Data Privacy Notice
This is your guide to how personal data is managed by Making-Cents. Please read it carefully.
Data privacy is taken very seriously at Making-Cents. We are committed to protecting the privacy of our clients and users of our website, and it is important to us, that you know exactly what we do with your personal information that you and others provide to us, why we gather it and what it means to you.
This document outlines our approach to Data Privacy to fulfil our obligations under the General Data Protection Regulation (2018). We also welcome it as an opportunity to reassure you of the importance we place on keeping your personal data secure, and of the strict guidelines we apply to its use. We want you to be clear on:
- Who we are
- The information we collect about you
- When and how we collect information about you
- How we use your information
- How we use automated processing
- Who we share your information with
- How long we hold your information
- Implications of not providing information
- The legal basis for using your information
- How to exercise your information rights
- How to contact us
- Changes to this notice
Making-Cents needs to gather and use certain information about individuals. There can include customers, suppliers, business contact, employees and other people we have a relationship with or may need to contact. This policy describes how this personal data must be collected, handled and stored to meet the company’s data protection standards thus complying with GDPR.
This data privacy notice ensures Making-Cents:
- Comply with the Data Protection Legislation and follow Good Practice
- Protect the Rights of Employees, Customers and Partners
- Is Transparent in term of How It Stores and Processes Individual’s Data
- Protects itself from the Risks associated with Data Breach
General Data Protection Regulation – “GDPR”
Who are we?
The General Data Protection Regulation 2016 replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. Its purpose is to protect the “rights and freedoms” of natural persons (i.e. living individuals) and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.
Throughout this document, “we”, “us”, “our” and “ours” refer to Making-Cents Limited. Your information is held by Making-Cents
Our principal business is to provide advice on the basis of ‘Fair Analysis’ and arrange transactions on behalf of clients in relation to life and pension products and investments. The firm is also authorised to act as a deposit broker and to give advice in relation to deposits.
Making-Cents Ltd. is regulated by the Central Bank of Ireland and is registered as an investment business firm under Section 10 of the Investment Intermediaries Act, 1995 (as amended) and as an insurance/reinsurance intermediary registered under the European Communities (Insurance Mediation) Regulations, 2005 (as amended) as an investment product intermediary under Section 31 of the Investment Intermediaries Act (as amended). The Central Bank holds registers of regulated firms. You may contact the Central Bank to verify our credentials on 1890 777 777 or alternatively visit their website at www.centralbank.ie Our Intermediary Number is C86227.
Our Data Protection Officer / GDPR Owner and data protection representatives can be contacted directly here:
The information we collect about you
In general, you can visit the Making-Cents website without identifying yourself or revealing any personal information.
However, you may choose to provide us with personally identifiable information (e.g., via our set up web forms or ask a question forum). Personal identifiable information is information that can be used to identify you, such as your name, title email address, telephone number, industry and company details, or similar information.
The principal reason why we look to collect information from you is to better understand your needs and to provide better service.
Within the Making-Cents website, you can make requests for information, register to receive materials, and in some cases, order products or services. The types of personal information collected at these pages includes name, contact information (email address), job title and company name. In some cases, we may also collect billing, transaction and credit card information, where you order products or services.
There are a number, of reasons for gathering information about you. For instance, we need to know how to get in touch with you, we need to be certain of your identity and we need to understand your financial circumstances, so we can offer you products and services and give you the best possible customer experience. The information we collect falls into various categories.
When and how we collect your information
- Identify & Contact information: Name, date of birth, copies of ID, contact details, PPS number (or foreign equivalent), nationality, address, email address, phone numbers, marital status, family details and tax related information.
- Financial details/circumstances: Bank account details, credit card details, income details, application processing and administration records, your employment status and employment details of your partner, life assurance, pension and investment details and financial needs/attitudes.
- Marital Status and/or financial associations: If you are married or are financially linked to another person in the context of a particular product, service or financial review, a financial association may be created between your records and their records
- Information you provide us about others or others provide us about you: If you give us information about someone else (e.g. information about a spouse or financial associate provided during the course of a joint application with that person), or someone gives us information about you, we may add it to any personal information we already hold and will use it in the ways described in this Data Privacy Notice. Before you disclose information to us about another person, you should be sure that you have their agreement to do so. You should also show them a copy of this Data Privacy Notice. You need to ensure they confirm that they know you are sharing their personal information with us for the purposes described in this Data Privacy Notice.
- Sensitive categories of data: We may hold information about you which includes sensitive data, such as your health information. We will only hold this data when we need to for the purposes of the product or service we provide to you or where we have a legal obligation to do so e.g. Medical information: where you apply for life assurance, income protection or mortgage protection.
- Information about you provided by others: If you give us information about someone else (e.g. information about a spouse or financial associate provided during the course of a joint application with that person), or someone gives us information about you, we may add it to any personal information we already hold and will use it in the ways described in this Data Privacy Notice.
- Information which you have consented to us using: Your agreement to allow us to contact you through certain channels to offer you relevant products and services.
- Other personal information: Information in relation to data access, correction, restriction, deletion, porting requests and complaints.
As you use our services, apply for products, make enquiries and engage with us, information is gathered about you. We may also collect information about you from other people and other parties, for example, when you are named in an insurance policy or from sources where you have chosen to make your information publicly available, such as social media sites e.g. Linkedin
When we collect information about you:
How we use your information
- When you ask us to provide you with certain products and services. For example, life insurance or investment products may require us to collect relevant health information from you.
- When you or others give us information verbally or in writing. This information may be on a fact-find, application form or if you make a complaint.
Whether we are using it to confirm your identity, to help in the processing of an application for a product or service or to improve your experience with us, your information will always be handled with care and the principles outlined in this Data Privacy Notice are always applied.
We use your information to provide our products and services to you, and to fulfil our contract with you, we use your information to:
To manage our business, we may need to use your information to:
- Establish your eligibility for our products or services
- Manage and administer your accounts, policies or other products that we may provide you with
- Process your applications for products or services
- Carry out Full Financial Reviews
- Contact you by post, phone, text message, email, social media or other means but not in a way contrary to your instructions to us or contrary by law
- Manage and respond to a complaint or appeal
To run our business on a day to day basis including to:
- Provide service information, to improve our service quality and for training purposes. We may gather information about your interactions with us.
- Conduct marketing activities, for example, promotions and direct marketing (provided that you have not objected to us using your details in this way), and research, including customer surveys, analytics and related activities.
To comply with our legal and regulatory obligations including:
- Carry out strategic planning and business portfolio management
- Compile and process your information for audit, statistical or research purposes (including, in some instances, making your data anonymous) in order, to help us understand trends in our customer behaviour and to understand our risks better.
- Protect our business, reputation, resources and equipment, manage network and information security
- Manage and administer our legal and compliance affairs, compliance with regulatory guidance and voluntary codes of practice which we have committed.
Where you have given us permission (which you may withdraw at any time):
- Complying with your information rights
- Providing you with statutory and regulatory information and statements
- Establish your identity, residence and tax status in order, to comply with law and regulation concerning taxation and the prevention of money laundering, fraud and terrorist financing.
- We are required by law to screen applications that are made to us to ensure we are complying with the international fight against terrorism and other criminal activities. As a result, we may need to disclose information to government and other statutory bodies.
- Complying with binding requests from regulatory bodies including the Central Bank of Ireland.
- Complying with binding production orders or search warrants, and orders relating to requests for mutual legal assistance in criminal matters received from law enforcement agencies/prosecutors
- For other reasons where a statutory reason exists we do so, including use of your Personal Public Service (PPS) number
- Complying with court orders arising in civil or criminal proceedings
- Performing a task carried out in the public interest
- Send electronic messages to you about product and service offers
- Send letters to you about product and service offers
- Share your data with third parties so that they may send you electronic messaging about their products and offers
- Use special categories of data, or sensitive data
When we ask for your consent, we will provide you with more information on how we will use your data in reliance on that consent, including in relation to third parties we would like your consent to share your data with.
How we use automated processing
Automated analysis of our customer information as a whole helps us to manage our business for our legitimate interests. It enables us to:
- Make more informed business decisions, including improving the quality of services we can offer
- Test and maintain the stability and performance of our systems
Automated analysis of your information also enables us for service, administrative purposes and helps us to form a single view of your relationship with us. This is intended to help us manage and build our relationship with you and is an important part of managing our business:
- For example, it enables us to develop personalised information for you in real time based on your financial & personal circumstances.
Automated analysis of your information assists us to comply with our legal obligations.
- For example, in connection with our money laundering, fraud and terrorist financing prevention obligations, we may use automated processing to screen for suspicious transactions, or to identify payments which may be subject to international sanctions.
There are certain automated analyses of your information that we will only carry out where you have given us your consent (which you can withdraw at any time). We will only automatically process your information to enable us to undertake the following activities where we have your consent:
Who we share your information with
- Send electronic messages to you about product and service offers from our company
- Share your data with third parties so that they may send you electronic messaging about their products and offers
- Use sensitive categories of data, as set out in data protection legislation
- Use information you have made public and combine this with the activities outlined above.
We only share your information with a select number of individuals, and only as necessary. Sharing can occur in the following circumstances and/or with the following persons:
How long we hold your data
- Your authorised representatives
- Third parties with whom: (i) we need to share your information to facilitate transactions you have requested, and (ii) you ask us to share your information
- Services providers for which we hold an authorised agency i.e. when you apply for life insurance with us, we will pass your details to the insurer. We may request information relating to your health for underwriting and claims administration purposes. If you make a claim, any information you give to us, or to the insurer, may be put onto a register of claims shared with other parties to prevent fraudulent claims. A list of participants is available from the insurer.
- Service providers who provide us with support services. Your personal information remains protected when our service providers use it. We only permit service providers to use your information in accordance with our instructions, and we ensure that they have appropriate measures in place to protect your information. Our service providers include IT & telecommunication service providers, document storage and destruction companies.
- We may also share your information with the following third parties to help us manage our business for our legitimate interests: Trade associations & professional bodies, non-statutory bodies and members of trade associations, Pension fund administrators, trustees of collective investment undertakings and pensions trustees, insurance bureaus. Healthcare professionals and medical consultants and Business or joint venture partners.
- Statutory & regulatory bodies (including central & local government) and law enforcement authorities. These include the courts and those appointed by the courts, government departments, statutory and regulatory bodies in all jurisdictions where Making-Cents operates including: the Central Bank of Ireland, the European Central Bank, the Data Protection Commission, Financial Services Ombudsman, An Garda Síochána, Revenue Commissioners, Criminal Assets Bureau and other designated authorities in connection with combating financial and other serious crime.
The length of time we hold your data depends on a number, of factors, such as regulatory rules and the type of financial product we have provided to you. Those factors include:
- The regulatory rules contained in laws and regulations or set by authorities like the Central Bank of Ireland, for example, in the Consumer Protection Code.
- The type of financial product we have provided to you. For example, we may keep data relating to pension product for a longer period compared to data regarding a short-term investment.
- Whether you and us, are in a legal or some other type of dispute with another person or each other.
- The type of data we hold about you.
- Whether you or a regulatory authority asks us to keep it for a valid reason
As a general rule we keep your information for a specified period after the date on which a transaction has completed or you cease to be a client. In most cases this period is 10 years.
Implications of not providing your data
Sharing information with us is in both your interest and ours. We need your information in order to:
Of course, you can choose not to share information, but doing so may limit the services we are able to provide to you:
- Provide our products and services to you and fulfil our contract with you
- Manage our business for our legitimate interests
- Comply with our legal obligations
- We may not be able to provide you with certain products and services that you request. We may not be able to continue to provide you with new or renew existing products and services.
- We may not be able to assess your suitability for a product or service, or, where relevant, give you a recommendation to provide you with a product or service from Making-Cents.
We will tell you when we ask for information which is not a contractual requirement or is not needed to comply with our legal obligations.
The Legal basis for using your information
We will use your data and share that data where:
How to exercise your information rights including the right to object
- Its use is necessary in relation to a service or a contract that you have entered into or because you have asked for something to be done so you can enter into a contact with us.
- Its use is in accordance with our legitimate interests outlined in this notice.
- Its use is necessary because of a legal obligation that applies to us (except an obligation imposed by a contract).
- You have consented or explicitly consented to the using of your data (including special categories of data) in a specific way.
- Its use is necessary to protect your vital interests. In certain circumstances we may use and/or disclose information (including special categories of data) we hold to identify, locate or protect you.
- Where you have made clearly sensitive categories of data about yourself public
- Where the processing of special categories of data is necessary for the establishment, exercise or defence of legal claims.
- Where authorised by law or regulation, we may undertake processing of special categories of data for a substantial public interest
- Where the processing of criminal conviction data is authorised by EU or Irish Law
Providing and holding personal information comes with significant right on your part and significant obligations on ours. You have several rights in relation to how we use your information. If you make your request electronically, we will, where possible, provide information electronically unless you ask us otherwise. You have the right to:
- Right of Access: Find out if we use your information, access your information and receive copies of your information
- Right of Rectification: Have inaccurate/incomplete information corrected and updated
- Right to Object: Object to particular uses of your personal data for our legitimate business interests or direct marketing purposes. However, doing so may have an impact on the services and products we can/are willing to provide. Object to the use of your personal data for direct marketing purposes. If you object to this use, we will stop using your data for direct marketing purposes.
- Right to be forgotten: Have your data deleted or our use of your data restricted – you have a right to this under certain circumstances. For example, where you withdraw your consent you gave us previously and there is no legal basis for us to retain it, or where you object to our use of your personal information for particular legitimate business interests.
Right of Portability: In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format. You can ask us to transmit that information to you or directly to a third- party organisation.
The above right exists only in respect of personal information that:
- you have provided to us previously; and
- is processed by us using automated means.
While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third-party organisation’s systems. We are also unable to comply with requests that relate to personal information of others without their consent.
- Right to restriction of processing: To withdraw consent at any time where any processing is based on consent. If you withdraw consent, it will not affect the lawfulness of processing based on your consent before its withdrawal.
If you wish to exercise any of your data rights, you can contact us by:
- Phone: 061 354581
- Email: email@example.com
- In writing: Making-Cents, Amalfi, Mount Catherine, Co. Clare.
If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests) we may extend this period by a further two calendar months and shall explain the reason why. If you make your request electronically, we will try to provide the relevant information electronically.
You also have the right to complain to the Data Protection Commission or another supervisory authority. You can contact the Office of Data Protection Commissioner at:
- Phone: 0761 104 800 or Lo Call: 1890 252 231
- Fax: 057 868 4757
- Email: firstname.lastname@example.org
- In writing: Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23, Co Laois
- Aggregate Information About Making-Cents Online Visitors
We gather information and statistics collectively about all visitors to our website, for example:
- which area users access most frequently
- which services users access the most
- the type of operating system and browser software
- the geographical location of browsers
- broad demographic information
- to monitor mouse clicks and movements and scrolling activity.
We only use such data in the aggregate form and our analytical services do not record any personal information. The information and statistics we collect helps us determine what is most beneficial for our users and how we can continually improve our online services to create a better overall experience for our users. Although such data may be shared with third parties, such as advertisers, the underlying data is not shared with anybody else.
We do automatically track certain information about your behaviour while visiting our Web pages. We use this information in order, to measure our Web site’s performance, user traffic, improve its design and functionality and other internal management purposes.
At this time, we do not permanently store “cookies” on your PC and do not employ “cookies” to transmit personal information. We use “session cookies,” which gather information stored in a browser’s memory and include the URL from which you accessed the Web site and which URL you visit next. The session cookie is never saved nor written to disk, and the information contained in the session cookie is only valid for that particular session and is discarded when the browser is closed. The information we collect in this way does not identify you personally and you remain anonymous unless you voluntarily choose to provide SSG with personal information.]
We have put in place measures to ensure the security of the information we collect and store about you and will use our reasonable endeavours to protect your personal data from unauthorised disclosure and/or access including through the use, of network and database security measures, but these cannot guarantee the security of any data which is collected and stored. We use encryption when collecting or transferring sensitive data, such as credit card information.
How to contact us
If you have any questions about how we use your information, you can contact us by:
- Phone: 061 354581
- Email: email@example.com
- In writing: Making-Cents, Amalfi, Mount Catherine, Co. Clare