Not a Member?
Join Today

  • Special content & Events
  • Access to Forums
  • Networking
  • On and Offline Support

General Data Protection Regulation (GDPR)

Cookies and Tracking Technologies

Guidelines and webinar for Cookies and Tracking Technologies... .. Read more


SFA 8 step guide to managing data access requests

If you have received a data access request and are unsure of what to do or what your obligations are since GDPR came into force, then download our 8 step guideline to managing data access requests Not a member of SFA - join today and access the guide and much more when you join SFA .. Read more


Brexit and data transfers

Playback an Ibec webinar with the Data Protection Commission (DPC) on the impact of a no-deal Brexit on data protection compliance on Monday 25 February 2019... .. Read more


Sample CCTV Data Protection Policy

The SFA recently revised its sample CCTV Data Protection policy in line with GDPR. Members can download the sample policy and modify it according to their own business needs. .. Read more


GDPR and recruitment

One of the key areas that GDPR has an impact on is the processing of personal data in relation to recruitment of employees. We have prepared this information sheet to help businesses understand their GDPR obligations in relation to the recruitment process. .. Read more


GDPR webinar and record keeping checklist

Certain pieces of employment legislation require that records containing certain types of personal data are kept for specified periods of time which is detailed in our handy record keeping checklist. These retention periods under the various pieces of employment legislation will enable you to set retention periods for holding personal data in line with GDPR. .. Read more


Our 12 Point Action Plan

On 21 March 2018, SFA Executive, Helen Quinn, delivered a seminar on GDPR in action. The slides are available here, containing the latest practical guidance for companies preparing to be compliant with the General Data Protection Regulation. .. Read more


SFA Guideline on Data Protection

The Data Protection Acts, 1988 and 2003 regulate the collection, processing, storage and disclosure of personal information that is processed either electronically or manually. The 2003 Act gave effect to the EU Directive (Directive 95/46/EC) on the Protection of Individuals with regard to the processing of personal data and on the free movement of such data. This guideline outlines the legal position regarding data protection from 1st July 2003. It summarises the provisions of the Data Protection Acts, 1988 and 2003. As the amount .. Read more


SFA Guide: Mind your business'

With this publication the SFA, as a membership organisation and a service provider, is responding to the needs of the small business sector in Ireland. This publication gives practical guidance on how your business can get GDPR-ready. With the help of three case studies, we provide you with a step-by-step guide to GDPR that uses only the minimum amount of jargon, is practical, shows opportunities as well as challenges and hopefully takes the fear element out of this new legislation. .. Read more


GDPR readiness toolkit for SMEs

The Data Protection Commissioner have just released a GDPR readiness toolkit for the SME sector. The Small Firms Association (SFA) worked closely with the Data Protection Commissioner to create this toolkit which will enable your business to conduct a GDPR audit. .. Read more


Vetting, Background Checks and Data Protection

Increasingly employers are looking to implement background and credit checks for potential employees. This is standard hiring practice in countries such as the United States and Britain. Ireland, however, does not have regulations in place that allow most employers to carry out such checks. This presents difficulties for organisations who want access to information demonstrating that employees do not have relevant criminal convictions that may deem them unsuitable for a particular role. The only route available to employers who do not fall into a special category for Garda vetting that is fully compliant with data protection regulation is a self-disclosure form for criminal history. Additionally, there is no process by .. Read more



Close