Who we are
Ergo is the largest privately-owned IT services company in Ireland, headquartered in Dublin. We provide IT services to a wide variety of customers across a broad spectrum of industries.
We have a data privacy officer who is responsible for overseeing our approach to privacy. If you have any questions or would like to exercise your rights with respect to your personal data please contact us using the details set out below:
Data Privacy Officer
Eastpoint Business Park,
Clontarf, Dublin 3
The purpose and basis for processing your information.
We collect your information for the following purposes and rely on a number of different professional bases to use your personal information.
a) To enter into and perform a contract with you
When we are engaged to carry out professional services it is necessary to collect personal information from you in order to obtain instructions in relation to those professional services and to carry out those professional services.
b) For our legitimate business interests
Where we process your information for our legitimate interests, we ensure that there is a fair balance between our legitimate interests and your fundamental rights and freedoms.
We may use your personal information to manage our everyday business needs including accounting, internal reporting needs, and market research, to progress and respond to professional queries, to provide recruitment services to our clients, to ensure appropriate IT security, and to prevent fraud, in our legitimate interest. Our legitimate interest is the effective management of our business.
We may use your personal information to update you on professional developments, firm developments or to invite you to events that we feel may interest you in our legitimate interest. Our legitimate interest is to connect with our clients and to update our clients on the services that we provide.
We will, in certain circumstances, rely on your explicit consent to process your personal data, including, sensitive personal data. This consent can by withdrawn at any time by using the contact details of the Privacy Officer set out above.
Categories of data subjects
Personal data we process for our own purpose and on your behalf may include but may not be limited to your client and prospect data, your staff data, your contractor data, your supplier data. Categories of data subjects will, where we act as a data processor, be determined by you and as contemplated by our engagement terms and provision of our professional services.
Types of information we collect and some examples of how we use it
We may collect, use, store and transfer different kinds of personal information about you as follows and use it for a variety of different purposes and across various professional services we provide to you.
Example of how we use it
Name, address, email address, telephone numbers
We use this information to perform our professional services as instructed, to send you marketing information about events, updates, and services, and to respond to your queries.
Name, address, date of birth, PPSN, marital status, nationality, driving licence, passport, visa details
We use this information to perform our professional services as instructed and verify your identity
Occupation and income details such as employer name, employment status, salary, other incomes & benefits, expenses
Information concerning marital and family status
Bank Account Statements
We use this information to perform our professional services as instructed and for future employment with the firm where applicable.
We use this information as part of the recruitment process to evaluate potential candidates
Creditors and suppliers listings
We use this information to perform our professional services as instructed.
Interactions with our staff and partners
We use this information to keep a record of your interactions with us, to monitor and train our staff or to provide you with professional services.
Information on your health insurance membership, criminal offences/convictions
We use this information to provide our professional services as instructed or for the establishment if health insurance membership where applicable.
Duration of processing
We will process personal data on your behalf for as long as you instruct us to do so. At the cessation of our processing activities on your behalf it is your choice as to what happens to the personal data you have provided to us. We will work with you to carry out your reasonable instructions unless we are required to retain it to comply with legal obligations.
Personal data we collect for our own purposes will be managed in accordance with our Data Retention Policy which reflects current legal obligations.
Ergo and our subsidiaries and affiliated companies utilise a number of suppliers to provide us with IT and other associated services for the delivery of our business and services to you. In many cases, the suppliers we use will be granted access to the data we are processing in order to provide us with technical assistance. Such processing activities are not directly related to our principal services to you and are considered ancillary to our own internal activities.
Our people may need to be able to work from anywhere in the world using our IT services. Data may be stored on Ergo encrypted devices and transported with individuals as necessary for the delivery of our services in accordance with the terms and conditions we have agreed with you. We have put in place appropriate technical measures to ensure data remains secure irrespective of where our people deliver our services.
We may process your personal data through any of our other Group member firms worldwide. In the event this is necessary we will ensure appropriate controls exist in the form of EU standard contractual clauses to protect your data and data subject rights and freedoms.
Transfers outside the European Economic Area
We may transfer your personal data outside the European Economic Area. These countries do not always afford an equivalent level of privacy protection and in such circumstances, we take specific steps, in accordance with data protection law to protect your personal information. In particular, for transfers of personal data outside the EEA where there is no adequacy decision by the European Commission, we may rely on contractual protection approved by the European Commission or the applicable safeguards under data protection law.
Ergo has put technological and organisational controls, including policies and procedures, in place to protect your personal data from loss, misuse, alteration or unintentional destruction. Our personnel who have access to the data have been trained to maintain the confidentiality of such information. Conditions to protect data to at least the same standard as we do are cascaded to all our contractors, sub processors and suppliers.
We carry out regular monitoring and testing of our security defences to ensure they continue to be effective against the latest threats.
Data transferred over the internet by us and through our website are protected using encryption technologies to ensure they remain secure.
Please note that no communications over the internet can be guaranteed as secure. Whilst we take appropriate steps to protect your data, we cannot guarantee that it will remain secure in transit. Once data reaches your network it is your responsibility to ensure it remains secure.
You have several rights under data protection law in relation to how we use your personal information. You have the right free of charge to;
- request a copy of the personal information we hold about you;
- rectify any inaccurate personal data we hold about you;
- have your personal data held by us erased;
- restrict processing of your personal information;
- object our use of your personal information for our legitimate interests;
- receive your personal information in a structured commonly used and machine-readable format; and
- to have that data transmitted to another data controller.
These rights are in some circumstances limited by data protection legislation. If you wish to exercise any of these rights, please contact us using the contact details set out at 1 above. We will endeavour to respond to your request within a month. If we are unable to deal with your request within a month, we may extend this period by a further period of two months and we will explain why.
You also have the right to lodge a complaint to the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, or online through the website www.dataprotection.ie
We welcome any queries, comments or requests you may have regarding this Privacy Statement Policy. Please do not hesitate to contact us at firstname.lastname@example.org
Or in writing to:
1st Floor, Block T,
East Point Business Park,