Data Protection Basics

This guidance note, on ‘Data Protection Basics’, aims to address some of the most common questions about data protection law and to clarify the basic principles underlying data protection. This guidance covers the different laws which apply in a data protection context and when they apply, as well as the meaning of ‘personal data’ and ‘processing’, and how to identify a ‘data controller’ and what their obligations are. It aims to explain the requirement for a ‘legal basis’ to justify the processing of personal data, and outline the rights which individual ‘data subjects’ have and how they can exercise them. It also sets out the basics of the rules around electronic direct marketing as well as the use of cookies and other similar technologies. This guidance should assist both data subjects, as well as data controllers, particularly where read in advance of submitting a request to a data controller or a query to the DPC.

Data Protection Basics: Full Guidance Note