Data Privacy Policy

How we use and protect your personal data

1. OVERVIEW

Maintaining the security of your data is a priority at CÉIM, and we are committed to respecting your privacy rights. We pledge to handle your data fairly and legally at all times. CÉIM is also dedicated to being transparent about what data we collect about you and how we use it. Please take time to read this notice carefully. If you have any questions about how we use your information, please contact us using the details below.
This policy provides you with information about:
• How we use your data,
• What personal data we collect
• How we ensure your privacy is maintained, and
• Your legal rights relating to your personal data.

 

2. HOW WE USE AND PROTECT YOUR PERSONAL DATA

2.1 What personal information do we collect about you?
We will hold the following data including:
• Contact details for CÉIM student leaders (for communication and Garda vetting purposes):

o Name, Middle Name, Surname;
o Date of Birth;
o Home Address;
o Mobile Number;
o NUI Galway email address
o Private email address
o NUI Galway student ID number

• Contact details (Name, Surname, NUI Galway student ID number, NUI Galway email address) and details of CÉIM attendance for 1st year students
• Information which you have given your consent for us to use

2.2 When do we collect your information?
We collect information you give to us, or consent to have shared with us, or is shared with us by the university to facilitate the running of the programme.

2.3 How we use your information and the legal basis?
We only use your information:
• To contact you regarding CÉIM activities;
• For administrative purposes
• With your agreement, to contact you electronically about activities that you have opted-in for;
• For academic research purposes to measure the effectiveness of methodologies used;
• To respond to your questions and concerns;
• Where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute);

2.4 Who we share your information with?
We only share your information with service providers employed by us to facilitate our communications and research. We will only share your data with others in exceptional circumstances, i.e. with governmental bodies, regulators, law enforcement agencies, courts or tribunals and insurers where we are required to do so:
• To comply with our legal obligations,
• To exercise our legal rights (for example in court cases),
• For the prevention, detection, investigation of crime or prosecution of offenders, and
• For the protection of our employees and customers.

2.5 International Transfers
It may be sometimes necessary to temporarily move or re-host our website which may include your personal data to a service location that resides outside of the European Economic Area.
These transfers are subject to special rules under data protection laws. Should this happen, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to use ‘standard data protection clauses’ which have been approved by the European Commission for such transfers.

2.6 How long do we hold your information?
If you are a 1st year student, we hold your data for three years, unless you ask us to delete it before then.
If you are a CÉIM leader, we hold your data for five years in order to provide job references as requested, unless you ask us to delete it before then.

2.7 Implications of not providing information
If you do not provide information we may not be able to facilitate your involvement in CÉIM.

 

3. HOW WE PROTECT YOUR DATA
CÉIM is committed to keeping your personal data safe and secure. Our security measures include:
• Regular cyber security assessments of all service providers who may handle your personal data;
• Regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
• Security controls which protect our infrastructure from external attack and unauthorised access;
• Internal policies setting out our data security approach and training for employees.
• CÉIM will never ask you to confirm any bank account or credit card details via email. If you receive an email claiming to be from CÉIM asking you to do so, please ignore it and do not respond.

 

4. YOUR RIGHTS
We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your engagement with CÉIM.
If you wish to access or amend any personal data we hold about you, or to request that we delete or transfer any information about you that we have obtained, simply contact us at the details below. At your request, we will have any reference to you deleted or blocked in our database.
Please note that while any change you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, please contact us.

 

5. HOW TO CONTACT US
You can contact us via email at studentsunion@nuigalway.ie