Subject Access Request Template for Ireland

Create a bespoke document in minutes, or upload and review your own.

4.6 / 5
4.8 / 5

Let's create your document

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get your first 2 documents free

Your data doesn't train Genie's AI

You keep IP ownership of your information

Key Requirements PROMPT example:

Subject Access Request

I need a subject access request template to request personal data held by a company, ensuring it includes sections for identifying information, specific data requested, preferred format for receiving the data, and a deadline for response in compliance with GDPR regulations.

What is a Subject Access Request?

A Subject Access Request is your legal right to ask any organization about the personal data they hold about you. Under Irish data protection law, you can request copies of this information and learn how it's being used. This right comes from both the GDPR and the Irish Data Protection Act 2018.

Organizations must respond within one month of receiving your request, though they can extend this by two months for complex cases. You can make these requests verbally or in writing, and companies can only charge a fee in rare cases where requests are excessive. The request lets you see everything from basic contact details to any opinions or decisions made about you.

When should you use a Subject Access Request?

Use a Subject Access Request when you need to understand exactly what personal information an Irish organization holds about you. Common situations include checking your medical records before changing healthcare providers, reviewing your employment file before a workplace dispute, or investigating why you've been denied credit or insurance.

It's particularly valuable when dealing with data accuracy concerns, preparing for legal action, or investigating suspected discrimination. Many people submit these requests to banks, employers, or social media companies to gain clarity on automated decisions affecting them. The request gives you concrete evidence of how your data is being processed and shared.

What are the different types of Subject Access Request?

  • Subject Access Request Settlement Agreement: Used when requesting personal data as part of a legal settlement process, typically involving employment disputes or compensation claims. This variation includes specific terms about data handling during settlement negotiations.
  • General Subject Access Request: A standard format requesting all personal data an organization holds, commonly used for regular data audits or general information gathering.
  • Detailed Subject Access Request: Includes specific categories of data and date ranges, often used when investigating particular incidents or decisions.
  • Emergency Subject Access Request: Used in urgent situations requiring faster response times, such as medical emergencies or time-sensitive legal proceedings.

Who should typically use a Subject Access Request?

  • Data Subjects: Any individual in Ireland can submit a Subject Access Request to see their personal data. This includes employees, customers, patients, and citizens.
  • Data Controllers: Organizations that hold personal data must respond to these requests, including companies, government agencies, healthcare providers, and schools.
  • Data Protection Officers: Responsible for managing and coordinating responses to Subject Access Requests within their organizations.
  • Legal Representatives: Often help draft requests or responses, especially in complex cases involving multiple data sources or legal disputes.
  • The Data Protection Commission: Ireland's supervisory authority that enforces compliance and handles complaints about request handling.

How do you write a Subject Access Request?

  • Identity Verification: Gather official ID like your passport or driving licence to prove who you are.
  • Organization Details: Identify the correct legal entity and their Data Protection Officer's contact information.
  • Data Specifics: List exactly what personal information you're seeking and any relevant time periods.
  • Previous Contact: Note any reference numbers or previous interactions with the organization.
  • Format Preference: Specify how you want to receive the information (email, post, or digital copy).
  • Document Generation: Use our platform to create a legally-compliant request that includes all required elements under Irish law.

What should be included in a Subject Access Request?

  • Personal Details: Your full name, address, and any account numbers or identifiers used by the organization.
  • Request Scope: Clear statement specifying which personal data you're requesting access to.
  • Time Period: The specific timeframe for which you want information.
  • Identity Confirmation: Declaration confirming you are the data subject, with proof of identity reference.
  • Response Format: Your preferred method of receiving the information.
  • Legal Basis: Reference to Article 15 GDPR and the Data Protection Act 2018.
  • Response Timeline: Mention of the statutory one-month response period.

What's the difference between a Subject Access Request and an Access Agreement?

A Subject Access Request differs significantly from an Access Agreement in both purpose and legal framework. While both deal with access rights, they serve distinct functions under Irish law.

  • Legal Basis: Subject Access Requests are a fundamental data protection right under GDPR, while Access Agreements are contractual arrangements governing physical or digital resource access.
  • Purpose: Subject Access Requests focus exclusively on obtaining personal data an organization holds about you, whereas Access Agreements establish terms for ongoing access to facilities, systems, or services.
  • Time Frame: Subject Access Requests require response within one month and are typically one-time requests. Access Agreements usually establish longer-term, continuous arrangements.
  • Negotiation Scope: Subject Access Requests are non-negotiable statutory rights, while Access Agreements can be negotiated between parties to suit specific needs.

Get our Ireland-compliant Subject Access Request:

Access for Free Now
*No sign-up required
4.6 / 5
4.8 / 5

Find the exact document you need

Subject Access Request Settlement Agreement

An Irish law agreement resolving disputes related to GDPR Subject Access Requests, documenting settlement terms between data controllers and data subjects.

find out more

Download our whitepaper on the future of AI in Legal

By providing your email address you are consenting to our Privacy Notice.
Thank you for downloading our whitepaper. This should arrive in your inbox shortly. In the meantime, why not jump straight to a section that interests you here: https://www.genieai.co/our-research
Oops! Something went wrong while submitting the form.

Genie’s Security Promise

Genie is the safest place to draft. Here’s how we prioritise your privacy and security.

Your documents are private:

We do not train on your data; Genie’s AI improves independently

All data stored on Genie is private to your organisation

Your documents are protected:

Your documents are protected by ultra-secure 256-bit encryption

Our bank-grade security infrastructure undergoes regular external audits

We are ISO27001 certified, so your data is secure

Organizational security

You retain IP ownership of your documents

You have full control over your data and who gets to see it

Innovation in privacy:

Genie partnered with the Computational Privacy Department at Imperial College London

Together, we ran a £1 million research project on privacy and anonymity in legal contracts

Want to know more?

Visit our Trust Centre for more details and real-time security updates.