The Irish Data Protection Commission is the national authority responsible for the
enforcement of the law on ePrivacy, that is to say the EU ePrivacy Directive (2002/58/EC
as amended by 2009/136/EC), and the Irish ePrivacy Regulations, implemented by
Statutory Instrument (S.I.) No. 336 of 2011. This legislation is separate to, but
complements, the General Data Protection Regulation. Organisations must comply with
both laws, but the rules under the ePrivacy legislation apply first when you are
considering your organisation’s use of cookies and other tracking technologies.
Regulation 5 of the ePrivacy Regulations is the relevant legislation regulating the use of

In April 2020, the DPC published new guidance on the use of cookies and tracking technologies on websites. read it here:



You can also read the DPC’s Report on on the use of cookies and other tracking technologies
( August – December 2019) here:



Learn more on what happens to your data here:

Return to top