IRES FUND Management Limited
Effective 17 January 2023
Summary of notable changes to this statement: 1.) Update of statement format for greater clarity and GDPR compliance.
By submitting information or documents to us during our transactions together, you acknowledge that your personal data will be processed in the manner described below.
Who are we?
This statement relates to the privacy practices of Irish Residential Properties REIT plc (“IRES REIT”) (Company Registration #: 529737), or where you are dealing with one of our subsidiaries, IRES Residential Properties Limited (“IRES Residential Properties”) (Company Registration #: 552768) or IRES Residential Properties (Tara View) Limited (“IRES Residential Properties (Tara View)”) (Company Registration #: TBC) (in either case, “I-RES”, “we”, “our”, “us” or “the Landlord”) of South Dock House, Hanover Quay, Dublin 2, Ireland D02 XW94.
The investment and property manager we have appointed is IRES Fund Management Limited (Company Registration #: 539306) (“IRES Fund”) of South Dock House, Hanover Quay, Dublin 2, Ireland D02 XW94.
This means that if you are a customer (i.e. a tenant or a prospective tenant) of I-RES, your day to day dealings with these parties, as applicable, take place through IRES Fund.
Whose personal data do we control/process and in what capacity?
I-RES is the ‘Controller’ of the personal data of the data subjects related to its own operations, being:
1.1. Past, present and prospective employees, officers, directors and members/shareholders;
1.2. Past, present and prospective customers (including residential and commercial tenants, and as required, their respective spouses/occupants, guarantors/indemnifiers, guardians, property visitors or other authorised contact persons);
See Cookie Statement
1.4. Past, present and prospective vendors/suppliers, consultants, contractors or advisers (and their authorised contacts) engaged by us; and
1.5. Any other living individual in respect of whose personal data we are the independent or joint controller.
IRES Fund is a ‘Processor’ of the personal data of the data subjects listed above. IRES Fund is a Controller of personal data related to its own company and operations, and its Privacy Statement is posted here: https://www.iresfund.ie/privacy-policy/.
We know your privacy is important to you
The purpose of this Privacy Statement is to inform you of the data relating to you that we may collect and use and the uses (including disclosures to third parties) we may make of such data.
We value your right to privacy and strive to protect your personal data in accordance with applicable legislation, including Regulation (EU) 2016/679 of the European Parliament and of Council of 27 April 2016 (the General Data Protection Regulation). We are committed to ensuring your data is processed in a manner which is lawful, fair and transparent. It will involve only data that are necessary and proportionate to achieve the specific task or purpose for which they were collected.
From time to time, we may need to update or change this Privacy Statement and the most recent version is available on our website www.iresreit.ie. We encourage you to periodically review this Privacy Statement.
How do we collect personal data relating to you?
We, and third party service providers acting on our behalf, may collect information about you in the following ways:
- directly from you, for example when you submit information to us during an application for tenancy or contact us to inquire about a leased property. Such information relating to (prospective) tenants, spouses, other occupants, guarantors and guardians may include: name and contact details, gender, age or date of birth, marital status, profession, employment status, personal public service number (PPSN) and financial and income information (such as bank account details), ownership of pets, proof of insurance, vehicle related information.
- directly from you, for example when you apply for a job or enter into an employment agreement or directorship. Such information relating to applicants may include: name and contact details, curriculum vitae, prior employment references, interview notes and eligibility to work in Ireland. Information relating to employees may include: name and contact details, PPSN, compensation and allowances, pension or other employee benefits, government photo ID, education and certificates, marital or family status, emergency contact(s), bank account information, and medical leave and related information. Information relating to directors may include: name and contact details, director due diligence details, relatives’ personal data (including those under age 18), disclosures regarding shareholdings, conflicts of interest, criminal/civil issues, etc. Certain employee’s or director’s name and contact details or other relevant data may be maintained on an ‘Insider’s List’.
- directly from you, for example when you visit our website www.iresreit.ie and submit contact forms on that website or the or the investor relations microsite https://investorrelations.iresreit.ie/.
- from third parties, such as our related companies, our processor IRES Fund, service providers, brokers, lawyers, co-tenants, entities from which we may acquire property, guarantors, business partners, your nominated representatives, your current and/or previous landlords. Such information relating to (prospective) tenants (and as required, their spouses, guarantors or guardians) may include: payment history details and information on behavioural history during previous leases. Such information relating to vendors and contact persons of vendors may include: name and contact details.
- from third parties, such as your previous employer and/or recruiters or HR consultants that you provided your personal data to for application and hiring purposes. Such information relating to job applicants may include: full name, address, contact details, curriculum vitae and information regarding previous employment.
- in the case of shareholders, directly from you or from third parties such as our stock transfer company that provides corporate trust, stock transfer, employee share plan and other shareholder services.
- otherwise, for example from our records regarding the properties you may lease from us, or how you use our properties and services, from closed circuit television (CCTV) that we may use around or in (common areas of) leased property.
- otherwise, in case of employment by means of the CCTV we use in and around our premises or other (monitoring) technologies.
- from publicly available sources of information.
- from authorities or public bodies, when legally authorised to do so.
Do I have to provide my personal data?
In most circumstances you are not under a statutory or contractual obligation to provide us with any personal data unless we enter into an agreement together e.g. your PPSN is an example of a piece of personal data required for payroll processing or registering your tenancy with the Residential Tenancies Board (RTB), and your tax information and bank account details are personal data required for tax purposes and issuing payments. When you make inquiries or submit applications, we will do our best to use the information you provide, however, in cases where we do not receive suitable relevant information for decision-making or investigating, the application may be rejected or the inquiry unfulfilled.
You are in control of your personal data and are responsible for deciding which method you are comfortable using to provide it to us (in-person, electronic by email or web form, phone, etc.) and to not provide us with additional personal data not required for the transaction.
If you do not wish to transmit your personal data electronically to us, you may visit IRES Fund’s offices in person and submit the required personal data and documents in a sealed envelope addressed to your assigned Letting, HR or Administrative representative, marked “Confidential”, with the current date, and subject referenced on the envelope.
For what purposes do we use your personal data?
When the use of personal data is deemed necessary for the purposes of our legitimate interests or those of a third party to whom we provide your personal data, we, and/or the third party will only process your personal data for this purpose where we are of the view that to do so would not constitute an unwarranted interference with your own interests or fundamental rights and freedoms.
- We, and third party service providers acting on our behalf, will collect and use personal data relating to past, present and prospective customers (including residential and commercial tenants, and as required, their respective spouses/occupants, guarantors/indemnifiers, guardians, property visitors or other authorised contact persons) for the following purposes:
to assess your suitability to rent a property, including the performance of any independent background checks and financial analysis;
to schedule property viewings;
to reply to inquiries;
to create a lease contract;
in connection with the tenancy agreement or another agreement;
to repay security deposits;
to secure payment of rent;
to collect debts;
to arrange for maintenance or repair of the leased property;
to confirm payment of all utility bills;
to facilitate the set-up, switch-over or closing of utility accounts like gas and water and other relevant providers;
to protect our assets, business, properties and occupants of these properties;
in the context of an intended business transaction, such as a transfer of assets or shares or merger (for example, by making the personal data available to advisors or (potential) buyers);
for business planning purposes, for example, to adjust our services and facilities to the occupants of a specific property;
for internal control;
for business continuity;
for marketing purposes, such as our products and services or those our third party partners e.g. utility or rent payment service providers;
to comply with legal obligations (such as mandatory tenancy registration with the RTB);
to deal with disputes.
We may also use (or may instruct a third party to use) your de-identified or anonymised personal data to create demographics related to our properties, such as rent amount, the number of tenants in the leased property, net/gross income, age or age range and occupation of the tenant(s) to understand our customers better, improve our services and make business decisions.
The legal grounds used for these processing activities are: a) in order to take steps at your request prior to entering into an agreement and/or the execution of the agreement that is entered into with you; b) compliance with a legal obligation; c) consent (in limited circumstances, where applicable e.g. for marketing); and d) that this is necessary for the purposes of our legitimate interests or the legitimate interests of a third party to whom we provide your personal data. For example, as a (potential) landlord, conducting our business in a responsible and commercially prudent manner (such as protecting and developing our business and properties by assessing the suitability of individuals that wish to lease our property), preventing, investigating or detecting theft, fraud or other criminal activity, and pursuing our corporate and social responsibility objectives.
- We, and third party service providers acting on our behalf, will collect and use personal data relating to past, present and prospective employees, officers and directors for the following purposes:
to assess job applicants and make hiring decisions;
to facilitate (and assess feedback from) pre or intra-employment, workplace injury, or leave-related medical assessments with our third-party health provider;
to enter into employment agreements or other related agreements;
to administer the employment relationship, such as to keep and maintain a personnel record, for compensation, payroll, benefits, pension, trustee, insurance, taxation and salary administration, for vacation, sickness or other leave administration, to make selection decisions (such as promotion or on eligibility for bonuses or other awards), to optimise your work activities and also in the context of a termination of your employment;
to contact individuals disclosed to us by the employees in the event of an emergency involving the employee or in case of an inability to locate or contact (abnormally or prolonged) absent employees;
in the context of employee engagement and recognition and celebrating employee birthdays;
to protect our business (interests), properties and employees as well as third parties interests, for example by means of access controls and restrictions, the use of data security alerts, use of CCTV, or by (randomly or on an individual basis) monitoring, intercepting, accessing, inspecting and recording email and internet use and initiating audits and investigations;
to improve our services and the quality thereof;
in the context of a (potential) business transaction (such as the sale of (parts of) of its assets or shares, or a merger, for example, by making employee personal data available to advisors or (potential) buyers;
to deal with disputes;
to enable trusted third party partners to validate employee eligibility for voluntary corporate discounts on memberships and other perks;
to comply with legal obligations e.g. employment related laws, tax/revenue, social services, Companies Act, Market Abuse Regulations (Insider’s List);
to conduct background checks and determine suitability for directorships, to comply with legal obligations regarding directorships, and to administer registries and payment to directors.
During employment, we may use (or may instruct a third party to use) your personal data to create demographics about employed personnel for making company decisions regarding (among others) benefits plans and analysing HR metrics.
The legal grounds used for these processing activities are: a) in order to take steps at your request prior to entering into an agreement and/or the execution of the agreement that is entered into with you; b) compliance with a legal obligation; c) consent (in limited circumstances, where applicable); and d) that this is necessary for the purposes of our legitimate interests or the legitimate interests of a third party to whom we provide your personal data. For example, conducting our business in a responsible and commercially prudent manner and to fulfill obligations under our agreements (such as ensuring security of personal data and business confidential or proprietary information).
- We, and third party service providers acting on our behalf, will collect and use personal data relating to past, present and prospective vendors/suppliers, consultants, contractors or advisers (and their authorised contacts) engaged by us for the following purposes:
selecting you as a vendor;
providing you with a quote or tender;
monitoring compliance with the terms of our agreement;
administering the payment of invoices;
health and safety, security, or other due diligence;
establishing, exercising or defending legal claims;
anti-money laundering, fraud prevention, investigation and detection;
complying with any obligations imposed on the Company by applicable law.
The legal grounds used for these processing activities are: a) in order to take steps at your request prior to entering into an agreement and/or the execution of the agreement that is entered into with you; b) compliance with a legal obligation; c) consent (in limited circumstances, where applicable); and d) that this is necessary for the purposes of our legitimate interests or the legitimate interests of a third party to whom we provide your personal data. For example, conducting our business in a responsible and commercially prudent manner (such as assessing the suitability of vendors), preventing, investigating or detecting theft, fraud or other criminal activity, and pursuing our corporate and social responsibility objectives.
- We, and third party service providers acting on our behalf, will collect and use personal data relating to past, present and prospective members/ shareholders for the following purposes:
maintaining and administering the Company’s registers of members and beneficial ownership;
filing annual returns and associated financial statements with the Companies Registration Office (CRO);
analysing beneficial and legal shareholdings for tax and jurisdictional purposes and/or to facilitate shareholder consultations or proxy solicitations;
offering shareholder and investor services;
contacting you in order to give you notice of company meetings, issue documents, solicit voting proxies, arrange meetings and invite you to investor conferences, or gauge your interest in certain equity offerings;
processing transactions e.g. change of address, deceased shareholders, change of mandate and/or merging shareholdings, processing share purchases, sales, transfers, and paying dividends, interest etc.;
facilitating or implementing a business re-organisation or a transfer/sale of all or part of our assets or business of the company or a general investment;
routine correspondence with Euronext Dublin, regulators, and the Registrar of Companies and handling shareholders’ or their agent’s enquiries;
establishing, exercising or defending legal claims, and complying with all applicable legal obligations e.g. Market Abuse.
The legal grounds used for these processing activities are: (a) compliance with a legal obligation, (b) for the performance of our contract with you through the constitution of the company; (c) consent (where applicable) and (d) that this is necessary for the purposes of our legitimate interests or the legitimate interests of a third party to whom we provide your personal data. For example, conducting our business in a responsible and commercially prudent manner (such as communicating directly with shareholders or through a representative, such as Computershare when necessary), in preventing, investigating or detecting theft, fraud or other criminal activity; and in pursuing our corporate and social responsibility objectives.
- Profiling and automated decision-making
Data subject profiles, such as (prospective) tenant or employee records held are compiled from data collected as per section 4 (above) or manually by our staff. Profiling and business decisions are made using human intervention. We do not currently conduct any solely automated decision-making.
With whom do we share your personal data?
We may disclose your personal data to third party recipients in connection with the above purposes, including:
to third parties who we engage to provide services to us, such as professional advisers, auditors, insurance companies and outsourced service providers or Processors including IRES Fund (but only for the purposes as set out in section 6 above), software and applications providers and consultants, maintenance companies, Owner’s Management Companies (OMC), third party brokers, lawyers and debt-collection agencies;
to our investment manager, its affiliates and their respective service providers from time to time;
to our share registrar and its service providers, our depositary and custodian and its service providers, our sponsor, broker and financial advisors;
to other members of our corporate group;
to financial intermediaries and lenders;
to business partners and/or possible acquirers of the company or its assets, or investors (and our and/or their advisors); or
to competent regulatory authorities and bodies as requested or required by law (e.g. Revenue, Social Welfare, the RTB, the CRO, etc.).
Upon tenancy, when necessary, we may be required to help facilitate or confirm the set-up, switch-over or closing of utility accounts like gas, heat, electricity, water and providers thereof. This may involve disclosing your personal data and other details and submitting relevant forms to those providers.
In relation to marketing, tenant contact information may be disclosed to third party partners if the tenant has consented to the Landlord (or IRES Fund on the Landlord’s behalf), doing so. See Appendix A: Third Party Disclosure List (below).
For job application and employment purposes, we may share required personal data with contracted HR consultants, trustees, recruiters, payroll providers, pension and benefit providers, medical assessors and insurance providers, and competent authorities.
The parties with whom we may share and process your personal data may be located in countries outside the European Economic Area (EEA), including to jurisdictions which are not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union via an adequacy decision. If we transfer your personal data to a jurisdiction that is covered by an adequacy decision by the European Commission (such as Canada where the recipient is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA)), then we will ensure that the transfer is within the scope of the adequacy decision. If and to the extent that we transfer your data to any third country that is not covered by an adequacy decision, we will ensure that appropriate measures are in place to comply with our obligations under applicable law governing such transfers, which may include entering into a contract governing the transfer which contains the ‘standard contractual clauses’ approved for this purpose by the European Commission. For more information in this respect, please contact us as [email protected].
How long will we retain your personal data?
Your personal data is stored for the time necessary in relation to the purposes for which the personal data were collected and processed (as described in section 6 above) and in accordance with our data retention policy and corresponding schedule.
For example, an application for tenancy by a prospective tenant will be securely destroyed if the application is rejected, unless we have reasonable ground to retain that information longer, for example in the event that a dispute arises on the rejection of your application. Personal data of a job applicant that is not employed by us will typically be destroyed shortly after the end of the application procedure, unless we have reasonable ground to retain that information longer, for example if you request us to contact you in the event of another vacancy in the future.
We will retain your personal data for the duration of any contract you may have with us and for such a period of time after termination of your contract, as is necessary to comply with our obligations under applicable laws, and if relevant, to deal with any claim or dispute that might arise in connection with your contract. For more information in this respect, please contact our Privacy Officer (contact details below).
How do we protect your personal data?
We implement physical, technical and organisational measures to ensure a level of security appropriate to the specific risks that we have identified. We protect your personal data against destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
We seek to ensure that we keep your personal data accurate and up to date. However, you are responsible for assisting in this regard and we kindly request that you inform us of any changes to your personal data (such as a change in your contact details).
What are your rights?
You have the following rights, in certain circumstances and subject to certain restrictions, in relation to your personal data: a) the right to access your personal data; b) the right to request the rectification and/or erasure of your personal data; c) the right to restrict the use of your personal data; d) the right to object to the processing of your personal data; e) where we are processing personal data based on this being necessary for the performance of a contract with you, the right to receive your personal data, which you provided to us, in a structured, commonly used and machine-readable format or to require us to transmit that data to another controller; f) If unsatisfied with a response from us, you have the right to lodge a complaint to the Irish Data Protection Commission relating to the processing of your personal data by or on behalf of the Landlord by emailing [email protected].
If you have any further questions with respect to this Privacy Statement or the processing of your personal data by us (or our Processor, IRES Fund), wish to exercise you rights, or unsubscribe from marketing communications, please contact our Privacy Officer South Dock House, Hanover Quay, Dublin 2, Ireland D02 XW94 or [email protected].
Please continue to place emergency calls, work orders and requests through your normal channels such as the site management office. But, should you feel a need to escalate your concerns, please contact IRES Fund Management Limited at [email protected]
Schedule “A”: Third Party Disclosure List (Marketing)
(Updated periodically. Current as at 24-May-2018)
Below is the list of Third Party Partners that we and/or our processor IRES Fund have agreements with for offering our tenants relevant products, services and discounts (e.g. utilities, TV, internet, phone, security, insurance, rent payment services, concierge or discount program access, etc.), Tenants may contact these parties directly if they are interested in their products and services.
- We (and/or IRES Fund on our behalf) may periodically feature these partners in promotional communications distributed by us to our tenants (where we have not shared your personal data).
- With your consent, we (and/or IRES Fund on our behalf) may provide your personal contact details to one or more local partners upon tenancy with us, subsequently, you may be contacted by them via phone, mail, email or SMS (as applicable) about their offers.
Tenants may update their preferences or unsubscribe at any time from applicable marketing or commercial related communications sent to them by us or IRES Fund, or third parties they have authorised. Tenants will be provided with the ability to do so via mechanisms in the electronic communications, or they may contact the Privacy Officer – [email protected].
No current partners at this time.