GDPR Compliance Statement

Our commitment to protecting your data rights under the General Data Protection Regulation.

Our GDPR Commitment

Pension Pathway Ireland is fully committed to compliance with the General Data Protection Regulation (GDPR) and Irish data protection legislation. We recognize the sensitivity of the personal information we handle and have implemented comprehensive measures to protect your rights.

Data Protection Principles

We process your personal data in accordance with the following principles:

  • Lawfulness, fairness, and transparency: We process data only on legal grounds and are transparent about how we use it.
  • Purpose limitation: We collect data only for specific, explicit purposes related to the services you've engaged.
  • Data minimization: We collect only the data necessary to provide our services.
  • Accuracy: We take steps to ensure your data is accurate and up to date.
  • Storage limitation: We retain data only as long as necessary for our legitimate purposes and legal obligations.
  • Integrity and confidentiality: We implement appropriate security measures to protect your data.
  • Accountability: We can demonstrate our compliance with GDPR principles.

Your Rights Under GDPR

Right to Access

You have the right to obtain confirmation that we are processing your personal data and to access that data. We will provide a copy of your data in a commonly used electronic format upon request.

Right to Rectification

If you believe any personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected.

Right to Erasure

You have the right to request deletion of your personal data in certain circumstances, including:

  • When the data is no longer necessary for the purposes for which it was collected
  • When you withdraw consent and there is no other legal ground for processing
  • When you object to processing and there are no overriding legitimate grounds

Note: We may not be able to delete all data if we are under a legal obligation to retain it for tax or business records purposes.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain situations, such as when you contest the accuracy of the data or object to our processing.

Right to Data Portability

Where technically feasible, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another data controller.

Right to Object

You have the right to object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests.

Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing that occurred before you withdrew consent.

Right Not to Be Subject to Automated Decision-Making

We do not use automated decision-making or profiling in our services. All assessments and decisions regarding your pension matters are made by qualified human professionals.

How to Exercise Your Rights

To exercise any of these rights, contact us:

Email: [email protected]
Postal: Pension Pathway Ireland, 42 Fitzwilliam Square, Dublin 2, D02 R582, Ireland

We will respond to all requests within one month, as required by GDPR. In complex cases, we may extend this by two additional months and will inform you of any such extension.

Data Breach Notification

In the unlikely event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the Data Protection Commission within 72 hours of becoming aware of the breach
  • Notify affected individuals without undue delay if the breach poses a high risk
  • Take immediate steps to mitigate the breach and prevent future occurrences

Third-Party Data Processors

We work with carefully selected third-party service providers who process data on our behalf (such as secure document storage providers). All such processors:

  • Are bound by written contracts requiring GDPR compliance
  • Process data only on our instructions
  • Implement appropriate security measures
  • Are located within the EU/EEA or provide adequate data protection safeguards

International Data Transfers

When we engage our EU Contributions Consolidation service, your data may be shared with pension authorities in other EU member states. All such transfers comply with GDPR requirements and are protected by adequacy decisions or appropriate safeguards.

Children's Data

Our services are designed for adults planning for or claiming pension benefits. We do not knowingly collect or process personal data of individuals under 18 years of age.

Data Protection Officer

For questions specifically related to data protection and GDPR compliance, you may contact our Data Protection Officer at [email protected].

Supervisory Authority

You have the right to lodge a complaint with the Irish Data Protection Commission if you believe we have not complied with GDPR requirements:

Data Protection Commission
21 Fitzwilliam Square South
Dublin 2, D02 RD28
Ireland
Phone: +353 (0)761 104 800
Email: [email protected]
Website: www.bold-trajectory.com

Updates to This Statement

We review and update our GDPR compliance practices regularly. This statement was last updated on May 15, 2026. Material changes will be communicated to active clients via email.