Privacy & Security Policy

Who are We?

MMPI Group (the  “Firm”) is comprised of MMPI Financial Services Limited, MMPI Limited, MMPI General Insurance Services Limited, MMPI Trustee Services Limited,  InsurePlus Limited and Oregan Financial Services Limited. This Privacy Policy will explain how our organisation uses the personal data we collect from you when you use our website or engage with our representatives.  The Firm is required to comply with The General Data Protection Regulation (“GDPR”) (EU) 2016/679 and has adopted processes and procedures to ensure that the rights of clients under GDPR are protected during their interactions with the Firm.

Companies within the MMPI Group authorised as an Investment Firm under Regulation 8(3) and deemed authorised under Regulation 5(2) of the S.I. 375/2017 European Union (Markets in Financial Instruments) Regulations 2017.  A financial service provider which produces financial products and issues appointments to intermediaries or an intermediary which may issue appointments to other intermediaries. Authorised as an Investment Business Firm under Section 10 of the Investment Intermediaries Act, 1995 (as amended). Service Providers  holding appointments from IIA product producers, including intermediaries that may issue appointments, appearing in the register maintained under Section 31 of the Investment Intermediaries Act, 1995 (as amended), (MiFID Regulations); are authorised under the Investment Intermediaries Act, 1995, as amended to act as a product producer and a deposit broker; are registered with the Central Bank of Ireland under the Insurance Mediation Regulations 2005 to act as an Insurance Intermediary and under the Consumer Credit Act, 1995 as amended, as a mortgage intermediary, Registered as an insurance, reinsurance or ancillary insurance intermediary under the European Union (Insurance Distribution) Regulations, 2018 Mortgage Credit Intermediaries/Mortgage Intermediaries authorised pursuant to Section 31(10) of the European Union (Consumer Mortgage Credit Agreements) Regulations 2016 and Section 151A (1) of the Consumer Credit Act 1995.


  • What data do we collect?
  • How do we collect your data?
  • How will we use your data?
  • How do we store your data?
  • Marketing?
  • What are your data protection rights?
  • What are cookies?
  • How do we use cookies?
  • What types of cookies do we use?
  • Hoe to manage your cookies
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities

What data do we collect?

The MMPI representative / financial adviser will consider the level of information required based on the complexity and / or the liquidity of the product or service to ensure they can appropriately assess the client’s capacity to understand and financially bear the risks associated with the product or service or the length of time the client is prepared to hold the investment.

When the Firm is providing investment services the Firm representative will collect only the information necessary to assess the ability of the client to understand the risks and nature of each of the financial instruments that the Firm envisages recommending to that client and the needs and circumstances of the client. The extent of the service requested by the client may also impact the level of detail collected. A financial advisor will require more information about a client’s financial situation where the client’s investment objectives are multiple and / or long term than when the client seeks a short-term secure investment.

Where the Financial advisor is providing access to complex or risky financial instruments the Financial Advisor will carefully consider whether they need to collect more in-depth information about the client than they would when investing in less complex or risky instruments

Firms are required to carry out a robust assessment in advance of investments into complex products of the client’s knowledge and experience, including their ability to understand the mechanisms which make the product “complex”. For illiquid financial instruments the necessary information to be gathered will include the length of time for which the client is prepared to hold the investment.

The Firm has safeguards for the protection of vulnerable clients and more in depth information will usually be required for potentially vulnerable clients or inexperienced clients.

Where a client refuses to provide sufficient information, in line with requirements of the CBI Consumer Protection Code 2012 (“CPC”) and the Markets in Financial Instruments Directive II (“MiFID II”) 2014/65/EU, the client will be advised that the Firm does not have the relevant information necessary to assess suitability and that the Firm cannot offer the client the product or service sought.

Firm Representatives must ensure that up-to-date records containing at least the following are maintained in line with the CPC:

  1. a) a copy of all documents required for client identification and profile;
  2. b) the client’s contact details;
  3. c) details of products and services provided to the client;
  4. d) all correspondence with the consumer and details of any other information provided to the client in relation to the product or service;
  5. e) all documents or applications completed or signed by the client;
  6. f) copies of all original documents submitted by the client in support of an application for the provision of a service or product; and
  7. g) all other relevant information and documentation concerning the client.


The Firm must keep recordings of telephone conversations or electronic communications relating to the provision of client order services that relate to the reception, transmission and execution of client instructions or orders. Where instructions are provided by Clients through other channels such as mail, fax, email or documentation of client instructions made at meetings the Firm representative will ensure that the instruction is recorded in a durable medium.

The Firm will never collect personal data related to your racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union   membership, genetic data, data concerning your sexual orientation or data relating to criminal convictions and offences. This Data is categorised as Special Data under GDPR  and such information will never be requested unless in the exceptional circumstance it is required through a legal obligation on the Firm.

How do we collect your data?

The majority of the data collected by our Firm will be directly provided by the client. We collect data and process data when you

  • Use or view our website via your browser’s cookies
  • Engage with our Firm Representatives / Financial Advisors
  • When you invest in a product facilitated by our Firm.

When a client engages with the Firm, the Firm will arrange an introductory meeting with the client. The objective of an initial introductory meeting is to provide the Client with information about the Financial Advisor and the Firm and the products and services it provides. It is the intention of the Firm to conduct the introductory meeting in person to enable the Financial Advisor to get to know the client and to share information on the Firm, its products and services and to introduce and provide the client with the contact details of the Financial Advisor who will be the client’s main point of contact with the Firm. The client will be provided with the Firm’s Terms of Business at this meeting.

A Firm Representative / Financial Advisor will meet with the client and show the client the Fact Find Document and explain the information to be collected, why the information is being collected and will explain the suitability assessment the Firm is required to undertake together with its purpose.

The Firm has designed the Fact-Find, Risk Questionnaire and associated documents to ensure that the questions within the Fact-Find are likely to be understood correctly by the Client. The Firm has avoided using misleading, confusing, imprecise and excessively technical language within the Fact-Find.

The Fact Find document enables the Firm to gather information on the client’s financial circumstances such as assets and liabilities, income and expenditure, knowledge, experience of financial instruments and attitude to risk.

The objective of the Fact Find is to get to know the client better and is not just about gathering data, it is about understanding the client, their capacity to bear loss and their goals and objectives.

The Fact Finding document will record the Clients basic personal information such as

  • Marital Status
  • Family Situation
  • Employment Status
  • Liquidity Requirements
  • Emergency Fund
  • Age
  • The client’s preferences on environmental and social and governance factors will also be recorded

The Fact Find will also gather more technical information regarding the client’s financial circumstances and attitudes

  • Income and source
  • expenses, outgoings and assets
  • financial commitments
  • financial goals and objectives
  • attitude to risk and ability to bear losses
  • knowledge of investment risk

The Fact Find will be signed by the Client providing confirmation that the data collected is accurate and express consent by the client to the Firm’s us of the Client’s data for the purpose of providing the client with the product or service they are seeking. The Firm’s Representative will advise the client of the period of time for which the client’s data will be retained.

Prior to entering a service or product the client may advise the Firm at any time that they wish to discontinue the process and that they withdraw consent for the Firm to process their data. After entering a service or product the client may advise the Firm that they withdraw consent to the processing of their data and the Firm will discontinue processing subject to any barriers to discontinuing processing imposed by the nature of the product or service the client has entered.

How will we use your data?

The purpose of the questions in the Fact Find Document are to assess the client’s knowledge and understanding of the risk and help the Financial Advisor to assess the clients attitude to risk and therefore the types of financial instruments that are suitable for them. The Firm undertakes this process in line with its requirements under the Consumer Protection Code (CPC) and where relevant the MiFID II Suitability Requirements and the goal setting and data gathering enables us to collate sufficient information to meet “know your customer” criteria contained in regulatory requirements that we as a regulated entity must comply with.

The Financial Advisor will endeavour to obtain sufficient information from the client as we walk them through the fact-finding process to enable us capture, analyse and evaluate their situation and ultimately make a recommendation suitable to their needs and objectives. The objective of analysing and evaluating the client’s information is to work with our clients to devise strategies to accomplish as effectively as possible the client’s needs and objectives whilst mitigating risks.

The Financial Advisor on completion of the evaluation will create a tailored written statement of suitability to highlight the most suitable products that meet the needs and objectives of the client. The Financial Advisor will document in the Statement both the benefits and the risks or limitations of the product.

The assessment of suitability and recommendations regarding investments will take account of the client’s attitude to risk and their capacity to bear loss, their attitude to the relationship between risk and reward in choosing investment options.

The Financial Advisor will work with the client to provide the most suitable and appropriate solution to meet the needs of the client. The Financial Advisor will then assist the client with any necessary paperwork such as application forms and will liaise with other professional advisers / current policy providers where relevant.

The Firm has partner companies and may when the client has given their express consent share client data with the following external service providers so that they may offer the client their products or services.

Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. There are data processing agreements in place between MMPI Financial Services Limited and third-party processors.

Client data will only be used for the specified purpose that it was collected for and will not be used for any other purpose or in a manner that would not be compatible with the specific purpose it was collected for

The client will have access to the Firm Representative and their colleagues within the Firm whenever they need to make an enquiry about their investment / service or should they wish to arrange an appointment to discuss any changes in circumstances. The Firm will hold regular reviews with the client and on at least an annual basis to ensure that the client’s data stored by the Firm remains accurate and up to date.

We do not transfer data outside the EU. If MMPI Financial Services Limited use a provider who is based outside of the EU and the data subject resides within it (the EU), the Organisation Name must provide the data subject with contact details of a data protection representative in the EU;

How do we store your data?

MMPI Group are obliged to arrange for records to be kept for all services, activities and transactions undertaken by it which are sufficient to enable the Firm to comply with its legal and regulatory obligations and for the Central Bank of Ireland (“CBI”) to fulfil its supervisory tasks to ascertain that the Firm has complied with all relevant obligations.

The Firm is obliged under CPC and MiFID II to ensure that record-keeping arrangements are designed to enable the detection of failures regarding the suitability assessment (such as mis-selling) and ensure that records kept are accessible to relevant persons within the Firm and for Competent Authorities including the CBI.

The Firm is committed to ensuring orderly and transparent record-keeping regarding the information collected from our clients. The Financial Advisor will ensure that all documentation is fully and accurately completed, signed where relevant and stored securely on the Firms system and within locked, fire-proof filing cabinets in the Firm’s premises.  Specific record keeping requirements are called out in particular in the CPC and MiFID II Requirements with respect to gathering relevant information in order to meet ‘Know your Client’ (KYC) requirements and the Firm complies with these requirements.

The Firms system utilises Microsoft Bit Locker Encryption and dual password protection to ensure that data stored by the Firm may only be accessed by staff members.

The Firm on at least an annual basis will carry out an assessment of the adequacy of the systems and controls relating to record-keeping and this assessment is reviewed and approved by the MMPI Group Board of Directors. Assessments are carried out to ensure that the Firm can identify, assess, monitor and manage the risk of inaccurate, out of date or incomplete records and that the Firm’s systems and controls are proportionate to the nature, scale and complexity of the Firm’s activities.

The Firm maintains relevant documents for a period of at least six years, unless a longer period is required under legal or regulatory requirements or for as long as required for legitimate purposes (for example Financial Services and Ombudsman Requirements on long-term investment products or mortgages and CPC requirements on retaining fact finds or otherwise specified by the CBI)


The Financial Advisor will advise clients about the range of communication methods available to them for interactions with or by the Firm including face-to-face, online and via telephone in addition to written communications with the aim of providing a better choice of flexibility.

Firm representatives will ensure when making contact by phone or email with an existing client that they have provided within the last 12 months a product or service to the client that is similar to the purpose of the call / email or that the call relates to a product that the Firm has an obligation to maintain contact with the client regarding that product. Firm Representatives may also make contact with a client where they have express consent from the client to being contacted by the Firm Representative and for the reason that the contact is being made.

Firm Representatives will not make contact with an individual who is not an existing client, for example as a result of a referral, without first ensuring there is; written permission in place dated within the last 12 months from the individual to the receipt of contact for the purpose of the call or that the individual is the subject of a referral and the individual has provided express consent received by the Financial Advisor from an entity authorised to provide financial services in Ireland, another entity in the Group or a Solicitor. The Firm may also make contact with an individual if they are listed in the business listing section of the current telephone directory and contact is made using that business number.

Additionally, the Firm and its Financial Advisors when engaging in sales and marketing activities must ensure not to contact persons subscribed in the National Directory Database Opt-Out Register and with a preference not to receive sales and marketing calls.

When making telephone contact with either an existing client or an individual as a potential client, the Financial Advisor or support staff member will identify themselves, note the source of the referral (if relevant), note whether or not the line is recorded and ask if the individual being called is happy to proceed with the call before proceeding.

Where an individual requests that they are not contacted by the Firm this will be recorded clearly with the Clients information on the Firms system and on their client file. No further contact will be initiated by the Firm with that individual.

Where written correspondence is entered with a client or potential client the Financial Advisor will ensure that the Firms regulatory disclosure containing the Firm’s full name (and trading name, if the trading name is different) is included in written correspondence.

Clients will be provided with the following documents when a product has been recommended to them

  • Product Brochure
  • Key Features / Key Information Document (KID)
  • Key Investor Information Document (KID)

The documents provided will be in clear easy to understand language, avoiding the use of overly technical language that may not be understood and in consistent font size with no information in any way obscured. Warnings and risks will be included and  in a font size of at least equal size to the font used in the rest of the document.

What are your Data Protection Rights

MMPI Group would like to make sure you are fully aware of all your data protection rights under the General Data Protection Regulation (“GDPR”)

Right of access: Individuals may at any time request confirmation from the Firm that the Firm is or is not processing the individual’s data, if the Firm is for what purpose it is being processed, the categories of the personal data, the source of the personal data, whether it has been disclosed to third parties and to whom. The individual can also request the period of time for which the personal data will be retained by the Firm.

A copy of the Data relating to the individual held by the Firm and the Firm will ensure that the individual is provided with the information within one month of the request being made and without charge.

In exceptional circumstance where the request is complex or numerous, it may take the Firm up to three months to provide the individual with the requested information and the individual will be notified of the extended period of time required by the Firm within one month of the individual making the request.

Right of Rectification: Where the client is aware that the Data held by the Firm is inaccurate  or incomplete they have the right to request to have their data rectified or completed and the Firm will carry out their request without undue delay. The Firm engages client’s and reviews their information on at least an annual basis to ensure the data held by the Firm is accurate and current.

Right to erasure: The Client may request the Firm to erase any information relating to the client where; it is no longer necessary for the Firm to hold the information for the purpose it was collected, the client has withdrawn consent for the Firm to process the client’s data, the client has objected to the Firm processing their data, there are no legitimate grounds for the Firm to process the data or the data has been unlawfully processed.

The Firm will erase the Client’s data held by the Firm without undue delay; subject, to barriers prohibiting erasure such as any regulatory requirement on the Firm to retain the information or owing to a complaint or legal proceedings.

Right to restriction of processing: A client may restrict the Firm in the processing of the clients information where the client has contested the accuracy of the data held, the client believes the processing would be unlawful, where the Firm no longer needs the client information for the purpose that it was gathered for, where the client is exercising or defending a legal claim, or where the client has objected to the Firm processing their data.

Where the client restricts the processing of their data by the Firm the data with the exception of storage will only be processed by the Firm in the event of legal proceedings. In the event of the Firm lifting the restriction of processing, for example where inaccurate information has been rectified, the Firm will notify the client first.

The Right to Data Portability: Where the client has exercised their right of access the Firm will provide them with their data is a structured, commonly used and machine-readable format. The Firm will not impede the transfer of the client’s data to another data controller and will transfer the data directly to the data controller where the client has requested it to do so and it is technically feasible.

Right to object: The client may object to the processing of their personal data by the Firm. The Firm will not process the client’s data without compelling legitimate grounds which overrides the right of the client such as regulatory obligations or legal proceedings.

What are cookies?

A cookie is a small text file containing a unique identification number that is transferred from a website to the hard drive of your computer and passively track its activities on the website. This unique number identifies your web browser to our computer system whenever you visit our site. We may place a cookie in the browser file of your computer. However, the cookie itself, does not contain any personally identifying information about you. The cookie does not track your personal information or provide us with any means of contacting you, and the cookie does not extract any information from your computer. Cookies do not contain any information that personally identifies you, but personal information that we store about you may be linked by us to the information stored in and obtained from cookies.

ow do we use Cookies

We may use the information we obtain from your use of our cookies for the following purposes:-

  1. to recognise your computer when you visit our website;
  2. to tack you choices as you navigate our website;
  3. to improve our website’s accessibility and appearance;
  4. to allow us to analyse the use of our website;

to assist us in the administration of our website

MMPI uses cookies to provide functional information about your browser, allowing us to provide you with an enhanced degree of navigation on our website. We also use cookies to gather broad demographic information and general usage patterns about you and other users of out site.

What types of cookies do we use

We do or may use session cookies, persistent cookies and functionality cookies on out websites. MMPI does not use third party behavioural advertising cookies and does not collect data in this way or sell data of this kind to third parties.

How to Manage Cookies?

You can set your browser not to accept cookies. If you wish to delete any and all cookies stored on your computer please consult the help function of your own web browser.

If your browser rejects cookies, you may still use the MMPI website, However, your ability to navigate effectively or to access all of the pages on the site may be limited.

What is a Web Beacon?

Also known as clear GIFs; or single-pixel GIFs, web beacons are small image files, which MMPI may place on web pages and within web-based email newsletters, which it transmits from time to time. Working in conjunction with cookies, web beacons allow MMPI to accurately count the number of unique users, who have visited a specific page on the MMPI site and the number of times those pages are displayed. We can also use web beacons to let us know how may people opened a web-based email newsletter. This information is only collected in aggregate form and will not be linked to your personally identifiable data.

What is a Log File?

We use server log data to help administer the site; to better understand the parts of the site; which specific items if content are of most interesting to our site users; and also to measure volumes of traffic. Each time an MMPI page is requested from your browser, we log your computer’s IP address into our log files. Your computer has been pre-assigned a 12 digit number. This number is the IP address. We use your IP addresses to analyse trends, administer the site, track your movements on the site and gather broad demographic information for aggregate use.

Changes to our Privacy Policy

MMPI keeps its privacy policy under regular and at least annual review and places any updates on this web page. This privacy policy was last updated on [date] April 2023.

How to Contact US

If you have any questions about our Privacy Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us

Email us at:
Call us:               +353 1 6688322
Write to us:
101 Morehampton Road,
Donnybrook Village,
Dublin D04 T0C2

How to Contact the Supervisory Authority

If you are unhappy with the manner in which we have processed your data or with our responses to your queries or requests you may contact the Office of the Data Protection Commissioner.

Call them:           01 7650100 / 1800437737
Write to them:
21 Fitzwilliam Square South
Dublin 2
D02 RD28

error: Content is protected !!