Data Protection in Revenue

The Data Protection Acts 1988 and 2003 confer rights on individuals in regard to the privacy of their personal data as well as responsibilities on those persons holding and processing such data.

Revenue is subject to both of these Acts. The Data Protection Acts set out the rights of individuals and also the responsibilities of those, including Revenue, who hold the data. Revenue holds data on all taxpayers. This data can be either personal data or non-personal data. Personal data for Data Protection purposes refers to data of a living individual. This data can be held on computers or in manual files. The person in Revenue with responsibility for meeting our obligations under the Acts is called the Data Controller.

Revenue treats all personal information received as confidential and will use it only for the purposes that it is intended. However, Revenue may share information with other Government Departments/Agencies when permitted by a specific legislative provision. For details of Revenue’s registration with the Data Protection Commissioner please see the website of the Office of the Data Protection Commissioner (Ref: 0720/A).

A pdfProtection of Personal Data Code (PDF, 970KB) of practice was drawn up by Revenue and approved by the Data Protection Commissioner during 2012. In January 2013 it was circulated to all staff and first published on this website. This Code represents best practice of protecting taxpayer information held by Revenue.

The Data Protection Commissioner's Website offers an explanation of the rights and responsibilities under the Data Protection Acts ( link and information is also available from the Data Protection Commissioner's Office at:
Canal House
Station Road
Co. Laois.

You can contact the Data Protection Commissioner's Office by email ( by phone
Lo Call 1890 25 22 31.

Back to Top

Print this page