Call us today:

01 23 777 33

or complete our Contact Form


ECDPO 2 - Subject Access Request

As Data Subjects, everyone has a right to request for a copy of all information an organisation retains about a data subject, provided the data exists. These are known as Subject Access Requests. The Irish Data Protection Acts 1988 and 2003 make this provision possible, with the EU General Data Protection Regulation (GDPR) extending the SAR’s scope. In the Data Protection Commissioner’s Annual Report, 54.3% of queries related to such requests.

Effectively managing these requests is a major challenge facing many organisations. They often become an administrative burden, leading to a loss in productivity or, in some cases, legal action.

This 1-day advanced course will teach you how to effectively deal with subject access requests under the new EU GDPR, how to respond to them, what your legal obligations are, and much more.

Who should attend

This course is aimed at any business or organisation who receive and process subject access requests regularly. Participants will be required to work through practical scenarios and case studies based on real life events.

The course is also aimed at individuals with data protection or privacy related responsibilities including Human Resources Managers, Heads of Compliance, Operations Managers, Project and Programme Managers, Data Protection Officers, Information Security Officers.

What you will learn

  • What constitutes a SAR under the new EU GDPR
  • Recognise and process a valid SAR
  • Identify the Rights of a Data Subject
  • Identify objections and exceptions when processing SARs
  • Dealing with Third Party information
  • Incorporate SARs into your operational ‘business as usual’ processes
  • Discuss ‘Right to be forgotten’ concept
  • Understand what ‘data portability’ is and how it applies to your organisation
  • Discuss the term ‘Profiling’ under the new Regulation
  • Managing SAR complaints
  • Enforced Subject Access under Irish DPA. What is it?
  • SAR complexities and best practices.


Your organisation will save time through efficient processing and response procedures and reduce risk of non-compliance with legislation or customer complaints. Pitfalls resulting from non-compliance can also be avoided.

By adopting best practices when dealing with SARs, you can implement sound internal operational processes to deal with the management of a wide variety of SARs types

Course content is highly accessible, with plenty of practical examples to supplement theory. Participants are actively engaged in the development of processes for managing SARs, which can easily be adopted by your organisation.

If you would like to complete all 3 Advanced Data Protection courses, you can purchase all three courses for a discounted price, please click here for more details.

If for any reason you need to cancel your place on the course, please ensure you are aware of our cancellation policy.

If you are not a member of this organisation and have not yet availed of our multi-society membership offer, you can still claim any available discount on this event.

Click below on the logo of the society of which you are member to sign in and avail of the discount.


Members – book your place at this event for the special price of just €750.00  €595

Membership means more than saving on events. You can also network with like-minded professionals, and gain recognition of your experience and expertise. Learn more about membership benefits.

Members' price:



CPD Points:



28th Feb (Tue)


Begins at 09:30 and ends at 17:00


  • Price:


Share this event!