Privacy Policy

graphical divider


This Privacy policy is a statement whereby we at M&A Markets commit to protecting the rights and privacy of individuals in accordance with the Data Protection Act, 2018 (the Act) requirements and the General Data Protection Regulation 2016/679 (GDPR). The purpose of this policy is to outline how we process any personal data you provide to us while visiting M&A Markets’s websites, apps, other applications or when engaging our services (the “Service”).

1. Data Protection Principles
At M&A Markets, we undertake to perform our responsibilities under the regulation, as follows:

  • Personal data shall be collected and processed lawfully, fairly and in a transparent manner in relation to the data subject ('lawfulness, fairness and transparency');
  • Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with the Act and GDPR, not be considered to be incompatible with the initial purposes ('purpose limitation');
  • Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data minimisation');
  • Personal data shall be accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay ('accuracy');
  • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; ('storage limitation');
  • Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ('integrity and confidentiality')

2. Rights of the Data Subjects
We will also endeavour to uphold the rights of data subjects as laid out in the Act and GDPR as follows:

  • Provide transparent information and communication to data subjects on how to exercise their rights;
  • Provide information about our processing activities to the data subject;
  • Provide individuals with the right to obtain from us confirmation as to whether or not we are processing personal data concerning him or her and, where that is the case, access to the personal data;
  • Provide the right of rectification for individuals to correct inaccurate personal data concerning him or her;
  • Provide individuals with the right to obtain from us the erasure of personal data concerning him or her without undue delay, unless we have overriding legitimate grounds for continued processing. This will be handled on a case by case basis under the circumstances listed in the Act and GDPR;
  • Allow individuals to restrict the processing of their data unless we have an overriding legitimate lawful purpose for continuing to process the data;
  • Provide individuals with the right to receive the personal data concerning him or her, which he or she has provided to us, where possible, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller under the conditions listed in the Act and GDPR; and
  • Individuals shall have the right to object to processing concerning them and to have the right not to be subject to a decision based solely on automated processing, including profiling.
Please note that the above rights are not always absolute and there may be some limitations.

3. Information We Collect From You
When you visit, register or use the Service you may be asked to provide certain information about yourself, such as your name and contact details. We may also collect information about your usage of the Service as well as specific information about your devices when using the Service, signing up for and using the Service, including, but not limited to, your device’s hardware model, operating system, web browser version, unique device identifiers and mobile network information. When you use the Service, we may collect and store certain data, including the fact that you are accessing the Service, how that access is taking place, the dates and times of such access, where you are accessing the Service and device event information like crashes, system activity and hardware settings.

4. How We Use your Personal Data
We use your data to supply you with the Service ordered by you, to bill you and to contact you about the Service. We also analyse data provided by you and others to help us administer, support and improve our business.We may use your data to contact you to tell you about important changes or developments to the Service, or to obtain your views on the Service. Where you have agreed, we may use your data to let you know about other products and services which might be of interest to you. If you want to stop receiving information about other products and services, you can opt out at any time by contacting us at

5. Lawful Basis for Processing Personal Data
M&A Markets is obligated to define a lawful basis for processing personal data. Below is a summary of our use of personal data and the lawful basis we rely on for the processing different categories of data for different purposes.

  • Article 6.1(b) “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract” Examples of where this lawful basis is applicable include the following:
    • to perform any part of a contract as per our Terms and Conditions;
    • to bill you for our services;
    • the processing is necessary for us to manage an account and the services provided to our customers; and
    • to maintain the user accounts that individuals create online.
  • Article 6.1(c) “processing is necessary for compliance with a legal obligation to which the controller is subject” Examples of where this lawful basis is applicable include the following:
    • to fulfil our reporting obligations; and
    • to meet our legislative and regulatory duties to maintain audited financial accounts;
  • Article 6.1(f) “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party” Examples of where this lawful basis is applicable include the following:
    • Marketing and Research: to provide our customers with details on our services, provided they have not opted out of receiving such communications, and to carry our market research. Individuals can opt-out of receiving marketing communications at any time;
  • Article 6.1(a) “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”
    • Cookies on our website: we may obtain information about general Internet usage by using a cookie file which is stored on an individual’s browser or the hard drive of their computer. Visitors to our website can choose not to consent to cookies or disable cookies in their browser settings at any time;

6. Data Transfers and Data Sharing
We do not sell any personal information, nor do we share it with unaffiliated third parties unless we are required to do so by law. We will ensure that any information passed to third parties conducting operational functions on our behalf will be done with respect for the security of personal data and will be protected in line with data protection law.
Ways in which we may share personal information include:

  • To engage external IT providers so as to ensure the security of our IT systems in order to protect all personal data. Any such parties are bound by confidentiality;
  • With our insurers or assessors when providing or reviewing information in the event of an incident occurring;
  • To engage professional services of third parties, such as auditors, solicitors or any other such business advisers. Any such parties are bound by confidentiality;
  • We reserve the right to report to law enforcement any activities that we, in good faith, believe to be illegal;
  • We may disclose your data to courts and government agencies or bodies if requested to do so under a court order or legal process, or to establish or exercise our legal rights or defend against legal claims;
  • We may also share that data if we believe it is necessary to the investigation, prevention or the taking of an action regarding illegal activities, suspected fraud, the prevention of threats to the physical integrity of any person, violation of our terms and conditions, or as otherwise required by the law; and
  • In connection with, or during negotiations of a business merger or sale or similar business transfer provided that such party agrees to use such Personal Information in a manner consistent with this Policy.

There may be circumstances where we transfer your personal data outside the EEA, such as when we use the services of online platforms or where we use a cloud-based IT system to hold your data. We safeguard your data by ensuring a minimum of one of the following safeguards is in place:

  • a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal data; or
  • with companies located in a third country approved by the European Commission under an adequacy decision; or
  • if in the US, we will transfer data to companies registered with the EU-US Privacy Shield Framework. This guarantees a level of data protection equivalent to EU data protection laws.

7. IP Addresses and Cookies
An IP address is a number that is assigned to your devise automatically when you use the internet. When you visit a particular web page through the Service, our servers log your IP address. We may use your IP address to help diagnose problems with our server, and to administer the Service. Your IP address is also used to help identify you and to gather broad demographic information. Cookies are small pieces of information, stored in simple text files, placed on your device by a website. Cookies can be read by the website on your subsequent visits so that you can access information faster and in a more efficient way. The information stored in a cookie may relate to your browsing habits on the web page, or a unique identification number so that you are “remembered” on your return visit. Generally speaking, cookies do not contain personal information from which you can be identified, unless you have separately furnished such information.
You can at any time set your browser to reject cookies. However, if you reject our session cookies, this may affect your ability to use the Service.
We use “session” cookies and “performance” cookies.“Session” cookies help users to navigate across the website’s pages. They are deleted once you leave the Service. Session cookies do not contain anything other than a session identification number which allows the webserver to “remember” where you are online. Session cookies are especially important for using the Service. Some examples of these cookies include:

  • identifying you as being signed in to the Service and keeping you logged in throughout your visit; and
  • remembering the content of forms which you may have completed while you are on the Service.
Performance cookies are used by us to provide information on the usage of the Service (details in relation to which pages users visited, how they got there, etc.). Some of these cookies are saved to your devise so that we know when you revisit the Service. All information these cookies collect is aggregated and used anonymously. We use these cookies to understand what content is popular which helps us to improve the Service.
As well as “first party cookies” (cookies only placed and read by M&A Markets), a number of “third party cookies” may also be used. These “third party cookies” refer to sites like Google and you will need to read their Privacy Policies for further information so as to sure you are comfortable with their processing:

8. Links to third party websites
You may be made available through the Service links to third party websites that are not owned or controlled by M&A Markets. Please be aware that we are not responsible for the privacy practices of such websites. We encourage you to be aware when you leave our Service and to read the privacy statements of each and every third party website that collects personally identifiable information. This privacy policy applies only to data collected by the Service.
The use of third party open sources or codes may be suggested by us to you from time to time while you visit the M&A MARKETS website. These open sources or codes are not controlled by us and your use of them is at your own risk. M&A MARKETS is not responsible for the privacy practices of such third parties and we encourage you to be aware when you use these open sources or codes and to read the privacy statements of each and every of these third parties. Examples of these codes include links within blogs posted on our website.

9. Security
We ensure the confidentiality, integrity, availability, and resilience of personal data when in use, transit and storage. We are obliged to protect the data from inadvertent destruction, amendment, loss, disclosure, corruption or unlawful processing. We are committed to ensuring that we have appropriate organisational and technical securities in place to guarantee the security of the personal data we collect, process and retain. Staff are aware of their data protection responsibilities and any third parties who process personal data on our behalf are contractually bound to process personal data in line with current data protection law practices and principles thus ensuring the security of the data.

10. Data Retention
We will retain the data of customers for as long as their account is active or as needed for the provision of the Service. We may be required to retain and use your and your user’s data as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.A customer has the right to request that we delete their data at any time by emailing and we will comply unless we have an overriding legitimate interest for continued processing.

11. Changes To Our Privacy Policy
Our privacy policy may be modified from time to time, at M&A Markets’s sole discretion, for any purpose deemed appropriate by us. Any policy updates will go into effect when published and it is your responsibility to check this page periodically to ensure that you are aware of any updates.

12. Terms and Conditions
When you sign up for the Service or use the Service, you are subject to our terms and conditions of service. Please take time to read our terms and conditions and this privacy policy. By proceeding further, you are deemed to have read and accepted our terms and conditions and read our privacy policy.

This privacy policy is published by The Commercial & Industrial Exchange Limited, Wallace House, Canada Street, Waterford. Tel: 051 325 543. Email: