FAQs
What do I do if there is a security breach?
A personal data breach under the General Data Protection Regulation (GDPR) is ‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed’.
Data controllers are therefore required to have in place appropriate security measures to prevent both internal and external unauthorised access to personal data that is under their control.
FAQs
Is a member of a management company entitled to be provided with a full list of all registered members of the management company?
Under Section 169 of the Companies Act 2014, as amended, every company is required to keep a register of the company's members containing details of, amongst other things, the names and addresses of each member. The Act provides that an Owners’ Management Company (OMC) must keep a register of its members, which must be made available by the company for inspection without charge. In addition, Section 216 (11) Companies Act 2014 provides that a member may request a copy or a copy of any part of the members' register.
FAQs
Can management companies disclose to all members details of those property owners/members that have not paid service charges?
Section 18 of the Multi-Unit Developments Act 2011 requires an Owners’ Management Company (OMC) to establish and maintain a scheme to collect the service charges of its members. Information such as payment of service charges obtained in operating such a scheme constitutes the personal data of the individuals concerned and so must be processed according to the General Data Protection Regulation (GDPR) and Data Protection Act 2018.
FAQs
A debt recovery organisation has contacted me for payment of import tax associated with an overseas purchase I made some time ago. How did they get my details?
The payment of import duty that is payable under Irish tax law, following the delivery of goods, is not one that gives rise to any protection issues. It is a legitimate debt that falls due to be paid. Where it is not paid, parcel delivery services may endeavour to use debt collection agencies to collect the monies due.
FAQs
I have received a toll notice from eFlow. How did they obtain my details?
The use of toll roads and the M50 barrier-free toll require the payment of a fee to eFlow which operates the tolling system. eFlow is a registered business name of Transport Infrastructure Ireland (TII). The payment of the fee can be made in a variety of ways. If however, an individual does not pay their fee after using the toll, or makes a late payment, they will receive a toll notice.
FAQs
Where can I get further information?
For further information, read our full guidance note on cookies and other tracking technologies.
FAQs
Can I rely on a lawful basis other than consent for the storage of cookies or for the use of other tracking technologies?
No. Consent is the only lawful basis that applies to the storage of information, or access to information already stored, on the device or terminal equipment of a subscriber or user.
It is important to note that consent must be obtained regardless of whether the information stored or accessed is personal data.
FAQs
I am being asked by a website or app to consent to cookies – what choice do I have?
The tools provided should allow you to select the cookies you want to permit in a granular way, that is, they should not force you to accept all cookies, including cookies that are used for tracking or advertising purposes.
FAQs
Do I need consent for analytics cookies?
Yes. Analytics cookies are used as a measuring tool for websites, including to provide information on the number of unique visitors and the pages they browse during their visits. Some analytics tools are ‘first party’ tools, that is, the data from them is processed only by the website operator, for its own purposes.
FAQs
Do I have to use a third-party consent management platform?
No. However, if you do choose to use such a service you should ensure that the tool functions exactly as it is presented. You must not use any deceptive design features in your consent management tools in order to ‘nudge’ users into making a particular choice.