Privacy Statement 

Information on who we are 

Charles McCarthy Insurances Limited (the Company) is committed to protecting the privacy and security of your personal data

The Company is incorporated in Ireland with a registered office address at Anderson Centre, Fermoy County Cork and is responsible for any personal data collected when anyone avails of services from and purchasing the products of The Company (including online)

The Company website is one of our primary channels of communication providing information on our programmes and services

The Company is a data controller. This means that we are responsible for deciding how we hold and use personal data about you

This notice is provided to you in line with our obligations under Data Protection Law. This privacy notice describes how we collect and use personal data about you in accordance with Data Protection Law

From 25 May 2018 existing data protection law was amended and we now have enhanced accountability and transparency obligations concerning your personal data

It is important that you read this notice so that you are aware of how and why we are using your information

Data Protection Leader 

We have appointed a data protection leader to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact Danny OConnell at (021) 4279999 | E: 

The kind of information we hold about you 

Personal data means any information about an individual from which that person can be identified. It does not include anonymous data i.e. data from which you cannot be identified

There are special categories of more sensitive personal data which require a higher level of protection

When you avail of our services or purchase products from The Company, we may collect, store, and use the following categories of personal data about you

  • Identity Data details such as first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
  • Contact Data name, title, addresses, telephone numbers, and business and personal email addresses.
  • Profile Data your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Financial Data where you make payments to The Company, we will collect the IBAN, BIC and the name of your bank/building society or your credit card details where relevant.
  • Transaction Data details about payments to and from you and other details of products and services you have purchased from us
  • Marketing and Communications Data data on your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Interaction and Usage Data when you interact with us we will record details of those interactions (for example, phone calls, email correspondence and hard copy correspondence as well as information on how you use our website, products and services). If you make a complaint we will process details concerning that complaint.
  • Mandatory Data data that is mandatory for us to collect to comply with certain legal and regulatory obligations that apply to our business such as our health and safety obligations.
  • Sensitive Data information about your health, including any medical condition, where you disclose those details to us so that we can accommodate any special needs you may have when you avail of our services including to comply with our obligations under the Equal Status Acts.
  • Technical Data such data would include internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plugin types and versions, operating system and platform and other technology on the devices you use to access this website
  • CCTV Data personal data on CCTV footage recorded for security and health and safety purposes

How is your personal information collected? 

We collect personal data through our interactions with you, when you avail of our services or purchase our products and when you complete our administrative forms in hard copy or online for our services and products

Cookie Subgroup Cookies Cookies used _gat_gid_ga 1st Party _fbp, _gat_UA-nnnnnnn-nn, _ga, _gid 3rd Party , ASPSESSIONIDXXXXXXXX 3rd Party __utma, __utmb, __utmz, __utmc 3rd Party _gat, _gid, _ga 3rd Party visited 3rd Party , ASP.NET_SessionId 3rd Party

We use different methods to collect data from and about you including through

  • Direct interactions. You may give us your identity, Contact, Financial, Interaction and Usage Data by filling in forms, using our website or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you
    • apply for our products or services;
    • create an account on our website;
    • subscribe to our service or publications;
    • request marketing to be sent to you;
    • enter a competition, promotion or survey;
    • or give us feedback
  • Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see our cookie policy [LINK] for further details
  • Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below
    • Technical Data from the following parties
      • analytics providers such as Google based inside/outside the EU];
      • search information providers.
    • Identity and Contact Data from publicly availably sources such as the Companies Registration Office.

How we use your personal information 

We will only use your personal data when the law allows us to

We need to process your personal data primarily to allow us to perform our contract with you and to enable us to comply with our legal obligations. In some cases we may use your personal data to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests

We may also use your personal information where we need to protect your interests (or someone elses interests) or where it is needed in the public interest

If you fail to provide personal information 

If you fail to provide certain data when requested, we may not be able to enter into or perform our contract with you or provide you with our services

Where we require your personal data to enter into a contract and to provide you with our services, we will make this clear

Change of purpose 

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so unless this is otherwise required or permitted by law (in which case we may process your personal data without your knowledge or consent)

How we use particularly sensitive personal information 

Special categories of particularly sensitive personal data require higher levels of protection

We may process special categories of personal data where we need to carry out our legal obligations or where it is needed in the public interest 

Less commonly, we may process this type of data where it is needed in relation to legal claims or where it is needed to protect your interests (or someone elses interests) and you are not capable of giving your consent, or where you have already made the information public

We will use information about your physical or mental health, or disability status, to ensure your health and safety when you are availing of our services and to ensure that we comply with the Equal Status Acts

Automated decisionmaking 

Automated decisionmaking takes place when an electronic system uses personal information to make a decision without human intervention

You will not be subject to decisions that will have a significant impact on you based solely on automated decisionmaking, unless we have a lawful basis for doing so and we have notified you


We may contact you by mail, email and telephone and social media about our products and services and other events which might be of interest to you

You may receive marketing communications from us if

(a) you have requested to receive or consented to the receipt of information from us; or (b) purchased goods or services from us (and our marketing communications will only be in 

relation to similar goods or services); or (c) it is in our legitimate interest

and, in each case, you have not opted out of receiving the marketing communications

You will only receive electronic marketing communications under (b) above where such products or services were purchased within the 12 months prior to the receipt of the communication

You have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, please send us an email to and include the McCarthy Insurance Group Client Code Ref. No., Name and Address 

Data sharing 

against Insurer 

Consumer Insurance Contracts Act 2019 Right of Third Party to claim
* Applicable to General Insurance policies only 

If you hold insurance against a liability that may be incurred by you against a third party, where for whatever reason you cannot be found or you become insolvent, or the court finds it just and equitable to so order, then your rights under the contract will be transferred to and vest in the third party even though they are not a party to the contract of insurance. The third party has a right to recover from the insurer the amount of any loss suffered by them. Where the third party reasonably believes that you as policyholder have incurred a liability the third party will be entitled to seek and obtain information from the insurer or from any other person who is able to provide it concerning

  • the existence of the insurance contract,
  • who the insurer is,
  • the terms of the contract, and 
  • whether the insurer has informed the insured person that the insurer intends to refuse liability under the contract 

We will share your personal data with third parties where required by law, where it is necessary to perform our contract with you or where we have another legitimate interest in doing so

We will share your data with trusted thirdparty service providers. We may also share your personal data with other third parties, for example, in the context of a transfer of our statutory functions or with a regulator or to otherwise comply with the law

We require third parties to respect the security of your data and to treat it in accordance with the law

All our thirdparty service providers are required to take appropriate security measures to protect your personal data. We do not allow our thirdparty service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality

We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so

Transferring information outside the EU 

We may transfer the personal data we collect about you outside the European Economic Area (EEA) where a trusted service provider is based outside of the EEA. We will always take steps to ensure that any transfer of your information outside of the EEA is carefully managed to protect your privacy rights

Data retention 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal data are available in our retention policy which is available from the Company by E Mailing or 

In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you

Rights of access, correction, erasure, and restriction 

Your duty to inform us of changes 

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes

Your rights in connection with personal information 

Under certain circumstances, by law you have the right to

  • Request access to your personal information.
  • Request correction of the personal information that we hold about you.
  • Request erasure of your personal information.
  • Object to processing of your personal information.
  • Request the restriction of processing of your personal information.
  • Request the transfer of your personal information to another party

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact Danny OConnell at (021) 4279999 | E: or E: 

You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it

Right to withdraw consent 

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact Danny OConnell at the contact details provided above. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law


You have the right to make a complaint at any time to the Data Protection Commission, the Irish supervisory authority for data protection issues. The Data Protection Commission can be contacted at the Office of the Data Protection Commissioner. Canal House, Station Road, Portarlington, Co. Laois, R32 AP23, Ireland or by emailing

Changes to this privacy notice 

We reserve the right to update this privacy notice at any time. We may also notify you in other ways from time to time about the processing of your personal information

If you have any questions about this privacy notice, please contact Danny OConnell at (021) 4279999 | E: