for six years and six months (Revenue Commissioners guidance).

 

Data retention – health & safety records

  • Records of major accidents and dangerous occurrences are retained for 10 years under the Safety, Health and Welfare at Work Act 2005.

Under section 4 of the Data Protection Acts, on making a written request to Bluett & O’Donoghue  any individual about whom Bluett & O’Donoghue keeps personal information on computer or in a relevant filing system is entitled to:

  • (a) a copy of the data,
  • (b) a description of the purposes for which it is held,
  • (c) a description of those to whom the data may be disclosed and
  • (d) the source of the data unless this would be contrary to public interest

 

Data Controller / Data Processer

 

Data Processor

Bluett & O’Donoghue is a Data Processor for all personal data obtained from clients.

In the case of projects and commissions etc. information held and processed on behalf of individuals, Bluett & O’Donoghue is acting as a Data Processor. Bluett & O’Donoghue when providing services does not normally exercise responsibility for or control over the data it is processing.

 

Data Controller – clients

In limited circumstances where Bluett & O’Donoghue has flexibility over the manner in which it provides services to clients covered by GDPR and is not simply acting on their instructions, Bluett & O’Donoghue acts as a Data Controller.

 

Data Controller – employees

Bluett & O’Donoghue keeps and processes information about its employees. It acts as a Data Controller for this information.

 

Right of Access to Personal Data

Under section 4 of the Data Protection Acts, on making a written request to Bluett & O’Donoghue any individual about whom Bluett & O’Donoghue keeps personal information on computer or in a relevant filing system is entitled to:

  • (a) a copy of the data,
  • (b) a description of the purposes for which it is held,
  • (c) a description of those to whom the data may be disclosed and
  • (d) the source of the data unless this would be contrary to public interest

 

Complaints

Applicants have the right to lodge a complaint with the data protection commissioner if they feel there has been a breach at: www.dataprotection.ie

 

Change of Policy

This Privacy Policy is subject to change and we reserve the right to amend this policy at any time.

This Privacy Policy was most recently updated on the 25th May 2018.

 

Data Protection co-ordination and compliance

Bluett & O’Donoghue  has appointed Peter Bluett with responsibility for co-ordination and compliance with the Data Protection Regulations

 

Contact

All comments, queries and requests relating to our use of your information are welcomed and should be addressed to: mail@boda.ie

 

GDPR Email Compliance, Confidentiality and Disclaimer:

We have a legal duty to protect any information we collect rom you. Information contained in emails and any attachments issued by our Staff may be privileged or confidential and intended for the exclusive use of the original recipient. If you have received this email by mistake or error, please advise the sender immediately and delete the email, including emptying your deleted email box. If you have any questions related to our GDPR Compliance, please contact our data protection officer or make a Data Subject Access Request.

 

Collection and Use of Technical Information (website)

Our website uses persistent cookies to allow our analytics software (Google Analytics) to distinguish users, and provide us with accurate statistics of website usage. These cookies do not contain any personal information, and visitors can use this website with no loss of functionality if cookies are disabled from the web browser.

Technical details in connection with visits to this website are logged by our internet service provider and analytics software for our statistical purposes. No information is collected that could be used by us to identify website visitors. The technical details logged are confined to the following items:

  • The anonymized IP address of the visitor’s web server
  • The top-level domain name used (.ie, .com, .org, .net)
  • The previous website address from which the visitor reached us
  • Google analytics which shows the aggregate traffic of visitors around this website
  • The type of web browser and operating system used by the website visitor

Bluett & O’Donoghue will make no attempt to identify individual visitors or to associate the technical details with any individual. It is the policy of Bluett & O’Donoghue never to disclose such technical information in respect of individual website visitors to any third party (apart from our internet service provider, which records such data on our behalf and which is bound by confidentiality provisions in this regard), unless obliged to disclose such information by a rule of law. The technical information will be used only by Bluett & O’Donoghue and only for statistical and other administrative purposes. You should note that technical details, which we cannot associate with any identifiable individual, do not constitute “personal data” for the purposes of the GDPR.

For more GDPR information check out: www.ico.org.uk and www.dataprotection.ie

 

IP Address

An IP address can reveal information about a visitor such as the general geographic location of the visitor or the internet provider they are using to connect to the internet. Bluett & O’Donoghue website does not track visitor IP addresses, unless the address has been flagged by our firewall for malicious activity. This information is used to safeguard the website against hacking and brute force attacks.

Only an anonymized version of the IP address is provided to our analytics software (Google Analytics), which cannot be linked to individual clients.