General Data Protection Regulation (GDPR)

What is the General Data Protection Regulation and what is it changing about data protection in Ireland?

On 25 May 2018, the General Data Protection Regulation (the GDPR) will become law across all member states within the European Union.


It has been widely described as a “game-changer” as it overhauls the manner in which all businesses and organisations handle personal data. Significant penalties can be imposed for breaches so doing nothing is not an option.


What is the GDPR?

Its full title is “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC”, otherwise commonly known as the “General Data Protection Regulation” or the “GDPR”.


Why is the GDPR so important?

The GDPR will overhaul the data protection legal framework in Europe when it comes into effect on 25 May 2018 and Irish businesses must be fully compliant by that date.


The GDPR will apply a single set of rules that are valid across all EU Member States. As it is a Regulation, this means that it will be immediately enforceable in Ireland (and other Member States) without the need for domestic legislation. This should decrease the level of national variation but there will not be complete European wide uniformity as the GDPR has left discretion to Member States in a number of areas.


The GDPR emphasises transparency, security and accountability on the part of businesses (irrespective of their size) that collect and process personal data, while standardising and strengthening the rights of EU citizens. It will greatly increase obligations on businesses as well as giving data protection authorities more robust powers to tackle non-compliance including the imposition of significant financial penalties.


Compliance with the GDPR will place a greater administration and compliance burden on businesses. However, preparation is the key to a smooth transition to the new data protection standards. The sooner preparations commence, the easier it will be for businesses to transition to the new standards.


Re-cap of Data Protection rules

Data protection protects the privacy rights of individuals by placing responsibilities on businesses that process personal data. Businesses must adhere to the key data protection principles summarised below and must show that the processing of the data is necessary for a particular purpose(s), known as a “lawful basis”, eg to perform a contract with the data subject or to comply with a legal obligation to which the business is subject. Businesses processing data must:


1) Obtain and process personal data fairly
2) Keep personal data only for one or more specified and lawful purposes
3) Process personal data only in ways compatible with the purposes for which it was given to the business initially
4) Keep personal data safe and secure
5) Keep personal data accurate and up-to-date
6) Ensure that personal data is adequate, relevant and not excessive
7) Retain personal data no longer than is necessary for the specified purpose or purposes
8) Give a copy of his / her personal data to any individual, on request


The GDPR builds on the above principles. However, it goes further, for example, by increasing standards and sanctions as well as introducing the principles of accountability (eg business must be able to demonstrate compliance with the GDPR) and transparency (eg any information / communication provided by businesses relating to the processing of personal data must be easily accessible, easy to understand and be in clear and plain language). The GDPR also amends and restates the permitted lawful bases for processing data.


The Data Protection Commissioner enforces data protection law in Ireland. The Government has however indicated its intention to replace the Commissioner with a “Data Protection Commission” which will be the “supervisory authority” under the GDPR (commonly known as the “data protection authority”) who will monitor the application of and enforcement of the GDPR.


Client Testimonials


Featured Articles
G.W. RahenyG.W. Raheny
I dealt with Seamus Maguire & Co. on the sudden death of my brother, who died intestate. Shona Madden dealt with his estate. There were a number of complexities and she dealt with me both efficiently and sensitively. The reception staff were also most efficient, they were courteous and friendly at every interaction. I would have no hesitation in recommending this firm.

G.W. Raheny

Graham & Pamela Dublin 15Graham & Pamela Dublin 15
I was referred by a previous client who found Seamus Maguire Solicitors to be exceptional. The service provided exceeded my expectation. All dealings with the practice were professional and also very personal and efficient. In summary, Seamus Maguire & Co Solicitors go above and beyond the call of duty in dealing with a client's situation

Graham & Pamela, Dublin 15

Sandra, Dublin 15Sandra, Dublin 15
We had used Seamus Maguire & Co in the past and the service level was very high and remains so on this occasion. A difficult situation was handled expertly and with great patience.

Sandra, Dublin 15

McDonaghs, Dublin 11McDonaghs, Dublin 11
The service provided was up to the standard of the service previously provided and we would definitely consider using Seamus Maguire & Co again and recommend them for friends, colleagues or family members.

McDonaghs, Dublin 11

Tom, Castleknock, Dublin 15Tom, Castleknock, Dublin 15
Reliable, efficient & pleasant staff. Very good follow up on queries & phone calls. Good company to do business with.

Tom, Castleknock, Dublin 15

Sheila & Tom, Dublin 15Sheila & Tom, Dublin 15
A big thank you for the way that Seamus Maguire & Co have cared for our interests. We cannot find words big enough or powerful enough to express our feelings of gratitude toward all of you that handled our case.

Sheila & Tom, Dublin 15

Dave, SwordsDave, Swords
I would just like to express my thanks especially to Audrey and Susan for guiding me through the sale of my house. I found you extremely professional in all matters but more importantly, I felt that you had a genuine interest in helping me.

Dave, Swords Co.Dublin

Mr & Mrs Hennessy, Dublin 11Mr & Mrs Hennessy, Dublin 11
Seamus Maguire & Co represented both myself and my wife in relation to a case that was very sensitive in nature to both of us me. We found the staff, particularly Noel McDonald and his assistant Susan Caffrey very professional and very helpful in all our dealings with them. Thank you very much

Mr & Mrs Hennessy Dublin 11

Jillian, Co MeathJillian, Co Meath
I have been a client of Seamus Maguire & Co since I bought my first home over 15 years ago. Whether I have needed a quick phone call to set my mind at ease, a signature on a form or something more intricate, I have always felt very lucky to have my solicitor available at the other end of the line.

Jillian, Co Meath

Loading posts...