CEA Logo

Privacy Statement

How we use your information
The purpose of this Privacy Statement is to provide information about how the Corporate Enforcement Authority collects, stores, shares or keeps personal data in accordance with the EU General Data Protection Regulation 2016/679 (GDPR).

Using our website
The CEA does not collect any personal data about you on this website without your clear permission. Any personal information which you volunteer to the CEA by email, form or otherwise will be treated with the highest standards of security and confidentiality, strictly in accordance with the Data Protection Acts and the GDPR. Your personal data will be collected, used and stored to address the relevant subject matter of your email, form or otherwise and may be used to compile statistics.  It will not be used for any other purpose other than as provided for in this Statement.

This website contains links to other external websites and any links to other websites are clearly identifiable as such. The CEA is not responsible for the content or privacy practices of other websites. The policy of the CEA is to only link to non-commercial sites which are deemed to be of interest to the community.

Calling us
The CEA does not retain or record phone conversations. We may make a note of details you provide to assist us in delivering customer service or to pass to relevant staff who may assist you. Our phone system keeps a record of your number (if it is displayed) in case we need to call you back. The records are over-written by new calls.
Emailing us
Any emails sent to us are recorded and forwarded to the relevant Directorate. The sender’s email address will remain visible to all staff tasked with dealing with the query. Please be aware that it is the sender’s responsibility to ensure that the content of their emails is within the bounds of the law. Unsolicited material of a criminal nature may be reported to other relevant authorities and blocked.
Making a complaint to us
When we receive a complaint, a file is generated. This will usually contain personal information about the complainant and any other individuals involved in the complaint. We will only collect personal information that is necessary to investigate the complaint. We do gather and publish case studies and statistical information on the number and type of cases we process, but all information is anonymised and does not identify any individual except in cases where the information has lawfully already come into the public domain (for example, in court or on the Register of Companies).

If sensitive personal data is collected for the purposes of a complaint, appropriate measures will be taken to ensure that it is safely stored and processed.    
The information contained in complaint files will be kept in line with our retention policy until the date set for destruction has been reached. It will be kept in a secure environment and available only to those who need to access it.

When we take enforcement action, we may publish the identity of the defendant in our Annual Report, on our website, or elsewhere. We will not identify the complainant, unless the information is lawfully already in the public domain.
Access to personal information
The CEA will respond to requests made under the Data Protection Act and the GDPR, but we are bound by a statutory duty of confidentiality in relation to our cases and therefore may not be able to release information to you, even if you are the data subject. The Law Enforcement Directive excludes data on criminal matters from the GDPR rule. This is to ensure fairness and privacy in the investigation process and to safeguard the ability of the CEA to fulfil its statutory remit.
As far as possible, we will not disclose personal data without consent. However, when we investigate a complaint, we may need to share personal information with the other parties concerned. We will consider any request for anonymity in respect of a case, but we cannot guarantee that it will be possible to enforce it. We will not disclose your personal data to third parties except in instances where an individual has consented to the disclosure, or we are obliged by law to disclose the data. Third parties to whom we may disclose information include organisations such as An Garda Síochána.
We will not track the IP address of anyone who is searching for information on corporate enforcement.  However, performance and targeting cookies are used so that a statistical count is maintained of visits to the website and to particular pages, in order that we may keep the website relevant to users.  These cookies can be controlled by cookies settings.

For details on cookies we use and how they are used, see our Cookies Statement.
This Statement was last updated in July 2022. 

How to contact us
If you require further information regarding our Privacy Statement, you can contact us at info@cea.gov.ie or write to us at:

Corporate Enforcement Authority
16 Parnell Square East
Dublin 1
D01 W5C2