GDPR – Data Protection

If you’re company collect personal data on employees, clients, prospects, donors, patients or process third party data, then the new GDPR legislation applies to you, as it will place significant legal responsibility on your organisation. For the first time, fines of up to 4% of annual (global) turnover will apply to breaches of the Data Protection regulation.

General Data Protection Regulation (GDPR)

Is the first global data protection law, implemented by the EU, which will regulate all businesses, worldwide, who handle personal data of an EU citizen. The Irish Data Protection Commissioner will fully implement this EU legislation by May 25, 2018.

It is time to get your GDPR House in order

Your business may already have a Data Protection Policy in place, which is a positive start. However, with the new Data Protection laws coming into effect throughout Europe, it creates a whole new set of obligations for businesses. While building on pre-existing laws (the eight principles still exist) it has created new laws and requires business to be accountable and document this compliance.

GDPR compliance clock is ticking

Once the GDPR becomes law, the majority of its provisions will apply immediately in Ireland and the EU. This means that organisations cannot wait to rectify issues or implement changes after 25 May 2018. Businesses need to prepare now for the introduction of the new law. Our expert team can help and support your business to prepare for the GDPR.

The GDPR introduces a number of significant changes for managing data.
These include:

  • Increased obligations around consent
  • Greater transparency requirements for privacy notices
  • New security rules and breach reporting obligations
  • A revamped regime for enforcement, remedies and liability
  • The introduction of the principles of Privacy by Design and default

Start your GDPR Compliance Programme now

  1. Carry out a Data Audit and Gap Analysis to measure compliance
  2. Review and update  all data protection policies and codes of conduct to ensure they comply with the new principles.
  3. Reflect on what grounds for lawful processing do you currently rely on – consent, contract, legitimate interests
  4. Requirement to appoint an experienced Data Protection Officer
  5. Training of all relevant staff of the new data protection rules
  6. Privacy by design must be at the heart of all future projects and a privacy impact assessment will ensure this is in place

How we protect your business:

1. Data Protection Impact Assessments

2. Data Protection Policy (DPP)

3. Data Protection Training

4. Data Protection Officer (DPO)

Call us today, a member of our team is waiting to help. +353 1 804 4117

Our team are experts in Data Law, we can advise and assist you in all areas of GDPR and Data Protection law.

2 + 6 =

Ensure your business is legally complaint under the new GDPR laws. We can help you:


  • Carry out a Data Audit on your business
  • Prepare or Review your Data Protection Policies
  • Training to ensure you are GDPR ready
  • Sales & Marketing and the GDPR
Changes in GDPR

Changes in GDPR

This new regulation, the General Data Protection Regulation (GDPR), which came into force on 25th May 2018, acts to strengthen the core values of the 1995 Data Protection Directive with additional principles and rights. The two overarching principles of...



Now that the 25th of May ’18 has come and gone, don’t be fooled into thinking there is no need to comply with an employer’s responsibilities under GDPR, in relation to the personal data of their employees or that GDPR doesn’t apply to you. If you are an...



What employers must do to comply with new Data protection laws (GDPR) from 25th May ’18. With under a 100 days to go before the General Data Protection Regulation (GDPR) comes into force, many employers are still wondering what their requirements are under...



Any Data Controller that is subject to GDPR, will need to have in place an appropriate Data Processing Agreement with any third party that it shares data with, where that third party is a processor, as defined under GDPR. GDPR applies to both Controllers...