The EU General Data Protection Regulation entered into effect on 25 May 2018. The purpose for which the International Protection Office uses personal data provided to it by applicants, and the rights of applicants with regard to that data, are explained in the IPO Privacy Statement (IPO (PP) 52 Rev 2) which can be viewed here.
The International Protection Office, Immigration Service Delivery (ISD, Department of Justice is committed to protecting the rights and privacy of all individuals in accordance with the EU General Data Protection Regulation, 2016/679 (GDPR) as given further effect in Part 3 of the Data Protection Act 2018.
Under the General Data Protection Regulation (GDPR), personal data is defined as
“any information relating to an identified or identifiable natural person (data subject)”.
This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number (e.g. PPSN), location data or online identifier and covers all electronic, manual and image data which may be held on computer or on manual files.
The GDPR requires that personal data is:
- Processed in a way that is lawful, fair and transparent
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- Adequate, relevant and is limited to what is necessary
- Accurate and kept up to date
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; and
- Processed in a manner that ensures appropriate security of the data.
The Department’s Data Protection Policy sets out how DJE secures and manages personal data in accordance with the six GDPR principles noted above. Department of Justice Data Protection Policy.
The Data Protection Officer for the Department of Justice is Ms Tara Storey.
Any data protection queries relating to personal data held by the International Protection Office should be directed to the Department’s Data Protection Support and Compliance Office (DPSCO). The DSPCO can be contacted by phone on 01-6028601 or by e-mail to firstname.lastname@example.org
Accessing Your Personal Data - Subject Access Request
Among the rights conferred by the GDPR on ‘data subjects’ is the right to obtain a copy of their personal data which is being processed by the International Protection Office, Irish Naturalisation and Immigration Service, Department of Justice. In order for the Department to identify and locate the personal data sought, you should complete and return our Subject Access Request Form (SAR) ensuring that you provide, in so far as is possible, details of your interaction with our various Offices and Divisions, as well as any specific identifiers (e.g. any previous addresses, date of birth, reference number from previous contact with the Department etc.). In addition, as we need to verify the identity of anyone making a Subject Access Request, you will need to provide us with specific forms of identification (details contained in the SAR form). Your Subject Access Request will be responded to within one month of the date of receipt or, where difficulty arises in the verification of your identity, within one month of identity verification.
To make a Subject Access Request please complete this form Department of Justice Subject Access Request Form (MSWord) and return it by email to email@example.com or alternatively by post to:
Data Protection Support & Compliance Office
Department of Justice
51 St Stephen’s Green