Stephen Kelly Law - Solicitor in Ireland
Data Protection

Data Protection

Comprehensive Advice on GDPR Rights and Data Protection Compliance

Get GDPR AdviceCall Now

Available 24/7 for Garda station call-outs

GDPR and Your Rights

Since the EU's General Data Protection Regulation ("GDPR") came into force in 2018, consciousness of the importance of data protection law has soared among the public. Because the GDPR is principles-based, there is ample scope for confusion and different interpretations.

Irish legal system and government buildings

There is a great deal of misunderstanding, which contributes both to under-compliance and, at times, to over-compliance.

The GDPR requires that there be a clear legal basis for the processing of personal data (this may be, for example, consent or performance of a contract), and that the processing of data is proportionate and does not exceed what is required for the given purpose. If your personal data is disclosed in a security breach, this needs to be reported to the Data Protection Commission, unless the risk is low. You may also be entitled to damages, although this is not an automatic entitlement simply because there has been a breach.

Other rights protected by data protection law include the right to seek a copy of your personal data held by an organisation (a subject access request) and the right to erasure ("the right to be forgotten") where information in the public domain is inaccurate or no longer relevant. None of these is an absolute right. I am happy to advise on your options should you need advice on your data protection rights.

Your Data Protection Rights

Subject Access Request

Right to obtain a copy of your personal data held by an organisation

Right to Erasure

The "right to be forgotten" where information is inaccurate or no longer relevant

Breach Notification

Right to be informed of data breaches that pose a risk to your rights

Key Points

GDPR principles-based regulation

Legal basis required for data processing

Security breaches must be reported

Right to subject access request

Right to erasure (right to be forgotten)

Potential entitlement to damages

GDPR Compliance

Organisations must have a clear legal basis for processing personal data, ensure data is processed proportionately, and report security breaches where appropriate. Non-compliance can result in significant penalties.

The above is a general commentary on the law and does not constitute legal advice for your particular circumstances.

Need Advice on Data Protection?

Whether you're concerned about a data breach, need help with a subject access request, or require guidance on GDPR compliance, get in touch today.

Contact Us