Data Protection

Donegal Education and Training  Board 

Donegal Education and Training Board (DETB) is subject to the provisions of the Data Protection Acts 1988 to 2018 and the General Data Protection Regulation (GDPR) and is registered with the Office of the Data Protection Commissioner.

DETB is the Data Controller for all personal data held and processed by its schools and Further Education and Training (FET) centres under its patronage.

Introduction

On the 25th May 2018 the General Data Protection Regulation (GDPR) came into effect. In Ireland GDPR has been given legislative effect in the new Data Protection Act 2018.

This new legislation updates the current law in relation to data protection and seeks to strengthen and unify data protection for all individuals within the European Union including Ireland. It grants new and enhanced rights for all individuals in relation to their own personal information. An individual about whom data is held by an organisation is referred to as a data subject.

Donegal Education and Training Board (DETB) is the state education and training authority for the Donegal region established by the Education and Training Boards Act 2013.

To fulfil its statutory obligations DETB gathers, stores and processes large amounts of data on a variety of data subjects. This would include students, learners, staff, third parties and members of the public. This personal data can range from some personal details and CCTV footage to financial transactions. Personal data is any data that permits an individual to be identified.

DETB is committed to a policy of protecting the rights and freedoms of individuals with respect to the processing of their personal data.

The Data Protection regulations and legislation require the staff of DETB to process data fairly and to ensure the security of that data.

You can view the relevant legislation here:

Principles of Data Protection (GDPR)

We follow the seven principles set out under GDPR:

  1. Lawfulness, Fairness and Transparency
  2. Purpose Limitation
  3. Data Minimisation
  4. Accuracy
  5. Storage Limitation
  6. Integrity and Confidentiality
  7. Accountability

What This Means for You

We must clearly inform you about:

  • What data we hold
  • Why we hold it
  • How it is processed
  • Your rights under data protection law

Who We Process Data About

We collect and process personal data from:

  • Students
  • Adult Learners
  • Parents / Guardians of students under 18
  • Staff
  • Volunteers
  • Board and Committee Members
  • CCTV system footage

Why We Process Your Data

We use your data for purposes including:

  • Education administration
  • Employment and human resources
  • Health and Safety
  • Communications and service provision
  • Financial processing
  • Security and access control (including CCTV)
  • Statutory compliance

Legal Basis for Processing

We process data based on:

  • Legal obligations
  • Public task or statutory function
  • Contractual necessity
  • Consent
  • Vital interests
  • Legitimate interests (balanced against your rights)

Your Rights Under GDPR

You have the right to:

  • Access your data
  • Rectify inaccuracies
  • Erase your data (“right to be forgotten”)
  • Restrict processing
  • Object to processing or automated decision-making
  • Data portability
  • Withdraw consent at any time (where consent was the legal basis)
  • Complain to the Data Protection Commission

Digital Age of Consent

The digital age of consent in Ireland is 16 years. This means that for any student under the age of 16, parental or guardian consent is required before their personal data can be used by online services, such as social media platforms.

Donegal ETB, along with its schools and centres, is committed to safeguarding students personal data in line with this legal requirement and does not permit the use of under 16s’ data for such purposes without appropriate consent.

Making a Data Subject Access Request

You are entitled to request access to any personal data we hold about you. To ensure this data is protected and to verify your identity, we require one of the following verification methods along with our subject access request form:

  1. A copy of State identification (passport or driver’s license)
  2. Present yourself in person with ID at the Administration Offices in Letterkenny or email it to: dataprotection@donegaletb.ie

Policies and Supporting Documents

Policies 

DETB maintains a suite of policies and documents to support GDPR compliance. Our policies which include Data Processing Policy and CCTV Policy are available on our DETB policies page linked Here

Privacy Notices

Click on the relevant category below to learn how we collect and use your personal data:

Supporting documents

For further information on Data Protection and the General Data Protection Regulation please visit: The Data Protection Commission

 

 

 

Contact Our Data Protection Officer

If you have a data protection query, wish to make a request, or have concerns about your rights under GDPR, please contact:

Sandra Doherty

Data Protection Officer
Donegal ETB Administrative Offices
Ard O’Donnell
Letterkenny
Co. Donegal
F92 DP98

Tel: 0749161600
Email: dataprotection@donegaletb.ie