Data Protection and the General Data Protection Regulation (GDPR)

On 25 May 2018, the General Data Protection Regulation (GDPR) came into effect. In Ireland GDPR has been given legislative effect in the new Data Protection Act 2018.

This new legislation updates the current law in relation to data protection and seeks to strengthen and unify data protection for all individuals within the European Union including Ireland. It grants new and enhanced rights for all individuals in relation to their own personal information. An individual about whom data is held by an organisation is referred to as a data subject.

Tipperary Education and Training Board (ETB) is the state education and training authority for the Tipperary region established by the Education and Training Boards Act 2013.

To fulfil its statutory obligations Tipperary ETB gathers, stores and processes large amounts of data on a variety of data subjects. This would include students, learners, staff, third parties and members of the public. This personal data can range from some personal details and CCTV footage to financial transactions. Personal data is any data that permits an individual to be identified.

Tipperary ETB is committed to a policy of protecting the rights and freedoms of individuals with respect to the processing of their personal data.

The Data Protection regulations and legislation require the staff of Tipperary ETB to process data fairly and to ensure the security of that data.

Tipperary ETB is required to:

  • Explain why personal data is being gathered,
  • Outline the purpose for which it will be used,
  • Only gather the minimum amount of data necessary,
  • Inform persons whether Tipperary ETB will share data with anyone else,
  • Only keep data for as long as it is needed,
  • Protect data from loss or theft,
  • Keep data accurate and up to date.

GDPR places restrictions on what Tipperary ETB is allowed to do with personal data such as passing personal information on to third parties, transferring information outside the EU or using it for direct marketing.

GDPR also provides individuals with important rights.

GDPR therefore:

  • Reinforces the right of a person to ask for a copy of all personal data held relating to them personally,
  • Gives a right to object to direct marketing practices,
  • Allows a person to ask for inaccuracies in their personal data to be corrected,
  • Give a right to data portability,
  • In certain cases it allows for personal data to be erased,
  • Gives the right to seek compensation through the courts where privacy rights have been infringed.

Also under the new legislation the digital age of consent has been set at 16. This means that social media and other online companies will need parental consent where they wish to use the personal data of a child under the age of 16 for marketing purposes or for creating personality profiles.

Tipperary ETB has developed a range of policies that must be adhered to in order to comply with GDPR.

Privacy Notice (Data Protection Statement)
Students
Parents/Guardians of students under 18 years of age
Adult Learners
Click here to view information on how we collect and use your personal data
Covid-19 Privacy Notice
Ukrainian PupilsClick here to view the Ukrainian Pupils Pre-Enrolment Data Collection - Data Protection Privacy Notice July 2022
Staff
Board Members
Committee Members
Volunteers
Click here to view information on how we collect and use your personal data
Covid-19 Privacy Notice
CCTV SystemsClick here to view information on how we collect and use your personal data recorded on our CCTV Systems.
Data Protection PolicyClick here to view our Data Protection Policy

Policies / Procedures

Data Protection / GDPR Training for Staff

ETBI developed an online GDPR training course for all ETBs. Please note, your Tipperary ETB staff email address is required to access this training. A record of completion will automatically be sent to Tipperary ETB’s Data Protection Officer.

Link to Training: https://www.etbi.ie/etbi-gdpr

Guidance Notes / Procedures

Forms

Tipperary ETB has appointed a Data Protection Officer (DPO) as the point of contact for all data privacy queries that you may have including subject access requests.  We have appointed a Data Protection Officer on an interim basis. If you have any queries, please consult our Data Protection Policy or contact our Data Protection Officer:

Address:   

Ms Catherine Corcoran,
APO Corporate and Procurement,
Tipperary ETB Administrative Offices,
Church Road,
Nenagh,
Co. Tipperary,
E45 XD59.

Email: [email protected]

Telephone: 067 31250

Resources / Websites