Privacy Statement

Effective from 15/11/2021

Introduction

McDonald Dwyer Reddy and Byrne Insurances Limited are committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client. It is the intention of this privacy statement to explain to you the information practices of the Company in relation to the information we collect about you. Our full Privacy Policy is available upon request by contacting info@mdrb.ie.

For the purposes of the GDPR, the data controller is:

• McDonald Dwyer Reddy and Byrne Insurances Limited
• Contact details: 131 – 132 Parade Quay, Waterford Telephone: 051-872080 Email: info@mdrb.ie
• When we refer to ‘we’ or ‘the Company’ it is McDonald Dwyer Reddy & Byrne Insurances Limited

Please read this Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Who are we?

McDonald Dwyer Reddy & Byrne Insurances Limited (“the Company”) is a Private Limited Company, trading from 131/132 Parade Quay, Waterford, Ireland, 051-872080. We offer a wide range of services, including Insurance placements, Risk reviews, Claims reviews and support and Risk management. We transact business with the leading insurers and a full list of these is available on request. We do not have a tied relationship with any Product Producer that would compromise our ability to offer independent advice and choice.

The Company is an independent insurance intermediary and provides the following services:

• Advising on the selection of Non-Life insurance products best suited to its clients’ needs.
• Receiving and transmitting orders to product producers.

Advice to clients is based on a fair analysis of the available market.

Our GDPR Owner and data protection representatives can be contacted directly here at info@mdrb.ie or 051-872080

Collection of data

The majority of the data we receive about you (and other people insured under your policy of insurance) comes from the information you have provided to us. We may also obtain personal data from various other parties or sources including insurance companies, third parties involved in a claim/potential claim, finance companies, and from industry databases (geocoding/address information/penalty points/vehicle details, etc)

Purpose for processing your data

•  Your data is processed by us in order to provide you with Non-Life insurance products best suit your needs. We will submit your data to Product Producers in order to provide the most suitable policy for you.
• We mainly use your data to provide a quote, set up, administer, and manage your policy, and manage complaints and claims. However, we may also use the personal data we gather for any or all of the following purposes:
  o To verify your (or your representative’s) identity
  o To provide add-on services (eg. breakdown assistance cover)
  o To offer a finance facility to you
  o For statistical analysis and review within the Company
  o For the detection and prevention of fraud, money laundering, and other offenses
  o For staff training and management
  o For storage and to make back-ups of data
  o For compliance with all relevant laws and regulations
  o To record calls in order to verify instructions you give to us over the phone or to confirm that we provided you with certain
  information over the phone.
  o As set out in this document and other documents provided or made available to you

Why we are processing your data? Our legal basis.

The legal bases we rely on for using your personal data for the above purposes in the majority of circumstances are where:

• We need to process your data as this is necessary for the performance of a contract of insurance to which the individual has entered into or in order to take steps at the request of the data subject prior to entering into a contract (including a quote that is not taken up).
• The processing is necessary for compliance with a legal obligation to which we are subject.
• The processing is necessary for the purposes of legitimate interests pursued by us for the proper running of our business.

In any event, the Company is committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

How will the Company use the personal data it collects about me?

McDonald Dwyer Reddy and Byrne Insurances Limited will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavor to keep your information accurate and up to date, and not keep it for longer than is necessary.

Special Categories of personal data

If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) we will obtain your explicit consent.

Who are we sharing your data with?

We may pass your personal data on to third-party service providers contracted to McDonald Dwyer Reddy and Byrne Insurances Limited in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with GDPR procedures. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.

The third parties that we may share your personal data with include:
1) Your representatives, such as a relative or another person insured on your policy.
2) Insurance intermediaries and insurance companies in order to obtain a quote, set up, manage and administer your policy as requested by you.
3) Our representatives and representatives of your insurer such as companies that provide various services (including telecommunications, data storage, credit checking, IT, risk analysis), finance companies, and claims related service providers(including for the assessment of liability, injuries, damage to vehicles and other property).

We have issued all our third-party processors with a Data Processor checklist asking them GDPR specific questions.

If we transfer personal data to a third party or outside the EU we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available.

If you hold insurance against a liability that may be incurred by you against a third party, where for whatever reason you cannot be found or you become insolvent, or the court finds it just and equitable to so order, then your rights under the contract will be transferred to and vest in the third party even though they are not a party to the contract of insurance. The third-party has a right to recover from the Insurer the amount of any loss suffered by them. Where the third party reasonably believes that you as policyholder have incurred a liability the third party will be entitled to seek and obtain information from the Insurer or from any other person who is able to provide it concerning:

• the existence of the insurance contract,
• who the insurer is,
• the terms of the contract, and
• whether the insurer has informed the insured person that the Insurer intends to refuse liability under the contract

Data Subjects Rights:

McDonald Dwyer Reddy and Byrne Insurances Limited facilitates you, our client’s, rights in line with our Data Protection Policy and the Subject Access Request procedure. This is available on request.

Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

•  Right of access – you have the right to request a copy of the information that we hold about you.
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
• Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
• Right of portability – you have the right to have the data we hold about you transferred to another organisation.
• Right to object – you have the right to object to certain types of processing such as direct marketing.
• Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated
  processing or profiling.
• Right to judicial review: in the event that Organisation Name refuses your request under rights of access, we will provide you with a reason
  as to why.

All of the above requests will be forwarded should there be a third party involved as we have indicated in the processing of your personal data.

Additional information we are providing you with to ensure we are transparent and fair with our processing

Retention of your personal data

Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. McDonald Dwyer Reddy and Byrne Insurances Limited will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body Central Bank of Ireland and our internal governance.

Complaints

In the event that you wish to make a complaint about how your personal data is being processed by the Company or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and McDonald Dwyer Reddy and Byrne’s data protection representatives.

Failure to provide further information

If we are collecting your data for a contract and you cannot provide this data the consequences of this could mean the contract cannot be completed or details are incorrect.

Additional Processing

If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information prior to processing this data.

Contact Us

Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 051-872080 or info@mdrb.ie

Privacy policy statement changes

The Company may change this privacy policy from time to time. When such a change is made, we will post a revised version online. Changes will be effective
from the point at which they are posted. It is your responsibility to review this privacy policy periodically so you’re aware of any changes. By using our
services you agree to this privacy policy.

Consent to Contact

Here at McDonald Dwyer Reddy and Byrne Insurances Limited, we take your data protection seriously and will only use your data as discussed with you in our Privacy Statement. However, from time to time we may contact you in relation to a product that may be of interest to you. The agreed method of contact:

• Email
• SMS
• Phone
• Post
• Fax

If you wish for us to not contact you, please let us know here.