Privacy policy

PRIVACY POLICY
Last updated: 11 July 2026

1. Introduction

Optimum Tax Return (“we”, “us” or “our”) is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, disclose, store and protect your personal information when you:

Visit our website;
Contact us about our services;
Become a client;
Use our client portal;
Provide documents or information to us; or
Use our tax preparation, payroll, accounting or advisory services.
This policy applies to clients and prospective clients of Optimum Tax Return, a tax practice based in County Meath, Ireland.

Where you authorise us to act as your tax agent, we may use Revenue’s online services and ROS to access relevant tax information, prepare tax returns and communicate with the Revenue Commissioners on your behalf.

We process personal data in accordance with:

The General Data Protection Regulation (EU) 2016/679 (“GDPR”);
The Data Protection Act 2018;
Applicable Irish tax legislation;
Applicable anti-money laundering legislation; and
Other applicable Irish and European Union laws.

2. Data Controller
The data controller responsible for deciding how and why your personal data is processed is:

Business name: Optimum Tax Return
Principal and legal owner: David Parker
Email: [email protected] Website: optimumtaxreturn.com

Our ROS or tax agent identification details are not published in this Privacy Policy. They are used only where required to provide authorised services and communicate with the Revenue Commissioners.

3. Personal Data We Collect
The information we collect depends on the services you request.

3.1 Personal identification information
We may collect:

Your full name;
Date of birth;
Personal Public Service Number (“PPSN”);
Current and previous addresses;
Email address;
Telephone number;
Marital or civil status where relevant to your tax affairs;
Details of your spouse, civil partner or dependants where relevant;
Tax reference numbers;
Nationality or tax residence information;
Passport, driving licence or other identification documents;
Proof of address; and
Information required to verify your identity under anti-money laundering legislation.

3.2 Financial and taxation information
We may collect:

Employment Detail Summaries;
Payslips and employment income information;
Previous P60 or P45 documents where relevant;
Self-employment income and business records;
Rental income and property information;
Dividend, interest and other investment income;
Capital gains and investment transaction information;
Bank account details;
Bank and credit card statements;
Pension contributions and pension statements;
Tax credits and reliefs claimed;
Medical and qualifying expense information;
Previous tax returns;
Revenue statements and correspondence;
Details of tax liabilities, refunds and payments; and
Information used to process invoices or service payments.
We will not ask you to provide online banking passwords, card PINs or complete payment-card security details.

3.3 Employment and payroll information
Where we provide employment-related or payroll services, we may collect:

Employer details;
Employee and director details;
Employment commencement and cessation dates;
Salary and wage information;
Hours worked;
Benefits in kind;
Expenses and allowances;
Pension deductions;
Redundancy or termination payments;
Leave and absence information where relevant to payroll;
Revenue Payroll Notification information; and
Payroll submission and payment records.

3.4 Business information
Where applicable, we may collect:

Business or trading names;
Business registration details;
Company registration numbers;
Tax registration numbers;
VAT registration numbers;
Business accounts and financial statements;
Sales and purchase records;
Invoices and receipts;
Payroll records;
Business bank statements;
Asset and liability information;
Details of directors, shareholders, partners or beneficial owners;
Supplier and customer information; and
Information required to prepare VAT, payroll, income tax, corporation tax or other returns.

3.5 Property information
Where applicable, we may collect:

Property addresses;
Ownership details;
Purchase and disposal information;
Rental income records;
Details relating to tenants or letting agents;
Mortgage interest information;
Property expenses;
Local Property Tax information;
Residential Tenancies Board registration information; and
Supporting documents for rental income, capital gains or property-related tax matters.
You should avoid providing unnecessary personal information about tenants or other individuals. Where possible, documents should be redacted so that only information required for the relevant tax service is supplied.

3.6 Special-category personal data
We may process limited health-related information where you ask us to claim tax relief for:

Qualifying medical expenses;
Health insurance premiums;
Nursing-home expenses; or
Other health-related tax reliefs.
Health information is special-category personal data under the GDPR. We will normally process this information with your explicit consent and only for the relevant tax or advisory purpose.

You may withdraw your consent, but doing so may prevent us from completing a claim or providing the relevant service.

3.7 Technical and website information
When you use our website or client portal, we may collect:

IP address;
Browser type and version;
Device and operating-system information;
Website usage information;
Portal login and security activity;
Date and time of access;
Information provided through online forms; and
Cookie or similar technology information.
3.8 Documents and communications
We may process:

Documents uploaded to our client portal;
Documents sent by email;
Scanned or photographed supporting records;
Information submitted through online forms;
Letters and correspondence;
Notes of telephone or online meetings;
Instructions you give us; and
Other records relating to the services we provide.

4. How We Collect Personal Data
We may collect personal data:

Directly from you;
Through website or client intake forms;
Through our client portal;
Through email, telephone or other communications;
During online or in-person meetings;
From documents and records you provide;
From the Revenue Commissioners where you have authorised us to act;
From your employer, payroll provider or business records where relevant;
From a previous accountant, tax adviser, solicitor or financial adviser with appropriate authority;
From publicly available registers where necessary;
From company directors, partners, employers or authorised representatives; and
From third parties where you have authorised the disclosure or where the disclosure is permitted by law.
Please ensure that information you provide about another person is accurate and that you are authorised to provide it.

5. Legal Bases for Processing
We process personal data only where we have a lawful basis.

5.1 Performance of a contract
We process information where necessary to:

Provide a quotation;
Take steps at your request before entering into an engagement;
Prepare and submit tax returns;
Provide payroll, accounting or advisory services;
Respond to your instructions; and
Manage our professional relationship with you.

5.2 Legal obligations
We may process information to comply with:

Irish tax legislation;
Revenue requirements;
Accounting and record-keeping obligations;
Anti-money laundering and counter-terrorist-financing obligations;
Court orders;
Regulatory requirements; and
Other legal or professional obligations.

5.3 Legitimate interests
We may process information where necessary for our legitimate interests, provided those interests do not override your rights.

These interests may include:

Managing and improving our services;
Maintaining accurate client and business records;
Securing our systems and client portal;
Preventing fraud and misuse;
Establishing, exercising or defending legal claims;
Recovering unpaid fees;
Managing complaints;
Conducting quality-control reviews; and
Communicating with existing clients about relevant services and deadlines.

5.4 Consent
We may rely on your consent for:

Marketing communications;
Non-essential cookies;
Processing health information for particular tax-relief claims;
Sharing information with a third party at your request; or
Other optional processing activities.
You may withdraw your consent at any time. Withdrawal does not affect processing that lawfully took place before consent was withdrawn.

6. How We Use Personal Data

6.1 Tax and professional services
We may use your data to:

Prepare Income Tax returns, including Form 11 or Form 12 filings;
Prepare VAT, payroll, Corporation Tax or other tax returns;
Calculate tax liabilities, repayments and preliminary tax;
Claim tax credits, allowances and reliefs;
Review tax records;
Prepare amendments or corrections;
Respond to Revenue queries;
Communicate with Revenue on your behalf;
Provide tax planning;
Provide payroll, bookkeeping or accounting support;
Prepare financial information and working papers; and
Provide other services agreed in our engagement letter.

6.2 Identity verification and compliance
We may use your information to:

Verify your identity;
Complete customer due-diligence checks;
Identify beneficial owners;
Assess anti-money laundering risks;
Maintain records required by law;
Prevent fraud;
Comply with lawful requests from authorities; and
Meet professional indemnity insurance requirements.

6.3 Communications
We may use your contact information to:

Respond to enquiries;
Request documents or information;
Provide updates about your work;
Send tax deadline reminders;
Send payroll or filing reminders;
Deliver completed returns and reports;
Obtain approvals;
Issue invoices and payment reminders;
Inform you about changes affecting our services; and
Provide relevant annual tax-planning communications.

6.4 Business administration
We may process data to:

Set up and maintain client records;
Manage workflows and deadlines;
Operate our client portal;
Process payments;
Maintain financial and accounting records;
Manage disputes and complaints;
Recover unpaid fees;
Protect our systems;
Maintain backups; and
Improve the quality and efficiency of our services.

6.5 Marketing
Where consent is required, we may use your contact details to:

Send tax newsletters;
Provide tax updates and planning tips;
Inform you about new or related services; and
Send occasional promotional communications.
You may unsubscribe at any time by using the unsubscribe facility provided or contacting us.

7. Sharing Personal Data
We do not sell your personal data.

We may share information only where necessary, legally required or authorised by you.

7.1 Revenue Commissioners
Where authorised, we may:

Submit tax returns and related information;
Access relevant Revenue records through ROS or other Revenue services;
Request statements or tax information;
Respond to Revenue correspondence; and
Communicate with Revenue on your behalf.

7.2 Technology and service providers
We may use third-party providers to support our business. These may include:

Microsoft 365, SharePoint, OneDrive and Outlook for email, document storage and collaboration;
Stripe, PayPal or another approved provider for payment processing;
Electronic signature, online meeting, backup or cybersecurity providers; and
Other professional software providers used to deliver our services.
These providers process information under their own legal obligations and/or under contractual data-processing terms with us.

Payment providers process your payment information directly. We generally receive confirmation of the payment rather than complete card details.

7.3 Professional advisers and insurers
Where necessary, information may be shared with:

Solicitors or legal advisers;
Professional indemnity insurers;
IT or cybersecurity specialists;
Accountants or specialist tax advisers assisting with a matter;
Auditors or quality reviewers; and
Professional or regulatory bodies with lawful authority.

7.4 Public and regulatory authorities
We may disclose information to:

The Data Protection Commission;
The Revenue Commissioners;
An Garda Síochána;
The Financial Intelligence Unit or other competent anti-money laundering authorities;
Courts and tribunals;
Law enforcement agencies; and
Other authorities where disclosure is required or permitted by law.
We may be legally prohibited from informing you about certain anti-money laundering disclosures.

7.5 Debt recovery
Where an invoice remains unpaid after reasonable attempts to obtain payment, relevant information may be shared with:

A solicitor;
A debt collection provider; or
A court or enforcement authority.
Only information reasonably necessary for recovery of the debt will be disclosed.

7.6 Other third parties
With your authority, we may share relevant information with:

A previous or new accountant or tax adviser;
A solicitor;
A financial adviser;
A mortgage adviser or lender;
A pension adviser;
A company director or business partner;
An employer or payroll contact; or
Another person you instruct us to work with.

8. International Data Transfers
Some technology providers may store or process personal data outside Ireland or outside the European Economic Area.

Where personal data is transferred outside the European Economic Area, we will take reasonable steps to ensure that an appropriate transfer mechanism is used, such as:

An adequacy decision issued by the European Commission;
European Commission-approved Standard Contractual Clauses;
The EU–US Data Privacy Framework, where applicable;
Supplementary contractual, technical or organisational safeguards; or
Another transfer mechanism permitted by data protection law.
Information about a particular provider’s transfer arrangements may be requested from us.

9. Data Retention
We retain personal data only for as long as necessary for the purpose for which it was collected and to meet legal, regulatory, insurance and professional requirements.

9.1 Tax and accounting records
Tax, accounting and supporting records will normally be retained for at least six years, calculated in accordance with the relevant tax and record-keeping requirements.

Records may be kept for longer where:

A Revenue enquiry, audit or investigation is ongoing;
A return or assessment remains open;
An appeal is ongoing;
A repayment claim has not been finalised;
Litigation or a complaint is ongoing or reasonably anticipated; or
A longer period is required by law.

9.2 Anti-money laundering records
Customer due-diligence and anti-money laundering records will generally be retained for at least five years after the end of the business relationship or the relevant transaction, subject to applicable law.

9.3 Business and invoice records
Records relating to our own accounts, invoices and business transactions will normally be retained for at least six years.

9.4 Client correspondence and working papers
Correspondence, tax-return working papers and supporting documents will generally be retained for the same period as the related tax or professional file.

9.5 Client portal information
Portal access may remain active while you are a client.

When our relationship ends:

Access may be suspended or closed;
The file may be archived; and
Relevant records may continue to be retained for the applicable legal period.
Clients should download any documents they wish to retain before portal access is closed.

9.6 Marketing records
Marketing information will be retained until:

You withdraw your consent;
You unsubscribe;
The information is no longer required; or
We determine that the information is no longer accurate or relevant.
We may retain limited details on a suppression list to ensure that an unsubscribe request continues to be respected.

9.7 Deletion
When information is no longer required, we will take reasonable steps to:

Securely delete electronic records;
Destroy physical records;
Remove access to archived information; and
Allow data in backups to be overwritten or deleted through the normal secure backup cycle.

10. Your Data Protection Rights
Your rights depend on the circumstances and the legal basis on which your information is processed.

Your rights are not absolute and may be restricted where we must retain or process information to comply with tax, anti-money laundering or other legal obligations.

10.1 Right of access
You may request:

Confirmation that we process your personal data;
A copy of relevant personal data; and
Information about how it is processed.
Access may be subject to legal exemptions and the rights of other individuals.

10.2 Right to rectification
You may ask us to correct personal data that is inaccurate or complete information that is incomplete.

Where appropriate, we may also correct information previously submitted to Revenue, subject to applicable procedures.

10.3 Right to erasure
You may request deletion of personal data in certain circumstances.

We may be unable to delete information that must be retained for:

Tax compliance;
Anti-money laundering compliance;
Accounting requirements;
Legal claims;
Professional indemnity purposes; or
Other legal obligations.

10.4 Right to restrict processing
You may ask us to restrict how information is used in certain circumstances, including while its accuracy or the lawfulness of processing is being considered.

10.5 Right to data portability
Where the right applies, you may request personal data that you provided to us in a structured, commonly used and machine-readable format.

The right does not apply to all information or all legal bases.

10.6 Right to object
You may object to processing based on legitimate interests.

You may object to direct marketing at any time. We will stop using your information for direct marketing after receiving your request.

10.7 Right to withdraw consent
Where processing is based on consent, you may withdraw consent at any time.

Withdrawal will not affect processing that lawfully took place before withdrawal.

10.8 Automated decision-making
You have the right not to be subject to certain decisions based solely on automated processing where the decision produces legal or similarly significant effects.

We do not make final tax-return or client-service decisions solely through automated processing. Professional work is subject to human review.

We may use software, templates, rules or artificial-intelligence-assisted tools to support administrative or preparatory work. Such tools do not replace professional judgement, and appropriate human review is applied before finalising material work.

10.9 Right to complain
You may complain to the Data Protection Commission if you believe your data protection rights have been infringed.

11. Exercising Your Rights
To exercise a data protection right, contact:

Email: [email protected] 


Please describe:

The right you wish to exercise;
The information or service involved; and
Any information that may help us locate the relevant records.
We may request proof of identity to protect your information from unauthorised disclosure.

We will normally respond without undue delay and within one month. Where a request is complex or numerous, the response period may be extended by up to two additional months. We will inform you of any extension within the initial one-month period.

Requests are normally handled without charge. A reasonable fee may be charged, or a request may be refused, where permitted by law and where a request is manifestly unfounded or excessive.

12. Data Security
We use appropriate technical and organisational measures designed to protect personal data against:

Unauthorised access;
Accidental loss;
Improper disclosure;
Alteration;
Destruction; and
Other unlawful processing.
Depending on the system and level of risk, measures may include:

Encryption in transit;
Encryption at rest where supported by the relevant provider;
Password-protected systems;
Multi-factor authentication;
Access restrictions;
Secure client portals;
Antivirus and firewall protection;
Software updates and security patches;
Secure backups;
Device-security controls;
Secure document disposal;
Confidentiality obligations;
Incident-response procedures; and
Periodic reviews of access and security arrangements.
Access to personal data is limited to individuals and service providers who require it for an authorised purpose.

No online system is completely secure. Clients should use strong passwords, enable available multi-factor authentication and notify us promptly if they believe their portal account or communications have been compromised.

13. Personal Data Breaches
If a personal data breach occurs, we will:

Investigate the incident;
Take reasonable steps to contain and mitigate it;
Assess the likely risks to affected individuals;
Document the incident and our response;
Notify the Data Protection Commission where the breach is likely to create a risk to individuals; and
Notify affected individuals without undue delay where the breach is likely to result in a high risk to them.
Where notification to the Data Protection Commission is required, it will be made without undue delay and, where feasible, within 72 hours of becoming aware of the breach.

14. Cookies
Our website and client portal may use cookies and similar technologies.

These may include:

Strictly necessary cookies required for security, forms, payments or portal login;
Preference cookies;
Analytics cookies used to understand website performance; and
Cookies set by embedded third-party services.
Non-essential cookies will be used only where permitted and, where required, after consent has been obtained.

We do not currently use cookies for behavioural advertising. If this changes, our Cookie Policy and consent arrangements will be updated.

Further information should be provided in a separate Cookie Policy or cookie-management notice.

15. Children’s Personal Data
Our services are not marketed directly to individuals under 18.

We may process information about a child or dependant where it is relevant to:

A parent’s or guardian’s tax return;
A tax credit, allowance or relief;
Payroll or employment obligations; or
Another service lawfully requested by a parent, guardian or authorised person.
We will process such information only where necessary and in accordance with applicable law.

16. Changes to This Privacy Policy
We may update this Privacy Policy to reflect:

Changes in our services;
Changes in technology providers;
Changes in legal or regulatory requirements;
Changes in how we process information; or
Improvements to our privacy and security arrangements.
The updated version will be published on our website with a revised “Last updated” date.

Where a change materially affects existing clients, we may also provide notice by email, through the client portal or through another appropriate method.

17. Complaints
Please contact us first if you have a concern about how your personal data has been handled.

Email: [email protected]


We will investigate your concern and aim to respond promptly.

You also have the right to complain to the Irish Data Protection Commission:

Data Protection Commission
6 Pembroke Row
Dublin 2
D02 X963
Ireland

Telephone: 01 765 0100 or 1800 437 437
Website: Data Protection Commission website

18. Contact Us
For questions about this Privacy Policy or how Optimum Tax Return processes personal data, contact:

Optimum Tax Return
Principal: David Parker
Email: [email protected] Website:optimumtaxreturn.com

This website uses cookies