From time to time, we will disclose Personal Data to third parties, or allow third parties to access Personal Data which we process, for example, where a law enforcement agency or regulatory authority submits a valid request for access to Personal Data.
We will also share Personal Data:
- with another statutory body where there is a lawful basis* to do so (such as the Data Protection Commission in relation to complaint handling);
- with selected third parties including contractors and sub-contractors (as appropriate), such as our loan administration service providers;
- if we are under a legal obligation to disclose Personal Data. This includes exchanging information with other organisations for the purposes of fraud prevention or investigation.
Where we enter into agreements with third parties to Process Personal Data on our behalf we ensure that the appropriate contractual protections are in place to safeguard such Personal Data.
Examples of third parties to whom Personal Data have been or will be disclosed include:
- Our professional advisors and our auditors;
- Regulatory authorities, government agencies if required to do so by law or where we are required to do so in response to requests from all such bodies; and
- Our service providers (including the NTMA) which acts as a data processor on our behalf.
- The Central Credit Register maintained by the Central Bank of Ireland in respect of which HBFI must furnish credit, loan and personal information in relation to its borrowers.
- In respect of the establishment, exercise, or defence of a legal claim to which HBFI or a person acting on behalf of HBFI are a named party to proceedings, disclosures are made to legal counsel in the EEA and outside the EEA in order to facilitate legal proceedings and to comply with court orders.
* Where information is shared with another public body and no other lawful basis exists, a data sharing agreement will be put in place, pursuant to the Data Sharing and Governance Act 2019.