Data protection policy in Revenue

Overview

Revenue is committed to fulfilling its obligations imposed by Council Regulation (EU) 2016/679. This is known as the General Data Protection Regulation (GDPR).

Information is at the centre of Revenue's Core business. 

We will only collect personal data about you for these purposes.

We will only use any information you provide in the course of your business with us for these purposes.

We will not share your personal data with third parties (such as government departments or agencies) unless permitted by legislation.

We will process your personal data in accordance with:

• the GDPR 
• Section 851B of the Taxes Consolidation Act 1997
• the Data Protection Act 2018
• and
• the Protected Disclosures (Amendment) Act 2022.

Under Articles 13 and 14 of the GDPR, we will inform you of:

• the purposes of the processing
• the legal basis for that processing
• the categories of personal data held
• the recipient or categories of recipients of your personal data
• the period for which your personal data will be stored
• whether your personal data is or intends to be transferred to a third country or international organisation.

Full details are outlined in Personal data processed by Revenue and in our Record retention policy and schedule.  

We are obliged to keep your data safe. This is in accordance with various legal and administrative provisions.  These provisions include: 

• the Official Secrets Act 1963
• Section 851A of the Taxes Consolidation Act 1997 (Confidentiality of Taxpayer Information)
• Civil Service Code of Standards and Behaviour.

Next: Data Protection Officer in Revenue