Data Protection Commission Annual Report for 2021

Wed Mar 2 2022

The Data Protection Commission published its Annual report for 2021 on the 24th of February.

  • The DPC received 10,888 queries and complaints from individuals in 2021 (an increase of 7% on 2020 figures) of which 8,017 had been concluded to by year end;
  • The DPC received 3,419 complaints last year and concluded 3,564 complaints, including 1,884 complaints received prior to 2021;
  • In total 10,645 cases – 7,081 queries and 3,564 complaints – were concluded by the DPC in 2021;
  • Of the 7,499 queries that were sent to the DPC in 2021, 6,255 had been dealt with by year-end
  • Just under 52% (1,771) of complaints lodged with the DPC in 2021 were concluded within the same calendar year;
  • The DPC concluded 170% more access complaints than it received – reversing a trend that had been in place since the GDPR came into application in 2018.

In 2021, the most frequent GDPR topics for queries and complaints continued to be: Access Requests; Fair-processing; Disclosure; Direct Marketing and Right to be Forgotten (delisting and/or removal requests).


It is noted that a disproportionately large chunk of breach notifications (2,707) originates in public sector organisations in Ireland. The ten organisations with the highest number of breach notifications recorded against them are public sector bodies and banks, with insurance and telecom companies falling among the top twenty.

Insurance Sector

During 2021 the DPC provided detailed observations on Insurance Ireland’s draft “Guidance on Data Protection Requirement for Insurers When Handling Personal Data”. The guidance is intended to replace the outdated 2013 industry Code of Practice, providing a GDPR compliant document to guide the insurance sector’s processing of personal data

We use cookies in order to give you the best possible experience on our site, for more information, please see our cookie policy.
Cookie Policy