Data Protection

This is a rapidly evolving area and one of increasing importance for all businesses, organisations and government entities that collect, transfer or process personally identifiable information.

Meet the team
Practice Privacy and Data Security v2 resized

We provide practical advice to assist our client on matters such as:

  • General compliance with data protection law.
  • Development and implementation of relevant policies, procedures, and guidance documents.
  • advising in relation to the processing of all categories of personal data including sensitive or special category data.
  • Review and introduction of new data processing activities and technologies together with the undertaking of risk, data protection impact (DPIA) and legitimate interest assessments (LIA).
  • Preparation and review of agreements relating to the collection, processing, sharing, transfer (including international transfers), and disclosure of information and personal data.
  • Sharing of personal data between public authorities.

Data Subject Rights

We assist clients in relation to the exercise of Data Subject Rights including rights of access (DSAR) to personal data. Be it a DSAR, a request for erasure or a complaint or claim, RDJ has the expertise, technology and experience to support our clients in the:-

  • The end-to-end management of the exercise of data subject rights
  • The identification of the potential custodians and records
  • The refinement of data categories
  • The secure collection of relevant records (where necessary)
  • Redaction or pixilation and processing or CCTV
  • The engaging of third-party e-discovery software platforms and professional service providers to support the automated and separate legal review of data records
  • advising in relation to the right and obligation to restrict access and the undertaking of redactions as necessary
  • the processing of records for release to the data subject

Complaints and Statutory examinations/investigation

We regularly advise in relation to the complaints made by data subjects internally to organisations and to the Data Protection Commission (“DPC”). In addition, we advise clients in relation to all aspects of examinations and statutory inquiries launched by the DPC.

Personal Data breach claims/proceedings

The GDPR introduced a right for data subjects to seek a judicial remedy against a data controller who has breached the data subject’s rights. A judicial remedy includes an injunction and claims for material (financial loss) or non-material (emotional suffering) damage. Our data protection team regularly advise in the defence of such proceedings/claims.

Key Contacts