PRIVACY POLICY AND DATA PROTECTION STATEMENT 

Orion Management Services Limited trading as My Property Check is committed to protecting your privacy, which is why we have set out this Privacy Policy and Data Protection Statement describing the personal data that we might process about you, why we process it, where we might get your personal data from, and how we handle it. This notice also sets out how you can engage with us and how you can contact the Data Protection Commission, if you have any concerns about your personal data.

Purpose

This data protection policy ensures My Property Check:

  • complies with Data Protection legislation and follows good practice;
  • protects the rights of employees, clients and partners;
  • is transparent in terms of how it stores and processes individuals’ data;
  • protects itself from the risks associated with a data breach.

Scope

The General Data Protection Regulation 2016 (GDPR) replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. Its purpose is to protect the “rights and freedoms” of natural persons (i.e., living individuals) and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.  The GDPR came into force on 25 May 2018.  In Ireland, the national law, which amongst other things, gives further effect to the GDPR, is the Data Protection Act 2018.

 

Data Protection Statement

My Property Check, located at Unit 1E  Three Rock Road  Sandyford Business Park Dublin 18 is committed to compliance with all relevant EU and Irish law in respect of personal data, and the protection of the “rights and freedoms” of individuals whose information we collect and process in accordance with the (GDPR). We are committed to protecting and respecting personal data. We wish to be transparent on how we process personal data and demonstrate that we are accountable with the GDPR in relation to our processing of the data.

 

The GDPR describes how organisations must collect, handle and store personal information. These rules apply regardless of whether data is stored electronically, on paper or on other materials. To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.

 

Privacy Policy – Data Protection Principles

The GDPR is underpinned by six important principles requiring that personal data be:

  1. Processed lawfully, fairly and in a transparent manner;
  2. Collected for specified, explicit and legitimate purpose;
  3. Adequate, relevant and limited to what is necessary;
  4. Accurate and where necessary, kept up to date;
  5. Retained only for as long as necessary;
  6. Processed in an appropriate manner to maintain security.

 

The GDPR and this policy are applicable to all personal data processing functions, including those performed on customers’, clients’, employees’, suppliers’ and partners’ personal data, and any other personal data the organisation processes from any source.

 

The Data Protection Officer is responsible for reviewing the register of data processing annually, in light of any changes to My Property Check activities (as determined by changes to the data inventory register and the management review and to any additional requirements identified by means of data protection impact assessments (DPIA’s).

 

Partners and any third parties working with or for My Property Check, and who have or may have access to personal data, will be expected to have read, understood and to comply with this policy.

No third party may access personal data held by My Property Check without having first entered into a data confidentiality agreement, which imposes obligations on the third party no less onerous than those to which we are committed, and which gives us the right to audit compliance with the agreement.

Who we are and how to contact us

My Property Check is a business name owned by Orion Management Services Limited, a company registered in Ireland (Registration Number: 178622) and operates as a Law Searcher involved in law searching / documentation searches. Our Data Protection Officer is contactable at info@mypropertycheck.ie or if you wish to write to us, please use the following address:

Data Protection Officer

MyPropertyCheck
Orion Management Services Limited

Unit 1E

Three Rock Road

Sandyford Business Park

Dublin18

How we get your personal data and our legal basis for processing it:

Our data processing activities

Orion Management Services Limited trading as My Property Check (“We”) processes personal data both as a Data Controller, for our own purposes, and as a Data Processor on behalf of other persons or entities, our customers.

1: Data Controller Activities

Running our business

In the normal course of running our business we process the personal data of employees of our clients, suppliers and other third parties. This includes business contact details such as names, email addresses and phone numbers which may have been provided to us indirectly by your employer or our business partners rather than directly by you. These entities should provide their employees and associates with an appropriate information notice to cover how we process their data. In addition, we process personal data of our own employees.

All such data can be used to enable us to:

  • Provide you with the ability to use our services, to provide support services and to monitor such use for billing or security purposes.
  • Administer your or your employer’s contract with us, including invoicing, debt recovery etc.

Our legal basis for processing this data is either for our legitimate interests, or for the performance of a contract if we are dealing directly with you. If we are dealing with your employer or client, they should be advising you as to why they are providing your personal data to their customers or service providers. We obtain information about current, past or prospective employees either directly from you, or from recruitment consultants and the like. This information is used for HR administration, including payroll and recruitment.

Promoting our services

We process personal data of persons to whom we wish to promote our services. This will include business contact data which we may have collected directly from you either in the course of providing our services to you or from this website.

We may also have gathered your data through your interactions with our website or via email or telephone enquiries. Such data can be used to enable us to keep you informed about developments at My Property Check and our services, conducting market research and analysis, or determining which of our services are most suitable for you. We are doing so on the basis of our legitimate interests in promoting and developing our business.

As with any website, we interact with your device and browser to serve pages to you. This may involve collecting certain information, but we do not use this data to identify you by connecting it to other data. Rather we might only do so for security and fraud prevention purposes. The type of data acquired may include IP addresses, the addresses of the resources requested in URI notation (Uniform Resource Identifier), the time the request was made, the method used in making the request to the server, and other parameters related to the operating system and the computer environment of the user.

In all cases we will also process data as required by applicable law.

2: Data Processor Activities

Provision of services

My Property Check provides services as a law searcher conducting documentation searches in order to assist Customers in understanding the current legal ownership, planning and commercial status of properties in Ireland.

For these services, any personal data that we process is either supplied to us by our Customers who have an interest in a particular property or contained within public record data. In some cases it may not be supplied directly by you, the data subject.

We act as a Data Processor in the provision of our services and in this role, we may process personal data supplied to us from our Customer, the Data Controller, and act solely on the instructions of the Data Controller (our Customer) in the performance of our function (law searching and property searches):

For these services, we process personal data on the basis of our legitimate interests in providing the services in question, and the legitimate interests of our Customers who wish to be informed about the current legal ownership, planning and commercial status of properties in Ireland. Our processing of personal data in all such cases is balanced as against the fundamental privacy rights and freedoms of the data subject.

 

Your data protection rights

Where we are processing your personal data as a Data Controller, you may have the right to request of us access to, and rectification or erasure, of personal data or the restriction of processing concerning your data or to object to processing as well as the right to data portability. Furthermore, to the extent that our processing may be based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal. Please bear in mind that your rights in relation to your Personal Data are not absolute. It is important to note that we are processing much of the data either on the basis of legitimate interests or performance of contract, rather than consent. This means there is no absolute right to have such data erased, but you may have rights to both object to such processing or to restrict it. In circumstances where we have obtained your data from a third party we may need to confirm the accuracy of the data with that third party before rectification. Marketing communications by electronic means with you will be conducted in compliance with Statutory Instrument 336 of 2011 which give you specific privacy rights in relation to electronic communications. We will provide an opt-out in each communication which allows you express your preferences with regard to receiving subsequent communications. Please contact us at the email or postal addresses above if you wish to make a data subject request. In cases where we act as Data Processor, you would need to contact the respective “Data Controller” to exercise your data protection rights. If you have any such requests we can direct you to the appropriate Data Controller.

How to complain

You can report a concern to the Data Protection Commission:

Data Protection Commission,
21 Fitzwilliam Square South
Dublin 2
D02 RD28

email: info@dataprotection.ie

Website: www.dataprotection.ie

Date: February 2023

 

Personal data record of My Property Check as a Data Processor:

 

Subject Matter

 

 

 The processing of personal data as may form part of any instructions to conduct law searches and property searches on behalf of our Customers and as may be contained within property search results.

Data Retention

 

 

 

 

 The Data Processor does not process or retain any personal data processed for any longer than is necessary to complete the instructions of the Customer.

Nature and Purpose of the Processing

 

 

 

 

 To carry out the law searches and property searches or documentation searches on behalf of individuals or entities seeking property information relating to properties in the Republic of Ireland.

Categories of Data Subjects

 

 

 Any data subject to whom law search or property searchea request may relate as received from the Data Controller, our Customer, including but not limited to property owner, investor or buyer.
Types of Personal Data (i.e. any information relating to an identified or identifiable person)

Demographic Data

 

 Yes

Contact Details

 

 Yes

Financial Data

 

 Yes

Digital identifiers

 

 Yes

Social Media

 

 No

Special Data

 

 No

Criminal Offences/Convictions

 

 

 No
Government Identifiers No

Others

 

  

Recipients of Personal Data

 

 

 All employees of the Data Processor instructed in accordance with the instructions of the Data Controller.

Data Transfers

 

 

 No data transfers should occur between the Data Processor and any third party, without prior written consent of the Data Controller.

Security measures

 

 

 

The Data processor has implemented the appropriate technical and organisational measures to provide the Data Controller with sufficient guarantees to confirm that the processing undertaken by the Data Processor will meet with the requirements of the Data Protection Legislation and ensure the protection of the rights of the Data Subject.

 

The Data Processor ensures that it has at all times appropriate technical and organisational measures in place to protect the Personal Data against accidental, or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access or any other processing in breach of that applicable law in force at any time, including Data Protection Legislation, and that having regard to the state of technological development and the cost of implementing any measures, such measures provide a level of security appropriate to the risk represented by the processing and the nature of the Personal Data to be protected.

 

The Data Processor has implemented the appropriate technical and organisational measures to ensure a level of security appropriate to the risk to the security of Personal Data, which includes:

 

(i)     The pseudonymisation and encryption of Personal Data.

(ii)    The ability to ensure the ongoing confidentiality, integrity and availability of the Data Controller’s Personal Data and resilience of the Data Processor’s system and services for such Processing.

(iii)   The ability to restore the availability and access to the Personal Data in a timely manner in the event of a physical or technical incident.

(iv)  A process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

 

The Data Processor has ensured that its processing systems and processing services are resilient to attack and system failure, and that they adequately maintain confidentiality.

 

This Data Protection Statement and Data Protection Policy is kept under continuous review and subject to an annual audit and therefore is subject to change.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.