Data Privacy Notice


Rockcourt Financial Services Ltd is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the General Protection Data Regulation (GDPR), in relation to not only processing your data but ensuring you understand your rights as a client.

It is the intention of this privacy statement to explain to you the information practices of Rockcourt in relation to the information we collect about you.

For the purposes of the GDPR the data controller is:

  • Rockcourt Financial Services Ltd
  • Main Street, Glenamaddy, via Castlerea, Co. Galway – (094) 96 38533. 6-9 Trinity Street, Dublin 2 – (01) 209 1955
  • When we refer to ‘we’ it is Rockcourt Financial Services Ltd

Please read this statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Who are we?

Rockcourt Financial Services Ltd., trading as Rockcourt was set up in 2014 to meet the demand for specialist advice given on an impartial basis. Our main office is in Glenamaddy, Co Galway. We have rapidly expanded to employ financial consultants who offer financial advice to clients in both the public and private sectors.


Our Data Protection Officer / GDPR Owner and data protection representatives can be contacted directly here:

Purpose for processing your data:

• The reason we will require your personal data is to ensure full disclosure when entering an insurance or pension contract with a third party.
• The information which you provide will be passed to the chosen insurance company for underwriting and administration purposes.
• You will always be asked to sign a declaration form which will permit us to forward your personal data to such companies.

Why we are processing your data? Our legal basis.


In order for us to provide you with financial advice, Rockcourt need to collect personal data for the setting up of life and pension policies. Our reason (lawful reason) for processing your data under the GDPR is:

  • Legal basis – Rockcourt needs to process your data as this is necessary in relation to a contract of insurance to which the individual has entered into or because the individual has asked for something to be done so they can enter into a contract, for example, a life assurance or pension contract.

In any event, Rockcourt are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.

How will Rockcourt use the personal data it collects about me?

Rockcourt will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.

Special Categories of personal data:

If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure the below

  • We will obtain your explicit consent

Who are we sharing your data with?

As a broker, Rockcourt will share your data only with the company which you choose to apply for a policy with.  Your data will be input on our CRM system, Omnibroker, which is password protected and specific to us.


We may pass your personal data on to third-party service providers contracted to Rockcourt in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details secure, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with GDPR procedures.

If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.

The third parties that we may pass your personal data to are the insurance providers listed on our website

We have issued all our third party processors with a Data Processor checklist asking them GDPR specific questions.

If we transfer personal data to a third party or outside the EU, we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards, and on condition, that enforceable data subject rights and effective legal

remedies for you, the data subject, are available.

Data Subject’s Rights:

Rockcourt facilitate your rights in line with our data protection policy and the ‘Subject Access Request Procedure. This is available on request.

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that Rockcourt refuses your request under rights of access, we will provide you with a reason as to why.

All of the above requests will be forwarded on should there be a third

party involved as we have indicated in the processing of your personal data.


Additional information we are providing you with to ensure we are transparent and fair with our processing:

  • Retention of your personal data

Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Rockcourt will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body, the Central Bank of Ireland, and our internal governance.

  • Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Rockcourt, or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Rockcourt’s data protection representative, Emma Brogan.

  • Failure to provide further information

If we are collecting your data for a contract and you cannot provide this data the consequences could mean the contract cannot be completed or details we have remain incorrect.


  • Profiling – automatic decision making

Rockcourt use profiling to establish attitude to risk, for marketing purposes, establishing affordability and providing quotations.



  1. Risk Profiling

To establish a customer’s attitude to investment risk (relates to pensions and investments) our advisors have automated calculators which calculate the customer’s attitude to various levels of risk having answered a series of questions.

  1. Profiling for marketing purposes

When we seek to contact you about other services, as outlined above, we run automated queries on our computerised data base to establish the suitability of proposed products or services to your needs.

  1. Establishing affordability and providing quotations for financial services products.

We will use your personal data to provide you initially with a quotation, and then a suitable product which is affordable for you.

Additional Processing

If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information prior to processing this data.

Contact Us

Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on

Privacy policy statement changes

Rockcourt may change this privacy statement from time to time.

When such a change is made, we will post a revised version online.

Changes will be effective from the point at which they are posted.

It is your responsibility to review this privacy policy periodically so you’re aware of any changes.  By using our services you agree to this privacy policy.


This privacy policy was last reviewed in May 2018.