Privacy Policy


FP Consulting Ltd specialise in the areas of Financial Consultancy, Health & Safety Consultancy and GDPR Consultancy.  

We work mainly, but not exclusively, with regulated financial services businesses. As a multi-disciplinary management consultancy practice we take a rounded approach to your business. As trained professionals, we analyse the regulations affecting your business.

FP Consulting Ltd is a Data Controller within the meaning of the General Data Protection Regulations 697/2016/EU) (‘GDPR’) which came in to force on 25th May 2018 the and applicable Irish data protection legislation (currently the Irish Data Protection Act 2018 (as may be amended).

The key principles under the GDPR are lawfulness, fairness and transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality and accountability (Article 5 of the GDPR)

This Privacy Notice is to provide you with information regarding the processing of information about you.

Our contact details are:

Address:   Ballyglasheen, Kilsheelan, Clonmel, Co Tipperary E91 VP80

Phone:      086 8329157


FP Consulting Ltd is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use personal data about you during and after your relationship with us.

What personal data do we use?

We may collect, store, and use the following categories of personal data:

  • Your name, address, date of birth, email, telephone, contract data, details of services we provide to you, signatures, identification documents, occupation, Bank details, interactions with you by phone, or email, current or past complaints. 

We may need all the categories of information in the list above to allow us to; identify you, contact you, comply with our legal obligations and in order that we perform our contract with you.

Purpose for which we process your personal data;

  • To provide consultancy and training services;
  • To meet our obligations to you under Financial Services Legislation where required;
  • To comply with our legal obligations;

How secure is my information with third-party service providers?

All third-party service providers that we currently, or may in the future use, are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes unless they are deemed to be controllers in their own right [1]. We only permit them to process your personal data for specified purposes and in accordance with our instructions. Information may be anonymised but this may not always be possible. The recipient of the information will also be bound by confidentiality obligations.

If you fail to provide personal data

If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you or we may be prevented from complying with our legal obligations.

Change of purpose

You can be assured that we will only use your data for the purpose it was provided and in ways compatible with that stated purpose.  If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.


We will not use any of your information for Profiling purposes.

Data Retention Periods

We will only retain your personal data for as long as necessary to fulfil the purpose(s) for which it was obtained, taking into account any legal/contractual obligation to keep it. While the relevant retention periods vary, as general rule, we retain client data for a period of 6 years after we cease providing services or the end of a particular project, in line with the Statute of Limitations.  Once the retention period has expired, the respective data will be permanently deleted.


Cookies are small pieces of data stored on a site visitor's browser, usually used to keep track of their movements and actions on a site. 

In accordance with the GDPR, we must inform our users that we are using cookies on our site.

Updates to this notice

We may make changes to this notice from time to time, particularly when we change how we use your information, and change our technology and products. You can always find an up-to-date version of this notice on our website or you can ask us for a copy.

Our use and sharing of your information

We will collect and use relevant information about you, your use of our products and services, and your relationships with us. We will typically collect and use this information for the following purposes:

Fulfilling contract:

This basis is appropriate where the processing is necessary for us to provide all consultancy services or training services to you.

Administrative Purposes:

We will use the information provided by you, to maintaining and administer consultancy and training services.

Third parties:

We may appoint external third parties to undertake operational functions on our behalf. We will ensure that any information passed to third parties conducting operational functions on our behalf will do so with respect for the security of your data and will be protected in line with data protection law. We do not transmit data outside the EEA.

Legal Duty:

This basis is appropriate when we are processing personal data to comply with an Irish or EU Law.

Regulatory and statutory requirements:

On occasion we must meet specific duties to the Regulator, the Central Bank of Ireland, and therefore we may allow authorised people to see our records (which may include information about you) for reporting, compliance and auditing purposes. This is usually required where compliance/risk work is outsourced to us. We may also share information with certain statutory bodies such as the Department of Finance and the Financial Services and Pensions Ombudsman Bureau of Ireland if required by law.


To meet our legislative and regulatory duties to maintain audited financial accounts, we appoint an external auditor. We will allow the external auditor to see our records (which may include information about you) for these purposes.


We send direct marketing mailshots, newsletters, training flyers and details of upcoming events. We will only contact you where you have consented to this.

Your consent

In the event that we carry out processing which is based on your consent you are entitled to withdraw your consent and we will cease processing once you notify us of your withdrawal of such consent.

Your Rights in connection with your personal data are to:

To find out whether we hold any of your personal data and if we do to request access to that data that to be furnished a copy of that data.  You are also entitled to request further information about the processing. 

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you rectified.

Request erasure of your personal information. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.

Request the restriction of processing of your personal information. You can ask us to suspend processing personal data about you, in certain circumstances.

Where we are processing your data based solely on your consent you have a right to withdraw that consent at any time and free of charge.

Request that we: a) provide you with a copy of any relevant personal data in a reusable format; or b) request that we transfer your relevant personal data to another controller where it’s technically feasible to do so. ‘Relevant personal data is personal data that:  You have provided to us or which is generated by your use of our service. Which is processed by automated means and where the basis that we process it is on your consent or on a contract that you have entered into with us.

You have a right to complain to the Data Protection Commissioner (DPC) in respect of any processing of your data by:

Telephone:               +353 57 8684800 +353 (0)761 104 800

Lo Call Number:      1890 252 231


Postal Address:        Data Protection Commissioner

                                   Canal House Station Road

                                   Portarlington R32 AP23 Co. Laois

Please note that the above rights are not always absolute and there may be some limitations.

If you want access and/ or copies of any of your personal data or if you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we send you or a third party a copy your relevant personal data in a reusable format please contact DPO, FP Consulting Ltd, Ballyglasheen, Kilsheelan, Clonmel, Co Tipperary E91 VP80 or in writing.

There is no fee in using any of your above rights, unless your request for access is clearly unfounded or excessive. We also reserve the right to refuse to comply with the request in such circumstances.

We may need to verify your identity if we have reasonable doubts as to who you are. This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it. 

Ensuring our information is up to date and accurate. We want the service provided by us to meet your expectations at all times.  Please help us by telling us straightaway if there are any changes to your personal information. If you wish to avail of either of these rights, please contact our DPO at