You are here:

Data protection

What is data protection?

Data protection is the safeguarding of the privacy rights of individuals in relation to the processing of their personal data. People supply information about themselves to government bodies, banks, insurance companies, medical professionals and many others in order to avail of services or satisfy obligations. For the purpose of data protection, organisations or individuals who control the contents and use of personal data are known as data controllers (e.g. Clare County Council). The Data Protection Acts 1988 and 2003 confer rights on individuals as well as responsibilities on those persons processing personal data. These rights apply where the information is held:

  • On computer
  • In a manual form, as part of a filing system that facilitates ready access to a specific individual’s information

Our responsibilities as a data controller

In performing its functions, the council is required to process significant amounts of personal data within the remit of the Data Protection Acts 1988 and 2003. We respect the privacy of those whose personal data we process and are aware of our obligations under the data protection acts. Personal data is defined as data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller.

Clare County Council is registered as a data controller with the Office of the Data Protection Commissioner (registration number 0476/A). Particulars of our registration are available online at

The council has developed a code of practice to disclose in a transparent way how we obtains and processes personal data so that all those who provide us with personal data will clearly understand our practices and procedures. This code also sets out our approach to dealing with data access requests under Section 3 & 4 of the Data Protection Acts.

Individuals who wish to obtain a copy of personal data in accordance with the Data Protection Acts 1988 and 2003 should apply in writing to the data protection officer of Clare County Council.

Every individual about whom a data controller keeps personal information has a number of other rights under the act, in addition to the right of access. These include the right to have any inaccurate information rectified or erased, to have personal data taken off a direct marketing or direct mailing list and the right to complain to the data protection commissioner.

Data protection breach

A data security breach can happen for a number of reasons which include:

  • Loss or theft of data or equipment on which data is stored
  • Unauthorised access and use of data
  • Equipment failure
  • Human error
  • Unforeseen circumstances e.g. fire or flood
  • Network being hacked into
  • Data accessed by the organisation being deceived

Data protection commissioner

The data protection commissioner has approved a "Personal Data Security Breach Code of Practice" to help organisations to react appropriately when they become aware of breaches of security involving customer or employee personal information. Clare County Council’s protocol for reporting personal data security breaches is based on that code of practice. The attention of all staff is drawn to this policy through publication on the Intranet.

The current data protection officer is Valerie Lyons. She can be contacted on (065) 6846405 or by email on

Back to top

Content Last Updated/Reviewed: 20/06/13