The new DPC website is currently under construction. Our latest guidance in relation to GDPR, which comes into effect on 25th May, 2018, can be found at gdprandyou.ie and via pages on this website starting with "NEW" as per the navigation pane on the left. All other material on this site relates to the previous legislative regime under the Data Protection Acts 1988-2003 ("the Acts"). While the Acts may continue to apply in some circumstances, as of 25th May, 2018 the GDPR is the primary piece of legislation governing data protection.

Data Protection Commission

Case Studies

The following is a list of case studies, by year, as featured in Annual Reports published by this Office. These case studies provide an insight into some of the issues that this Office investigates on a day to day basis. For ease of reference, some of the case studies have been indexed by categories below.

Case Studies - By Year


Case Studies - By Category


Right of Access






Fair Obtaining


Further Processing




Medical Data


Accurate & Up To Date


Security of Data


Direct Marketing - Email


Direct Marketing - Postal


Direct Marketing - SMS


Direct Marketing - Telephone


Direct Marketing - Fax








Right of Rectification / Deletion




Legal Privilege Exemption


Excessive Information


Improper Processing