GDPR

GDPR

Please review Enterprise Ireland’s Personal Data Protection Notice and its Cookie Policy.

General Data Protection Regulation (GDPR)

The General Data Protection Regulation (GDPR) is designed to give individuals more control over their personal data. Enterprise Ireland became subject to the GDPR on the 25th May 2018, replacing the existing data protection framework under the EU Data Protection Directive.

Individual rights under the General Data Protection Regulation

Definition of Personal Data

How to submit a subject access request to Enterprise Ireland under the General Data Protection Regulation

Response time to a subject access request

Cost of submitting a subject access request

Contact details for Enterprise Ireland’s Data Protection Officer

Individual Rights under General Data Protection Regulation

Under the GDPR, individuals have the following rights:

  1. The right to be informed;
  2. The right of access;
  3. The right to rectification;
  4. The right to erasure;
  5. The right to restrict processing;
  6. The right to data portability;
  7. The right to object;
  8. Rights in relation to automated decision making and profiling

Click here for a link to the Data Protection Commission’s publication “Rights of Individuals under the GDPR”.

Definition of Personal Data

The term “personal data” means any information relating to a living person who is identified or identifiable (such a person is referred to as a “data subject”).

A person is identifiable if they can be identified directly or indirectly using an “identifier”. The GDPR gives examples of identifiers, including names, identification numbers, photographs and location data. A person may also be identifiable by reference to factors which are specific to their identity, such as physical, genetic or cultural factors.

How to submit a subject access request to Enterprise Ireland under the General Data Protection Regulation

You can submit a subject access request in writing by post or by email to:

Shirley Murray
Data Protection Officer
Data Protection and Freedom of Information Office
Enterprise Ireland
The Plaza
Eastpoint Business Park
Dublin
D03 E5R6

gdpronline@enterprise-ireland.com

Your request should include the following:

  • A statement that the request is being made under the General Data Protection Regulation
  • As much information as possible about the subject matter of the access request
  • In what format you wish to receive any records released (e.g. photocopies or electronically).

Proof of ID is required to process subject access requests, e.g. driver’s license or passport.  Please note depending of the nature of the request additional ID maybe required. Enterprise Ireland’s Data Protection Officer will discuss this requirement for additional ID if required prior to the request being processed.

Response time to a subject access request

Your subject access request will be acknowledged within five working days. A response to your request will be given no later than a month of receipt of the request. The one month period may be extended by two further months, where necessary, taking into account the complexity and number of requests. In this case, Enterprise Ireland shall inform you of any extension within one month of receipt of the request and the reasons for the delay.

If Enterprise Ireland does not take action on foot of your request, Enterprise Ireland must inform you without delay and, at the latest, within one month of receipt of your request, of:

  • The reasons for not taking action;
  • Your right to lodge a complaint with a supervisory authority and seek a judicial remedy.

 

Cost of submitting a subject access request

Your request will be dealt with free of charge. However, where requests from a data subject are considered ‘manifestly unfounded or excessive’ (for example where an individual continues to make unnecessary repeat requests or the problems associated with identifying one individual from a collection of data are too great) Enterprise Ireland may:

  1. Charge a reasonable fee, taking into account the administrative costs of providing the information/ taking the action requested; or
  2. Refuse to act on your request.

Where Enterprise Ireland refuses to respond to an access request or to charge a fee on this basis, Enterprise Ireland shall bear the burden of demonstrating the manifestly unfounded or excessive character of the request.

Contact details for Enterprise Ireland’s Data Protection Office

Shirley Murray
Data Protection Officer
Data Protection and Freedom of Information Office
Enterprise Ireland
The Plaza
Eastpoint Business Park
Dublin 3
D03 E5R6

gdpronline@enterprise-ireland.com

Sign up for updates from the network!

If you would like to hear from Enterprise Ireland Technology Gateway Network, please opt in here. We will use the email you provide on this form to send you updates from the network.

You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting info@technologygateway.ie. See our GDPR policy and MailChimp's privacy practices for more information.