Archbishop of Dublin – Order (Ireland, 2023)

The DPC commenced the Inquiry following receipt of a number of complaints from individuals who wished to obtain erasure in relation to their personal data processed in church registers. All of the individuals had written to either their parish or to the Archdiocese asking for the erasure of their data pursuant to Article 17 GDPR. • The Archbishop may lawfully rely on legitimate interests under Article 6(1)(f) GDPR as a legal basis for the processing of personal data of individuals which are recorded in the Baptism Register, even in such instances where an individual no longer wishes to be associated with the Catholic Church; • Subject to safeguards, the Archbishop’s interests in retaining the personal data contained in the Baptism Registers are not overridden by the interests or fundamental rights and freedoms of the individuals; • The Archbishop may rely on the legal basis under Article 9(2)(d) of the GDPR for the processing of individuals’ special category data during the course of their lifetime; The Archbishop, in processing the special category personal data in the Baptism Registers, has in place appropriate safeguards for such processing as required under Article 9(2)(d) GDPR; • Individuals may exercise the right to request rectification of the personal data contained in the Baptism Registers, in accordance with Article 16 GDPR; • The Archbishop must comply with his obligations under Article 12(3) and Article 12(4) of the GDPR in order to facilitate requests in relation to individual’s rights under Articles 15 to 22 of the GDPR; • Individuals who no longer consider themselves to be members of the Catholic Church do not have the right to obtain erasure of their personal data in the Baptism Registers under the grounds set out at Article 17(1)(a)-(f) of the GDPR; • In circumstances where an individual no longer wishes to be a member of the Catholic Church, a supplementary statement could be added by the Archbishop to the Baptism Register entry stating “No longe