top of page

Data Protection Policy

Eoin Flynn Limited (EFL) acknowledges the paramount importance of handling personal data responsibly and in compliance with relevant data protection regulations, notably the General Data Protection Regulation (GDPR). This policy articulates our dedication to safeguarding the personal information of our employees and other individuals associated with our organisation.

In the course of essential employment procedures and to meet legal obligations, we may gather and retain various categories of personal data concerning our employees, including but not limited to contact details, emergency contact information, CVs and recruitment data, references from past employers, national insurance numbers and tax codes, terms and conditions of employment, job titles, descriptions, and pay grades, conduct-related data such as disciplinary records, training history, holiday and leave records, performance details, sickness absence records, and medical or health information.

All personal data processed by EFL will adhere to the following principles:

  • Personal data will be handled lawfully and transparently.

  • Data will be collected and used for legitimate and explicit purposes.

  • Only relevant and necessary data will be collected.

  • Efforts will be made to maintain accurate and up-to-date personal data.

  • Data will be retained only for as long as necessary.

  • Measures will be in place to protect personal data against unauthorised access, loss, or damage.

  • Any transfer of personal data outside the European Economic Area (EEA) will comply with GDPR requirements.


Ensuring suitable levels of data protection and security is a collaborative responsibility shared among EFL and all individuals associated with the company, including employees, consultants, subcontractors, and affiliates.

We commit to employing suitable technical and organisational safeguards to ensure the security of personal data, specifically guarding against unauthorised or unlawful processing, as well as accidental loss, destruction, or damage. Should we become aware of any breach of staff personal data that poses a threat to individuals’ rights and freedoms, we will promptly notify the Information Commissioner within 72 hours of its discovery.

Eoin Flynn 

Managing Director 

Eoin Flynn Limited 

bottom of page