Privacy and Data Management Policy

Effective Date: 4-July-2023
Last Updated: 8-Jan-2026

Yachting Financial Solutions (Ireland) DAC is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights.

For the purposes of the GDPR the data controller is Teresa Hackett. Our contact details are:

Registered and postal address: NSC Campus, Mahon, Cork, Ireland, T12 XY2N

Email: info@yfsol.com

When we refer to we/us, we mean Yachting Financial Solutions (Ireland) DAC.

Please read this Privacy Notice carefully as this sets out the basis on which any personal data, we collect from you, or that you provide to us, will be processed by us.

Introduction

The nature of our business means that we have to process information about our clients and keep some of it on file. We do so for a number of purposes. These include:

To provide you with the service you have asked us to deliver to you.
To arrange for your requested service to be delivered on your behalf by third parties.
To send you information and communicate with you about the service you have asked us to provide to you.
To send you information about new products and services we think are relevant to you (if you have opted in to receive this information).
To send you life and/or financial insight, guidance and motivation (if you have opted in to receive this information).

We do our best to make sure the information we have about you is accurate and protected.

This privacy policy page describes the kind of personal information we collect and record via this website (www.yfsol.com) and how we use it.

If you’d like any more information or have any questions about our privacy policy, please contact us by email at info@yfsol.com.

Why/how we collect and use your data

We use your data to help us provide services to you, for example:

to advise you about the services we offer to our clients.
to process the business you conduct with and through us. This may include the use of third party software such as ACT!
to support ongoing reporting and administrative matters relating to the business that you conduct through and with us.

The personal information we collect varies depending upon the nature of our services. We will endeavour to provide you with an overview of those categories of personal data our organisation collects and our purpose for using that data.

Our organisation collects personal data in the following ways, if you:

request a service from us; for example when you submit an enquiry form from this website or complete an application form
register with or use any of our website’s client login area
use our website/apps and it installs cookies or other tracking technologies onto your device.
engage with us on social media, for instance on Facebook, Instagram and LinkedIn.
contact us with a complaint or query;
apply for a position with us, for example we retain your application letter and accompanying CV on file for the duration of the application process.

What information do we collect?

The information we collect about you includes the following:

Contact and Identifying information, e.g., name, address, contact details; email, mobile, landline
Unique identifiers eg:
- PPS/Tax/NI number – the reason why we may collect your PPS number is we are legally obliged to do so
- pension scheme reference number – the reason why we collect this is so we can help identify and administer the scheme
- insurance policy numbers, – the reason why we collect this is so we can help identify and administer the policy
Demographic details, age, gender, marital status, lifestyle, and insurance requirements; date of birth, dependents, photo ID, as well as collecting personal information about you, we may also use personal information about other people, for example family members you wish to insure on a policy, eg. your children/spouse.
Family and beneficiary data, eg. dependants, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant.
Employment information eg. role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history. This information is necessary for our fact find with our clients.
Health information such as information about your health status, medical records and medical assessment outcomes; We collect medical information relating to personal habits (eg. smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example information about your personal characteristics (biometric information) or disability information.
Pensions and insurance benefits information such as current benefits, pension entitlement information, date of retirement and any relevant matters impacting your benefits such as voluntary contributions, PAO.
Financial details eg. bank account details, details of your credit history and bankruptcy status, salary, tax code, third-party deductions, bonus payments, benefits and entitlement data, national insurance contributions details.
Claims Data (From you and any relevant third parties).
Marketing preferences: we will only send you direct marketing if you explicitly consent.
Online information: eg. information about your visits to our websites as outline in our Cookie Policy.
Events information eg. information about your interest in and attendance at our events, including provision of feedback forms.
Social media information (eg. likes and posts) with our social media presence; this includes, LinkedIn, Twitter, Facebook please only include if relevant and please update with further social media if necessary.
Searches that we undertake in relation to sanctions, money laundering and credit checks.

When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.

Information we automatically collect

We sometimes automatically collect certain types of information when you visit our websites and through e-mails when we communicate with you. Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. Other cookies such as functional cookies, marketing cookies and analytical cookies will only be used with your expressed consent. Further information about our use of cookies can be found in our Cookie Policy at the footer of our web page.

How do we use your personal data?

Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your request for insurance, investment, protection, pension products, independent financial advice, quotes.

Performing services for our clients and prospective clients – when you require insurance/investment products, we use your data to enable us to provide the required product
Statutory and other regulatory requirements. We are required to carry out various obligations which include:
- AML/Sanction checking
- Knowing your customer fact find
- Adherence to the Consumer Protection Code
Communicate and marketing to you.
To contact you if required or to respond to any communications that you might send to us.
To administer our site including data analysis, testing, research, statistical and survey purposes.
Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products and services that you request.
Provide professional services.
Handling complaints.
To notify you about changes to our service.

Legal basis

We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.

Performance of a contract When we enter a contract with you, we will collect and use your personal data to enable us to fulfil that service.
Legal obligation The use of some of your personal data is necessary for us to meet our legal obligations, eg. regulatory obligations to the Central Bank of Ireland.
Consent Sometimes we may rely on consent as a legal basis for processing your information. For example, we rely on consent to collect and use personal data for any criminal convictions or alleged offences. This is used when we need to assess risk relating to an insurance policy for you. We share this information with other third parties where it is necessary to manage these services provided to you. These services include insurance underwriters, reinsurer and other insurance providers. We may also rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language and if you give us your consent you can withdraw this easily at any time. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect.

If you require further information on any of the above basis for processing your data, we can provide you with further details.

How we share your data

When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.

Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters, reinsurers, and loss adjuster. You can refer to their privacy statements on their website for more information about their privacy practices.
Vetting and risk management agencies such as credit reference, criminal record, fraud prevention, data validation and other professional advisory agencies, where necessary to prevent and detect fraud in the insurance industry and take steps to assess the risk in relation to prospective or existing insurance policies and/or the services.
Legal advisers, loss adjusters, and claims investigators, where necessary to investigate, exercise or defend legal claims, insurance claims or other claims of a similar nature
Medical professionals, e.g., where you provide health information in connection with a claim against your insurance policy; or when we are providing a quote for insurance.
EU Law enforcement bodies, when required to do so by law and/or regulation, or another legal request.
Public authorities, regulators and government bodies, where necessary for us to comply with our legal and regulatory obligations, or in connection with an investigation of suspected or actual illegal activity
Third-party processors: We outsource our processing operations to suppliers that process personal information on our behalf. Examples include IT service providers who manage our IT and back-office systems and telecommunications networks, and accounting and payroll providers, CRM providers. You will find details under Third-Party Data Access below. In all instances, data processing operations remain under our control and we have data processing agreements in place with all our third party processors to ensure all processing is carried out in accordance with our security standards and the GDPR.
Internal and external auditors where necessary for the conduct of company audits or to investigate a complaint or security threat.
On the sale or reorganisation of our business whether by asset or share disposal or other transaction relating to our business.

Transferring personal data outside of Ireland

Where we transfer personal data to a country outside of the EEA (referred to in the GDPR as ‘third country,’) we will ensure it is done lawfully, i.e. there is an appropriate “level of protection for the fundamental rights of the data subjects”. We will therefore ensure that either the EU Commission has granted an adequacy decision in respect of the third country, or appropriate specified safeguards have been put in place, (e.g., Binding Corporate Rules (BCRs) or Standard Contractual Clauses (SCCs)).

We share data with Momentum Global Investment Management Ltd located in the UK. The EU Commission adopted adequacy decisions for transfers of personal data to the UK. This means that the EU accepts that the UK data protection regime is substantially equivalent to the EU regime and allows personal data to be transferred freely from the EEA to the UK. Therefore, the UK is not deemed a third country.

We share data with The Rocket Science Group LLC, who operate the Mailchimp platform, located in the USA. The EU Commission adopted adequacy decisions for transfers of personal data to the USA. This means that the EU accepts that the USA data protection regime is substantially equivalent to the EU regime and allows personal data to be transferred freely from the EEA to the USA. Therefore, the USA is not deemed a third country.

Retention

Yachting Financial Solutions (Ireland) DAC shall not keep personal data in a form that permits identification of data subjects for a longer period than is necessary.

Yachting Financial Solutions (Ireland) DAC may store data for longer periods if the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to the implementation of appropriate technical and organisational measures to safeguard the rights and freedoms of the data subject.

The retention period for each category of personal data will be set out in our retention schedule, along with the criteria used to determine this period, including any statutory obligations we have.

Personal data will be disposed of securely.

Data subject’s rights

Yachting Financial Solutions will facilitate your rights in line with our data protection policy and the Subject Access Request procedure. This is available on request.

Your rights as a data subject

At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

Right of access – you have the right to request a copy of the information that we hold about you.
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject of legal privilege).
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
Right of portability – you have the right to have the data we hold about you transferred to another organisation.
Right to object – you have the right to object to certain types of processing such as direct marketing.
Right to object to automated processing, including profiling.
Right to make a complaint: if we refuse your request under rights of access, we will provide you with a reason as to why.

All the above requests will be forwarded on, should there be a third party involved, as we have indicated in the processing of your personal data.

Complaints

If you wish to make a complaint about how your personal data is being processed by (name of firm)or how your complaint has been handled, you have the right to lodge a complaint with our Data Protection Officer.

You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:

Data Protection Commission,
21 Fitzwilliam Square South,
Dublin 2
D02 RD28

Web: www.dataprotection.ie
Email: info@dataprotection.ie

See website for updated contact details to reach the appropriate section within the DPC.

Failure to provide further information

If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.

When you fail to provide us with information we require to fulfil our obligations to you, we may be unable to offer our services to you.

Special categories of personal data

Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.

If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:

the mortgaging of a property,
a policy of insurance or life assurance,
a policy of health insurance or health related insurance
an occupational pension, a retirement annuity contract or any other pension arrangement

Children’s information

Our services are not available to minors. Therefore, we do not knowingly collect any personally identifiable information from children/minors. If you think www.yfsol.com has in its database the personally-identifiable information of a children/minors, please contact us immediately via email at info@yfsol.com and we will do our utmost to promptly remove this information from our records.

Additional data management information

—Contact Forms

We use Gravity Forms to provide contact forms on our website.

When you fill in a contact form on any of our website pages, a copy of your answers is sent to us and a copy is stored on our website server at MyHost Internet Services Limited. MyHost does not access this data. MyHosts’ privacy page is here: MyHost’s Privacy Notice.

We will use the information you have entered on the form to respond appropriately via email and or phone-based message to your initial contact.

Your information will be entered into our central database software: ACT! We use ACT! to keep track of enquiries and our business-related communications with our clients and the services/products we provide them. ACT! stores your data on our own encrypted drives. You will remain on ACT! while:

we deal with your initial contact request (including follow-up emails/messages), and/or
you remain a YFSOL client, and/or
you remain on one of our mailing lists.

If you don’t fit any of these three categories anymore, we will delete your data to the best of our abilities from our servers at YFSOL during our next data clean up.

If you have indicated on the contact form that you would like us to send you ‘Insider Bulletin’ (our email newsletter) and/or information about financial products/services, we will add you to the relevant mailing lists. If you did not ask to be added to these lists, you won’t be.

We use Mailchimp to manage our ‘Insider Bulletin’ and product information mailing lists. Your first name, last name and email address will be stored on Mailchimp’s servers. If you no longer wish to receive ‘Insider Bulletin’ and/or information about products/services, your contact information will be deactivated on the Mailchimp system and we won’t be able to send you emails via Mailchimp from then on. MailChimp will retain a copy of your data so that it can prevent us from emailing you again. You can find Mailchimp’s privacy policy here: https://mailchimp.com/legal/privacy.

You can unsubscribe from our mailing lists at any time, either by clicking ‘Unsubscribe’ in any of our mailings or by contacting us at info@yfsol.com.

—Bank Account page additional

During the application process for a bank account, information you provide will be given to Standard Bank International (https://international.standardbank.com) so that it can open an account for you. Standard Bank International is based on the Isle of Man. You can find Standard Bank International’s data protection policy here: https://international.standardbank.com/pbbinternational/aboutus/Data-Protection.

—Mortgages page additional

During the application process for a mortgage, information you provide will be given to Simon Conn, an overseas property and finance specialist (https://www.simonconn.com) so he can pursue your application with you. Simon Con’s privacy policy is here: https://www.simonconn.com/privacy.

—Currency Transfer page additional

When you click on the link on the Currency Transfer page, you will be taken to Moneycorp (https://www.moneycorp.com) so it can handle your currency transfer with you. Moneycorp is based in the UK. You can find Moneycorp’s data protection policy here: https://www.moneycorp.com/uk/privacy.

—Waves Individual Health Insurance/Waves Life Insurance/Waves Income Replacement pages

When you click on the application links on the Waves Individual Health Insurance, Waves Life Insurance and Waves Income Replacement pages, you will be taken to the respective application page hosted by Strategic Insurance Services Limited in the UK (Expatriate Group & Expatriate Healthcare). Strategic Insurance Services Limited runs the product platform that provides the Waves Health and Waves Life products.

Your data will be handled in accordance with their data management policy. You can find information about Strategic Insurance Services Ltd’s privacy and data management policies here: https://www.expatriatehealthcare.com/information/legal-notices.

Strategic Insurance Services Ltd notifies us when someone buys an insurance product through this website (www.yfsol.com).

—Calendly

When you click on any of the ‘Book a Call’ buttons on the website, you’ll be taken to a page on Calendly.com, where you can book a Zoom call with us. You can read Calenly’s privacy notice here: Calendly Privacy Notice.

Data storage at YFSOL

All financial and administrative information provided by you to YFSOL digitally is stored securely on encrypted YFSOL-owned computers.

When you email us, the email is stored on servers used by Google Mail (email platform) and information in it may also be collated on other Google Suite platforms (business software), such as Google Sheets (spreadsheet software) for business analysis purposes.

If you have participated in a YFSOL survey, your responses are stored on servers used by Google Forms (survey platform) and may also be collated on other Google Suite platforms (business software), such as Google Sheets (spreadsheet software) for business analysis purposes.

While we mostly run a paperless office, any hard copy/physical documents you lodge with us and/or the data provided therein will be kept at our office in Co. Cork, Ireland. All client administrative records are held on a highly secure, designated YFSOL-managed database.

Third-party data access

—Product providers

When you contract to use one of the products or services we provide or recommend, your data may be passed to third-party companies who provide or support those products or services. For instance, if you enquire about setting up a bank account, we will help you set up a seafarer’s bank account with Standard Bank International. To do so, the bank will need your data. Another example is when you invest money into a fund managed by our trusted fund management partners.

In each instance, we will explain clearly who will require, process and store your data.

—Service providers to YFSOL

We use two trusted service providers who have limited access to your information to help us provide services to you that you have requested. In both cases, these service providers use platforms that YFSOL controls and have signed data protection agreements with us.

Parts of our financial administration and customer service back office are provided by AMS Integrated Outsourcing Solutions, which is based in Quezon City, the Philippines. While AMS Integrated Outsourcing Solutions doesn’t store, log or hold any of your information on its own systems. Instead it uses YFSOL systems and/or third party online services to which YFSOL is subscribed. All client administrative records are held on a highly secure, designated YFSOL-managed database.

Our website is managed by The Website Chef, based in Cork, Ireland (www.the-website-chef.com). The Website Chef doesn’t store, log or hold any of your information on its own systems. Instead it uses YFSOL systems and/or third party online services to which YFSOL is subscribed.

Our content and content marketing is sometimes created with support from Show and Tell Communications Ltd, based in Cork, Ireland (www.showandtell.ie). Show and Tell Communications Ltd doesn’t store, log or hold any of your information on its own systems. Instead it uses YFSOL systems and/or third party online services to which YFSOL is subscribed.

Questions?

If you have any questions about Yachting Financial Solutions’ data management and privacy policies, please get in touch. You can email info@yfsol.com or use the form at the bottom of this page. Please mention “Data Protection” in your email subject and mark it for the attention of our Data Protection Office, Teresa Hackett.

Changes to this statement/policy

When we update this Privacy Notice/Statement, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.

Data Request Form:

About you

This information will be used to help us identify you on our system.

Name(Required)

First Last

Email(Required)

Enter Email Confirm Email

Your international dialling code(Required)

Phone number/WhatsApp number(Required)

Your request

What would you like us to do? In all instances, we will follow up with you to confirm your identity and that your request is genuine. Also, please bear in mind that processing and storing your data is an essential component of some services you have contracted us to provide. So, in some instances, it may be impossible to comply with your request without a knock-on effect for that service. We’ll explain any issues like that when we follow up with you about your request.

Please check all that apply:(Required)

Please unsubscribe me from ‘Insider Briefing’

Please send me an overview of the data you have about me.

Please stop processing my data. (This is not the same as deleting data.)

Please delete all the data you have about me.

Please update my data. (Please specify the data that should be updated below.)

Other/Ask a question. (Please specify below.)

You can use this space to provide us with additional information

Please consent to us following up on your enquiry via email and/or phone message(Required)

I consent to Yachting Financial Solutions (Ireland) DAC following up on this enquiry using the email address and phone number I have provided.

We will only use your information to follow up on this particular enquiry.

Lastly, please consent to our privacy policy (linked at the bottom of this page)(Required)

I consent to Yachting Financial Solutions (Ireland) DAC’s Privacy Policy

CAPTCHA