This Privacy Policy is issued by the Irish Takeover Panel of 76 Merrion Square, Dublin 2 (the “Panel“, “we“, “us“, “our“).
This privacy policy explains how the Panel uses the personal information that the Panel collects or generates both in relation to this website and in relation to the exercise of the Panel’s legal and regulatory functions.
1. BACKGROUND
1.1 The Panel collects and processes certain Personal Data. The Panel is responsible for ensuring that it uses Personal Data in compliance with data protection law, including the General Data Protection Regulation (the “GDPR“) and any applicable implementing legislation such as the Data Protection Acts 1988 to 2018.
1.2 We respect your privacy and we are committed to keeping all your Personal Data secure. This Privacy Policy governs the handling of Personal Data by the Panel in the course of the exercise of its legal and regulatory functions.
1.3In this Privacy Policy, “Personal Data” means any data which relates to a living individual who can be identified from that data or from data and other information which is in the possession of, or is likely to come into the possession of, the Panel (or its representatives or service providers).
1.4 “Special Categories of Personal Data” means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.
2. THE ACTIVITIES WE CARRY OUT
2.1 This privacy policy concerns the following categories of information that we collect when exercising our legal and regulatory functions and when carrying out our services generally:
a) information that we receive or generate as a result of the exercise of our regulatory functions and when carrying out our services generally;
b) information we receive or generate through the Panel website or as a result of your use of the Panel website; and
c) information we receive or generate as a result of providing our publications to you.
3. THE TYPES OF PERSONAL DATA WE COLLECT
3.1 We will collect and process the following Personal Data about you:
a) information that you provide to the Panel.
This includes information about you that you provide to the Panel. The nature of the activities that we carry out in accordance with our regulatory functions determines the kind of Personal Data we might ask for, though such information may include:
-
- Basic Personal Data (such as first name; family name; company name; position in the company; company email address; business phone number; business address; city; postcode; country); and
- Personal Data related to your professional life or financial or personal dealings (such as details of directorships, involvement in share transactions, shareholdings in companies, banking arrangements (including details of bank accounts), details of professional advisers, business associates, friends and family and general corporate activity/history).
b) information that we collect or generate about you.
This includes:
-
- information generated through your use of the Panel website (e.g. any documents downloaded from the Panel website, searches made on the Panel website, etc.); and
- information generated by us about you in the exercise of our regulatory functions, including during the course of our case work and investigations.
c) information we obtain from other sources.
This may include:
-
- information obtained from public websites and other public sources;
- information received from your advisers or intermediaries, including bankers, stockbrokers and financial advisers, with respect to transactions that you have engaged in or which are related to you;
- information obtained from third parties such as Bloomberg, Stock Exchanges and other financial information outlets;
- information from your business associates, friends and family;
- information provided in submissions to the Panel by third parties in the exercise of its regulatory functions ; and
- information provided by other regulators, authorities and/or related third parties relating to activities falling within our regulatory functions.
d) Cookies
-
- When you visit the Panel website, cookies are used to collect technical information about the services that you use, and how you use them. For more information on the cookies used by the Panel please see our Cookies Notice further below.
4. HOW WE USE YOUR INFORMATION
4.1 Your Personal Data may be stored and processed by us in the following ways and for the following purposes:
-
- to ensure that we can exercise our regulatory functions properly and efficiently under, amongst other things, the Act and the Takeover Rules;
- to conduct administrative tasks within the Panel in aid of the exercise of our regulatory functions or otherwise administering our organisation;
- for record-keeping purposes required for the Panel’s internal business administration;
- to communicate with you in order to provide you with information about the Panel, the conduct of our functions and our publications;
- to communicate, as appropriate, with other regulators and authorities both within Ireland and outside of Ireland, in the exercise of our regulatory functions;
- to gather information and to investigate companies or individuals involved in takeovers or other relevant transactions where a concern arises that a breach of the Takeover Rules or of the General Principles under the Act has been, or is being, committed;
- for the management and administration of our organisation;
- for ongoing review and improvement of the operation of the Panel website and information provided on the Panel website to ensure that it is user-friendly and informative;
- to examine information for the purposes of determining its relevance to current and future transactions or legal proceedings involving parties engaged in takeover transactions.
- in order to comply with, and to assess compliance with, applicable laws, rules and regulations, and internal policies and procedures; and/or
- for the administration and maintenance of databases storing Personal Data.
4.2 The legal bases on which we process your Personal Data are:
-
- that this is necessary for compliance with legal and regulatory obligations which apply to us including under the Irish Takeover Panel Act 1997 (the “Act“);
- that this is necessary for the performance of tasks that are within the public interest or the exercise of official authority vested in us by law, including the Act; or
- that this is necessary for the performance of our contractual obligations with you or to take steps prior to entering into a contract.
4.3 We may collect and process special categories of data relating to you in the manner described above. Where we do so, the legal bases on which we process special categories of data are:
- such processing is necessary to comply with our obligations or exercise our rights under employment and social security and social protection law;
- such processing is necessary for the purposes of an occupational pension, a retirement annuity contract or any other pension arrangement;
- such processing is necessary for the establishment, exercise or defence of legal claims;
- in limited circumstances, where you have given your explicit consent to such processing.
4.4 We will take steps to ensure that Personal Data is accessed only by employees of the Panel who have a need to do so for the purposes described in this Privacy Policy.
5. DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
5.1 We may share your Personal Data internally within the Panel.
5.2 We may also share your Personal Data with other organisations in connection with the above purposes, including:
-
- with parties connected with the exercise of our regulatory functions in order to perform such functions, such as other regulators or official bodies (both in Ireland and overseas), and other third parties as required in the exercise of our regulatory functions;
- with third party agents and contractors for the purposes of providing services to us (for example, the Panel’s accountants, professional advisers, IT and communications providers). We have taken appropriate measures to ensure that third parties will only use your Personal Data in accordance with our instructions, this Privacy Policy and relevant data protection law; and
- to the extent required by law or regulation, for example if we are under a duty to disclose your Personal Data in order to comply with any legal obligation (including, without limitation, in order to comply with our duty to cooperate with other regulators), or to establish, exercise or defend our legal rights.
6. REQUIREMENT TO PROVIDE PERSONAL DATA
6.1 In certain circumstances and in the interests of the Panel exercising its legal and regulatory functions, you may be required to provide the Panel with personal data. Where you refuse to provide such data, the Panel may:
(a) under section 9(2) of the Act, give a direction to you to do or to refrain from doing anything which the Panel specifies in the direction;
(b) under section 9(5) of the Act, by written notice require inter alia any party to a takeover to furnish to it such information as it may reasonably require for the performance of it functions under the Act;
(c) under section 11 of the Act, for the purpose of exercising its powers under sections 9 and 10 of the Act, conduct a hearing in relation to the matter concerned. A person shall be guilty of a criminal offence under section 25(1) of the Act where a person contravenes inter alia section 11(5) of the Act.
7 INTERNATIONAL TRANSFERS OF PERSONAL DATA
7.1 In connection with the above and in the course of satisfying its statutory obligations the Panel may transfer your Personal Data outside the European Economic Area (EEA), including to a jurisdiction which is not recognised by the European Commission as providing for an equivalent level of protection for personal data as is provided for in the European Union. If and to the extent that we do so, we will ensure that it is transferred in a manner consistent with our obligations under applicable law governing such transfers. This may include entering into a contract governing the transfer that contains the ‘standard contractual clauses’ approved for this purpose by the European Commission or, in respect of transfers to the United States of America, ensuring that the transfer is covered by the EU-US Privacy Shield framework, or, in other limited circumstances, where data protection law permits the Panel to transfer your personal data outside of the EEA.
8. HOW WE SAFEGUARD YOUR INFORMATION
8.1 We have controls in place to maintain the security of our information and information systems. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees.
9. HOW LONG WE KEEP YOUR PERSONAL DATA
9.1 We will not hold your Personal Data for longer than necessary. How long we will hold your Personal Data for will vary and will be determined by the following criteria:
-
- the purpose for which we are using it – the Panel will need to keep the data for as long as is necessary for that purpose; and
- legal obligations – laws or regulation may set a minimum period for which we have to keep your Personal Data.
9.2 The Panel maintains and implements a Record Retention Policy, which is periodically reviewed and updated to ensure that it provides for retention periods that are relevant and appropriate.
10. YOUR RIGHTS
10.1 In all of the cases described in this Privacy Policy in which we collect, use or store your Personal Data, you may have the following rights and, in most cases, you can exercise them free of charge. These rights include:
-
- the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;
- in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to the Panel;
- the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
- the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;
- the right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are legally entitled to refuse that request; and
- the right to lodge a complaint with the Data Protection Commission if you think that any of your rights have been infringed by us. You can lodge a complaint by emailing info@dataprotection.ie.
10.2 There may be limitations or exemptions applicable to the exercise of your rights. If we do not comply with your request we will explain the reason when we respond to the request.
10.3 You can exercise your rights by contacting us using the details listed in paragraph 12 below.
11. COOKIES NOTICE
11.1 This Cookies Notice provides you with information about the cookies we use and why we use them. It should be read together with the Privacy Policy outlining our practices regarding your Personal Data.
11.2 Cookies are small text files that are sent to and temporarily stored on your computer, smartphone or other device for accessing the internet whenever you visit a website.
11.3 We use Cookies for a variety of reasons, including:
-
- to improve the functionality and performance of the Panel website (including your user experience) and to make sure the Panel website performs as you expect it to;
- to distinguish you from other users of the Panel website; and
- to analyse how you use the Panel website.
11.4 We use the following types of cookies on the Panel website:
| Cookies | Description | Duration |
| Google Analytics | A web analytics platform provided by Google which places text files on your computer to help analyse how visitors use the Panel website. | These cookies will remain until they are deleted. |
| Google Geolocation | This assists in locating what region the user is in and is linked to Google Analytics | These cookies will remain until they are deleted. |
| Wordfence | These cookies remember selections or preferences that you have already made on the Panel website through the software (WordPress) which displays our website content. | These cookies will remain until they are deleted. |
11.5 The cookies we use do not save any information that can identify you as an individual. Instead, we receive general and anonymised information from these cookies regarding all users of the Panel website.
11.6 By using the Panel website and/or closing the pop-up cookie notice you consent to the use of cookies on the Panel website. If you do not consent to the use of cookies on the Panel website you should immediately leave the Panel website and/or change your browser settings to block cookies.
11.7 The browsers of most computers, smartphones and other web-enabled devices are typically set up to accept cookies. If you wish to amend your cookie preferences for the Panel website, you can do this at any time and by changing your browser settings. Your browser’s ‘help’ function will tell you how to do this. You do not have to accept cookies. However, please note that cookies are often used to enable and improve certain functions on the Panel website. If you choose to block cookies through your browser settings, it is may affect how the Panel website works.
12. QUESTIONS AND CONCERNS
If you have any questions or concerns about the Panel’s handling of your Personal Data, or about either the Privacy Policy or the Cookies Notice, please contact our Data Protection Officer using the following contact information:
John Frain
Irish Takeover Panel
76 Merrion Square, Dublin 2, D02 X4T1
01 6789020 / CONTACT US