
DATA PROTECTION SOLICITORS
General Data Protection Regulations (GDPR)
Any service provider that retains, holds, or processes personal data in relation to its clients need to be very aware of the general data protection regulations which came into place on the 28 May 2018.
The requirements placed on the processing of personal data have now been considerably expanded, and a very serious level of potential fines linked to turnover of your company could see greater exposure for your company or business.
Some of the key requirements under the new general Data Protection Regulations are as follows:
- Personal Data – There is an extended definition of personal data which includes direct and indirect identification of the data subject.
- Accountability – There is a new mandatory accountability culture requiring privacy management activities and record keeping with enforcement policies.
- Expanded Personal Privacy Rights – There are additional rights of access to personal data by data subjects, additional rights in relation to notice, consent, portability and profiling.
- Data Protection Officer – In certain circumstances there is a requirement by a company or business for an assigned and empowered Data Protection Officer with the role and responsibility of compliance with the data protection regulations in relation to data subjects.
- Breach Notification Applications – If a breach occurs within your business or company there is a requirement on you to notify the Data Protection Commissioner within 72 hours of identification.
- Privacy Impact Assessments – These will be required as part of your in-house practices and policies. This will require regular testing, assessment, a valuation of effectiveness of technical and organisational measures.
- Cross Border Transfer – There will be requirements to know all your data processors that are handling personal data within the E.U. Also with the advent of Brexit, data transferred outside this jurisdiction to the jurisdiction of Northern Ireland or Britain may have very specific requirements.
- Privacy by Design and Default – You will be required to have embedded privacy related technical and organisational measures in place in order to deal with data protection compliance.
For further information on Data Protection, please contact Data Protection Solicitors Carter Anhold in Sligo and Dublin.
Blog Items Relating to Data Protection
Journalistic Privilege Case
We are honoured to act for Journalist Emmett Corcoran in what the Irish Times has classed as a highly significant decision that has implications for the protection of journalistic sources, and journalist privilege. The three Judge Court of appeal issuing Judgment last...
Harassment, Harmful Communications and Related Offences Act
The awaited Harassment, Harmful Communications and Related Offences Act has been signed into law on the 28 December 2020.
Christmas Shopping Online – Know Your Rights
Now more than ever people are shopping online, the growth in this sector has soared since COVID-19 and people are turning to their phones and computers to do their shopping in order to avoid the Christmas queues and stay safe. With more businesses than ever now with...
Christmas Shopping Online – Know Your Rights
Some shoppers may be concerned that we do not have the same consumer rights when buying online as we do when shopping in store, but this is not the case at all.
Brexit Data Protection and Cloud Storage Update
The Irish Government’s news department, Merrion Street, has issued an update regarding the storage of personal data by Irish companies in or on UK based cloud systems.
Brexit and Data Protection Update
Given the continuing uncertainty and proximity in relation to Brexit (29th March 2019 at the time of writing!), it is important now for businesses ..
E-Receipts: A Seasonal Reminder
As the countdown to Christmas gets ever closer, retail activity receives a foreseeable general boost which, in turn, provides for an increase in purchase receipts.
When DPIA Is Required
Article 35 of the General Data Protection Regulations (the “GDPR”) requires a DPIA be carried out by a controller where the type of data processing, in particular using new technology ….
Data protection issues for community groups and CCTV schemes
In pursuance of the Programme for a Partnership Government, a community based CCTV scheme was established with the intention of supporting local communities who wish to install and maintain CCTV …