icon-grid
Better Regulation logo
Table of Contents

Table of Contents

Expand all headings Collapse all headings Expand side bar Collapse side bar
Data Protection Act, 1988 (No. 25)Introductory TextActs Referred toPreliminary (s. 1)1. Interpretation and application of Act.Protection of Privacy of Individuals with regard to Personal Data (ss. 2-8)2. Collection, processing, keeping, use and disclosure of personal data.2A. Processing of personal data.2B. Processing of sensitive personal data.2C. Security measures for personal data.2D. Fair processing of personal data.3. Right to establish existence of personal data.4. Right of access.5. Restriction of right of access.6. Right of rectification or erasure.6A. Right of data subject to object to processing likely to cause damage or distress.6B. Rights in relation to automated decision taking.7. Duty of care owed by data controllers and data processors.8. Disclosure of personal data in certain cases.The Data Protection Commissioner (ss. 9-15)9. The Commissioner.10. Enforcement of data protection.11. Restriction on transfer of personal data outside State.12. Power to require information.12A. Prior checking of processing by Commissioner.13. Codes of practice.14. Annual report.15. Mutual assistance between parties to Convention.Registration (ss. 16-20)16. The register.17. Applications for registration.18. Duration and continuance of registration.19. Effect of registration.20. Regulations for registration.Miscellaneous (ss. 21-35)21. Unauthorised disclosure by data processor.22. Disclosure of personal data obtained without authority.22A. Journalism, literature and art.23. Provisions in relation to certain non-residents and to data kept or processed outside State.24. Powers of authorised officers.25. Service of notices.26. Appeals to Circuit Court.27. Evidence in proceedings.28. Hearing of proceedings.29. Offences by directors, etc., of bodies corporate.30. Prosecution of summary offences by Commissioner.31. Penalties.32. Laying of regulations before Houses of Oireachtas.33. Fees.34. Expenses of Minister.35. Short title and commencement.First Schedule - Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data done at Strasbourg on the 28th day of January, 1981Second Schedule - The Data Protection CommissionerThird Schedule - Public Authorities and Other Bodies and Persons
Page Overview
Document Overview
Tools
Set a date to view the document
Text comparison options
Full text - Date 1 vs Date 2
Amendments requiring commencement - Current text vs Text requiring commencement
Draft proposed changes - Current text vs Text proposed by drafting documents
Coming soon: Any documents - Any document vs Another document at any date
Print / Export options
Current page
Whole document
Selected pages
Consolidated PDF of the entire document as of 22nd December 2024
Export
Export line by line
Export provision to provision
Report template
Create report template
Alert me to changes
Manage alerts
Bookmarks
This page
This document
Manage bookmarks
Search within this document
View previous searches
Share
Get page link
Share via email application
PreviousNext
Version status: In force | Document consolidation status: Updated to reflect all known changes
Version date: 19 April 1989 - onwards
Version 2 of 2

First Schedule - Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data done at Strasbourg on the 28th day of January, 1981

From 25 May 2018, this Act ceased to apply to the processing of personal data (within the meaning of this Act) other than the processing of such data for the purposes of safeguarding the security of the State, the defence of the State or the international relations of the State, or the processing of such data under the Criminal Justice (Forensic Evidence and DNA Database System) Act 2014 or the Vehicle Registration Data (Automated Searching and Exchange) Act 2018 to the extent that this Act is applied in those Acts but is still applicable to complaints made under s. 10 and contraventions of this Act that occurred before 25 May 2018, see s. 8 of the Data Protection Act 2018 (No. 7).

Section 1 (1).

Preamble

The member States of the Council of Europe, signatory hereto,

Considering that the aim of the Council of Europe is to achieve greater unity between its members, based in particular on respect for the rule of law, as well as human rights and fundamental freedoms;

Considering that it is desirable to extend the safeguards for everyone's rights and fundamental freedoms, and in particular the right to the respect for privacy, taking account of the increasing flow across frontiers of personal data undergoing automatic processing;

Reaffirming at the same time their commitment to freedom of information regardless of frontiers;

Recognising that it is necessary to reconcile the fundamental values of the respect for privacy and the free flow of information between peoples,

Have agreed as follows:

Chapter I General Provisions

Article 1 Object and purpose

PreviousNext