Skip to main content

Civil Defence Volunteer Privacy Notice

The purpose of this privacy notice is to describe, in clear terms, the personal data that the Civil Defence Application Form and VEMS Portal processes about individuals, why it is needed, the legal basis, how it is used and how individuals may interact with the Council in relation their personal data and civil defence volunteering. It also outlines the rights of individuals under data protection legislation.

Clare County Council also has a privacy statement which is a general document about how we approach data protection as an organisation and is available on the Council’s website Privacy statement | Clare County Council ( or on request.

Purpose of the civil defence volunteer register

Personal data is processed as part VEMS (Volunteer Equipment Management system) in order to enable civil volunteers to be recruited, registered, trained and managed. The Council is obliged to protect personal data being processed in accordance with the Data Protection Act 2018 and the provisions contained in the General Data Protection Regulation (GDPR). The purpose of the processing of personal data under this project is:

  1. The establishment and maintenance of its civil defence unit in accordance with Section 4 of the Civil Defence Act of 2023.
  2. The appointment of civil defence officers in accordance with Section 5 of the Act.
  3. The recruitment, management, deployment and training of civil defence volunteers in accordance with Section 6 of the Act.
  4. The establishment and maintenance of a register of civil defence volunteers in accordance with Section 7 of the Act.
  5. The assessment and recruitment of civil defence volunteers and their management, including training and deployment records.

The Legal Basis

The legal basis to process personal data in the case of the volunteer register is the following:

The legal basis derives from Article 6(1)(e) of the GDPR, processing is “necessary for the performance of a task carried out in the public interest or in the exercise of the official authority of the controller” – and in the official authority comes from the Civil Defence Act 2023, and the local authority functions contained therein.

Also, a further legal basis derives from Article 9((2)(h) of the GDPR, namely processing is “necessary for the purposes of preventative or occupational medicine, working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services on the basis of Union or Member State law or pursuant to contract with a health professional and subject to the conditions and safeguards referred to in paragraph 3”; In this case, working capacity is the rationale for the processing of some health data.

The categories of personal data concerned

Personal data processed in relation to volunteers is:

  • Name, home address, email address, phone number, date of birth, date on which the volunteer was registered by the Council, training records, qualifications, attendance and duties records, occupation, unique volunteer number, a photo, medical information only insofar as such information is required to assess the capacity of the person to carry out duties as a civil defence volunteer, driving licence, most recent date of vetting disclosure made in respect of the volunteer by the National Vetting Bureau of the Garda Siochana, details of equipment and clothing issued for the purpose of carrying out duties as civil defence volunteer.
  • Next of Kin, name, address and contact number
  • Referees, name, address and contact number

Processing and recipients of the data

Access to the data is limited to a limited number of Clare County Council staff, namely Civil Defence Officer, Assistant Civil Defence Officer and Chief Fire Officer of the Council.   The Council is in a joint controller agreement with the Department of Defence in relation to the data on VEMS.

Third party access to personal data is not allowed, except in the very limited circumstances permitted by law. Access requests shall be processed in accordance with the Data Protection Act 2018, the GDPR and the Council’s data protection policies and procedures.

There are no plans to transfer the personal data to a third country or international organisation.

The retention period for the data

Clare County Council subscribes to the national policy for retention and destruction of Local Authority records.

Data subjects have a range of data rights

  • Right of access by the data subject
  • Right to rectification
  • Right to erasure (‘right to be forgotten’)
  • Right to restriction of processing
  • Right to data portability
  • Right to object and automated individual decision-making

The Council’s data access request policy and procedures are available on or please contact  

The right to lodge a complaint with the supervisory authority

If you are not satisfied with a decision on your request for access to data or have concerns about personal data processing, you have the right to make a complaint to the Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois, Ireland. Before doing so it is recommended that you contact Clare County Council ( to establish the circumstances. We may be in a position to resolve the problem in a timely manner. 

The Data Protection Commission website has further details and the forms that are required to be completed if you wish to raise a concern or make a complaint.

Contact details for the data controller and data protection officer

The identity and the contact details of the controller:

Clare County Council,

New Road,


Co. Clare

Telephone: (065) 6821616


The contact details of the data protection officer:

Data Protection Office

Telephone: (065) 6846405



Page last reviewed: 22/12/23

Back to top