Privacy Statement
Last updated: February 2026
Introduction
At Mater Private Network, we understand that the privacy and security of your information is important to you. To this end, we will safeguard the integrity of all personal information you share with us, in compliance with our obligations under the relevant legislation and in order to protect and respect your privacy.
This Privacy Statement sets out the basis upon which we collect, use, store and disclose personal data collected from you and/or held about you, as well as your rights in relation to that data. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of Data Protection Laws, the Mater Private Network, with a registered address at Eccles Street, Dublin 7 and registered under Company Registration Number 99197 will be a Data Controller when acting as an employer, a supplier of health services and where dealing with suppliers and service providers. In that capacity, we are responsible for gathering and processing your personal data in a safe, secure and compliant manner.
Mater Private Network is the data controller for the purposes of Data Protection Laws. Where we use third-party service providers to process personal data on our behalf, those providers act as data processors and are subject to contractual obligations to protect your personal data. The processing of your Personal Data will be regulated by the terms of this Policy.
What is the purpose of collecting your Personal Data?
We use your data:
- so that the My Mater Private app works correctly
- to give you access to your health data through the app
- to communicate with you through the app
- to process payment and billing through the app
What Personal Data may we collect from you?
When we refer to personal data in this policy, we mean information that can or has the potential to identify you as an individual.
We may hold and use personal data about you as a patient, employee or in any other capacity. Depending on the services you receive from us, this may include special category personal data such as information relating to your health.
Personal data we collect from you may include the following:
- information that you give us when you set up your account such as your name, address, contact details (including email address and phone number);
- information you give us when you make a payment to us, such as financial or credit card information;
- the name and contact details (including phone number) of your next of kin or relatives;
- notes and reports about your health and any treatment and care you have received or need, including information relating to clinic and hospital visits and medicines administered;
- information obtained from feedback surveys in which you may have taken part;
- information that you give us when you submit a question/comment in relation to our App Customer Support Function;
- information you give us using the ‘contact us’ or ‘book an appointment’ forms on this App;
Please note – where you have provided us with personal data and contact details relating to your family members or next of kin, it is your responsibility to ensure that the individual is aware of the fact that you have provided us with their details and the purpose for doing so.
What personal information may we receive from third parties and other sources?
When you use our services, we may obtain the following categories of personal data about you from others:
- From your GP, other medical professionals including the HSE, other hospitals and health professionals when you transfer or are referred to our service;
- From independent medical consultants who carry out procedures at the Hospitals of the Mater Private Network. To provide you with the best possible care, consultants may need to share your personal data and medical records with other departments within the Mater Private Network;
- From an external company who monitor and analyse public social media pages on our behalf, and particularly where you post comments about the Mater Private Network. These comments are analysed to assess your opinion in relation to our services so that we may provide you with improved services;
- your employer, organisation or sports club if you are referred by them for medical assessment and/or treatment.
Why do we collect this information?
Your personal data will be kept confidential and secure and will, unless you agree otherwise, only be used for the purpose(s) for which it was collected. Your information helps us to provide and improve our services. On admission, you will be asked to provide certain personal information in relation to yourself, your health, your next of kin and your financial or bank details.
We will only use this information as follows:
- To create and maintain your medical record on our administration systems in order to record all aspects of your assessment, diagnosis and treatment while in our care;
- To ensure that our clinical staff have the most up-to-date information they require for your assessment and/or treatment;
- To enable follow-up care and assessment of your progress;
- To facilitate third-party associates in conducting satisfaction surveys of using the App;
- To generate invoices for treatment received and to administer the subsequent payment of those invoices;
- To keep you informed on our latest services and offerings, where you have subscribed to receive such information;
- To make such information available to you, on request;
- To constantly improve our MPN App services and security;
- To create and maintain your medical record on our administration systems which records all aspects of your assessment, diagnosis and treatment while in our care;
With whom do we share this information?
We may share your personal data with our trusted medical consultants, selected business associates, suppliers of medical equipment or third-party contractors in order to provide you with the services you require.
These business partners and third parties may include:
- health insurers to secure payment for your treatment where it is covered by your private health insurance policy;
- health professionals and therapists, independent clinical consultants and other hospitals that require your personal data as part of the provision of your medical treatment;
- IT service providers who either host or have legitimate access to our data as part of their service offering only for support purposes;
- regulatory bodies such as HIQA, the Health and Safety Authority or the HSE, where we are obliged to make data available as required by regulation;
- other companies and organisations with whom we exchange data for the purposes of fraud detection and credit risk reduction.
We may also disclose your personal information to third parties:
- As part of normal business processing with other subsidiaries within the Mater Private Network;
- Where we conduct satisfaction surveys and market research campaigns based on App usage;
- If we are under a duty to disclose or share your information in order to comply with any legal obligation or in order to enforce or apply our terms and conditions of use and other agreements; or to protect our rights, property or the safety of our patients or others.
The Mater Private Health Group may, from time to time, engage the services of external service providers for the purposes of processing data on behalf of the organisation where such providers are not employees of the Mater Private Health Group.
In such circumstances, appropriate Agreements will be put in place between the Group and the service provider covering the scope, extent and duration of such processing.
Schedule of Third Parties
| Category of Third Party | Description of Service Provided |
|---|---|
| IT Service Providers |
System-based processing of personal and/or medical details as part of patient treatment and/or organisational/operational requirements including:
|
| Medical Services | The Mater Private Health Group engages the services of self-employed medical specialists and clinicians to provide many of the key procedures available through our Hospitals and Clinics. |
| Legal/Professional Advisors | The provision of business consulting, audit and legal services including access to and analysis of personal data as part of business initiatives, statutory and regulatory audits, processing of legal claims, invoice processing and ad-hoc consultancy advice. |
| Outsourced Service Providers | The processing of personal data by external service providers where the Mater Private Health Group does not have either the expertise, capacity or demand to provide the processing required. This can include test/analysis of patient samples by external laboratories, diagnostic services, transcription services and clinical research. |
| Regulatory Bodies | Provision of personal data as required to satisfy recurring obligations, audit and mandatory reporting purposes with bodies such as HIQA, TUSLA, JCI, the Irish Health and Safety Authority, etc. |
How long do we retain your information for?
- The time periods for which we retain your personal information depends on the type of information and the purpose(s) for which we gather and use it. At a minimum, we will retain your personal data for the duration of the period required under relevant legislation (Employment, Consumer Protection, Safeguarding, Financial and Tax legislation, etc.).
- You can stop using the app at any time. If you delete the App from your device, this removes locally stored app data on that device; it does not automatically delete personal data we hold on our systems. To request deletion (where applicable) or exercise your rights, please contact our Data Protection Officer.
- We will still hold your personal and health information for other MPN services in line with our Data Retention Schedule and as required to fulfill our legal obligations. This includes information related to payments made to MPN and appointments provided via the App.
What legal basis do we have to justify processing of your personal data?
The General Data Protection Regulation (GDPR) requires organisations to be able to refer to an appropriate legal basis for any processing of an individual's personal data.
The lawful bases for which we process personal data include:
- The processing is necessary for the performance of the contract which you may have entered into with us or to take steps at your request prior to entering into such a contract;
- you may have provided consent for the processing for one or more specified purposes (e.g. when you filled out our Admissions form you may have provided your consent to receive further material in relation to our services);
- the processing may be necessary for compliance with certain legal obligations to which we are subject;
- the processing may be necessary for the purposes of the legitimate interests of the Mater Private Health Group, only where such interests are not overridden by your fundamental rights or freedoms under such legislation.
The GDPR sets an additional hurdle where special category personal data is being processed. This might include information in relation to your medical well-being, your diagnosis and treatment, information in relation to your religious or ethnic identity, etc.
Where we process your special category data, the legal bases for processing on the MPN App are:
- that the processing is necessary to provide you with preventative or clinical health-care services;
- to protect your vital interests or those of another person;
- that you have provided explicit consent for the processing for one or more specified purposes when you agree to the terms and conditions of the App.
Do we transfer your information outside the European Economic Area (EEA)?
In a limited number of circumstances, where personal data may need to be transferred outside the EEA, we will ensure that it is protected by an appropriate legal mechanism. This may include an adequacy decision (where applicable), Standard Contractual Clauses, and other safeguards required by Data Protection Laws. In limited circumstances, a derogation under Article 49 GDPR may apply (for example, where the transfer is necessary for the performance of a contract or where you have provided explicit consent).
What are your rights with respect to your personal data?
Under the GDPR, you have the following rights in relation to the processing of your personal data:
- The right to access the personal data we hold about you;
- The right to require us to rectify any inaccurate personal data about you without undue delay;
- The right to have us erase personal data we hold about you. It should be noted that this is not an absolute right and is limited to certain specific situations such as where processing is unlawful, where it is no longer necessary for us to hold the personal data in order to provide you with our services or, in some circumstances, if you have withdrawn your consent to the processing and there is no other legal ground for our continued retention or processing of the data;
- The right to object to us processing personal data about you, such as processing for profiling or direct marketing purposes;
- The right to ask us to provide your personal data to you in a portable format. This right only applies to data which you have provided to us, and where the processing is carried out by automated (electronic) means;
- The right to request a restriction of the processing of your personal data in certain circumstances.
Where our processing of your personal data is based on your consent to that processing, you have the right to withdraw that consent at any time. In such circumstances, any processing that we have carried out before you withdrew your consent remains lawful.
You may exercise any of the above rights by contacting the Mater Private Data Protection Officer by email using the email address: dataprotectionofficer@materprivate.ie
Should you wish to do so, you may lodge a complaint with your local Supervisory Authority with respect to our processing of your personal data. The local Supervisory Authority in Ireland is the Office of the Data Protection Commission. You can contact the Office of the Data Protection Commission at:
Telephone: +353 (0) 1 765 0100 or Local Number 1800 437 737
E-mail: info@dataprotection.ie
Postal Address: Data Protection Commission, 6 Pembroke Row, Dublin 2, D02 X963, Ireland
For further information please visit the Data Protection Commission's website at www.dataprotection.ie.
Analytics data that we process
Strictly necessary SDKs we use:
The strictly necessary SDKs we need to put on your device for the My Mater Private app to work are:
- Sentry – for reporting errors that occur in the frontend, and the user actions leading up to the error
SDK for analytics to function:
This is used to gather your choice for optional analytics:
- Google Firebase – for measuring usage of the app.
Changes to our Privacy Policy
We keep our Privacy Policy under regular review and as a result it may be amended from time to time without notice. As a result, we encourage you to review this Privacy Statement regularly. Please review this notice each time you visit our website or use our services. This notice was last updated in February 2026.
How can you contact us/our Data Protection Officer?
Dublin:
Email: dataprotectionofficer@materprivate.ie
Address: The Data Protection Officer, Mater Private Hospital, Eccles Street, Dublin 7
Cork:
Email: mpcdpo@materprivate.ie
Phone: (021) 6013200
Address: The Data Protection Officer, Mater Private Hospital, Citygate, Mahon, Cork