Hiddlestons Ireland relies upon data to be able to provide its services to its clients. We take the handling, processing and protection of such data extremely seriously.
The information that we collect consist of:
- Personal data, including names, address and ID for the purposes of Client Due Diligence when setting up a new client;
- Names, postal addresses, e-mail addresses, telephone numbers, nationality and other data for handling matters on behalf of clients or prospective clients;
- Names, job positions and email addresses and telephone numbers for potential and perspective clients;
- Financial details for the purpose of billing for existing clients;
- Names, addresses and contact details and CVs for prospective candidates for employment.
How do we collect information?
For clients, the data is primarily captured and processed while handling matters on behalf of that client; For prospective and potential clients, we normally request information when approached by a new client. Alternatively, we obtain information by receipt of business cards from prospective clients at conferences and other business events.
Where we store your data
Your data may, for existing clients, be stored in paper files. The data may also be stored on electronic files and may be transferred to and stored at a destination outside the European Economic Area (“EEA”) on Cloud storage.
How will we use your data?
We may use your information for the following purposes:
- The provision of our services to clients and prospective clients;
- The provision of legal updates and information upon changes to practice or law and our services which we feel may be of interest to you;
- Maintaining accounts and records;
- Supporting and managing staff.
Who will we share your data with?
In order to handle matters on your behalf, we may need to disclose your information to:
- Outsourced trade mark, records and formalities services;
- Outsourced accounting services;
- Barristers and private investigators;
- Overseas trade mark attorneys and lawyers handling matters on your behalf;
- Courts and Tribunals;
- The UK Intellectual Property Office, The European Union Intellectual Property Office and other overseas national trademark offices;
- Domain naming authorities and WIPO.
How long will we keep your information for?
- We will normally keep your information throughout the period of time that we do work for you and afterwards for a period of 6 years as we are required to do so by law and also by the professional regulations that apply to us;
- In some cases (for example where we have prepared a Deed for you), we may retain your information for a longer period and we will advise you of this at that time;
- More information is set out in our Data Retention Policy which is available upon request from the Data Protection Representative.
- We shall ensure that all the information that you provide to us is kept secure using appropriate technical and organisational measures;
- In the event of a personal data breach, we have in place procedures to ensure that the effects of such a breach are minimised and shall liaise with the Information Commissioner’s Office (ICO) and with you, as appropriate;
- More information is available from the data protection officers.
What rights do you have?
You have the following rights under the General Data Protection Regulation 2018:
- Right to be informed;
- Right of access;
- Right to rectification;
- Right to erasure;
- Right to restriction of processing;
- Right to data portability;
- Right to object;
- Rights concerning automated decision-making and profiling.
Right of access
- You have a right to see the information we hold about you;
- To access this, you need to provide a request in writing to our Data Representative;
- We will usually process your request free of charge and within 30 days. However, we reserve the right to charge a reasonable administration fee and to extend the period of time by a further 2 months, if the request is very complex.
Right to erasure
- You have a right to ask us to erase your personal data in certain circumstances (the details can be found in Article 7 of the GDPR);
- We will deal with your request free of charge and within 30 days but reserve the right to refuse to erase information that we are required to retain by law or regulation, or that is required to exercise or defend legal claims;
- To exercise your right to erasure, please contact our Data Protection Representative.
Who can you complain to?
If you are unhappy about how we are using your information or how we have responded to your request then, initially, you should contact the Data Protection Representative, Mark Hiddleston, who can be contacted by email at firstname.lastname@example.org or, in writing to:
Regus Dublin Airport
Corballis Road North