Privacy policy

Updated 17 February 2023

Grant Thornton Northern Ireland respects the right to privacy and wants to protect the privacy of those who view or interact with our website www.grantthorntonni.com

Please read the following statement; it will help you to understand how we use the personal data that you may provide to us through the use of our website. Information on how we use personal data in relation to professional engagements can be found here.

Please note that we may update this privacy statement from time to time. We will include a review date at the top of the page so you will know when we make changes.

 

About Us

In this privacy statement “we”, “our”, and “us” refers to Grant Thornton Northern Ireland.  Grant Thornton Northern Ireland is part of Grant Thornton Ireland and is one of several partnerships under Irish Law trading as Grant Thornton and the following legal entities: Grant Thornton (NI) LLP; Grant Thornton Financial & Taxation Consultants Limited; Grant Thornton Business Advisory Services Limited; Grant Thornton Corporate Finance Limited; Grant Thornton Consulting Limited; Grant Thornton Financial Counselling Limited; Grant Thornton Debt Solutions Limited; Grant Thornton Pensioner Trustees Limited; Grant Thornton Limited (Isle of Man) and Grant Thornton (Gibraltar) Limited.

 

What personal data do we collect?

We collect personal data such as your name, address, telephone number and e-mail address when you submit an enquiry (either through the enquiry form or directly to an individual in Grant Thornton Northern Ireland), when you subscribe to or submit an interest in our newsletters and publications, when you request additional information or when you want to enter any competitions or promotions organised by us.

From time to time, we may also collect some publicly available personal data such as name, employer and job title and /or position about individuals who interact with the content or publications on our website for example, when an individual shares a Grant Thornton Northern Ireland publication or article via a social media platform.

When you submit an interest in working for Grant Thornton Northern Ireland through our online platform or directly to an individual within Grant Thornton Northern Ireland, we collect personal data such as name, contact details, employment history and educational background, details of current immigration status and other information which you volunteer on your curriculum vitae or application in order for us to consider your application for a position with us as the first step in the recruitment process.

We also use cookies to collect data about visitors to our website (for example information on browsing patterns) in accordance with our cookie policy. Please read our cookie policy below to find out more specific information about what cookies are, how you can control the use of cookies on our website and what cookies are used on our website.

All IP addresses of users of this website are anonymised within Google Analytics as soon as technically feasible at the earliest possible stage of the collection network.

 

Our lawful basis for processing

We rely on several lawful basis of processing when we collect and use personal data to operate our business and provide products and services to our clients. These include:

• Public interests – where the processing of data is necessary for providing certain services to clients (eg statutory audit) or for certain requirements we are subject to.
• Legal obligations – in order to comply with the legal and regulatory obligations we are subject to as a provider of regulated services and as a commercial business.
• Contract – in order to perform contractual obligations we may have with an individual or to take steps to enter into a contract with an individual.
• Consent – where an individual has freely given consent at the time their personal data was provided to us.
• Legitimate interests – the legitimate interests can be ours, our clients or other third parties (eg to provide our services, to develop or protect our business, or to keep people informed about relevant products and services) and we always balance the rights of individuals with ours’ and others’ legitimate interests.

 

How do we use your personal data?

We may use your personal data to respond to your enquiries, send you newsletters and publications to which you may have subscribed, send event invitations, provide you with additional information as requested and to include you in any competitions or promotions organised by us.

When you apply for a position with Grant Thornton Northern Ireland, we will process the personal data you provide to us in order to consider your application for a position with us as the first step in the recruitment process. 

If and when you leave Grant Thornton Northern Ireland and should you wish to be included, we may also process your information to help us maintain a engaged alumni community with the Firm thereafter.

 

Who we share data with

We only share personal data with others when absolutely necessary for the purposes for which we hold it and where appropriate contractual arrangements and security mechanisms are in place.

We will pass your personal data to:

Member firms of GTIL where needed to provide services to our clients and for administrative purposes.

Suppliers that support us and help provide services to our clients, such as providers of cloud-based software, IT systems, security, archiving storage and destruction, recruitment, due diligence and background checks, marketing and payment services.

Professional advisors, auditors or insurers, where we are required by law or as reasonably required in the management of our business.

Law enforcement or other government and regulatory agencies or to other third parties, where we are required by law, the courts or any legal or regulatory authority we are subject to. We will only provide personal data in these circumstances where permitted or there is a legal requirement.

 

Transfers Abroad

We are a multi-territory firm and therefore data is transferred between offices to ensure efficient running of the business. Therefore, where necessary data is transferred outside of the UK to the Dublin office.

Whilst we store personal data on servers within the UK, in line with the above, we may need to transfer personal data outside the UK. This includes to countries that are not recognised by the Government of the UK as providing an equivalent level of protection for personal data as in the UK (also known as having adequacy). Where we do so, we ensure that appropriate measures are in place to comply with our obligations under data protection legislation. This can include entering into an agreement governing the transfer containing the ‘standard contractual clauses’ (also known as ‘model clauses’) approved for this purpose by the Government of the UK.

 

How long will we hold your personal data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Please see our cookie policy for details on how long we store information collected by cookies.

 

Links

This is the website of Grant Thornton Northern Ireland, as operated by Grant Thornton Ireland, a practicing, trading organisation that delivers services. Grant Thornton Ireland is a member firm of GTIL. GTIL and its member firms are not a worldwide partnership. GTIL and each member firm of GTIL is a separate legal entity.

Our website contains links to Grant Thornton member and correspondent firm websites, but this privacy statement applies only to personal data collected via websites operated by Grant Thornton Ireland and to how Grant Thornton Ireland processes the personal data collected via these websites. It does not apply to specific member or correspondent firms practising under the Grant Thornton name.

Our website may also contain links to other sites and certain social media platforms.

We are not responsible for the privacy practices of these or other sites. We encourage our visitors to be aware when they leave our website, and to read the privacy statement of other sites that collect or use personal data.

 

Security

Unfortunately, no data transmission over the Internet or any other network can be guaranteed as 100% secure, but we take appropriate steps to try to protect the security of your personal data.

 

Your rights

You have the right, subject to certain exemptions,

• to obtain a copy of any personal data we hold about you,
• to request rectification or erasure of such data,
• to request restriction of processing or to object to processing,
• and data portability.

If you become aware that information we maintain about you is inaccurate, or if you would like to update or review your information, you may contact us using the contact information below. We will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate. We may limit or deny access to personal information where providing such access would be unreasonably burdensome or inappropriate under the circumstances. All requests to change personal information will be handled in accordance with applicable legal requirements. If you would like to change your information you should contact us at dataprivacy@ie.gt.com or contact us at our registered office:

Registered office address: 12-15 Donegall Square West, Belfast, BT1 6JH, Northern Ireland.

Grant Thornton Northern Ireland will take steps to address your request to the extent consistent with and permitted by laws, regulations and professional standards applicable to Grant Thornton and our own internal policies.  

You also have the right to complain to the Data Protection Commission and the Information Commissioner’s Office or another supervisory authority.