Graham Doyle
17th October 2023
The DPC expresses its condolences on the passing of Bride Rosney
22nd September 2023
The Data Protection Commission (DPC) expresses its sincere condolences to the family of Bride Rosney.
We are deeply saddened to learn of her sudden passing. She was a valued adviser and support to the Data Protection Commission as a member of our Audit and Risk Committee.
May she rest in peace.
Ar dheis Dé go raibh a hanam dílis.
...
Data Protection Commission welcomes latest successful prosecution of Marketing Offences
20th September 2023
The Data Protection Commission welcomed the outcome of prosecution proceedings that were taken by it today at Cork District Court against Alpha Wealth Limited, a financial advisory company based in Little Island, Cork.
...
Irish Data Protection Commission announces €345 million fine of TikTok
15th September 2023
The Data Protection Commission (DPC) adopted its final decision regarding its inquiry into TikTok Technology Limited (TTL) on 1 September 2023.
...
Data Protection Commission welcomes latest successful prosecutions of marketing offences
11th September 2023
The Data Protection Commission today welcomed the outcome of the prosecution proceedings that were taken by it at the Dublin Metropolitan District Court against Chill Insurance Limited, Hidden Hearing Limited, The Multiple Sclerosis Society of Ireland and Vodafone Ireland Limited.
...
Back-to-school photos — Keeping information about your child safe
30th August 2023
#PauseBeforeYouPost
The lead-up to September sees our social media feeds becoming chock-full of photos of smiling children with schoolbags in tow, featuring captions celebrating that they are #backtoschool.
The first day of school is an important milestone that proud parents everywhere are often keen to capture and share online.
...
FAQs
Where can I get further information on data protection for organisations?
The Data Protection Commission (DPC) has a designated section on its website which provides additional data protection information and resources for organisations.
FAQs
Can I use a "cloud" service to process my data?
If you decide to employ an external cloud service provider (the provider), for example, in order to upload and store documents, photos, videos, and other files on a remote server (a “cloud service”), your relationship with the provider could be one of joint controllership, a controller-processor relationship or both.
FAQs
What should be contained in a contract between a data controller and a data processor?
Sometimes, an organisation will need to engage the services of a sub-contractor or agent to process personal data on its behalf. Such an agent is termed a 'data processor' under data protection law. For example, a company may wish to engage the services of a payroll company to deal with their payroll issues. The employer is the data controller and the payroll company is the data processor.
FAQs
What do I do if there is a security breach?
A personal data breach under the General Data Protection Regulation (GDPR) is ‘a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed’.
Data controllers are therefore required to have in place appropriate security measures to prevent both internal and external unauthorised access to personal data that is under their control.