GDPR - The General Data Protection Regulation

The General Data Protection Regulation (EU) 2016/679 ("GDPR") is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to individuals over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. Superseding the Data Protection Directive 95/46/EC, the regulation contains provisions and requirements pertaining to the processing of personal data of individuals (formally called data subjects in the GDPR) inside the EEA, and applies to an enterprise established in the EEA or—regardless of its location and the data subjects' citizenship—that is processing the personal information of data subjects inside the EEA.

Data protection Statement

This statement purpose is to help our clients, potential clients and associates to interpret how we process personal information that was entrusted to us by our clients, potential clients and associates. Please read it thoroughly. Please familiarise yourself with your rights in relation to your information including the right to object to processing of your personal information where that processing is carried out for our legitimate interests. We will use your personal data in accordance with this data protection statement. “We” and “our” and “us” terms used in this statement refer to Scanlon Associates.

About us and contract information

Scanlon Associates is a Taxation consultancy firm which require your personal information to be able to represent you in taxation and social insurance matters and to ensure your compliance with the Law and applicable legislations. Scanlon Associates is required by the Irish Law to keep certain personal information in our records. We have appointed a Data Protection Officer (DPO) who is responsible for look after all questions related to this data protection statement and advise our clients on all matters regarding their personal information.

For all questions regarding this data protection statement please contact the DPO using the details set out below:

Data Protection Officer
Scanlon Associates
Office 1, The Anchorage
Charlotte Quay, Dublin 4

The purpose of collecting and processing your personal information.

Scanlon Associates will collect your personal data and will process your personal data for the purposes of providing you with our services that are agreed between Scanlon Associates and yourself. Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interest and your fundamental rights and freedoms. We may use your personal information to manage our everyday business needs including accounting, internal reporting needs, market research, to ensure appropriate IT security and to prevent fraud, in our legitimate interest. Our legitimate interest is the effective management of our business.


We will, in certain circumstances, rely on your explicit consent to process your personal data, including, sensitive personal data. This consent can by withdrawn at any time by using the contact details of the DPO set out above.

Your personal information and Third-Party Service Providers

Third Party Service Providers: We may share your personal information with third party service providers that perform services and functions at our direction and on our behalf such as accountants, IT service providers, business advisors, and others who provide security and administrative services.

Government bodies, or other government officials: we may share your personal information with government bodies or agencies including but not limited to the Revenue Commissioners, where required to do so by law. We may share your personal information with other European Union member states government officials, which includes Tax offices and Social insurance offices where we are required by law in order for us and our clients to be compliant with law and legislation. Third Parties: We will provide third parties with your personal information only when you instruct us to communicate with third parties on your behalf. For example: lawyers, accountants, banks and other third-party person or organizations.

Types of Information we collect and how we use it

We may collect, use, store and transfer different kinds of personal information about you as follows and use it for a variety of different purposes.

Information type Example of how we use it
Address, email address, telephone numbers We use this information to carry out our duties as your accountants, to send you information about our services, taxation matters and to respond to your queries.
Name, date of birth, PPSN, marital status, address, nationality, passport, national ID card, contract, Bank account number, and all other documents relating to personal taxation and social insurance matters. We use this information to carry out our duties as your accountants and to verify your identify and to comply with various obligations with applicable legislations.
Occupation and income details such as employer name, employment status, your salary, other incomes, expenses. We use this information to carry out our duties as your accountants and to and to ensure that you are compliant with applicable legislations.
Any other information which is provided to us by you or on your behalf. With your consent, we use this information if there is any other purpose that is not mentioned above.

How we protect your information

We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.

Storage Periods

Your personal information that has to be saved for any legal, accounting or reporting purposes will be securely stored in our possession and maintain in our records for the period that is required by law, which may be more than six years.

Your Rights

In relation to how we use your personal information, under data protection law you have rights to:

  • Request a copy of the personal information we hold about you. Rectify any inaccurate personal data in our records about you.
  • Erase personal information we hold about you, for which we are not obliged to keep in our accounting records.
  • Restrict processing of your personal information.
  • Object our use of your personal information for our legitimate interests.
  • To have that data transmitted to another data controller.

Complaints or queries

If you have a complaint or query, please contact us on:

Please allow for your request to be replied within one-month time. In case of reasonable excuse, we might extend this period to two months.

You also have the right to lodge a complaint to the Office of the Data Protection Commission