The University fully respects your right to privacy and actively seeks to preserve the privacy rights of those who share personal information (also known as personal data) with the University.
How we use your personal data and our legal basis for this
On some parts of the website, you may volunteer personal information (for example by using our online forms, applying for a vacancy etc.). The University principally uses your information under the legal basis of consent. An example of this would be a request to be added to a mailing list (which will be used to send you newsletters and information). As this information is provided on the basis of consent, you are free to withdraw your consent at any time. The University may also process your information under the legal basis of contract whereby the processing is necessary for a contract you have with us, or because you have asked us to take specific steps before entering into a contract).
Any personal information processed by the University in connection with these websites will be treated in accordance with the General Data Protection Regulation and the Data Protection Acts 1988 to 2018. Accordingly, the University shall only process such information in line with the purpose for which you provided it to the extent necessary to provide you with the information or service you require.
The University shall not disclose your information to third parties unless you are specifically informed otherwise or we require a third party contractors to process the information on our behalf (in which case the University requires these third parties to comply with its instructions and we require that they do not use your personal information for their own business purposes, unless you have explicitly consented to the use of your personal information in this way).
How long we will keep your data
In keeping with the data protection principles, we will only store your data for as long as is necessary for the purposes for which it was submitted to the University and in accordance with the University’s Records Management Policy and records retention schedules.
Cross-border data transfers
We work with third party contractors, some of whom operate and host data outside the European Economic Area (EEA). Accordingly, in the course of processing your personal data, it may be transferred outside of the EEA on the understanding that we rely on legally approved mechanisms to lawfully transfer data across borders including the Standard Contractual Clauses approved by the European Commission.
The University is not responsible for the content or privacy practices of other websites. The privacy practices on these websites may differ from that on the University’s websites, and we advise that you review the other websites’ policies before providing personal information.
Within the University domain (.ucc.ie) you may find websites over which the University has no editorial responsibility. Such sites can include the websites of student organisations, etc. While the University expects compliance with this privacy statement at such sites, please contact the Digital Estate Working Group if you encounter University websites that are not compliant with this privacy statement.
You have various rights under data protection law, subject to certain exemptions, in connection with our processing of your personal data, including the right:
- to find out if we use your personal data, access your personal data and receive copies of your personal data;
- to have inaccurate/incomplete information corrected and updated;
- in certain circumstances, to have your details deleted from systems that we use to process your personal data or have the use of your personal data restricted in certain ways;
- to object to certain processing of your data by UCC;
- to exercise your right to data portability where applicable (i.e. obtain a copy of your personal data in a commonly used electronic form;
- where we have relied upon consent as a lawful basis for processing, to withdraw your consent to the processing at any time;
- to not be subject to solely automated decision;
- to request that we stop sending you direct marketing communications.
If you wish to avail of these rights, please write to: The Information Compliance Manager, University College Cork, 4 Carrigside, College Road, Cork (or email firstname.lastname@example.org).
In order to protect your privacy, you may also be asked to provide suitable proof of identification. If any of your details are incorrect please let us know and we will amend them.
Queries or Complaints
If you have any complaints in connection with our processing of your personal data, you can contact UCC’s Information Compliance Manager: Information Compliance Manager, Office of Corporate & Legal Affairs, University College Cork, Western Road, Cork E: email@example.com Tel: +353 21 4903949.
You also have the right to lodge a complaint with the Data Protection Commission if you are unhappy with our processing of your personal data. Details of how to lodge a complaint can be found on the Data Protection Commission’s website (www.dataprotection.ie), or by telephoning 1890 252 231.
Revisions to Privacy Statement
The University may revise this privacy statement from time to time. Changes to this privacy statement will be posted here so you should periodically check this page to review the most recent statement. If you have any questions about this privacy statement or the practices of the University’s websites should be referred to the Information Compliance Manager at the address set out above.
Last updated: 25 May 2018