Privacy Notice

Data Storage & Management Ltd, T/A DSM has been in business since 1998 employing twelve people and providing a comprehensive records management service to its customers in Ireland.

At the outset DSM wishes to state that it will only ever seek to request and use the minimum of personal information. The sole purpose of requesting such information is to enable DSM to communicate with employees, customers and suppliers to fulfill a range of business services as required. This data includes primarily names, addresses, telephone numbers, email addresses, PPS numbers (in the case of employees), and bank details.

DSM is fully committed to continuing to operate within its strong code of security and confidentiality. It will protect all personal information and will never disclose or reveal this inappropriately or in breach of data protection legislation.

It is essential to point out that all data held in off-site storage by DSM on behalf of its customers will always remain in the ownership of each customer. DSM will not handle, change, amend or add to this data except to retrieve and return this from time to time as required by each customer or, in some cases, to scan the hard copy document into a soft-copy format, again as required by individual customers. In this regard DSM has recently implemented a secure electronic file transfer system to ensure that this activity is fully compliant with GDPR. This product ensures that all data is encrypted during electronic transfer and can only be accepted by the person for whom it is intended.  

In preparation for EU General Data Protection Regulations (GDPR) 2018 DSM has both reviewed and revised its core documentation and has also introduced new documentation where necessary as follows:

  1. DSM’s Privacy Statement (new – completed)
  2. Data Protection Procedure (new – in progress)
  3. Updated Data Protection Policy (completed)
  4. Revised Records Management Policy (completed)
  5. Revised Records Retention Schedule (in progress)
  6. Revised Contracts of Employment (completed)
  7. Revised Confidentiality Agreement for DSM team members and on-site suppliers (completed)
  8. DSM’s updated Service Level Agreement (completed)
  9. DSM’s updated Customer Authorisation Form (completed)
  10. Revised Quality Manual (completed)
  11. Revised Security Policy (in progress)
  12. Revised Business Continuity Plan (in progress)

DSM has also added a consent request and data protection assurance statement to all business-related documentation in compliance with GDPR. All personal information collected by DSM during its business will be wholly purpose-related and will be erased/deleted/destroyed once the purpose for which it has been collected expires or is terminated. All data subjects will be advised accordingly.

By completing all the above tasks DSM will therefore ensure that it will meet the ongoing requirements of the EU General Data Protection Regulations (GDPR) Legislation 2018.

DSM’s management team has attended a number of briefings and training courses to ensure our readiness and compliance with GDPR and extensive briefings have been held for all other DSM team members as part of DSM’s continuous annual training programme.

As an SME DSM is not obliged to appoint a Data Protection Officer. However, in its place DSM has opted to appoint a Data Protection Liaison person (DSM’s IT Specialist Martin Hehir) who will work with me, the overall Data Controller, to implement and oversee data protection legislation and will handle potential breaches, if any, going forward. This appointment has been completed.

Finally, DSM currently holds the ISO 27001:2013 Standard (Information Security) and has operated a comprehensive Information Security Management System within the Company since 2011. DSM is audited annually by NQA to ensure compliance with this Standard. DSM also holds the ISO 9001:2015 Quality Standard and is also audited annually by NQA in this regard. In additional DSM employs an independent contractor to carry out internal audits 6 times each year to further ensure compliance.



Visitors to DSM
People who use our services, Visitors to our
When someone visits this site we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. We collect this information in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. We will not associate any data gathered from this site with any personally identifying information from any source. When using our contact form the information submitted is simply emailed and not stored anywhere else.

Use of cookies by DSM
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

The table below explains the cookies we use and why.

Cookie Name Purpose More information
Google Analytics


These cookies are used to collect information about how visitors use our site, which we use to help improve it. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Click here for an overview of privacy at Google

Session ID


This cookie is essential for current state of the page you are in. It contains a session ID which is a mechanism for distinguishing your visit to our website from any other visitors that may be using the website at the same time.

More about Session ID

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit or

To opt out of being tracked by Google Analytics across all websites visit

Turn off cookies on Fire Fox,  Turn of Cookies on Safari,

Turn Off Cookies on Chrome

If you have any questions or queries regarding DSM’s compliance with GDPR I will be very happy to have a discussion with you at any time. On behalf of our full team here in DSM I would like to assure you of our continued efforts to improve our service with efficiency, cost effectiveness and professionalism.

Signed:   Wendy Ryan

Managing Director

Date: May 2018