Privacy Statement

Your privacy is important to us. In the Central Remedial Clinic (CRC), we respect your right to privacy, and we are committed to the principles of transparency, accountability and security of the Data Protection Act 2018 and the General Data Protection Regulation (GDPR).

Any information you provide the CRC on this website will only be used in accordance with the purpose for which you provided the information and will only be retained for as long as required for the purpose.

To make this website work properly, and to provide the most relevant services to our site visitors, we place small data files called cookies on your device. Cookies are used to collect non-personal information about how visitors use our website. This technical information will be used only for statistical and other administrative purposes. Further information regarding the CRC’s cookie usage is detailed on CRC’s Cookie Policy.

The CRC does not accept responsibility for the content or privacy practices of other external websites. Please consult the privacy statements of individual sites or contact the persons responsible for those sites, in order to understand the policies and practices under which they operate.

Privacy Notice

The purpose of our Privacy Notice is to clearly communicate to you how the CRC handles your personal information (also known as ‘personal data’). It will give you a better and more complete understanding of how the CRC collects and uses personal data for the provision of health and social care services. See our Privacy Notice document below.

Download file: CRC Privacy Notice

Making Donations

The information you provide when making a donation will be kept securely and used by the CRC to process your donation. Your information will only be shared with selected third-party service providers, contracted by the CRC to assist with our campaigns. Your data will not be shared with any other organisation, other than with your permission, or where required by law.

What is General Data Protection Regulation (GDPR)?

The EU General Data Protection Regulation (GDPR) came into effect on the 25th of May 2018, replacing the old data protection laws in the European Union. It is designed to harmonise data protection laws across Europe, to protect and empower all EU citizens’ data privacy and to reshape the way organisations approach data privacy. The GDPR gives individuals greater control over their personal data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by organisations (Data Controllers).

What is personal data?

Personal data is any information that can identify an individual person. This includes a name, photo, email address, an ID number, medical information, bank details, posts on social media, online browsing history, even a computer IP address.

What is a Data Controller?

A data controller is a person, or group of people, who determines the purposes and means of processing of personal data. The Central Remedial Clinic is a data controller.

What does GDPR mean for individuals and organisations?

GDPR is based on the core principles of data protection. These principles require organisations to:

  • obtain personal data fairly from the individual by giving them notice of the collection and its specific purpose

  • collect no more data than is necessary from an individual for the purpose for which it will be used

  • retain the data for no longer than is necessary for that specified purpose

  • to keep data safe and secure

  • provide an individual with a copy of his or her personal data if they request it


The GDPR provides the following rights for individuals (data subjects):

  • obtain details about how their data is processed by an organisation

  • obtain copies of personal data that an organisation holds on them

  • have incorrect or incomplete data corrected

  • have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data

  • obtain their data from an organisation and to have that data transmitted to another organisation (data portability)

  • object to the processing of their data by an organisation in certain circumstances

  • not to be subject to (with some exceptions) automated decision making, including profiling

Why do we ask for your personal data?

We want to provide you with the best possible service. We use information about you to do this. It is important that your records are accurate and up-to-date as they ensure that we are able to provide you with the service you require.

How can an individual see the information the CRC holds about them?

Individuals can contact us by email at We will need to confirm your identity before we release the information.

Questions and contacting us

We welcome queries, comments or requests you may have regarding this privacy notice information or relating to the processing of your personal data.

You can contact our Data Protection Officer (DPO) at:

Data Protection Officer
Central Remedial Clinic
Penny Ansley Building
Vernon Avenue
Dublin, D03 R973


Links, downloads & helpful resources

Link to the General Data Protection Regulation (GDPR)

Link to the Data Protection Act 2018

Link to the Data Protection Commission website

Link to CRC’s Cookie Policy 

Link to guidance on requesting information from the CRC 

Download file: CRC Privacy Notice 

Download file: CRC Privacy Notice Poster 

Download file: CRC CCTV Privacy Notice 

Download file: CRC Job Applicant Privacy Notice 

Download file: CRC Data Subject Access Request process