The Data Protection Commission (DPC) is the national independent authority in Ireland responsible for upholding the fundamental right of individuals in the European Union (EU) to have their personal data protected. Accordingly, the DPC is the Irish supervisory authority responsible for monitoring the application of the General Data Protection Regulation (GDPR), and it also has functions and powers related to other regulatory frameworks, including the Irish ePrivacy Regulations (2011) and the EU Directive known as the Law Enforcement Directive (LED).

The statutory powers, duties and functions of the DPC are as established under the Data Protection Act 2018, which gives further effect to the GDPR, and transposes the LED into Irish law. The DPC’s mission is to safeguard data protection rights by driving compliance through guidance, supervision and enforcement.

The DPC also deals with complaints on behalf of individuals who are concerned that their personal data has been processed in a manner that is in contravention of data protection law. By progressing these concerns through the complaint handing process, the DPC seeks to protect and vindicate the rights of individuals.

However, it is important to note that the DPC does not exercise your data protection rights on your behalf. It is a matter for individuals to exercise their own data protection rights in the first instance. If an issue arises, the matter can then be brought to the attention of the DPC. Further, the DPC does not have the power to award compensation.