DPC publishes Guidance and Report on the Use of Cookies and Other Tracking Technologies

,

On the 6th April, the DPC issued a Guidance Note (GN) on Cookies and other tracking technologies. This Guidance note follows an examination by the DPC of the use of cookies and other similar technologies on a selection of websites across a range of sectors. The DPC will allow a period of 6 months from the publication of the guidance for controllers to bring their products, including websites and mobile apps, into compliance, after which enforcement action will commence.

ePrivacy Regulations and GDPR

The GN outlines the requirements under the ePrivacy Regulations 2011 and GDPR for the use of cookies and other tracking devices for the processing of personal data, including the law on cookies and it’s purpose, requirements for consent, provision of “clear and comprehensive information” about the use of cookies and the requirements for cookie banners.

Third Party Processors

Consideration is also given to the need to assess relationships with third parties whose assets are deployed on a website, for instance the use of “like buttons”, plugins, widgets, pixel trackers or social media sharing tools. There is a requirement to be aware of the information that is collected and disclosed to these third parties, in particular engaging a third party to process payments where a controller-processor contract will need to be in place with that organisation to meet the requirements of Art 28(3) of the GDPR.

Record of Processing Activities

It is important to note that it is not necessary that a cookie contain personal data in order that the user’s consent be required to set it. Under Art 30 of the GDPR, there is a requirement to maintain a comprehensive record of each specific type of processing as part of your record of processing activities, which includes processing relating to cookies and other tracking technologies.

Special Categories of Personal Data

If your organisation is processing special categories of personal data through information derived from cookies, this is subject to stricter rules under Art 9 of the GDPR. The only legal basis your organisation is likely to have for the processing of any special category data derived from the use of cookies or other tracking technologies is the explicit consent of those individuals whose data you are processing.

Storage Limitation Principle

The DPC also noted that the lifespan of a cookie should be proportionate to its function. This is in line with the storage limitation principle under the GDPR. Organisations should check their current practices and make the necessary changes to comply with this principle.

Location Tracking

The GN also outlines the requirements regarding the use of cookies and other technologies to track the location of a user i.e. the need for consent. The Court of Justice of the EU recognised the sensitivity of location data because it can be used to derive very precise information about individuals and their behaviour, including daily movements and activities, places of residence, social relationships and the social environments they frequent.

Now that the DPC has issued guidance, organisations should ensure that their approach is compliant.

Our Data Protection Support Services team can assist you in implementing a successful data protection programme, achieving and maintaining compliance with EU data protection requirements while delivering security, productivity, risk management and cost-efficiency benefits. View our GDPR Service Offering for more information.

To read the guidance note, click below:

For a summary of the DPC findings and recommendations, see report below:

 

 

/by

eWorking Tax Relief

, ,

With the recent outbreak of COVID-19, employees throughout the country have been asked to work from home. While these are challenging times for both employers and employees, Revenue offer a measure of relief for employers and employees who are engaged in “eWorking”. Revenue have today confirmed in their eBrief No. 045/20 that the current Government recommendations for employees to work from home as a result of COVID-10 meet the conditions for the “eWorking” tax relief.

Revenue define eWorking as where an employee works:

  • at home on a full or part-time basis
  • part of the time at home and the remainder in the normal place of work

eWorking involves:

  • logging onto a work computer remotely
  • sending and receiving email, data or files remotely
  • developing ideas, products and services remotely.

Employers can make a payment of €3.20 per workday to an employee who is working from home without deducting PAYE, PRSI or USC. This payment is to cover expenses such as heating, electricity and broadband costs. Amounts paid in excess of €3.20 are subject to tax as normal. Records of payments made must be retained by the employer for the purpose of any potential future Revenue compliance intervention.

In addition, where employers provide any of the following equipment to their employees, no benefit-in-kind arises as long as it is primarily for business use:

  • computer, laptop or computer equipment (eg. printers, scanners)
  • software to allow you to work from home
  • telephone, mobile and broadband
  • office furniture.

There is no obligation on employers to make this payment. If employers do not make this payment, employees can instead make a claim online at the end of the year by filing a tax return. Employees are not entitled to claim the round sum of €3.20. They are entitled to claim for vouched expenses that are incurred wholly, exclusively and necessarily in the performance of their duties of the employment. For most office workers this would be their home heating and electricity costs.

Any reimbursement of these expenses that has already been paid by the employer should be deducted from the claim amount. While receipts are not required to file the return, Revenue can request these for a period of up to six years after the year in which the claim relates, so employees should always keep a record of these.

In the case of utility bills, Revenue have advised that they are willing to accept that the average proportion of the house attributable to a home office is 10%. Therefore, for every day an employee works at home as a result of the current Government recommendations, they are able to make a claim for 10% of the utility bills for that day.

It is important to note that outside of the current Government recommendations regarding working from home, the eWorking relief does not apply to workers who bring work home outside of normal working hours, ie. evenings and weekends.

If any further information is required or if you have questions on the above, please don’t hesitate to contact our dedicated COVID-19 Client Response Team or our Tax Department.

/by

Crowleys DFK Awarded Excellence in Public Sector Services

,

Excellence in Public Sector Services

We are delighted to have been awarded the Public Sector Magazine’s Excellence in Public Sector Services Award 2020 for our “consistent high-quality services to the public sector”. 

It is great to be recognised for our work in the Public Sector. Last year we strengthened our Public Sector Department even further by adding another Partner, David Coombes, to our team. This strong leadership has helped ensure that we deliver a seamless and consistent service to our public sector clients.”  commented Vincent Teo, Head of Public Sector Services. 

For more information on our Public Sector Services, please get in touch 

/by

The Role of the Company Secretary

,

Section 129(1) of the Companies Act 2014 requires every company in Ireland to have a company secretary. Outlined below is a short description of the role of the company secretary followed by a brief introduction into a company secretary’s duties and obligations.

A company secretary is an officer of a company. The company secretary may also act as a director of the same company, but not act in dual capacity when signing documents on behalf of the company. The role differs from that of a Director of a company, in that the role focuses on tasks delegated by the board of the company.

A day in the life of a company secretary

The tasks for a company secretary can be varied. While the role of the company secretary predominantly consists of tasks delegated by the board of directors, the role of the company secretary goes beyond effectively and, efficiency communicating decisions of the board to the relevant bodies and may take on a much more advisory role within a company.

Often the role of the company secretary can consist of advising companies and boards on the best practices of corporate governance. Corporate governance embodies a wide variety of concepts and guidelines from the leadership involved to achieve a well-functioning board of directors, effectiveness of the board, accountability of officers of a company, inducting new directors and advising them on the board dynamics, remuneration and the importance of maintaining a transparent, functioning rapport with both the stakeholders and shareholders of company through effective general meetings. Thus, it is often the task of a company secretary to ensure that the directors of a company discharge their obligations in accordance with the Companies Act 2014.

A company secretary must also fulfil the more unsung tasks with regards to maintaining statutory registers coupled with the onerous task of attending board meetings in order to preserve and effectively record the minutes of that meeting.

It is important to note that while a company secretary doesn’t have as many codified duties as a director in terms of their common law and fiduciary duties, the role of a company secretary amounts to an officer of a company and thus is still subject to sanctions under the 2014 Companies Act.

In short, the day to day life of a company secretary depends on the need of a company and its board – whether it’s relaying the decisions of a board of the directors to the Companies Registration Office by registering changes in the boards structure, advising the board on a pressing corporate governance issue, attending board meetings or engaging with stakeholders or shareholders with regards to a general meeting or corporate event such as dividends.

For further information on the role of the company secretary, please contact Emma Dunne, Manager of our Corporate Compliance Department.

/by

Board Meetings and Minute Taking – What needs to be done?

,

Section 160-166 of the Companies Act 2014 (“the Act”) governs both board meetings and committee meetings by laying down guidelines, that can be amended or omitted from a company’s constitution and mandatory provisions, that must be adhered to. For the purpose of this article, board meetings will be the main point of discussion.

Every director is entitled to reasonable notice of the meeting, a meeting can be called by a director alone or by a company secretary at the requisition of a director. The quorum necessary for the transaction of business is fixed as 2 directors. However, where there is a sole director, one director is accepted to meet the requirements of a quorum. A Chairperson of a board meeting can be fixed for a specific period. However if the chosen Chairperson is not present and a period of 15 minutes has elapsed, the directors may choose one of their own to chair the meeting. The majority of votes may pass a resolution. If there is an equal vote, the Chairperson shall be the casting vote.

Section 161 provides for the option to pass a written resolution signed by all the relevant directors (i.e. directors who are entitled to notice of the meeting) in lieu of a board meeting. This has the same effect as physically holding the board meeting with the directors. This section also stipulates the manner in which a board meeting can be held and extends the scope of what it means to attend a board meeting through electronic communication. The section also provides a guide for the location of the board meetings, subject to the company’s constitution:

  • Where the largest group of those participating are assembled
  • If no such group exists, the next suitable location is the where the chairperson is
  • If neither of the above apply, then it falls to any such place that the meeting decides

The Act also covers the requirements for minute taking of the board minutes in section 166. The accurate and efficient recording, drafting and maintenance of minute taking is imperative to ensure administrative compliance. Section 166(1) states that minutes must be maintained for the following purposes:

  • All appointments of officers made by directors
  • The names of all the directors present at each meeting of its directors
  • All resolutions and proceedings at all meetings of its directors

Typically the Chairperson, once approved by the board, signs the minutes at the following board meeting. The board minutes can also be subject to inspection by the Director of Corporate Enforcement. If a company fails to comply with the Director of Corporate Enforcement regarding the request of the company’s minutes, the company and any officer in default shall be guilty of a category 4 offence, i.e. a fine not exceeding €5,000.

For further information, please contact Emma Dunne, Manager of our Corporate Compliance Department.

/by

The Registration of Business Names Act 1963

,

The Registration of Business Names Act 1963 (“the Act”) requires individuals, partnerships and body corporates, who wish to trade under a name that differs from their true name, to register that business name with the Companies Registration Office (the “CRO”). The purpose behind the act reflects the position that the legislation doesn’t allow businesses to hide their true name and thus run the risk of defrauding their consumers.

When does a business name need to be registered?
  • Where an individual uses a business name which differs in any way from their surname.
  • Where a partnership uses a business name which differs in any way from the true names of all the partners who are individuals.
  • Where a company uses a business name which differs from its corporate name.
  • Where a person having a place of business in Ireland carries on the business of publishing a newspaper.
Please note the following:
  • The chosen name for the registered business is not final until approved by the Companies Registration Office.
  • Only residents in the Republic of Ireland can register a business name as a sole trader. If you are not a resident in the Republic of Ireland, a letter of business permission form would need to be sent to the Department of Justice.
  • Registering a business name does not protect the name from being used by someone else – as a company name registration would. There can be multiples of one business name in the Republic of Ireland.
  • A registered business name does not automatically mean the name will be an appropriate and acceptable company name due to their different requirements.
Where does a registered business name need to be displayed?
  • When the certification of registration is granted by the Companies Registration Office, a copy of the certification must be displayed in a noticeable position in the business. If there are multiple locations it would need to be displayed in the prominent place of business along with every branch office, or place where the business is carried out.
  • A company needs to show its registered business name on all corporate documents e.g. letter headings, stationary, resolutions etc.
  • If the business is a body corporate, additional information needs to be disclosed on documents such as the full name of the company, the registered number and the address of the registered office.
Sanctions for a breach of the Act

Section 11 of the Act requires a body corporate or a person to disclose their true name on business documentation, failure to do so can result in a summary conviction.

For assistance in registering your business name, please contact Emma Dunne, Manager of our Corporate Compliance Department.

/by

Data Breach Trends Identified in First Year of GDPR

,

The Data Protection Commission have published an information note on data breach trends identified by their Breach Assessment Unit in the first year of GDPR.

Some of the trends and issues identified by the Breach Assessment Unit include:

  • Late notifications;
  • Difficulty in assessing risk ratings;
  • Failure to communicate the breach to data subjects;
  • Repeat breach notifications; and
  • Inadequate reporting.

You can view the full information note here.

At Crowleys DFK, we are dedicated to helping you achieve GDPR compliance. Our Data Protection Support Services’ team offer the following services:

  • Preparing a Gap Analysis between current practices and those required under the current legislation and regulation.
  • Ensuring Data Protection, Records Management and Retention Policies and Procedures are in line with current legislation and regulations.
  • Conducting Data Mapping exercise.
  • Developing Privacy Notices/Disclosures for your organisation.
  • Determining if a Data Protection Impact Assessment is required by your firm and provide assistance in implementing.
  • Providing support to your appointed Data Protection Officer/Privacy Officer and ensuring their roles and responsibilities fully include the requirements under the GDPR.
  • Providing GDPR workshops/training to Board members and staff.

For assistance or advice on Data Protection, please contact us.

/by

Government issue Cloud Computing Advice Note for Public Service Organisations

, ,

Cloud Computing Advice Note Public Service Organisations Crowleys DFK Xero Cloud Accounting

In October 2019, the Department of Public Expenditure and Reform published the Government’s Cloud Computing Advice Note. The Note sets out the Government’s view that public service organisations must now take a more proactive and progressive approach to embracing cloud computing.

Specifically, public service organisations are encouraged to take a “cloud-first” approach for all new systems. Likewise, they are encouraged to review all existing systems for cloud capability.

Crowleys DFK have recently been awarded a Platinum Partner status by Xero, a leading cloud accounting software. This recognition confirms that our cloud accounting offerings to our clients is accredited to the highest level.  We are best placed to offer public and private sector clients of all sizes in implementing cloud accounting solutions for their business.

Our team of cloud accounting experts provide the following services:

  • Identify the most appropriate accounting system for your business.
  • Implement the chosen solution for you, tailoring it to your unique requirements.
  • Provide ongoing training and support to you and your staff.

For assistance or advice on cloud accounting, please contact David Coombes, Partner, Public Sector & Government Services.

/by

Central Bank issues Guidelines on Anti-Money Laundering (AML) and Counter Terrorism Financing

,

On 6 September 2019, the Central Bank issued guidelines to help firms meet their anti-money laundering (AML) and countering the financing of terrorism (CFT) obligations.

Money laundering and terrorist financing is a large global issue. An estimate of between 2% (€715 billion) and 5% (€1.87 trillion) of global GDP is laundered each year.

These guidelines aim to help firms to understand their obligations under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010-2018.

Speaking at the launch of these guidelines, Director General, Financial Conduct, Derville Rowland said,

“Firms must adopt a risk-based approach to fulfilling their obligations and ensure that their controls, policies and procedures are fit for purpose, up-to-date, tested and kept under constant review and scrutiny.”

“Effective regulation in this area strengthens the integrity of the financial sector and contributes to the safety and security of citizens by preventing drug dealers, and those engaged in human trafficking, terrorist attacks and organised crime, from using the financial system to support these activities,” she said.

“Financial institutions must know their customers, understand their customer profiles, monitor the way accounts are used and make reports of suspicions to An Garda Síochána, and the Revenue Commissioners where appropriate,’’ she added.

You can find a copy of the guidelines here and view the Central Bank’s press release here.

If you are a designated person for AML purposes and require assistance with your requirements under the legislation, please contact Tony Cooney, Partner and Head of Risk Consulting.

We provide the following services:

  • AML business risk assessments
  • Update AML policies and procedures for new legislative requirements
  • Provide AML training to Directors and staff
  • Independent AML function audits
/by

Our Analysis of Budget 2020

,

Analysis of Budget 2020

Minister Donohue delivered his “no surprises” Budget 2020 in the shadow of Brexit. Despite our economy being in a strong position and with a general election on the horizon, this was no give-away Budget. Both Minister Donohue and the Taoiseach had managed expectations in advance with talk of “safe choices in relation to taxation” and “modest, targeted welfare increases”.  Prudence seemed to be the order of the day.

There will be no deposit to our rainy day fund this year as the Government expects to have to borrow in 2020 to deal with a potential hard Brexit. A package of over €1.2 billion, excluding EU funding, was announced in the Budget to respond to Brexit.

Climate change was the other main influencer of Budget 2020. Increased carbon tax and other changes to vehicle-related taxes were all designed to support our transition to a low carbon economy. The balancing act for the Government was to ensure that the cost of these changes was distributed fairly. An increase to the weekly fuel allowance and allocations of €3 million to pilot new Agri-environmental schemes and €2.7 billion to the Department of Transport, Tourism and Sport in 2020 were some of the responses to this.

This Budget must have been a difficult one for the Government and partners to agree upon. It makes no moves towards the Taoiseach’s pledge to raise the 40% tax rate threshold to €50,000 and contains minimal social welfare increases. It looks like the possibility of a no-deal Brexit will haunt Irish politicians on the doorsteps long after Halloween and the current proposed Brexit date has passed!

For more information, please contact Eddie Murphy, Partner and Head of Tax Services.

/by