The General Data Protection Regulation (GDPR) is a European Union regulation which comes into force on 25 May 2018. It is intended to put you, the customer, in control of your personal data.
GDPR extends the rights of individuals in relation to their personal data and increases obligations on organisations such as permanent tsb.
All EU member states must comply with GDPR.
When we talk about personal data we are talking about information that relates to you.
Personal data covers items such as your name, address, email address, mobile number, date of birth and personal public service number (PPSN). In addition, data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs and sexual orientation are considered special categories of personal data which merit additional protection.
A data subject is a natural living person who can be identified either directly or indirectly, by reference to personal data.
Data processing covers a wide range of operations performed on personal data by manual or automated means. Data processing includes the collection, recording, accessing, storing and alteration of any personal data.
A data controller is a person or company that’s responsible for deciding how personal data will be processed and for what reasons. For example, permanent tsb is a data controller for the personal data of our customers and staff.
A data processor is a person or company, usually a third party, that processes personal data on behalf of a data controller.
Where we retain personal data, it’s for one of two main reasons:
Under GDPR you have a number of rights in relation to your personal data:
Access – you have the right to to know if we process your personal data and to get access to a copy of any personal data that we have about you in paper or electronic form. We may contact you to help identify if there’s a specific piece of information you’re looking for.
Objection – you have the right to object to data processing activities, in certain circumstances, where you feel it’s impacting on your rights and freedoms.
Restriction – you have the right to request a temporary restriction on permanent tsb’s data processing activities where you think that the processing is based on inaccurate data or where you believe that our processing activities are impacting on your rights.
Rectification – you have the right to have your personal data kept up to date. Where your personal data is incorrect, you have the right to have it corrected.
Erasure – you have the right to have your personal data erased, provided there’s no reason under law or financial regulation for permanent tsb to keep it.
Portability – you have the right to receive a (machine-readable) copy of your personal data. You can also request that a copy of this data be sent to another bank or service provider.
Consent – you have the right to withdraw your consent to any data processing or marketing activities at any time.
To exercise your rights in relation to your personal data e.g. asking for a copy of the personal data that we hold on you, or asking for your personal data to be updated or erased, you can contact us in one of the following ways:
Please note you must contact the Irish Credit Bureau (ICB) and/or the Central Credit Register for a copy of your credit rating/history.
To access your credit rating/history you’ll need to contact the Irish Credit Bureau (ICB) who will process your request. You can apply for your report online, by phone, or by post. Visit icb.ie for more information.
Since June 2017 lenders, including banks and credit unions, have also been submitting personal and credit information to the Central Bank’s Central Credit Register (CCR). Consumers are entitled to get one free copy of their record every 12 months.
If, at any time, you wish to object to, or ‘opt out’ of, direct marketing, we will stop marketing to you if you write to us at:
FREEPOST F4940, Customer Data Quality (Direct Marketing), permanent tsb p.l.c., 56-59 St. Stephen’s Green, Dublin 2,
We’ll respond to your request within one month of verifying the request. However, if the request is complex then we may, if necessary, extend the period by a further two months.
If an extension is necessary we’ll inform you within one month to explain why.
There’s no fee for making a request about your personal data. However there may be a fee if the request is deemed to be excessive or unnecessary.
If you’re unhappy with the way we’ve used your personal data or addressed your rights, please feel free to contact our Data Protection Officer on email@example.com or in writing to:
Data Protection Officer, permanent tsb, plc, 56-59 St. Stephen’s Green, Dublin 2.
Please provide as much detail as you possibly can regarding your issue so that it can be effectively addressed. We suggest that you do not put large amounts of personal data in an email to the above address as email is an insecure communication and could be viewed in transit by third parties.
Where you feel that your rights have not been served appropriately by us you have the right to make a complaint to the Data Protection Commission.
Details on how you can submit a complaint are available at www.dataprotection.ie.
You can contact the Data Protection Commission by:
To update your personal information (for example change of address or change of name) you can visit your local branch or contact Open24 on 0818 50 24 24. Certain information can also be updated online through Open24 Online Banking.
You can contact our Data Protection Officer (‘DPO’), by email at firstname.lastname@example.org or in writing to Data Protection Officer, Permanent TSB p.l.c., 56-59 St. Stephen’s Green,