SETU Carlow Data Protection Policy

A new law around the protection of Personal Data, the General Data Protection Regulation (GDPR) came into force across Europe on 25th May 2018.

Privacy Notice

Data Collection Notice

Please note that your data will be shared with the Higher Education Authority for funding allocation, statistical analysis and policy formulation purposes. The data shared includes personal data such as name, address, Eircode, PPSN, grant status and CAO data. By registering as a student at SETU Carlow, you are agreeing to your data being shared with the Higher Education Authority. Full details of what data is shared and how this data is used are contained in the HEA Notice link below.
If you wish to object to the processing of your personal data in this manner, or if you have any queries in relation to the processing of your personal data generally, please contact the HEA Data Protection Officer at

HEA Notice

Data Protection Policy

The University’s commitment to protecting the rights and privacy of the data subject are outlined at the following link. 

Records Management

Details on the University’s Records Management and Retention Schedule can be found on the University’s website here »

Subject Access Requests

The procedure for submitting and processing Subject Access Requests can be found using the link below.
Data subjects must complete the official Subject Access Request Form when exercising their rights for access to their personal data. 

Data Breach

Any individual who accesses, uses or manages personal data is responsible for reporting data breach incidents to the Data Protection Oversight Group (email: and their Head of Function as soon as it is detected. The urgency of reporting a breach, or suspected breach, to the University is due to a regulatory requirement of 72 hours to the Data Protection Commissioner.

Data Handling

National Forum for the Enhancement of Teaching and Leaning in Higher Education 

This Forum Insight serves as a quick guide to some legal obligations arising from the EU’s General Data Protection Regulation (GDPR), the data protection legislation that becomes enforceable across the EU from 25 May 2018. 

What GDPR means for staff at SETU Carlow

An overview of SETU Carlow staff responsibilities in relation to GDPR.

CCPS/ITC Collaborative Call Privacy Notice

Further Information

Any further queries in relation to the GDPR or Data Protection can be addressed to the University’s Data Protection Oversight Group (

Data Protection Officer