This Privacy Statement provides information about the ways in which the Data Protection Commission (‘the Commission’ or ‘DPC’) process the personal information provided to us.
Who we are?
The Data Protection Commission was established by the Data Protection Acts 1988 to 2018 (‘the Data Protection Acts’). You can contact the Commission here.
Under the GDPR and the Data Protection Acts, the Commission is responsible for monitoring the application of the GDPR in order to protect the rights and freedoms of individuals in relation to processing.
The tasks of the Commission include promoting public awareness and understanding of the risks, rules, safeguards and rights in relation to processing, handling complaints lodged by data subjects and cooperating with (which includes sharing information with) other data protection authorities in other EU Member States.
What is the General Data Protection Regulation (GDPR)?
The General Data Protection Regulation (‘GDPR’) applies from 25 May 2018 and significantly changes data protection law in Europe, strengthening the rights of individuals and increasing the obligations on organisations. The GDPR is designed to give individuals more control over their personal data. (A copy of the GDPR is available here).
The key principles under the GDPR are lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitation; integrity and confidentiality, and accountability (Article 5 of the GDPR).
Under GDPR data subjects have increased rights. Guidance on these rights is available here.
The data subject rights are:
Where personal data is kept by the Commission for the performance of its functions, the rights of data subjects and the obligations of the Commission, as a data controller, provided for in Articles 12 to 22 and 34 (which relates to communicating personal data breaches to data subjects) and in Article 5, GDPR (in so far as any of its provisions correspond to the rights and obligations in Articles 12 to 22) are restricted (Section 60(3)(c)(i), Data Protection Acts).
This means, for example, that the Commission does not have to respond to access requests for personal data under the GDPR where the personal data is kept for the performance of the Commissions’ functions (e.g. complaint handling).
If you require further information in relation to your rights and this restriction, you can contact our Data Protection Officer (DPO) here.
Changes to our Privacy Statement:
Update (20.09.2018): This Privacy Statement is currently being reviewed.
This Privacy Statement is not intended to be a comprehensive Privacy Statement/Notice as required by Articles 13 and 14 of the GDPR, given the restriction for personal data kept by the Commission for the performance of its functions.
A new website for the Commission is under development and will be available soon. This new website will focus on the GDPR and the new data protection legislation.
What is a cookie?
A cookie is a small text file that may be stored on your computer or mobile device that contains data related to a website you visit. It may allow a website “remember” your actions or preferences over a period of time, or it may contain data related to the function or delivery of the site. Cookies can be set by the owner of the website or in some cases by third party services the website owner allows to present other information, run content or provide other functionality such as analytics.
Further information on cookies can be found at: http://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm
How are they used on this site?