Introduction

You have arrived at a website that is owned and/or operated by Arachas Corporate Brokers Limited t/a Arachas, Capital IM, Study and Protect, Capital Insurance Markets, Covercentre and its subsidiaries/related companies Arachas, Capital IM, Capital Insurance Markets, Covercentre (collectively, “Arachas”, “we”, “our” or “us”).

If you have received a notification from Arachas Corporate Brokers Ltd of a transfer of trades to it, Arachas Corporate Brokers Ltd is the data controller of your personal data. All Arachas companies are subject to this privacy notice.

This Privacy Notice tells you who we are and outlines how we process your personal data.
Arachas respects your right to privacy and complies with our obligations under relevant data protection legislation including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Data Protection Acts 1988 – 2018.

The purpose of this Privacy Notice is to outline how we process personal data, including special categories of data and the basis on which personal data is obtained from you or collected about you from third parties.

Arachas are committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but to ensure you understand your rights.

In this statement, we outline:

  • The types of data we collect
  • How we use your data
  • Your rights in relation to the data we hold about you
  • How long we hold your data for
  • How to contact us if you have any questions on your data or you have any complaints

Legislation

All personal data we gather will be processed in accordance with all applicable data protection laws and principles, including the GDPR and the Data Protection Acts 1988 – 2018 and any other law and regulatory requirements relating to the processing of personal data and to privacy including, Directive 2002/58/EC and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011.

Queries and Complaints

If you require further information about the way your personal data will be used, or if you are unhappy with the way we have handled your personal data, and wish to contact us, please submit your concerns by email to the Arachas Data Protection Officer at dataprotection@arachas.ie.

We can be contacted by post at:
The Courtyard,
Carmanhall Road,
Sandyford Business Estate,
Dublin 18.

By telephone: 01 213 5000

If you are unsatisfied with our use of your personal data or our response to any requests by you to exercise any of your rights, then you have the right to complain to the Data Protection Commission. See below contact details,

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland
Email: info@dataprotection.ie
Phone: +353 1 765 0100 / 1800 437 737

Information Collected

We collect information from you when you access our arachas.ie or studyandprotect.ie websites, when you request a quote online or over the phone, when you speak to members of our staff or by corresponding with us by phone, email or otherwise. We also collect information from sources other than you. This may include a joint policy holder, or a named driver in terms of car insurance. We will only collect information that is adequate, relevant and limited to what is necessary in relation to the purposes identified with this notice.

The table below outlines the categories and types of data we collect along with the source of data. The types of data we collect may change over time; the following table is an indicative list to help you understand the types of data we collect. The data type collected will depend on the nature of the insurance policy you have with us.

Data Category Data Type
Policy Data Identity data, employment status & occupation, previous insurance history, details of any previous claims and claims occurring during the term of a policy arranged by us. Driving history (including motor convictions, disqualifications/penalty points, health data, vehicle details), applied visa type (student / graduate visa), school name, school course cost (euro), cover term, insurance requirements including details about your home such as type of the property.
Identity and Individual Data Name, date of birth, marital status, home address, contact address, email address, phone number, dependents, health details, CVs, employment details, education details, payment details, financial details, ID documents, vehicle registration details, PPS number, driver license number, passport number, work permission documents, IP address and other technical/usage data when you visit our website.
Financial Data Bank details, payment card details, transaction history.
Special Category Data – Health Data Information about your health.
Criminal Convictions Data Details of any unspent motoring, including penalty points or non-motoring convictions (if any).
Technical Data Technical information from your visit to our websites and through email exchange. This may include your IP address, login information, browser type and version, and time zone setting.
Usage Data Statistical data about your browsing actions and patterns through interactions with our websites, social media sites, browser plug-ins, and other applications.

Purpose for which we hold your information

The main purposes for which Arachas uses your personal information are to provide a quote, set up, administer and manage your policy, and to carry out marketing and analytics. The table below provides more details on the purposes for which we process your personal data and the legal basis by which we do this.

Reason for Processing Legal Basis for Processing
To provide you with a quote for insurance and process your application Performance of a contract or to take steps at your request prior to entering into a contract
To administer your insurance policy Performance of a contract
To respond to your queries and to provide you with the information you request relating to our services and/or products Performance of a contract
To comply with a legal obligation Necessary for the purposes of the legitimate interests pursued by the controller
To manage payments, fees and charges in respect of insurance premiums, and to collect and recover money owed to us Performance of a contract and/or necessary for the purposes of the legitimate interests pursued by the controller
Recording telephone calls (for training, quality, verification and prevention of fraud purposes) Necessary for our legitimate interests (training, quality and verification purposes) and to comply with a legal obligation

Marketing

For marketing purposes, we may contact you about offers, competitions, products, and services from Arachas via email, post, SMS, and phone.

We use the information you give us and information from other sources:

  • To provide you with information about other goods and services that we offer similar to those you have purchased or enquired about (unless you have opted out).
  • For occasional market research and statistical purposes (you may opt-out of such research at any time).
  • To allow selected third parties to provide you with information about goods and services that may interest you (you can opt-out via the form or contact details below).
  • To send you offers, with your consent, for products which we feel are relevant to your needs.
  • To measure advertising effectiveness and deliver relevant advertising to you.

For non-customers, consent is obtained through a clear opt-in process. For existing or past customers, a Legitimate Interest or soft opt-in basis is used – with clear options to opt-out in every communication.

How do I opt-out?

You will have the option to opt-out when we collect your personal information and within each subsequent communication you receive. All emails and texts include a link to unsubscribe or opt-out of future marketing communications. Additionally, you can change your marketing preference by contacting us at optout@arachas.ie. Please note that it may take up to 3 working days to process your opt-out request.

Data Analytics

As part of our ongoing business strategy, we may use analytics and search engine providers to assist us in improving and optimising our site. This ensures the content from our site is presented in the most effective manner for you.

Consequences of not providing us with information

You can choose not to give us personal information; however, this may affect our ability to fulfill our contract with you, provide you with a quote, or manage your policy, which may even lead to cancellation of a product or service.

Subject Rights

As a data subject you have the following rights regarding your personal data:

  • Right to Access: Know what personal data we hold, why, and how it is used.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): Seek deletion of your personal data under specific conditions.
  • Right to Restriction of Processing: Restrict the use of your personal data under certain circumstances.
  • Right to Portability: Receive your personal data in a structured, commonly used machine-readable format.
  • Right to Object: Object to the processing of your personal data, including for direct marketing.
  • Right to Object to Automated Processing, including Profiling: Not be subject to decisions based solely on automated processing or profiling that significantly affect you.
  • Right to Withdraw Consent: Withdraw consent for data processing based on consent at any time.

To exercise your rights, please contact our Data Protection Officer at Arachas Corporate Brokers Limited, The Courtyard, Carmanhall Road, Sandyford Industrial Estate, Dublin 18, or email dataprotection@arachas.ie with proof of identity.

Please note that you should keep your personal information up to date by informing us of any changes.

Requests regarding your rights should be sent to dataprotection@arachas.ie with sufficient details to help us process your request efficiently.

We normally have 30 days to respond to such requests (with a possible extension of two months) and will inform you if we need more time or if your request is refused.

There is no fee for requests unless they are deemed unfounded or excessive.

Breaches

Arachas takes steps to protect and safeguard your data. In the unlikely event of a data breach, we will notify you in line with our legal obligations.

Retention of Your Personal Data

Data will not be held for longer than necessary for the purpose(s) for which it was obtained. The retention period depends on the type of data held. For example, insurance policy data is retained for 6 years after the last transaction; unsuccessful applicant details and CVs for 12 months; and details of successful applicants for the duration of employment with Arachas plus seven years.

For legacy data from acquired companies, we retain records for a minimum of six years, or longer if required by the insurer or underwriter.

Automated Individual Decision-making including Profiling

Before arranging an insurance product or service, we may use automated decision-making tools (for example, an Insurer’s Rating Engine) to assess insurance risks and calculate premiums. If you disagree with the result or have concerns, you have the right to request clarification from a staff member.

Data Security

We are committed to protecting the security of your personal information and have taken steps—including encryption and staff training—to safeguard your data from loss, misuse, unauthorised access or disclosure, alteration, or destruction.

Note that while we use secure servers and SSL encryption for payment transactions, data transmitted over the internet can never be entirely secure.

If you hold a password for certain parts of our website, please keep it confidential.

International Transfers

It may be necessary to transfer your personal information to group companies or service providers outside the European Economic Area (EEA). In such cases, we ensure that the recipient has appropriate data protection measures in place, such as Standard Contractual Clauses or an Adequacy Decision.

Business Relationships

This website may contain links to other websites. Arachas is not responsible for the privacy practices or content of such external sites.

Changes to our Privacy Notice

Arachas may update this Privacy Notice from time to time without prior notice. A revised version will be posted online and will be effective immediately. It is your responsibility to review this notice periodically.

Effective Date

This Privacy Notice was last reviewed on 18th December 2024.