As a state agency, the Charities Regulator is bound by the Freedom of Information Act 2014 and the Data Protection Acts 1998 & 2003.


Freedom of Information

The Freedom of Information Act 2014 (the Act) provides the following statutory rights:

These rights mean that from 21 April 1998, people can seek access to personal information held about them, no matter when the information was created, and to other records containing non-personal information created after 21 April 1998.

Section 8 of the Act requires the Charities Regulator to prepare and publish a scheme concerning the publication of information by our organisation.  Our scheme has been prepared in accordance with the guidelines provided by the Department of Public Expenditure and Reform.

For access to information under the Freedom of Information Act, please e-mail


Data Protection

What is Data Protection?

Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data.

Data Protection Acts of 1988 and 2003 and the General Data Protection Regulation (GDPR)

The Data Protection Acts of 1988 and 2003 and the General Data Protection Regulation (GDPR) are designed to protect the privacy of the individual as regards the collection, processing, keeping, use and disclosure of personal data. They give rights to the individual relating to personal data, and impose obligations on data controllers.

Under the Acts, as a data controller, the Charities Regulator has the following obligations:

The Charities Regulator owes a duty of care to the data subjects concerned.  It must take the utmost care not to cause harm or distress to any member of the public by, for example, maintaining inaccurate information on file or disclosing personal data.

The Charities Regulator takes its statutory obligations extremely seriously, and expects its staff to act in strict accordance with its obligations.  Any breach of trust with regard to the confidentiality of information is treated as serious misconduct and may result in disciplinary action up to and including dismissal in accordance with the terms of the Disciplinary Code.

Among other rights, the Data Protection Acts of 1988 and 2003 and the General Data Protection Regulation (GDPR) confer the following:

Meiread Ashe - Data Protection Officer
Charities Regulator
3 George’s Dock
Dublin 1
D01 X5X0

The Data Protection Commissioner’s website offers a comprehensive outline and explanation of the rights and responsibilities extended under the Data Protection Acts ( Information is also available from:

Data Protection Commissioner’s Office

Canal House

Station Road


Co. Laois


You can contact the Data Protection Commissioner’s Office by email ( or by phone at 1890 252 231.