- Applicable Law
Our service contract with you, the schedule of services and our standard terms and conditions of business are governed by, and should be construed in accordance with Republic of Ireland law. Each party agrees that the courts of Republic of Ireland will have exclusive jurisdiction in relation to any claim, dispute or difference concerning this engagement letter and any matter arising from it. Each party irrevocably waives any right to object to any action being brought in those Courts, to claim that the action has been brought in an inappropriate forum, or to claim that those Courts do not have jurisdiction.
- Client identification
As with other professional services firms, we are required to identify our clients for the purposes of the Republic of Ireland anti-money laundering legislation. We may request from you, and retain, such information and documentation as we require for these purposes and/or make searches of appropriate databases. Such information and documentation includes (but is not limited to):
- Photographic ID (current driving licence or passport)
- Proof of address (recent utility bill or bank statement)
- Company incorporation documents (certificate of incorporation etc)
- Money laundering
The provision of accounting and taxation services is a business in the regulated sector under the Proceeds of Crime Act 2002 and, as such principals and staff in such firms have to comply with this legislation which includes provisions that may require us to make a money laundering disclosure in relation to information we obtain as part of our normal work. It is not our practice to inform you when such a disclosure is made or the reasons for it because of the restrictions imposed by the ‘tipping off’ provisions of the legislation.
- Client money
We may from time to time hold money on your behalf. Such money will be held in trust in a client bank account, which is segregated from the firm’s funds. The account will be operated, and all funds dealt with, in accordance with the client money rules of our Institute, CPA Ireland, and our regulatory body.
- Commissions and other benefits
In some circumstances we may receive commissions or other benefits for introductions to other professionals or in respect of transactions which we arrange for you. Where this happens we will notify you in writing of the amount and terms of payment and receipt of any such commissions or benefits. The fees you would otherwise pay will not be reduced by the amount of the commissions or benefits.
Communication between us is confidential and we shall take all reasonable steps to keep confidential your information except where we are required to disclose it by law, by regulatory bodies, by our insurers or as part of an external peer review. Unless we are authorised by you to disclose information on your behalf this undertaking will apply during and after this engagement. We may, on occasions, subcontract work on your affairs to other tax or accounting professionals. The subcontractors will be bound by our client confidentiality terms. We reserve the right, for the purpose of promotional activity, training or for other business purpose, to mention that you are a client. As stated above we will not disclose any confidential information.
- Conflicts of interest
We will inform you if we become aware of any conflict of interest in our relationship with you or in our relationship with you and another client. Where conflicts are identified which cannot be managed in a way that protects your interests then we regret that we will be unable to provide further services.
If there is a conflict of interest that is capable of being addressed successfully by the adoption of suitable safeguards to protect your interests then we will adopt those safeguards. Where possible this will be done on the basis of your informed consent. We reserve the right to act for other clients whose interests are not the same as or are adverse to yours subject of course to the obligations of confidentiality referred to above.
- Data Protection
We confirm that we will comply with the provisions of the Data Protection Act 1998 and the General Data Protection Regulation (GDPR) when processing personal data about you and your family. In order to carry out the services of this engagement and for related purposes such as updating and enhancing our client records, analysis for management purposes and statutory returns, legal and regulatory compliance and crime prevention we may obtain, process, use and disclose personal data about you. Details of how we hold, process and use your personal data are contained in our privacy notice below.
Officepal (“we”, “us” or “our”) is committed to protecting personal data and we want you to know that when you use our firm, you can trust us with your information. We are determined to do nothing that would infringe your rights or undermine your trust. This privacy statement describes the information we collect about you, how it is used and shared, and your rights regarding it.
The vast majority of the information that we hold about you is provided to us by yourself when you seek to use our services. We will tell you why we need the information and how we will use it. This privacy statement applies to all personal data provided to us whether by you or any other party.
Our lawful basis for processing your information
The General Data Protection Regulation (GDPR) requires all organisations that process personal data to have a lawful basis for doing so. The lawful bases identified in the GDPR, to which we adhere, are:
- Consent of the data subject;
- Performance of a contract with the data subject or to take steps to enter into a contract;
- Compliance with a legal obligation;
- To protect the vital interests of a data subject or another person;
- Performance of a task carried out in the public interest or in the exercise of official authority vested in the controller; and
- The legitimate interests of ourselves, or a third party, except where such interests are overridden by the interests, rights or freedoms of the data subject.
Examples of legitimate interests include:
- Where the data subject is a client or in the service of the controller;
- Transmission within a group of undertakings for internal administrative purposes;
- Processing necessary to ensure network and information security, including preventing unauthorised access;
- Processing for direct marketing purposes, or to prevent fraud; and
- Reporting possible criminal acts or threats to public security.
We take the security of all of the data we hold very seriously and have policies, procedures and training in place to cover data protection, confidentiality and security.
We use your information to:
- Deliver services and meet legal responsibilities;
- Verify identity where this is required;
- Process financial transactions;
- Maintain the safety, security and integrity of our services and records;
- Direct your enquiries to the appropriate department and staff;
- Investigate and understand needs and how they may be met;
- Communicate by post, email or telephone;
- Provide you with news about products, services, promotions, studies, surveys, updates and events;
- Investigate or address legal proceedings relating to your use of our services, or as otherwise allowed by applicable law;
- Make statutory returns as required by the relevant legislation;
- Review applications for employment and maintain employment records;
- Prevent and detect crime, fraud or corruption;
- Perform duties as contained within relevant legislation.
We do not use automated decision-making in the processing of your personal data.
Information that we collect
As stated above, the vast majority of the personally identifiable information that we hold about you is provided by yourself when you seek to use our services or when you make an employment application.
In addition, we may also collect information about you as a result of your relationship with one or more of our clients, employees or other service providers as well as where you have completed forms on various sections of our website or where you have requested information from us or subscribed for our services.
Personally identifiable information may include your name, address, telephone number and email address, family details including your ethnic origin, financial information, medical details and details of your education and employment history.
We may also automatically collect certain non-personally identifiable information when you visit our website which is explained further below.
By using any of our services, including our website, and by providing us with personal information you are indicating that you consent to the use of your personal information as set out in this policy.
Information that we share
We are a member of various networks and regulatory bodies, and as with other professional service providers, we may have to share your information with other third parties who assist us in running our business or delivering our services.
We may share your data with:
- CPA Ireland by whom we are regulated;
- Third party organisations that provide data processing and IT services to us;
- Third party organisations that otherwise assist us in delivering services or information;
- Auditors and other professional advisors;
- Our legal advisors in the event of a dispute or other legal matter;
- Law enforcement officials, government authorities, or other third parties to meet our legal obligations;
- In connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, refinancing, or acquisition of some or all of our business by another company;
- Any other party where we ask you and you consent to the sharing.
We will only share data with others when we are legally permitted to do so and when sharing data we put mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.
Information collected through the use of our website
- Validate users;
- Remember user preferences and settings;
- Determine frequency of accessing our content;
- Measure the effectiveness of advertising campaigns;
- Improve your online experience; and
- Analyse site visits and trends.
Retaining your data
Officepal, and the data we collect are subject to various regulatory and legislative requirements. We will endeavour not to keep your personal information for longer than required for us to fulfil our obligations. Where it is not possible to delete your data, we will ensure that appropriate security organisational measures are in place to protect the use of your data.
The General Data Protection Regulation provides individuals specific rights around your personal data. Officepal as a data controller is responsible for providing further information on those rights and how individuals can exercise them, as outlined below.
Access to your information
You have the right to request a copy of the personal information about you that we hold. Access to your personal data as stored on our cloud database is also available via our Client Portal to which you will have been invited to access.
Correcting your information
We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards. Your personal data can be updated and amended via our Client Portal to which you will have been invited to access.
Deletion of your information
You have the right to ask us to delete personal information about you where:
- You consider that we no longer require the information for the purposes for which it was obtained.
- We are using that information with your consent and you have withdrawn your consent – see Withdrawing consent to using your information below.
- You have validly objected to our use of your personal information – see Objecting to how we may use your information below.
- Our use of your personal information is contrary to law or our other legal obligations.
Objecting to how we may use your information
You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
Restricting how we may use your information
In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information but you don’t want us to delete the data. Where this right to validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
Withdrawing consent using your information
Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us in any of the ways set out in the contact information and further advice section if you wish to exercise any of these rights.
Changes to our privacy statement
We review our privacy statement and policies regularly and will place any updates on our website and in relevant communications.
Who to contact
Our registered address is 32 Baggot Street Upper, Dublin 4 and our Data Protection Officer (DPO) is John Donnelly. Our Data Protection Officer can be contacted at 32 Baggot Street Upper, Dublin 4.
We work hard to ensure that your personal information is treated safely and securely. Whilst we hope that you won’t ever need to, if you have a complaint about our use of your personal data, please provide details of your complaint to our Data Protection Officer at the address above. We will investigate and reply to all complaints received.
In addition, you also have the right to complain to the Information Commissioner’s Office (ICO). For further information please refer to the ICO website.
- Electronic and other communication
Unless you instruct us otherwise we may, where appropriate, communicate with you and with third parties via email or by other electronic means. The recipient is responsible for virus checking emails and any attachments. With electronic communication there is a risk of non-receipt, delayed receipt, inadvertent misdirection or interception by third parties. We use virus-scanning software to reduce the risk of viruses and similar damaging items being transmitted through emails or electronic storage devices. However electronic communication is not totally secure and we cannot be held responsible for damage or loss caused by viruses nor for communications which are corrupted or altered after despatch. Nor can we accept any liability for problems or accidental errors relating to this means of communication especially in relation to commercially sensitive material. These are risks you must bear in return for greater efficiency and lower costs. If you do not wish to accept these risks please let us know and we will communicate by paper mail, other than where electronic submission is mandatory. Any communication by us with you sent through the post [or DX] system is deemed to arrive at your postal address two working days after the day that the document was sent.
- External review
As part of our ongoing commitment to providing a quality service, our files are periodically reviewed by an independent regulatory or quality control body. These reviewers are highly experienced and professional people and, of course, are bound by the same rules for confidentiality as us.
- Professional rules and practice guidelines
We will observe and act in accordance with the bye-laws, regulations and Code of Ethics of CPA Ireland and accept instructions to act for you on this basis. In particular you give us the authority to correct errors made by HMRC/ Revenue Commissioner where we become aware of them. We will not be liable for any loss, damage or cost arising from our compliance with statutory or regulatory obligations. You can see copies of these requirements in our offices. The requirements are also available on the internet at www.cpaireland.ie
- Professional indemnity insurance
Our professional indemnity insurer is HCC International of Walsingham House, 35 Seething Lane, London, EC3N 4AH. The territorial coverage is worldwide excluding professional business carried out from an office in the United States of America or Canada and excludes any action for a claim brought in any court in the United States or Canada.
- General pricing and payment terms
Our fees may depend not only upon the time spent on your affairs or the value of work carried out in the delivery of your service packages, but also on the level of skill and responsibility and the importance and value of the advice that we provide, as well as the level of risk. It is our normal practice to agree a fixed price with you in advance for the provision of specific services. If it becomes apparent to us, due to unforeseen circumstances, that our fixed price quotation is inadequate, we reserve the right to notify you of a revised figure or range and to seek your agreement thereto. We will normally bill on completion of specific services or stages of our work and our invoices are due for payment upon presentation.
Unless otherwise agreed to the contrary our fees do not include the costs of disbursements, any third party, counsel or other professional fees. Our fees are exclusive of VAT which will be added where it is chargeable.
Should we resign or be requested to resign we will normally issue a disengagement letter to ensure that our respective responsibilities are clear. We will issue such correspondence to your last known email and postal addresses. It is your responsibility to inform us of any change of your home or business addresses.