General Data Protection Regulations (GDPR)

 Any service provider that retains, holds, or processes personal data in relation to its clients need to be very aware of the general data protection regulations which came into place on the 28 May 2018.

The requirements placed on the processing of personal data have now been considerably expanded, and a very serious level of potential fines linked to turnover of your company could see greater exposure for your company or business.

Some of the key requirements under the new general Data Protection Regulations are as follows:

  1. Personal Data – There is an extended definition of personal data which includes direct and indirect identification of the data subject.
  1. Accountability – There is a new mandatory accountability culture requiring privacy management activities and record keeping with enforcement policies.
  1. Expanded Personal Privacy Rights – There are additional rights of access to personal data by data subjects, additional rights in relation to notice, consent, portability and profiling.
  1. Data Protection Officer – In certain circumstances there is a requirement by a company or business for an assigned and empowered Data Protection Officer with the role and responsibility of compliance with the data protection regulations in relation to data subjects.
  1. Breach Notification Applications – If a breach occurs within your business or company there is a requirement on you to notify the Data Protection Commissioner  within 72 hours of identification.
  1. Privacy Impact Assessments – These will be required as part of your in-house practices and policies. This will require regular testing, assessment, a valuation of  effectiveness of technical and organisational measures.
  1. Cross Border Transfer – There will be requirements to know all your data processors that are handling personal data within the E.U.  Also with the advent of Brexit, data transferred outside this jurisdiction to the jurisdiction of Northern Ireland or Britain may have very specific requirements.
  1. Privacy by Design and Default – You will be required to have embedded privacy related technical and organisational measures in place in order to deal with data protection compliance.

For further information on Data Protection, please contact Data Protection Solicitors Carter Anhold in Sligo and Dublin.

Blog Items Relating to Data Protection

Brexit and Data Protection Update

Given the continuing uncertainty and proximity in relation to Brexit (29th March 2019 at the time of writing!), it is important now for businesses ..

E-Receipts: A Seasonal Reminder

As the countdown to Christmas gets ever closer, retail activity receives a foreseeable general boost which, in turn, provides for an increase in purchase receipts.

When DPIA Is Required

Article 35 of the General Data Protection Regulations (the “GDPR”) requires a DPIA be carried out by a controller where the type of data processing, in particular using new technology ….

To DPIA or not to DPIA?

A DPIA is a process designed to help you systematically analyse, identify and minimise the data protection risks of your personal data processing activities. A DPIA should generally be carried out prior to the processing by the data controller.

To erase or not to erase, that is the question!

Data Retention v Right to be Forgotten: The importance of awareness of your obligations/rights and striking the best balance between the two data protection areas, are brought into sharp focus in this article concerning two unions and ESB workers (electricity service technicians).

Protecting the Family Farm against Vulture Funds

It's time for Vultures to be met head on to keep them from the farm gate. International Vulture Funds, purchasing loans from Irish Banks, are a massive threat to many farming families. IFA President Joe Healy said recently that these “faceless funds are hell-bent on...


I highly recommend Donnacha and Carter Anhold. They are a hard working, patient and professional team as well as being experts in Family Law.  After a negative experience before Carter Anhold, I decided that hiring a private solicitor was in my best interests.
I am happy to say that my separation case was settled in my favour in a timely and stress-free manner. I would not hesitate to recommend Donnacha to others that are dealing with the sensitive issues around Family Law.
Sharon, Sligo