SETU Carlow Data Protection Policy

A new law around the protection of Personal Data, the General Data Protection Regulation (GDPR) came into force across Europe on 25th May 2018.

Privacy Notice

This section provides detail on how SETU Carlow deals with your personal and sensitive personal data.
Personal data, both automated and manual, are data relating to a living individual that is or can be identified, either from the data or from the data in conjunction with other information. Some personal data, i.e. those relating to specific categories like a person’s racial origin; political opinion or religion or other beliefs; physical or mental health; sexual life; criminal convictions or the alleged commission of an offence; trade union membership; are classed as sensitive personal data and offer data subject additional protection rights.
Data Protection is the safeguarding of the privacy rights of individuals in relation to the processing of personal data, in both paper and electronic format. The General Data Protection Regulations confer rights on individuals as well as responsibilities on those persons processing personal data.
Accountability and responsibility for complying with Data Protection: As an organisation, SETU Carlow needs to collect and use personal data (information) about its staff, students and other individuals, who come into contact with the University. The purposes of processing data include inter alia the organisation and administration of courses, examinations, research activities, the recruitment and payment of staff, compliance with statutory obligations.
SETU Carlow, when it acts as the Data Controller of personal data, has overall responsibility for ensuring compliance with Data Protection legislation. However, all employees and students of SETU Carlow, who separately collect and/or control the content and use of personal data are individually responsible for compliance with the legislation.

Data Collection Notice

Please note that your data will be shared with the Higher Education Authority for funding allocation, statistical analysis and policy formulation purposes. The data shared includes personal data such as name, address, Eircode, PPSN, grant status and CAO data. By registering as a student at SETU Carlow, you are agreeing to your data being shared with the Higher Education Authority. Full details of what data is shared and how this data is used are contained in the HEA Notice link below.
If you wish to object to the processing of your personal data in this manner, or if you have any queries in relation to the processing of your personal data generally, please contact the HEA Data Protection Officer at
Alternatively you can email the University’s Data Protection Oversight Group at

HEA Notice

Data Protection Policy

The University’s commitment to protecting the rights and privacy of the data subject are outlined at the following link. 

Records Management

Details on the University’s Records Management and Retention Schedule can be found on the University’s website here »

Subject Access Requests

The procedure for submitting and processing Subject Access Requests can be found using the link below.
Data subjects must complete the official Subject Access Request Form when exercising their rights for access to their personal data. 

Data Breach

Any individual who accesses, uses or manages personal data is responsible for reporting data breach incidents to the Data Protection Oversight Group (e-mail and their Head of Function as soon as it is detected. The urgency of reporting a breach, or suspected breach, to the University is due to a regulatory requirement of 72 hours to the Data Protection Commissioner.

Data Handling

National Forum for the Enhancement of Teaching and Leaning in Higher Education 

This Forum Insight serves as a quick guide to some of the legal obligations arising from the EU’s General Data Protection Regulation (GDPR), the data protection legislation that becomes enforceable across the EU from 25 May 2018. 

What GDPR means for staff at SETU Carlow

An overview of SETU Carlow staff responsibilities in relation to GDPR.

CCPS/ITC Collaborative Call Privacy Notice

Further Information

Any further queries in relation to the GDPR or Data Protection can be addressed to the University’s Data Protection Oversight Group (

Data Protection Officer