skip to main content

Privacy policy

Effective as of July 2026

Who we are:

We are NFP Ireland, a specialist people and insurance risk management business that creates sustainable solutions, both locally and internationally, for organisations and employees.

NFP assumes the role of data controller in the processing of personal data obtained through our services. We are committed to safeguarding your privacy and ensuring that your personal information is managed responsibly, transparently, and in compliance with the data protection law.

This privacy notice applies to all current and future affiliated companies within the NFP Ireland group, as well as any appointed representatives, branded with NFP logo or otherwise, that provide insurance brokerage and consulting services to clients, to include without limitation.

  • NFP Commercial Insurance Solutions Ltd
  • NFP Ireland Consultants
  • Margins Investments Ltd
  • Metis Ireland
  • Seachange
  • Sean Barrett Bloodstock Insurances
  • NFP HR Solutions Ltd

Collectively referred to herein as “NFP”.

Any reference to the “Website” refers collectively to www.nfpireland.ie, www.seachange-intl.com

Entities associated with NFP will gather personal information, and each of them bears responsibility for their processing as the controller. Consequently, they might issue separate privacy notices when you first engage with them. For a list of NFP affiliated entities feel free to contact us at dataprivacy@nfpireland.ie for a current listing of companies.

Where companies within NFP group process client’s information as joint controllers or processors, we will ensure that the processing is in line with the EU General Data Protection Regulation (EU GDPR) and the Irish Data Protection Law 2018.

NFP is committed to respecting the privacy rights of its customers, visitors, and other users of this Website.

We created this Website Privacy Notice to demonstrate our commitment to fair information practices and the protection of privacy. Our information practices for this Website are described below.

This privacy notice applies to your usage of our Website only. If you engage us for services, you should refer to the Personal Data Protection Agreement, the Privacy Notice or other privacy document that is sent to you at the time of engagement which will clearly state the purpose and legal basis of collecting your information.

Consent

In this Privacy Policy, we describe what information we collect when an individual uses, receives or has access to our website, how we use it and how we protect that information, with whom we share it and what privacy options are available to each individual.

Upon accessing our Website, you will be asked to opt-in to cookies, which is the primary method in which we collect this information. You can change your cookie preferences at any time by clicking the cookies symbol in the lower left corner. At other times, you may be asked to provide information directly. You can choose not to do so (although this choice may impact the service you receive).

Scope

This Website Privacy Policy does not apply to any subsites or third-party sites that might be linked to, or accessible from, the Website.

This Privacy Policy does not address the information practices of any third party, unless as specified otherwise.

Changes

Our Privacy Policy will always indicate the date when it was last changed. We encourage you to visit this page regularly to be aware of our current terms.

We may modify or supplement this Privacy Policy from time to time for any reason.

If we make any material changes to this Privacy Policy, we will post the updated Privacy Policy here, along with its effective date, to notify users as required by applicable law. You should review this page regularly to look for changes in this Website Privacy Policy.

Your continued use of this Website after we have posted changes to this Privacy Policy on this page with a new effective date will indicate that you agree to be bound by such changes.

If any change to this Website Privacy Policy is unacceptable to you, your only recourse is to terminate your use of the Website.

Links to Third-Party Websites

This Website may contain links to other websites. NFP does not control the content or privacy policies of such third-party websites or the privacy policies of such third parties. NFP accepts no responsibility or liability for privacy or other issues related to the collection or use of your information by such other websites or third parties.

We urge you to be aware when you leave our Website, and to read the privacy statements of each website on which you land after you click on a link or social networking button located on our Website.

The inclusion of a link to a third party’s website or service does not imply endorsement of the third party’s data handling practices and does not imply that this Privacy Policy covers their practices.

Security

We seek to use reasonable technical, organisational, and administrative measures to protect data collected through this Website against unauthorised or unlawful processing and against accidental loss, destruction, or damage. We believe that these measures are reasonably adapted to the nature of the information in our custody. However, because no security system can be 100% effective, we cannot guarantee the security of any information we may have collected from or about our users.

When the circumstances require, we use encryption technology (data scrambling) and authentication tools to protect information that you may provide through our Website. In addition, our employees are instructed that such information is to be used only in accordance with the principles of this Website Privacy Policy, or other information security policies and procedures we may adopt from time to time, and the laws applicable to each specific business.

We will not ask you for any information such as your social security number, a bank or credit card account number, through the Website. If you need to send us confidential information and are concerned about the security of the Website, then you should consider sending it via another secure connection or method.

If you believe that your interaction with our Website is no longer secure, please immediately notify us of the problem in accordance with the “How to Contact Us” section below.

Information we collect.

Information Collected Directly

When you visit the Website, your browser automatically provides, and we automatically collect and store, certain information about your device (computer, tablet, smart phone etc.) and your activities. This includes:

  • Preferences and settings: time zone, language, and character size.
  • Identifiers: computer IP address, unique mobile device identifier.
  • Technical information: type of device, operating system, or platform (Mac, Windows), browser information (type, version).
  • Connection: Internet provider or mobile carrier name, connection speed and connection type; Internet service provider (ISP).
  • URL of the last Web page visited before visiting our Service; exit page.
  • Information about your use of the website: data stamp, pages viewed, time spent on a page, click through, clickstream data, queries made, search results selected, history, comments made.
  • Location: general geographic location.

Information You Provide to Us

In some circumstances, you may elect to provide us with some information.

This is the case when we invite users to register, such as to obtain a newsletter or information about an event. In this case, users provide their names, email addresses, phone numbers or other contact or personal information. In some cases (e.g., surveys), participation is voluntary. In other cases (e.g., if you want to register to receive information or a newsletter), some specific information about you may be required.

Certain features available on the Website may require you to submit some personal information for those features to function as designed. This is the case, for example, when setting passwords or for your resume if you are applying for a job through the Website.

Lawful Basis for Processing

We will only collect, use, and otherwise process your personal data where we have a valid legal basis for doing so under the data protection laws. The lawful basis we rely on will depend on the nature of our relationship with you, the purposes for which we use your personal data, and the specific circumstances in which the processing takes place.

The lawful bases on which we may process your personal data include:

  1. Performance of a Contract: Where processing is necessary to enter into or perform a contract with you, or to take steps at your request before entering into a contract.
  2. Legal Obligation: Where processing is necessary for us to comply with a legal or regulatory obligation to which we are subject.
  3. Legitimate Interest: Where processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your interests, fundamental rights, or freedoms.
  4. Consent: Where you have given us your clear and informed consent to process your personal data for a specific purpose. You may withdraw your consent at any time by contacting us. Any processing carried out before you withdraw your consent will remain lawful.
  5. Vital Interest: Where processing is necessary to protect your vital interests or those of another individual, such as in an emergency situation involving a threat to life or safety.
  6. Legal Claims (special category data): Where processing of special category data is necessary for the establishment, exercise, or defence of legal claims, or whenever courts are acting in their judicial capacity.
  7. Insurance Purposes (special category data): Where processing of special category data is necessary for insurance purposes, including underwriting, administering policies, handling claims, preventing and detecting fraud, and assessing risk, in accordance with Schedule 1, Part 1, Paragraph 20 of the Data Protection Act 2018.

How We Collect Information

We (and our service providers) collect information in a variety of ways:

  • Through the website: e.g., when you sign up to register for a seminar or when you apply for a job at NFP through our www.nfpireland.ie/careers. Please be aware that when our careers team collects data from you, they will provide you with privacy notices tailored to their specific processing activities.
  • Through advertisements that we publish, and on which you click.
  • Through our emails and other electronic communications.
  • Through your browser or device, cookies, or similar technologies.
  • From other sources: we may obtain information through external sources, such as public databases, joint marketing partners, social media platforms, from people with whom you are friends or are otherwise connected through social media platforms, and from third parties.

Use of Information

We use the information collected from our users or from the user’s device, or from job applicants as described above, for the following purposes:

  • Review and evaluate an applicant’s resume and perform the activities related to the interview, selection and, as applicable, onboarding of applicants.
  • Respond to questions and other requests for information made through the Website.
  • Send invitations to our conferences, webinars, and other events that we think may be of interest.
  • Send our newsletter or other communications that an individual has requested or that may be of interest to that individual, in accordance with the individual’s preferences.
  • Keep record of contact information, and correspondence.
  • Provide services, such as seminars and other events.
  • Allow a user to send content to a friend through the Website.
  • Remember the user’s preferences (e.g., language, font size), when using our Website.
  • Remember the user’s interests (e.g., the type of seminars attended).
  • Administer our Website, diagnose technical problems and otherwise manage our business.
  • Facilitate the user’s use of the Website.
  • Allow the user to navigate or browse through our Website quickly and efficiently.
  • Improve user experience, such as by personalising content to the user’s preferences or interests or by expediting the processing and completion of a transaction.
  • Perform data analysis, audit, fraud monitoring and prevention, enhancing, improving, or modifying our Website, identifying usage trends, determining the effectiveness of our promotional campaigns, and operating and expanding our business activities.
  • Perform other functions as otherwise described at the time of collection.

Sharing and Disclosure of Information

We share user information with the following entities or in the following circumstances:

  • Service providers – We share information with our service providers, suppliers, subcontractors and similar third parties who provide services to us or act on our behalf so that they can assist us with the provision, upkeep and maintenance of the Website and other related activities, such as the organisation of conferences and webinars, email delivery or auditing, or with the selection of applicants to job openings at our company. We require these service providers to refrain from using or sharing with others, for other purposes than as directed by us, the information that we provide to them, or that they collect directly from our users.
  • Analytics – We use automated tools and applications, such as Google Analytics, to evaluate the use of our Website. These third-party services use cookies and other tracking technologies to perform their services.
  • Affiliates – We share information with entities that are under common ownership or control of our parent company (“affiliates”) for the purposes described in the Privacy Policy. Subject to local requirements, this information may be used to provide legal and related services offered by our affiliates and for the purposes described in this Privacy Policy.
  • Sale, merger, and corporate reorganization – We may transfer users’ information to a third party in case of the reorganisation, sale, merger, joint venture, assignment, transfer or other disposition of all or any portion of our business, asset, or stocks, including in the event of corporate restructuring of our company or its affiliated entities.
  • Social networking – Your information may be disclosed to anyone to whom you send a message through this Website (e.g., when you forward an article). You may disclose it when you post or transmit information or material through our social networking buttons (e.g., a Facebook button). Please note that any information that you post or disclose through these social networking services may be available to us, or to other users of that service or the public. We urge you to be careful when using these features.

International Transfers

As part of our business operations, your personal data may be processed or transferred by us, our group companies, and our third-party service providers, in countries outside the United Kingdom and EEA.

Where we transfer personal data internationally, we will ensure that appropriate safeguards are in place in accordance with applicable data protection laws. These safeguards may include reliance on approved transfer mechanisms, contractual protection, transfer risk assessments, and appropriate technical and organisational security measures designed to protect your personal data and ensure that it remains subject to an appropriate level of protection.

Compliance and Legal Requirements

There may be times when we use, share, or disclose information about our users to comply with applicable laws or to address legal concerns or liabilities, especially in the following cases:

  • Compliance with applicable laws – When we believe it is necessary or appropriate under applicable laws, including laws outside your country of residence, or to comply with legal process.
  • Fraud prevention and protection of legal rights – When we believe it is necessary to enforce our terms and conditions; to investigate, prevent or respond to suspected illegal or fraudulent activity; to protect the safety, rights or property of our company, and those of its affiliates, users or others; or to exercise or protect legal rights or defend against legal claims; to allow us to pursue available remedies or limit the damages that we may sustain.
  • Government authorities – If law enforcement authorities, courts or regulators, or other public or government authorities with appropriate jurisdiction – including public and government authorities outside your country of residence – request that we provide user information, and such request is made using the method required by law in the applicable jurisdiction, such as a search warrant, subpoena or a court order, and we believe that such request is facially valid, we will provide any information we have about a user that responds to such request.

Data Retention

We will hold this for as long as it is needed for the service, or for as long as we are permitted to do so by the applicable regulations. This includes compliance with the General Data Protection Regulation (GDPR), relevant Irish and EU regulatory requirements, and the Central Bank of Ireland Consumer Protection Code (CPC). This means that data we no longer deem necessary will be regularly deleted in line with our regulatory requirements.

Aggregated, Anonymised or Statistical Information

We aggregate information regarding what portions of the Website users are visiting to develop statistics about the use of the Website. This information helps us create a better experience for users of our Website. For example, we may upgrade those parts of the Website that are heavily visited or optimise the Website to work more efficiently with certain operating systems.

We may provide such aggregated, anonymised, or statistical information to third parties, such as our advisers or consultants for research, analytical or strategic purposes. This information is not intended to allow the identification of any specific user of our Website.

Cookies and Web Beacons

We use cookies to recognise your device and browser. The next time you visit our Website, we may use information stored in your cookie file to facilitate your use of our Website. For example, we may use your cookie file to store a password so that you do not have to input it every time you move to a different section of a password-protected portion of our Website. A cookie does not tell us your individual identity unless you have chosen to provide it to us.

Most cookies expire after a defined period, or you can delete your cookie file at any time you choose. In addition, you can set your browser to notify you when you receive a cookie so that you can decide whether to accept or reject it. Please note that these actions apply to a specific browser.

You can always choose whether to accept cookies by changing the settings on your browser. Most browsers contain information on how to control or delete cookies. These settings will typically be found in the “Options” or “Preferences” menu of a browser. You may wish to refer to http://www.allaboutcookies.org/manage-cookies/. Further, you can use the cookie icon in the lower left-hand side of the screen to change your cookie preferences with regards to our site at any time.

If you choose to delete or disable cookies, your experience at our Website may be diminished and some features may not work as they were intended. Some cookies cannot be turned off using the cookie preferences menu because they are essential to the function of the Website.

We use Web beacons. A Web beacon can help us track your activity on the Website, such as which page you are viewing or how long you are staying on that page. Some technologies will notify you of the presence of Web beacons, but browsers typically do not notify you of them.

Third Parties’ Cookies and Beacons

Third parties’ cookies and beacons are used for functionality, performance, and analytic purposes. These cookies and beacons collect and store automatically information about a user’s computer or mobile device, and the use of the Service. This information is used in aggregate form only.

The practices of these third parties are subject to the third parties’ privacy policies, some of which we have no control over. We encourage you to read their privacy policies.

Social Media and Other Areas Beyond Our Control

You may find additional information on our products and services through our social media Websites, such as Facebook, LinkedIn, and Twitter. These Websites have their own privacy policies and data handling practices, which are different from ours.

Please take the time to review these policies before disclosing or posting information on or through these Websites or any button that links to these Websites.

Please keep in mind that any information you share on social media Websites, interactive forums, message boards or chat rooms may become public information. You should exercise caution when deciding to disclose or share your personal information.

Do Not Track

Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. The “Do Not Track” feature of these browsers sends a signal that informs operators of services online that the user does not want certain information about their online activities to be collected over time and across Websites or online services.

The internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. Consequently, due to the lack of guidance, we have not yet developed features that would recognise or respond to browser initiated “Do Not Track” signals.

Users' Rights

Choice Regarding Marketing

We will only send you marketing communications where you have provided your prior consent (opted-in) to receive such communications. If you no longer wish to receive marketing-related materials, you may opt-out by following the unsubscribe instructions in our marketing messages or by contacting us as indicated in the “How to Contact Us” section. We will try to comply with your request as soon as practicable. Please note that you cannot opt-out of receiving administrative messages.

Data Subject Requests

To the extent permitted by the data protection laws, you have certain rights in relation to your personal data. If you wish to make a request regarding your personal data, please contact us using the details provided in the "How to Contact Us" section. To protect your privacy and security, we may need to verify your identity before processing your request.

We will respond to your request without undue delay and, in any event, within 30 days of receipt. Where permitted by law, this period may be extended by up to a further 60 days where necessary, taking into account the complexity and number of requests. If an extension is required, we will inform you within 30 days of receiving your request and explain the reasons for the delay.

In certain circumstances, we may refuse to act on a request or charge a reasonable fee where the request is manifestly unfounded or excessive, particularly where requests are repetitive. Where this applies, we will inform you of the reasons for our decision and of any rights available to you, including your right to lodge a complaint with the Data Protection Commission (DPC).

These rights include the ability to request that NFP:

  1. Provide you with a copy of the personal information we hold.
  2. Provide information about how we collect, use, share and otherwise process your personal data.
  3. Correct or update any personal data that is inaccurate or incomplete.
  4. Delete your personal data in certain circumstances where there is no lawful basis for us to continue processing it.
  5. Restrict the processing of your personal data in certain circumstances. Where processing is restricted, we may continue to store your personal data but will not otherwise process it except were permitted by law.
  6. Stop processing your personal data where you have the right to object to such processing and your objection is valid under applicable law.
  7. Provide your personal data to you, or to another organisation you nominate, in a structured, commonly used and machine-readable format where the right to data portability applies.
  8. Reconsider decisions based solely on automated processing that produce legal or similarly significant effects concerning you and request human review of such decisions where required by applicable law.

Additional Rights

Applicable laws may give you additional rights that are not described in this Website Privacy Policy. Which may include:

  1. withdraw any permission you may have previously provided; and
  2. complain to the Information Commissioner’s Office at any time if you are not satisfied with our use of such information (please see “registering a complaint” for more information)

How To Contact Us

To write to us regarding this Privacy Policy and our personal information handling practices, please;

Email: dataprivacy@nfpireland.ie or write to us

Address: 2nd Floor Block, 4 The Arch, Blackrock Business Park, Blackrock, Dublin, A94 A0D0

Regarding email communications: note that email communications are not always secure. Thus, please do not include any confidential or sensitive information in any emails. We subscribe to some secure data transfer services. Please ask us about this if you would like to transfer data to us securely.

Regarding postal communications be aware that it may take us longer to route and process your request if it is made on paper than we would take with an electronic message.

Registering a complaint

If you have a complaint about the way your personal data is processed, we ask that you reach out to us about this in the first instance using the contact details in the “How to Contact Us” section. We will acknowledge your complaint within 30 days and aim to respond without undue delay.

In addition to reaching out to us, you also have the right to lodge a complaint with the supervisory authority for data protection if you are unhappy with how your personal data is being processed. In Ireland, the relevant supervisory authority is:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Tel: (01) 765 01 00 or 1800 437 737 (calls are charged at local rates)