How can we help?

Search

Legal

    General Data Protection Regulation (GDPR)

     

    Please review Enterprise Ireland’s Personal Data Protection Notice   and its Cookie Policy       

     

    General Data Protection Regulation (GDPR)

    The General Data Protection Regulation (GDPR) is designed to give individuals more control over their personal data. Enterprise Ireland became subject to the GDPR on the 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive.

     

    Individual Rights under General Data Protection Regulation

     

    Under the GDPR, individuals have the following rights:

     

    • The right to be informed;
    • The right of access;
    • The right to rectification;
    • The right to erasure;
    • The right to restrict processing;
    • The right to data portability;
    • The right to object;
    • Rights in relation to automated decision making and profiling

     

    Click here for a link to the Data Protection Commission’s publication “Rights of Individuals under the GDPR”.

     

    Definition of Personal Data

     

    The term “personal data” means any information relating to a living person who is identified or identifiable (such a person is referred to as a “data subject”).

     

    A person is identifiable if they can be identified directly or indirectly using an “identifier”. The GDPR gives examples of identifiers, including names, identification numbers, photographs and location data. A person may also be identifiable by reference to factors which are specific to their identity, such as physical, genetic or cultural factors.

     

    How to submit a subject access request to Enterprise Ireland under the General Data Protection Regulation

     

    You can submit a subject access request in writing by post or by email to:

     

    Shirley Murray
    Data Protection Officer
    Data Protection and Freedom of Information Office
    Enterprise Ireland
    The Plaza
    Eastpoint Business Park
    Dublin 3
    D03 E5R6

    gdpronline@enterprise-ireland.com

     

    Your request should include the following:

     

    • A statement that the request is being made under the General Data Protection Regulation
    • As much information as possible about the subject matter of the access request
    • In what format you wish to receive any records released (e.g. photocopies or electronically).

     

    Proof of ID is required to process subject access requests, e.g. driver’s license or passport.  Please note depending of the nature of the request additional ID maybe required. Enterprise Ireland’s Data Protection Officer will discuss this requirement for additional ID if required prior to the request being processed.

     

    Response time to a subject access request

     

    Your subject access request will be acknowledged within five working days. A response to your request will be given no later than a month of receipt of the request. The one month period may be extended by two further months, where necessary, taking into account the complexity and number of requests. In this case, Enterprise Ireland shall inform you of any extension within one month of receipt of the request and the reasons for the delay.

     

    If Enterprise Ireland does not take action on foot of your request, Enterprise Ireland must inform you without delay and, at the latest, within one month of receipt of your request, of:

     

    • The reasons for not taking action;
    • Your right to lodge a complaint with a supervisory authority and seek a judicial remedy.

     

    Cost of submitting a subject access request

     

    Your request will be dealt with free of charge. However, where requests from a data subject are considered ‘manifestly unfounded or excessive’ (for example where an individual continues to make unnecessary repeat requests or the problems associated with identifying one individual from a collection of data are too great) Enterprise Ireland may:

     

    1. Charge a reasonable fee, taking into account the administrative costs of providing the information/ taking the action requested; or
    2. Refuse to act on your request.

     

    Where Enterprise Ireland refuses to respond to an access request or to charge a fee on this basis, Enterprise Ireland shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.

     

    Contact details for Enterprise Ireland’s Data Protection Office

     

    Shirley Murray
    Data Protection Officer
    Data Protection and Freedom of Information Office
    Enterprise Ireland
    The Plaza
    Eastpoint Business Park
    Dublin 3
    D03 E5R6

    gdpronline@enterprise-ireland.com

     

    Last Updated: 9th of November, 2023

© 2024 Enterprise Ireland All rights reserved
VAT No: IE9590828H