top of page

GDPR – One year on

Updated: Dec 12, 2022

It is just over a year now since the General Data Protection Regulation (GDPR) came into force.

It is just over a year now since the General Data Protection Regulation (GDPR) came into force. The GDPR has transformed how the data rights of citizens are protected. It has also led to a much greater awareness among citizens that they have a right to have their personal data protected and respected.

If the government, a company, your employer or indeed any organisation holds your personal data, they may only collect it for specified and legitimate purposes and they may not use it in a manner that is incompatible with those purposes. For example, if you buy a product online, the company you buy it from can only use your address for the delivery of that item. Under GDPR, your personal data is considered protected, meaning unless they have your permission, they cannot then go on to use your address for marketing purposes or sell your address to another company for marketing purposes.

Under the GDPR, the definition of personal data is extremely broad. It includes not just your name but any information by which you can be identified or identifiable. Depending on the circumstances, this could include your date of birth, PPS number and phone number. It could also include your physical characteristics, information about your salary or private data such as your health information, religion or sexual orientation.

In the year since the GDPR was introduced, over 5,800 personal data protection breaches have been notified by companies and organisations to the Data Protection Commissioner. A personal data protection breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your personal data.

Under the GDPR, if you have suffered a personal data breach, you have a right to go to court to seek a remedy for the infringement of your GDPR rights. If you have suffered damage as a result of the infringement of your GDPR rights, you have the right to receive compensation from the party that caused the data breach. You can recover compensation for any direct financial loss you may have incurred because of the breach of your personal data. You can also recover compensation for non-financial losses, such as for the distress caused by having your personal information breached and for the loss of control of your personal data.

If you believe that you have been the victim of a data breach, or if you have been informed by a company you deal with or your employer that a breach has occurred, it is important that you take legal advice so that you can be informed of your options and the remedies open to you, including the possibility of court proceedings leading to compensation. In this regard please contact My Case law Firm, Brehon House , 2 The Rise,Blanchardstown, Dublin 15 , Tel no 018201701, Email:

7 views0 comments


bottom of page