Privacy Notice
Cosgrave Group is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights.
For the purposes of the GDPR the data controller is:
- Cosgrave Group
- Contact details of gdpr@cosgravegroup.com
- When we refer to ‘we’ it is Cosgrave Group
Please read this Privacy Notice carefully as this sets out the basis on which any personal data, we collect from you, or that you provide to us, will be processed by us.
Who are we?
The Cosgrave Property Group is an Irish property development company established by brothers Joseph, Michael, and Peter Cosgrave. Cosgrave Property Group have established a very strong reputation throughout Ireland for the quality of both their residential and commercial developments.
Our GDPR Owner and data protection representatives can be contacted directly here:
- Email address gdpr@cosgravegroup.com
- Phone number 01 611 0400
How do we collect your information and what information do we collect?
The personal information we collect varies depending upon the nature of our services. We will endeavour to provide you with an overview of those categories of personal data our organisation collects and our purpose for using that data.
Our organisation collects personal data in the following ways:
- When you sign a residential lease with us.
- When you sign a commercial lease with us (please note that Company information is not personal data.
- Your personal data is collected by our Agents in their negotiation with you.
- When you purchase a residential property from us – again this information is collected through our selling Agents.
- When we develop a site. Supplier/Subcontractor contact details, bank account and insurance details, site staff details
- Contact us with a complaint or query.
- Apply for a position with us.
- Covid Contact Tracing Forms
- Payroll Employee Details
We have ensured that our Cookies are Compliant.
What information do we collect?
We receive personal data that you provide, that is necessary in the provision of our construction, property development, property sales, residential and commercial rental businesses. We may receive information from our purchasers, tenants, vendors, suppliers, buyers, agents.
The information we collect about you includes the following:
Residential Leases:
- Contact and Identifying information, e.g., name, address, contact details, email, mobile, PPS, bank account, previous tenancy references, dependents, photo ID.
- Unique identifiers e.g., PPS number, Registration of tenancy with RTB
- Employment information: e.g., role, employment status (such as full/part time, contract), salary information, and employment history.
We require this information when you sign a lease with us.
Commercial Leases
Personal data is any information relating to a natural person – therefore company information is not personal data. We still however collect personal data in relation to commercial leases. We collect the same personal data as residential leases if the data relates to a natural person. We also collect:
- Public available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office.
- VAT Number
- Financial Records/Accounts.
We require this information when you sign a lease with us.
Residential Sales
- Name, contact details, our Solicitors will close the sale and then your information is passed to the Property management company and/or Utility companies that look after the Development.
Property Construction/Development
When we undertake a project such as a development, we may collect the following personal data:
- Supplier & Subcontractor details – Contact and bank account details
- Insurance and safe pass information for workers on site
- Site induction details
- Health and Safety details – Safe Pass cards, Training records
Special Categories of Personal Data
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
How do we use your personal data? Our Legal Basis.
We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.
- Your Personal Data will be used to enable us to fulfil our contractual obligations with you, such as
the sale of residential property, the rental of residential and commercial property, our construction and development projects, producing sales and contracts reports, interacting with suppliers and sub-contractors.
- Legal obligation, the use of some of your personal data is necessary for us to meet our legal obligations such as Revenue and the PRTB.
- Vital Interest: we may process personal data and use vital interest to cover interests that are essential for someone’s life. This lawful basis is very limited in its scope, and generally only applies to matters of life and death.
How we share your data
When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties with information that is necessary for them to perform the services and we take measures to protect your information. The measures include these third parties signing a data processing agreement with us. Such parties include:
- Legal advisors
- Accountants/Auditors/Financial Advisors
- Property Management Agents
- Property Sales Agents
- Property Subcontractors
- Property Maintenance companies
- Property Utility Companies
- Insurance Partners
- Claims investigators – in relation to litigation.
- Lenders
- Development Project Monitors
- Statutory Authorities
Third-party processors: We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. These processing operations remain under our control, and we have data processing agreements in place with all our third-party processors to ensure all processing is carried out in accordance with our security standards and the GDPR.
Transferring personal data outside of Ireland
The transfer of such personal data from Ireland to outside the EU does not undermine the level of protection of the individuals concerned. Therefore, transfers to third countries or international organisations are be done in full compliance with the GDPR.
The European Commission has adopted two adequacy decisions for the UK, guaranteeing that personal data can now flow freely from the EU to the UK.
There is no finding of adequacy of the transfer of data from the Ireland to the US. In the absence of an adequacy decision the GDPR allows the transfer if the controller or processor has provided appropriate safeguards. These safeguards include Standard Contractual clauses.
Security
The security of your personal data is important to us, we have implemented appropriate technical and organisational measures to ensure a level of security appropriate to the risk. We have processes in place to protect your personal data from loss, unauthorised access, misuse, alteration and destruction.
Personal data will be disposed of securely.
Retention
Cosgrave Group shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.
The retention period for each category of personal data will be set out in our Retention Schedule and documented in our Retention Policy along with the criteria used to determine this period, including any statutory obligations we have.
Data Subjects Rights:
Cosgrave Group facilitate you, our clients, rights in line with our data protection policy and the subject access request procedure. This is available on request.
Your rights as a data subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling.
- Right to make a complaint: if Organisation Name refuses your request under rights of access, we will provide you with a reason as to why.
All the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
Complaints
If you wish to make a complaint about how your personal data is being processed by Cosgrave Group or how your complaint has been handled, you have the right to lodge a complaint with the Grosgrave Groups GDPR Owner.
You may also lodge a complaint with the Data Protection Commission in Ireland, whose details are:
Data Protection Commission
21 Fitzwilliam Square South,
Dublin 2.
D02RD28
Email: info@dataprotection.ie
Failure to provide further information.
If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
When you fail to provide us with information, we require to fulfil our obligations to you we may be unable to offer our services to you.
Contact Us
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us:
- Email address gdpr@cosgravegroup.com
- Phone number 01 611 0400
Privacy Notice
When we update this privacy notice/statement, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our privacy notice so that you are aware of updates.
This privacy policy was last reviewed in July 2021.