The new DPC website is currently under construction. Our latest guidance in relation to GDPR, which comes into effect on 25th May, 2018, can be found at gdprandyou.ie and via pages on this website starting with "NEW" as per the navigation pane on the left. All other material on this site relates to the previous legislative regime under the Data Protection Acts 1988-2003 ("the Acts"). While the Acts may continue to apply in some circumstances, as of 25th May, 2018 the GDPR is the primary piece of legislation governing data protection.

Data Protection Commission

For Organisations - Your Reponsibilities

Am I a Data Controller or Data Processor?
What is a data controller / data processor?

A Guide for Data Controllers
A short information booklet which outlines the eight principles of Data Protection, this booklet is intended as an introductory guide to those holding or processing personal data.

Data Protection Rules
An outline of the eight principles of data protection which all data controllers must comply with when they collect and use personal information.

Direct Marketing
Guidance notes on the limits on the use of personal data for marketing purposes

Self Assessment Checklist
How you can assess your own data protection policy, including a self help checklist

Transfers Abroad
Information on the conditions that must be met before personal data may be transferred to 3rd countries i.e. places outside of the European Economic Area

Data Security Breach Code of Practice
This Code of Practice addresses situations where personal data has been put at risk of unauthorised disclosure, loss, destruction or alteration