Data Protection

This is a rapidly evolving area and one of increasing importance for all businesses, organisations and government entities that collect, transfer or process personally identifiable information.

Meet the team
Practice Privacy and Data Security v2 resized

We provide practical advice to assist our client on matters such as:

  • General compliance with data protection law.
  • Development and implementation of relevant policies, procedures, and guidance documents.
  • Advising in relation to the processing of all categories of personal data including sensitive or special category data.
  • Review and introduction of new data processing activities and technologies together with the undertaking of risk, data protection impact (DPIA) and legitimate interest assessments (LIA).
  • Preparation and review of agreements relating to the collection, processing, sharing, transfer (including international transfers), and disclosure of information and personal data.
  • Sharing of personal data between public authorities.

Data Subject Rights

We assist clients in relation to the exercise of Data Subject Rights including rights of access (Data Subject Access Requests (DSAR)) to personal data. Be it a DSAR, a request for erasure or a complaint or claim, RDJ has the expertise and experience to support our clients in the:

  • End-to-end management of the exercise of data subject rights
  • Identification of the potential custodians and records
  • Refinement of data categories
  • Secure collection of relevant records (where necessary)
  • Redaction or pixilation and processing or CCTV
  • Advising in relation to the right and obligation to restrict access and the undertaking of redactions as necessary
  • Processing of records for release to the data subject

To provide efficient and thorough results to Data Subject Access Requests (DSAR), we deploy an AI-powered eDiscovery tool to cull irrelevant data in minutes, drastically reducing the number of documents to be reviewed and ultimately speeding up service delivery.

Using AI, we can:

  • Categorise documents by type
  • Manage datasets from an interactive dashboard
  • Bulk sort documents
  • Erase duplicates
  • Collate and view emails by conversation thread
  • Filter emails based on sender and recipients
  • Find conceptually similar documents
  • Collaborate with colleagues on tasks
  • Redact individually or in bulk
  • Export results in custom report formats

Complaints and Statutory examinations/investigation

We regularly advise in relation to the complaints made by data subjects internally to organisations and to the Data Protection Commission (“DPC”). In addition, we advise clients in relation to all aspects of examinations and statutory inquiries launched by the DPC.

Personal Data breach claims/proceedings

The GDPR introduced a right for data subjects to seek a judicial remedy against a data controller who has breached the data subject’s rights. A judicial remedy includes an injunction and claims for material (financial loss) or non-material (emotional suffering) damage. Our data protection team regularly advise in the defence of such proceedings/claims.

Cyber-Security

Information and security breach can often be high profile, damage confidence and severely impact your business. RDJ offers a 24/7 Incident Response Service and have broad experience advising clients in the end-to-end investigation, management and recovery from security incidents. To learn more about our Cyber-Security Incident Response team visit here.

Key Contacts