Blogs

Does the GDPR really say that? Festive edition

09th December 2019

Letter writing, Christmas marketing emails and online shopping – Christmas time is here and with it comes more rumours that the GDPR is ruining the festivities. Here we take you through the data protection myths that tend to come up at this time of year and point out that if a story about the GDPR sounds too ridiculous to be true, it’s probably because it is too ridiculous to be true.   Does the GDPR ban people sending Christmas cards or letters to Santa? ...

The DPC’s take on digital assistants

02nd December 2019

The Data Protection Commission (DPC) attended the Oireachtas Joint Committee on Communications, Climate Action and Environment in November 2019 to discuss the topical issue of digital assistants, which in the run up to Christmas may be of particular interest to the public. The DPC was represented by Deputy Commissioner Dale Sunderland, responsible for the Consultation, Supervision and Policy functions of the DPC, as well as Assistant Commissioners Cathal Ryan and Ultan O’Carroll. ...

‘Can I talk to the account-holder?’ – Contacting organisations on behalf of someone else

18th October 2019

One issue which we come across regularly in the Data Protection Commission (DPC) is dissatisfaction from individuals regarding steps they are being asked to take when they contact an organisation on behalf of someone else. A common response they are encountering is that they are told the organisation will only deal directly with the account-holder, or they are asked to provide a very high standard of proof that they are acting on behalf of the account-holder. ...

Right to compensation and liability

04th October 2019

The Data Protection Commission (DPC) regularly receives queries from individuals about whether they can get compensation if their personal data rights have been infringed. Whilst the DPC has a suite of powers at its disposal to resolve complaints and take action against organisations, it cannot award compensation to affected individuals. This blog will outline briefly what the DPC can do for individuals, and what other options are open to you by going to court. How the DPC can help you ...

Direct Marketing - What you need to know about direct marketing

18th September 2019

A topic the Data Protection Commission receives a lot of queries on is direct marketing communications and how individuals can opt-out of them. Direct marketing is governed by both the General Data Protection Regulation (GDPR) and Regulation 13 of the ePrivacy Regulations (SI 336/2011).  Direct marketing usually involves an organisation (marketer) attempting to promote a product or service, or attempting to get you to request additional information about a product or service, by targeting you as an individual. Types of direct marketing may include: ...

Data Breaches – What to do if you find personal data in a public place

05th September 2019

Data controllers in the private and public sectors hold increasing amounts of personal data on individuals. Many organisations also continue to hold large quantities of personal data in paper form – often in on-site locations like offices, businesses, hospitals or other facilities. This large increase in the quantity of personal data processed and held gives rise to security challenges for the organisations that collect the data. ...

What supporting documents may be required when you raise a concern with the DPC?

29th August 2019

Since the introduction of the GDPR, we’ve seen a huge increase in the number of people contacting the Data Protection Commission (DPC), as individuals become more aware of their data protection rights. With this in mind, it’s important to know what supporting documents you should include when you contact us with a query or a complaint. If you are contacting the DPC with a query or issue relating to access requests, erasure requests or rectification requests, then there are a number of things we will ask you for, so it’s recommended you include these when you first contact us: ...

Options for app security

15th August 2019

Most of us use mobile devices in our day-to-day activities. Apps used on these devices often hold personal data for user convenience, functional operations, or even marketing purposes.  It is essential for organisations to ensure that any personal data they store is safe and secure. ...

Checking app permissions

31st July 2019

Apps on mobile devices are used by most people on a daily basis for many reasons. Like many other services, apps often require personal data in order to provide the service customers want and expect. Recent media reports have drawn attention to what personal data apps collect and store when you use them. While apps are sometimes useful and fun tools, it is advisable to check what access you are giving an app when it requests certain permissions. Sometimes you can also review this after you install the app. ...