GDPR Subject Access Requests

I have received a subject access request asking for “all” personal data from a current employee. How do I deal with this?

Under the Data Protection Act 2018, individuals can make a Subject Access Request (SAR) to their employer to access their personal data. Employers should have an accessible policy to deal with such requests.

Usually, the designated Data Protection Officer or Compliance Officer is the person that will respond to the request. Once you receive the SAR, you will have a month to respond. Normally SARs do not incur a cost, however, if the request is repetitive, excessive or manifestly unfounded the employer may request a reasonable fee.

The data subject should be informed:

  1. Whether or not their data is processed and the reasons for the processing of their data;
  2. The categories of personal data concerning them;
  3. Where their data has been collected from if it was not collected from them;
  4. Anyone who their personal data has been disclosed to or will be disclosed to, including anyone outside of the EEA and the safeguards utilised to ensure data security;
  5. How long their data is kept for (or how that period is decided);
  6. Their rights in relation to data rectification, erasure, restriction of and objection to processing;
  7. Their right to complain to the Office of the Data Protection Commissioner if they are of the opinion that their rights have been infringed;
  8. The reasoning behind any automated decisions taken about them.

An employer may refuse to deal with a request, or part of it, because of the types of information requested. For example, information that is subject to legal privilege or relates to management planning is not required to be disclosed.

Where this is the case, the data subject should be informed that their request cannot be complied with and an explanation of the reason will need to be provided.

If you have any questions in relation to subject access requests, please contact the advice line on 01 886 0350

Book a call with a consultant

Complete the form below and a consultant will call you as soon as possible.

Book a call with a consultant

Complete the form below and a consultant will call you as soon as possible.

Latest Resources

Employer’s guide to lay-off in Ireland

lay-off in Ireland
It’s common for businesses facing a downturn in trade to let employees go on a temporary basis. As an employer, you may also need to […]

Long-term sickness absence: When to conduct an informal welfare meeting

Everyone gets sick, so short-term sickness absence is something all employers will have to deal with from time to time and tends to cause minimal […]

Notice periods: an employer’s guide

Notice periods: an employer’s guide
Notice Period: Within a business, it’s constantly necessary to re-evaluate and adjust workforce planning. Whether this is due to employees looking for different career paths […]

Olga Shevchenko

Director/Advocate, Immigration Advice Bureau

Olga Shevchenko specialises in immigration advocacy and consultancy, in particular, employment permit, visas, family reunification, citizenship, etc, for those seeking to visit, reside or invest in Ireland.

Olga provides extensive information, knowledge, and support to her clients, enabling access to positive solutions for people struggling to handle the immigration law.

Minister Neale Richmond

Minister of State, Department of Enterprise, Trade and Employment

Neale Richmond TD was appointed as Minister of State at the Department of Enterprise, Trade and Employment with special responsibility for Employment Affairs and Retail Business and the Department of Social Protection in January 2023.

Much of his work at the Department of Enterprise, Trade and Employment is with businesses, workers, their representative bodies and the State Agencies to ensure that the economic recovery and growth extends to all parts of the country. He works closely with the SME sector, including retail, on building resilience and on the transition to the green and digital economies.

Mark Carpenter

Director of Regulatory & Corporate Affairs, Sky

Mark Carpenter is Director of Regulatory & Corporate Affairs at Sky Ireland. In this role he has responsibility for External and Internal Communications, Public Policy and Regulatory Affairs and the company’s ‘Bigger Picture’ (CSR) programme. He also works closely with Sky Group teams on a variety of matters, in particular our partnerships with domestic broadcasters.

Prior to working at Sky, Mark worked as a Policy Officer in Houses of the Oireachtas and as a Management Consultant at Accenture. He has a BA in History from Oxford University and a PhD in Political Science from Trinity College Dublin.

Nora Cashe

Litigation and Compliance Manager, Peninsula

Nóra studied Law in Griffith College Dublin and qualified as a Barrister in 2008, practising in the area of Criminal law. She is also member of the Irish Employment Law Association.

Nora has extensive experience representing clients at Employment Tribunal hearings, Conciliation / Mediation meetings before both the Workplace Relations Commission and the Labour Court. 

Nóra is a member of the Irish Employment Law Association and engages with the WRC Adjudication Service as part of their stakeholder engagement forum.

Deiric McCann

Managing Director, Genos International Europe

Deiric McCann leads Genos International Europe – The EU division of a world-leading provider of emotional intelligence solutions. 

With over two decades experience at the highest levels of management, Deiric supports clients to develop the resilience, emotional intelligence, psychological safety and engagements of their employees.

Rhiannon Coyne

Senior HR Consultant, Graphite HRM

Rhiannon Coyne is a Senior HR Consultant at Graphite HRM and will be providing an overview of best practice on how to deal with complaints of bullying and harassment in the workplace. 

With a number of recent updates to employment laws, Rhiannon will take a closer look at employment equality and how it is interlinked to Health & Safety and what employers can learn from recent case laws.

David Begg

Chairman, Workplace Relations Commission

David Begg was appointed Chairperson of the Workplace Relations Commission (WRC) in January 2021.

David is also a professor at Maynooth University Institute of Social Sciences. Mr Begg’s extensive history in the trade union movement included leading the ESB Officers Association and Irish Congress of Trade Unions, stepping away from the latter in 2001 to chair international aid agency Concern.

David Begg was also previously a director of the Central Bank of Ireland between 1995 and 2010.