Home » Privacy Statement

Privacy Statement

Collins Crowley Solicitors (the “Practice”) are committed to protecting and respecting your privacy. We wish to be transparent in how we process your data and show you that we are compliant with Data Protection Laws and the General Data Protection Regulation (“GDPR”) in relation to not only processing your data but ensuring you understand your rights as a client.

It is the intention of this privacy statement to explain to you the information practices of the Practice in relation to the information we collect about you.

For the purposes of Data Protection the data controller is:

Collins Crowley Solicitors

28 Bridge Street Lower


Dublin 8

01 7093631

We ask that you please take the time to read this Statement carefully as this sets out the basis upon which any personal data we collect from you, or that you provide to us, will be processed by us.

  • Purpose for processing personal data

The primary reason(s) we have for collecting any of your Personal Data is to act on your behalf in respect of any legal proceedings in which you engage our services and, inter alia;

  • To respond to any initial query, when received, whether by use of: the website “Contact Us” form, correspondence, electronic communication or telephone contact.

    • To assess each prospective instruction before accepting engagement to ensure that we can and are willing to accept instructions in accordance with our relevant policies.

    • To comply (as a pre-requisite to accepting instructions) with our legal obligations under applicable anti-money laundering legislation.

    • To provide our legal services in accordance with client instructions to the firm pursuant to the terms of our letter of engagement.

    • To comply with the mandatory file retention requirements as detailed in the table set out in Appendix A attached hereto.

    • For file and record maintenance and for archiving purposes.

    • Where applicable, to provide long term storage of documents containing personal data such as title deeds, grants of probate/administration, wills, contracts of employment, pleadings and trust deeds.

    • For direct marketing of the services of the firm within a period of 12 months from the last instruction on the basis that all direct marketing communications will contain a clear method to opt out from subsequent direct marketing material.

    • We process the data of other individual solicitors and barristers that we engage with on client matter about client matters.

    • We process the data of individual doctors, engineers, other professional service providers, witnesses, estate agents, assessors, surveyors, enquiry agents and individuals that we engage with about client matters.

    • For job applicants to the firm, we process data to recruit new employees and to ascertain their suitability for a specific role.

  • What could constitute personal data?

The categories of personal data that we may collect include, but are not limited to, the following:-

  • Name, home address, work address, any temporary address, home phone number, work phone number, mobile phone number, IP address and email address.

  • Tax number, bank account number(s), mortgage account number, motor vehicle registration, terms and conditions of employment and, where appropriate to an instruction, medical and employment history.

  • In certain cases it may be necessary to process what Article 9 of the GDPR defines as “special categories” of personal data. Examples of the special categories are personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data processed for the purpose of uniquely identifying a natural person, data concerning health including medical and employment history and data concerning a natural person’s sex life and/or sexual orientation.

  • For administrative purposes we may provide a client questionnaire to facilitate taking detailed instructions. Clients will be asked to provide personal data in response to the certain questions therein. The provisions of this Privacy Policy apply to such questionnaires. Non-exhaustive examples include questionnaires in connection with the purchase or sale of property, taking of instructions in the making of a will or extracting a grant of probate or administration, court proceedings or submitting a claim to the Personal Injuries Assessment Board.

  • The legal basis for the processing of personal data:-

  • When instructing our firm and accepting the terms of our letter of engagement, the client gives consent to the processing of his/her personal data for the purposes set out therein.

  • If instructions to the firm involve the processing of special categories of personal data such as medical or health data, we will only process such personal data for the establishment, exercise or defence of the client’s case and for no other purpose and, in this regard, in instructing our firm and accepting the terms of our letter of engagement the client is furnishing the Practice with his/her express consent to such processing for such purposes for the required duration.

Mindful of the fact that an individual is free to withdraw his/her consent at any time it is important to set out the lawful basis (other than consent) for the processing of personal data by the firm:-

  • To take the necessary steps at the client’s request prior to entering into a contract with the client on foot of a letter of engagement or any pre-existing letter of engagement;

  • To comply with the requirements of anti-money laundering legislation;

  • To provide our legal services to the client as contracted for;

  • For the legitimate interest in the administration and operation of our legal services as well as our legitimate interest in marketing and promoting our firm’s legal services;

  • In appropriate circumstances to protect the vital interests of the client or of another natural person;

  • To keep any personal data, information and documents relating to the client or his/her business confidential;

  • To disclose the client’s personal data where required by law or regulation or in other exceptional circumstances;

  • To protect and respect the confidentiality of information and documents which we hold for our other clients;

  • To comply with the mandatory file retention obligations that are detailed in the table set out in Appendix A attached hereto.

  • The identity of those to whom personal data may be disclosed:-

In the normal course of running a solicitor’s practice and in the course of meeting our obligations as required by law, we may need to share/disclose client personal data to a third party/parties including, but not limited to:

  • Revenue Commissioners,

  • Law Society of Ireland,

  • Legal Services Regulatory Authority,

  • Local Authorities/Public Bodies,

  • Gardaí,

  • Courts Service,

  • Personal Injuries Assessment Board,

  • Department of Social and Family Affairs,

  • Banks/Financial Institutions,

  • Property Registration Authority,

  • Companies Registration Office,

  • Pension Services providers.

We also use professional and other services providers, which will involve some access to files and personal data including:-

  • Accountants (including forensic accountants) and Auditors,

  • Banks/Financial Institutions,

  • Other firms of solicitors representing other parties in client related transactions,

  • Barristers,

  • Professional witnesses – medical doctors/consultants, engineers, assessors and the like,

  • Professional Law Searchers,

  • Property Surveyors and Auctioneers and Estate Agents,

  • Enquiry Agents,

  • Insurers/insurance brokers,

  • Risk Management Auditors – (Institute of Legal Research & Standards),

  • Quality Control providers,

  • IT suppliers and maintenance contractors,

  • IT back-up and forensic software analysts and cloud storage providers,

  • External file and document archive storage providers,

  • Details of any transfers outside of the EEA:-

It may be necessary in terms of fulfilling our obligations to transfer client personal data  outside the EEA: for example to communicate with parties located in jurisdictions outside the EEA in order to discharge our functions in representing client interests in order to obtain legal advice or to maintain, prosecute or defend legal proceedings.

  • Retention times and the criteria used to determine how long personal data is retained:

Files are retained and ultimately deleted in accordance with the terms of our Data Retention/Deletion Policy. The minimum periods for file retention are set out in Appendix A attached hereto.


  • What are your rights with respect to the processing of personal data?

Please note that under the GDPR, you have the following rights in respect of your personal data:-

  • The right to access the personal data we hold about you.

  • The right to require us to rectify any inaccurate personal data about you without undue delay.

  • The right to have us erase any personal data we hold about you in circumstances where the processing is no longer necessary or where you withdraw your consent or where there is no overriding lawful basis for the processing.

  • The right to request a restriction of the processing of your personal data.

  • The right to data portability only in circumstances where the processing is carried out by automated means, is based on consent, or for the performance of a contract with the data controller and to the extent that it does not affect the rights and freedoms of others.

  • Where processing is based on consent – the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

  • The right to lodge a complaint with the Office of the Data Protection Commissioner.

In order to exercise any of the rights set out above, please contact us (see ‘Contact Us’ below). We may request that you provide proof of your identity for security reasons. We will respond to your request within one month. That period may be extended by two further months where necessary, taking into account the complexity and number of requests.  We have the right to refuse your request where there is a basis to do so in law, or if your request is manifestly unfounded or excessive, or to the extent necessary for important objectives of public interest.

  • Details of automated decision making:-

The Practice does not engage in any automated decision making or profiling.

  • Where the provision of personal data is a statutory or contractual requirement and the consequences of failure to provide such data:-

  • Unless and until the information required by the Practice is received so as to comply with the provisions of the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 and 2013 the firm will not act for you. We require proof of identity and proof of address and we are required to keep such documentation to satisfy the provisions of the legislation.

  • If you ask us to deal with any funds or property, you must have obtained them legally. If we become aware or suspect that these assets come from an illegal source, we must notify the Gardaí and the Revenue Commissioners without telling you, except in limited circumstances.  We will immediately stop acting for you if we have to report illegal assets.

  • How we keep your data safe

  • We ensure that there are appropriate technical and organisational controls in place to protect your personal details.  For example, our network is protected and routinely monitored.

  • We undertake regular reviews of who has access to information that we hold to ensure that your information is only accessible by appropriately trained staff and contractors.

  • We do comprehensive checks on any and all external companies before we work with them, and put a contract in place that sets out our expectations and requirements, especially regarding how they manage the personal data they are provided with or have access to.

  • Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

  • Contact Us

  • Questions, comments, requests and complaints regarding this privacy statement and the personal data we hold should be addressed to info@ccsolr.com or by writing to Collins Crowley Solicitors, 28 Bridge Street Lower, Citygate, Dublin 8.

  • Changes to this privacy statement

  • We reserve the right to change this privacy statement from time to time at our sole discretion.




Category of Files or other records

Period not less than

Statutory or regulatory reference

Protection of the firm:

(A) Periods of limitation within which the firm can be sued by the client arising out of a transaction

(B) Availability

of the file for the solicitor’s

professional indemnity insurers

All files

6 years*

Statute of Limitations Act, 1957, as amended, and other relevant legislation

Protection of the client: Periods of limitation within which the client can be sued by third parties arising out of a transaction

All files except as below

6 years*

Statute of Limitations Act, 1957, as amended, and other relevant legislation

Protection of solicitor and client


Conveyancing files

12 years*

Statute of Limitations Act, 1957 for title matters

Protection of solicitor and client. Various periods of limitation

Files of an infant

Relevant period of limitation after child has reached majority*

Statute of Limitations Act, 1957, as amended, and other relevant legislation

Protection of solicitor and client

Files of mentally incapacitated persons



Protection of solicitor, executors and beneficiaries

Probate files

12 years but where trust – see below “Trust files”*


Protection of solicitor, client, trustees and beneficiaries

Trust files

The lifetime of the trust plus 12 years*


Protection of solicitor and testator

Notes relating to drafting of will



Law Society/Legal Services Regulatory Authority investigation of complaints of inadequate services or excessive fees

All files

5 years

S. 8 and S. 9 Solicitors (Amendment) Act, 1994

Compliance with accounts regulations

All files – the file forms part of accounts records

6 years

Accounts Regulations, 2001 S.I. 421 of 2001

Compliance with accounts regulations


Accounts records

6 years

Regulation 20 (2)

Solicitors Accounts

Regulations 2001

S.I. 421 of 2001

Compliance with anti-money laundering legislation

(1) Documentation  evidencing the identity of clients

(2) Original documents or admissible copies of transactions

5 years

Criminal Justice Act, 1994 and Criminal Justice Act (Section 32) Regulations 2003 S.I. 242 of 2003

Compliance with revenue and tax law

All files

6 years


Compliance with VAT regulations

Files of persons with a taxable interest in land

Period of taxable interest plus 6 years

Section 16 VAT Act, 1972 as amended by Section

121 Finance Act, 2003


Protection of Solicitor and Employee

Employee Records

1 year minimum after cessation of employment

Section 25 of the Organisation of Working Time Act 1997


*The relevant period is calculated from when the applicable limitation period begins to run in each case. Because a court may grant a renewal of a summons for one year and thereafter, in certain circumstances, for a further 6 months, the firm may add 18 months to the relevant retention periods.