This privacy notice tells you what to expect us to do with your personal information

What information we collect, use, and why?

We collect or use the following information to provide and improve our services for clients:

  • Names and contact details
  • Addresses
  • Gender
  • Pronoun preferences
  • Occupation
  • Date of birth
  • Marital status
  • Third party information (such as family members or other relevant parties)
  • Payment details (including card or bank information for transfers and direct debits)
  • Financial data (including income and expenditure)
  • Transaction data (including details about payments to and from you and details services you have purchased)
  • Usage data (including information about how you interact with and use our website, and services)
  • Information relating to compliments or complaints
  • Video recordings
  • Audio recordings (eg calls)
  • Records of meetings and decisions
  • Account access information
  • Website user information

We collect or use the following personal information for the operation of client or customer accounts:

  • Names and contact details
  • Addresses
  • Purchase or service history
  • Account information, including registration details
  • Information used for security purposes
  • Marketing preferences
  • Technical data, including information about browser and operating systems

We collect or use the following personal information for information updates or marketing purposes:

  • Names and contact details
  • Addresses
  • Profile information
  • Marketing preferences
  • Purchase or account history
  • Website and app user journey information
  • IP addresses

We collect or use the following personal information for research or archiving purposes:

  • Names and contact details
  • Addresses
  • Purchase or client account history
  • Website and app user journey information
  • IP addresses

We collect or use the following personal information to comply with legal requirements:

  • Contact information
  • Identification documents
  • Client account information
  • Health and safety information
  • Any other personal information required to comply with legal obligations

We collect or use the following personal information to protect client welfare:

  • Names and contact information
  • Client account information

We collect or use the following personal information for recruitment purposes:

  • Contact details (eg name, address, telephone number or personal email address)
  • Date of birth
  • Copies of passports or other photo ID
  • Employment history (eg job application, employment references or secondary employment)
  • Education history (eg qualifications)
  • Right to work information

We collect or use the following personal information for dealing with queries, complaints or claims:

  • Names and contact details
  • Addresses
  • Payment details
  • Account information
  • Purchase or service history
  • Call recordings
  • Photographs
  • Relevant information from previous investigations
  • Customer or client accounts and records
  • Financial transaction information
  • Information relating to health and safety (including incident investigation details and reports and accident book records)
  • Correspondence

How do we collect your data?

  • Directly from you
  • Regulatory authorities
  • Publicly available sources
  • Providers of marketing lists and other personal information
  • Suppliers and service providers

How do we store your data?

MRAG implements policies and procedure to ensure that the data we hold is secure and protected, these are documented in our MRAG Information security plans and policies document that is part of or ISO 9001 quality management system. The polices and plans are reviewed both as part of the ISO 9001 and by our external auditors. The plan and policies cover the following aspects

  • Information security organization
  • classifying information and data
  • controlling access to information and systems
  • processing information and documents
  • purchasing and maintaining commercial software
  • securing hardware, peripherals and other equipment
  • addressing personnel issues relating to security
  • complying with legal and policy requirements
  • detecting and responding to incidents
  • planning for business continuity

These polices include recognition of the General Data Protection Regulation (Regulation (EU) 2016/679), and define infrastructure, systems and polices that we have to ensure we comply with the regulation, such as the identification and risk assessment of personal information, uses of restricted networks, encryption, training.

If we no longer need your data, we will delete it or make it anonymous by removing all details that identify a person. Our retention schedule for personnel records is 5 years after leaving employment for financial records is 10 years. 

Sharing your information

We may share your information with MRAG ltd in the UK, based on the European Commission's adequacy decision, which recognizes that UK ensures an adequate level of protection for personal data. This means that transfers to UK are considered equivalent to transfers within the European Economic Area in terms of data protection.

What are your data protection rights?

Our Company would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access - You have the right to request Our Company for copies of your personal data. We may charge you a small fee for this service.

The right to rectification - You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request Our Company to complete information you believe is incomplete.

The right to erasure - You have the right to request that Our Company erase your personal data, under certain conditions.

The right to restrict processing - You have the right to request that Our Company restrict the processing of your personal data, under certain conditions.

The right to object to processing - You have the right to object to Our Company's processing of your personal data, under certain conditions.

The right to data portability - You have the right to request that Our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact the data protection officer at dpo@mrag-europe.eu

Changes to our privacy policy

Our Company keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 03 July 2025.

How to contact us

If you have any questions about Our Company's privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email the data protection officer at dpo@mrag-europe.eu

How to contact the appropriate authority

Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact the Office of the Information Commissioner (OIC).

Address: 6 Earlsfort Terrace, Dublin 2, D02 W773

Email: info@oic.ie
Phone number: +353 1 639 5689