Who We Are

The DPC expresses its condolences on the passing of Bride Rosney

22nd September 2023

The Data Protection Commission (DPC) expresses its sincere condolences to the family of Bride Rosney. We are deeply saddened to learn of her sudden passing. She was a valued adviser and support to the Data Protection Commission as a member of our Audit and Risk Committee. May she rest in peace. Ar dheis Dé go raibh a hanam dílis. ...

Data Protection Commission welcomes latest successful prosecutions of marketing offences

11th September 2023

The Data Protection Commission today welcomed the outcome of the prosecution proceedings that were taken by it at the Dublin Metropolitan District Court against Chill Insurance Limited, Hidden Hearing Limited, The Multiple Sclerosis Society of Ireland and Vodafone Ireland Limited. ...

Back-to-school photos — Keeping information about your child safe

30th August 2023

#PauseBeforeYouPost   The lead-up to September sees our social media feeds becoming chock-full of photos of smiling children with schoolbags in tow, featuring captions celebrating that they are #backtoschool. The first day of school is an important milestone that proud parents everywhere are often keen to capture and share online. ...

FAQs

Where can I get further information on data protection for organisations?

The Data Protection Commission (DPC) has a designated section on its website which provides additional data protection information and resources for organisations.

Back to FAQ search

FAQs

Can I use a "cloud" service to process my data?

If you decide to employ an external cloud service provider (the provider), for example, in order to upload and store documents, photos, videos, and other files on a remote server (a “cloud service”), your relationship with the provider could be one of joint controllership, a controller-processor relationship or both.

Back to FAQ search

FAQs

What should be contained in a contract between a data controller and a data processor?

Sometimes, an organisation will need to engage the services of a sub-contractor or agent to process personal data on its behalf.  Such an agent is termed a 'data processor' under data protection law. For example, a company may wish to engage the services of a payroll company to deal with their payroll issues. The employer is the data controller and the payroll company is the data processor.

Back to FAQ search