uplaw.ai
Woman on laptop reviewing data protection rights in Ireland

The Data Protection Commission Handles Privacy Complaints for Free in Ireland

GDPR gives you powerful rights over your personal data. This guide explains how to exercise them and how to complain to the DPC when organisations fail to respect them — no solicitor needed.

📄 DPC · GDPR · Data Protection Act✅ No solicitor needed⚡ Free DPC complaint

What rights do I have under GDPR in Ireland?

Under the General Data Protection Regulation (GDPR), which applies directly in Ireland, you have the right to access your personal data, the right to rectification of inaccurate data, the right to erasure (the right to be forgotten), the right to restrict processing, the right to data portability, and the right to object to processing including for direct marketing. You can exercise these rights against any organisation that holds your personal data.

How do I submit a Subject Access Request in Ireland?

You submit a Subject Access Request (SAR) in writing to the organisation holding your data — by email, post, or through any online form they provide. The request is free of charge. The organisation must respond within one month, though they can extend this by a further two months for complex or numerous requests. They must provide you with a copy of your personal data and information about how it is being used.

What can I do if an organisation refuses my Subject Access Request or GDPR rights request?

If an organisation refuses your request, fails to respond within the deadline, or provides an inadequate response, you can file a complaint with the Data Protection Commission (DPC). Before filing, you should send the organisation a reminder and document their failure to respond. Keep all correspondence as evidence for your DPC complaint.

How do I file a complaint with the Data Protection Commission in Ireland?

You file a complaint at dataprotection.ie using the online complaint form. The complaint is free. You must first raise the matter directly with the organisation concerned before the DPC will accept a complaint, unless the DPC decides to investigate of its own volition. The DPC will acknowledge your complaint, open an inquiry if appropriate, and issue a decision.

Woman checking data protection rights and GDPR complaint options in Ireland

How does the DPC handle a data protection complaint in Ireland?

Once the DPC accepts your complaint it will contact the organisation (the data controller) for their response. The DPC may attempt to facilitate an amicable resolution. If not resolved it proceeds to a formal inquiry. The DPC can issue binding decisions, impose fines, and order organisations to take remedial action. For major tech companies based in Ireland, the DPC is typically the lead supervisory authority for the EU.

What is the lead supervisory authority and how does it affect cross-border data complaints?

Under the GDPR one-stop-shop mechanism, if an organisation processes personal data across multiple EU member states, the supervisory authority in the country where it has its main EU establishment acts as the lead supervisory authority. Many large technology companies have their European headquarters in Ireland, meaning the Irish DPC handles complaints about those companies from across the EU.

What is the Data Protection Act 2018 and how does it relate to GDPR in Ireland?

The Data Protection Act 2018 is the Irish legislation that supplements and gives effect to the GDPR in Ireland. It sets out the role and powers of the DPC, implements derogations permitted under the GDPR (such as exemptions for journalism and research), and establishes the framework for enforcement in Ireland. The DPC is established and its powers are defined under this Act.

Person researching GDPR and DPC complaint process in Ireland

What are special categories of personal data and do they get extra protection in Ireland?

Special categories of personal data under GDPR include health data, racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, and data concerning sex life or sexual orientation. Processing of special category data is generally prohibited unless a specific legal basis applies. If your complaint involves special category data the DPC treats it with heightened scrutiny.

Does a DPC data protection complaint require notarized documents?

No. DPC complaint forms and supporting evidence such as copies of email exchanges, screenshots, and the organisation's response do not require notarization. You submit ordinary copies of documents. The DPC complaint process is designed to be accessible to individuals without legal assistance.

How does uplaw.ai help with a data protection complaint in Ireland?

Tell us in the chat what personal data is involved, which organisation holds it, what right you tried to exercise, and what the organisation did or failed to do. uplaw.ai will help you draft a Subject Access Request or rights request to the organisation, and if needed help you prepare a DPC complaint at dataprotection.ie.

Person reviewing special category data protection rules in Ireland

Free to start

Data protection problem in Ireland? Tell uplaw.ai what happened.

No account required. uplaw.ai helps you draft a Subject Access Request or prepare a complaint to the Data Protection Commission.

uplaw.ai is not a law firm and does not provide legal advice. AI can make mistakes — always verify important information before filing.

TermsPrivacySupport

© 2026 VAST BRANDS LLC

Free to start · No account required · uplaw.ai handles the forms