Privacy Statement


This Privacy Statement explains how Crowleys DFK collect personal information about you, how we use it and how you can communicate with us regarding the use of your data.

All personal information we collect about you will be processed in accordance with the EU General Data Protection Regulations (GDPR), which is applicable from the 25th May 2018. If you have any questions or require more detailed information about this statement, please e-mail or write to our Privacy Team at:

Crowleys DFK
1st Floor
16/17 College Green
Dublin D02 V078

Data Protection Legislation

Data Protection Legislation means laws relating to the processing of personal data including the EU Data Protection Directive 95/46/EC, Directive 2009/136/EC, the General Data Protection Regulation (EU) 2016/679 and the Irish Data Protection Acts 1988 to 2018 including any amendments or new laws which may be implemented from time to time.

Who we are?

Crowleys DFK is a firm of Chartered Accountants and business advisors. Founded in 1975, the firm has offices in Dublin and Cork. Our services include audit, accounting, tax, internal audit, corporate governance, compliance and risk services, payroll, company secretarial and business consultancy.

We are registered to carry on audit work and authorised to carry on investment business by the Institute of Chartered Accountants in Ireland. We are supervised by the Irish Auditing and Accounting Supervisory Authority (IAASA) and by Chartered Accountants Regulatory Board (CARB).

What personal data do we collect?

When we engage with you to provide you with professional services, we collect and use personal data in connection with those services. Such information can include:

  • Name, company you work for and position
  • Contact information such as postal address, e-mail address and telephone numbers
  • Financial information
  • Any other personal data relating to you or other third parties which you provide to us for the purpose of receiving our services.

As part of the services Crowleys DFK provide to clients, we also process data of individuals with whom we do not have a direct contractual relationship with. In such cases, we seek confirmation from our clients that they have the authority to provide personal data to us in connection with the performance of the services and that any data they provide to us has been processed in accordance with applicable law.

When you browse the Crowleys DFK website, we may ask for personal information such as your name, address, billing address, e-mail address, contact telephone and mobile number, and date of birth. For job vacancy applicants we may collect exam and professional qualifications.

We may also collect information about you through website searches (such as IP addresses and domain types), your browser type, the country where your internet service provider is located, the pages of our website that were viewed by you during your visit and any search terms that you used. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. This information is only used for our own research purposes to improve our service to you.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:

  • To estimate our audience size and usage pattern, and accumulate and analyse anonymous, aggregate statistical information.
  • To store information about your preferences, and so allow us to customise our site according to your individual interests and display appropriate product categories that may be of interest to you.
  • To assess which features of our site are being accessed so we can improve our site and better deliver content and products of interest to you.
  • To speed up your searches.
  • To track your return visits to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting, you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

How we use your personal data?

We use your personal data to provide you with information on services that you request from us or that may be of interest to you, where you have consented to be contacted for such purposes.

We may also use your personal information in order to fulfil our obligations arising from any contracts entered into between you and Crowleys DFK. To meet certain statutory legal obligations, it may also be necessary for us to process your personal information.

How do we collect personal data?

We collect personal data through our various interactions with you. Such as websites, e-mail, post and in person. For example, we collect and process your personal data when you engage with us directly by:

  • Visiting our website
  • Submitting an on-line application to receive information from us
  • Requesting any information from us
  • Communicating with us via social media platforms
  • Visiting us personally or speaking to us by phone
  • Communicating with us via the client portal

How long do we keep your personal data?

Personal data is kept in line with Crowleys DFK records retention policy. We keep your information to meet our legal and regulatory requirements and to enable Crowleys DFK to provide our services to you. We will not keep your personal information for longer than is considered necessary for these purposes.

Do we share personal data?

In order to fulfil our legal, regulatory and contractual obligations we may pass personal data to staff, service providers and to government, statutory and regulatory bodies.

In particular, we may also disclose personal data if:

  • Crowleys DFK or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or to protect the rights, property, or safety of Crowleys DFK, our clients, or others.
  • In some instances, Crowleys DFK may share your personal data with various outside companies, or service providers or vendors working on our behalf to help fulfil your requests. We will only use such third parties that are bound by a data protection agreement ensuring appropriate levels of data protection, security and confidentiality.
  • In addition, Crowleys DFK may transfer certain personal data across geographical borders to other affiliated member firms or outside companies working with us or on our behalf. This may include countries that do not have laws that provide specific protection for personal information.
  • Crowleys DFK may transfer personal data outside the European Economic Area (but only to a recipient who (i) is in a country which provides an adequate level of protection for personal data or (ii) is under an agreement which covers the EU requirements for the transfer of personal data to processors outside the EEA).
  • Crowleys DFK may also disclose your personal information to law enforcement, regulatory or other government agencies or to other third parties as required by, and in accordance with, applicable law and regulation.

Direct Marketing

If we have authority to send you information about our services, you may be contacted by us through a variety of means such as e-mail and post.

It is always your choice whether you want to receive this information. Whether we send you marketing based on consent that you give us or based on legitimate interest you can change your preferences to opt-out of receiving marketing at any time by e-mailing

How we keep your information safe?

At Crowleys DFK, we are committed to the protection and security of your personal data. We use a variety of security technologies and procedures to protect your information from unauthorised uses and access. As effective as security practices are, no physical or electronic system is entirely secure. We have implemented strict internal guidelines to ensure that privacy is safeguarded at every level in our organisation. Any transmission of personal data is at your risk. When we receive your personal information, we use appropriate security measures to seek to prevent “unauthorised access”.  We will continue to review our systems and we will implement additional security features as new technologies become available.

Our site may, from time to time contain links to and from other websites. If you follow a link to any of those other websites, please note that those websites have their own privacy policies and that we do not accept any responsibility or liability for those polices.

What are your data protection rights?

The table below sets out the rights which you have under Data Protection Legislation to address any concerns or queries with us about our processing of your personal data. These rights become fully available to you from 25th May 2018.


Further Information

Right to be Informed You have the right to know whether your personal data are being processed by us, how we use your personal data and your rights in relation to your personal data. We comply with this by way of this statement.
Right to Object to Processing In certain circumstances you have a right to object to our processing of your personal data where we process it for our legitimate interests, including any automated decision making, such as profiling.  We may not be able to comply with such a request where the processing of your personal data is required for compliance with a legal obligation.
Right of Access You have the right to request a copy of personal data held by us about you. We will only charge you for making such an access request where we feel the request is excessive.
Right to Rectification You have the right to request that we amend any inaccurate personal data that we have about you.
Right of Erasure You have the right to ask us to erase your personal data where:  a) it is no longer necessary to perform your contract with us; b) you object to the processing and we have no overriding legitimate grounds; c) your personal data have been unlawfully processed; or d) it must be erased to comply with a legal obligation.
Right to Restriction of Processing You have the right to ask us to restrict processing your personal data in the following situations: a) where you contest the accuracy of your personal data; b) where the processing is unlawful and you do not want us to delete your personal data; c) when you exercise this right we may only your store your personal data; or d) we may not further process this data unless you consent or the processing is necessary in relation to legal requirements or to protect the rights of another person or for reasons of important public interest. We will inform you before processing restriction is lifted.
Right to Data Portability You may request us to provide you with your personal data which you have given us, in a structured commonly used and machine-readable format and you may request us to transmit your personal data directly to another controller where this is technically feasible. The right only arises where: a) we process your personal data on the legal basis that it is necessary to perform our contract with you; and b) the processing is carried out by automated means.

We will provide you with information on any action taken upon your request in relation to any of these rights without undue delay and at least within one month of receiving your request. We may extend this up to two months, if necessary.  However, we will inform you if this arises.

You have the right to lodge a complaint with the Data Protection Commission (formerly the Office of the Data Protection Commissioner) regarding our processing of your personal data. We encourage you to discuss any concerns you have about the way we process your personal data before contacting the Data Protection Commission. If, after engaging with us, you are not satisfied by our efforts and responses to your concerns, you have the right to contact the Data Protection Commission:

Data Protection Commissioner
21 Fitzwilliam Square South
Dublin D02 RD28

Telephone: +353 (01) 7650100 | 1800 437737


Changes to this Statement

We may amend this Statement from time to time, in whole or part, at our discretion. The latest version of this document will always be available at and will take effect on the date that it is updated. Please review this Statement periodically to ensure you remain informed.

Any questions, comments and requests regarding this Privacy Statement are welcomed and should be addressed to