Mazars in Ireland privacy statement

This Privacy Policy is effective as and from 25 May 2018. This policy describes how we process your personal data. Please take the time to read it carefully.

We will process this information in compliance with the data protection and information privacy laws of Ireland and the European Union and includes any legislation in force from time to time which implements Directive 95/46/EC or Directive 2002/58/EC of the European Community, the Data Protection Acts 1988 to 2018 (as amended from time to time), and any replacement regulation including Regulation (EU) 2016/679, known as the General Data Protection Regulation or GDPR (collectively referred to as “Data Protection Laws”).

Unless we advise you otherwise, when providing our professional services, we are data processors in all service lines. 

For information on how we collect, store and use information gathered from visiting our website ( please refer to Legal & Privacy.

1. Who we are and how to contact us

Mazars is a professional services firm specialising in audit & assurance, tax, corporate finance, consultancy and outsourcing services. We are registered to carry on audit work and authorised to carry on investment business by the Institute of Chartered Accountants in Ireland. We are supervised by the Irish Auditing and Accounting Supervisory Authority (IAASA) and by Chartered Accountants Ireland Professional Standards Department.

We have a Privacy Officer who is responsible for overseeing questions in relation to this Privacy Policy and our approach to privacy.  If you have any questions about this Privacy Policy, including any request to exercise your data subject rights, please contact the Privacy Officer using the details set out below:

Privacy Officer
Harcourt Centre, Block 3
Harcourt Road
Dublin 2


2. The purpose and professional basis for processing your information

The table below is a non-exhaustive list of your personal data that we may use, how we may use your data and the lawful bases of such processing:

Personal data Reason for processingLawful basis
Name, address, email address, telephone numbers, creditors and suppliers’ listings, information on your trade union membership, health insurance membership and criminal offences.It is necessary to collect personal information from you in order to obtain instructions in relation to our professional services and to carry out those professional services.Performance of contract.

Occupation and income details such as employer name, employment status, your salary, other incomes & benefits and expenses.

Information concerning marital and family status.

Bank Account Statements.

We use this information to perform our professional services as instructed.Performance of contract (professional).
Name, address, date of birth, PPSN, marital status, nationality, driving licence, passport.

Where we are required to provide information to An Garda Siochana, the Revenue Commissioners and other enforcement agencies under legislation which applies to us.

To verify your personal information provided to us and to meet our professional and compliance obligations, including detecting and preventing money laundering, tax avoidance and financing of terrorism.

Compliance with a legal obligation.
Name, address, email address and telephone numbers.

We may also use your personal information to manage our everyday business needs including accounting, internal reporting needs, market research, to progress and respond to professional queries, to provide recruitment services to our clients, to ensure appropriate IT security and to prevent fraud, in our legitimate interest.  Our legitimate interest is the effective management of our business.

We may use your personal information to update you on professional developments, firm developments or to invite you to events that we feel may interest you in our legitimate interest. Our legitimate interest is to connect with our clients and to update our clients on services which we provide.

Legitimate business interests.
Information on your trade union membership, health insurance membership, criminal offences/convictions.We sometimes process your personal information, including sensitive personal information, such as information concerning health, trade union membership and criminal convictions/offences where it is necessary for the establishment, exercise or defence of legal claims. Establishment, exercise or defence of legal claims.
Name, address, DOB, nationality, contact details, PPS Number, bank details, health data (medical reports, sick leave certs, etc), employee records (salary, references, disciplinary history, training records, etc).We will, in certain circumstances, rely on your explicit consent to process your personal data, including, sensitive personal data. This consent can by withdrawn at any time by using the contact details of the Privacy Officer set out above.Consent.
Images from CCTV camera in and around the Mazars offices.We use these images for security purposes and staff safety. Defence of legal claim, legitimate business interests, compliance with a legal obligation.

Occupation and income details such as employer name, employment status, your salary, other incomes & benefits, expenses.

Personal data included in your Curriculum Vitae.

We use this information for future employment with the firm where applicable.Performance of contract (employment).

3. Consequences of failing to provide information

Where we need to collect personal data by law, or under the terms of a contract with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. For example, we may require certain information from you in order to fulfil our requirements under both Irish and European Anti-Money Laundering Legislation before carrying out certain professional services. As such we may not be able to carry out those professional services without that information. If this is the case, we will notify you.

 4. Categories of data subjects

Personal data we process as part of delivering our professional services and on your behalf may include but may not be limited to:

  • Your client and prospect data.
  • Your staff data.
  • Your contractor data.
  • Your supplier data.
  • Data of children.

Categories of data subjects will, where we act as data processor, be determined by you and as contemplated by our engagement terms and provision of our professional services.

5.  Your information and third-party service providers

Category / 3rd party Data shared includes but is not limited to:Reason
IT service providers Name and email addressWe may share your personal information with or provide access to your personal data to third party service providers that perform services and functions at our direction and on our behalf such as lawyers, IT service providers, managed print services, shredding companies, marketing companies who carry out marketing campaigns on our behalf and providers of security and administrative services.
GardaiName, address, date of birth, PPSNWe may share your personal information with the Gardaí or other government bodies or agencies including but not limited to the Revenue Commissioners, where required to do so by law. 
Regulatory authorities Name, address, date of birth, PPSNWe may share your personal information with our supervisory bodies IAASA, Chartered Accountants Ireland Professional Standards Department, Irish Tax Institute, and other Regulatory Authorities, where required to do so by law.
OtherName, address, date of birth, PPSNWe may provide your information to third parties to facilitate your instructions to us, such as lawyers, parties to any professional claim, parties with whom you have a professional issue or complaint and third parties who you instruct us to communicate with on your behalf.
Mazars Group entities and Praxity firmsName and email addressWe may share your information to other Mazars group or Praxity firms in performance of our professional services as instructed.

6. Data transfers

Mazars and our subsidiaries and affiliated companies utilise a number of suppliers to provide us with IT and other associated services for the delivery of our business and services to you. In many cases, the suppliers we use will be granted access to the data we are processing in order to provide us with technical assistance.  Such processing activities are not directly related to our principal services to you and are considered ancillary to our own internal activities.

As an International firm, our people need to be able to work from anywhere in the world using our IT services. Data may be stored on Mazars encrypted devices and transported with individuals as necessary for the delivery of our services in accordance with the terms and conditions we have agreed with you. We have put in place appropriate technical measures to ensure data remains secure irrespective of where our people deliver our services. 

We may process your personal data through any of our other Group member firms worldwide as part of delivering our services. In the event this is necessary we will ensure appropriate controls exist in the form of EU standard contractual clauses to protect your data and data subject rights and freedoms.

7. Transfers outside the European Economic Area

We may transfer your personal data outside the European Economic Area as part of delivering our professional services. For transfers of personal data outside the EEA, where there is no adequacy decision by the European Commission, we may rely on Standard Contractual Clauses approved by the European Commission. 

8.  Retention of your data

We store your data in line with our detailed retention policy. At the end of our engagement with you, your data is returned or deleted unless there is a minimum retention period set out in legislation. This legislation includes, for example, the Companies Acts and the Criminal Justice Acts as amended.

For retention periods of information stored via cookies please refer to our Cookie Policy.

9. Use of sub-processors

As part of delivering our professional services it is necessary for us to use sub-processors.

Our IT support is provided by parties external to Mazars.  Some solutions we utilise are cloud based and our need to rely upon those systems varies depending upon the services we deliver to you.

Mazars have appropriate agreements in place with all sub-processors to ensure they provide at least the same level of protection for your data as we do.   

10.  Data security, confidentiality and online communications

Mazars has put technological and organisational controls, including policies and procedures, in place to protect your personal data from loss, misuse, alteration or unintentional destruction. We carry out regular monitoring and testing of our security defences to ensure they continue to be effective against the latest threats.

Our personnel who have access to the data complete a declaration of confidentiality upon joining the firm and again annually. They are also trained on the importance of maintaining confidentiality.

Data transferred over the internet by us and through our website is protected using encryption technologies to ensure they remain secure.

Please note that no communications over the internet can be guaranteed as secure.  Whilst we take appropriate steps to protect your data, we cannot guarantee that it will remain secure in transit.  Once data reaches your network it is your responsibility to ensure it remains secure. 

11. Your rights

You have several rights under data protection law in relation to how we use your personal information. You have the right free of charge to:

  1. Access
    You may request a copy of the data we hold on you. This is often referred to as a data subject access request. We may ask you for proof of identity and information around your interactions with us prior to providing information to you.
  2. Correction
    You may request that we correct any personal data we hold about you.
  3. Erasure
    You may request the erasure of your personal data from our systems.
  4. Object or restrict processing
    You have the right to object to us processing your data in certain circumstances provided by the GDPR. You can also request the restriction of our processing of your personal data.
  5. Portability of data
    You have the right to request that we transfer your data to another party.
  6. Withdrawal of Consent
    Were you have voluntarily provided us with your personal data or if we have collected your data with your consent, you have the right to withdraw your consent.

These rights are in some circumstances limited by data protection legislation. 

How to make a request

If you wish to exercise any of these rights, please contact us using the details below:

Privacy Officer
Harcourt Centre, Block 3
Harcourt Road
Dublin 2


We will endeavour to respond to your request within the timeline specified in the GDPR which is one month per Article 12.  If we are unable to deal with your request within a month, we may extend this period by a further period of two months. We will contact you to notify you of this extension and the reasons surrounding it.

You also have the right to lodge a complaint to the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28 or online through the website

12. Contacting you

From time to time we may use the contact details you and your representatives have provided to us to send invitations, marketing materials, updates and other publications and information about our services which we feel may be of interest to you. Should any individual not wish to receive such communications please contact the Privacy Officer at the details set out above.

Some of our marketing emails may contain web beacons, web bugs, cookies or other similar technologies which enable us to understand whether you open, read, or delete the message and any interaction you make with links contained therein.  When you click on a link in a marketing email you receive from us, we may also use cookies to log what pages you view, in accordance with our cookies policy.

Targeted emails from us may include additional data privacy information as required by applicable privacy laws. 

13. Changes and updates to this statement

We recommend you check this statement on a regular basis to ensure you remain in agreement with the activities we carry out in respect of processing personal data.

Should we make significant changes to the way we process data, we will draw your attention to the relevant part(s) of this statement through email and or other appropriate communications as part of our engagement activities with you. This privacy statement was last updated in March 2024.

For any enquiries, please contact:

Latest news