Student Data

Trinity College Dublin uses personal data relating to students for a variety of purposes. We are careful to comply with our obligations under data protection laws and we have prepared this short guide to ensure you understand how we obtain, use and disclose student data in the course of performing University functions and services. The guidance note is intended to supplement the University's Data Protection Policy.

Who controls your data?

The University is the data controller in relation to the student data you give us. Relevant student information may also be provided to the University's alumni and development office which is operated as a separate legal entity called Trinity Foundation (unless you have indicated a preference in your student registration form for your data not to be shared). Trinity Foundation is responsible for connecting students and alumni with each other and the University. Students may also provide data to student societies, the students' union or other entities who act independently for the University, however the University has no responsibility for how those independent bodies use your data.

What data do we hold and why?

In the course of performing University functions and associated student services, the University processes lots of data about students. Common examples include names, addresses, student numbers, photographs, mobile telephone numbers, dates of birth, etc. In some cases, the University may also receive sensitive personal data about students, such as health or welfare data. For example, the Trinity Health Service, Counselling Service or Disability Service may receive health or conviction data in the course of performing their functions. The University processes and discloses your data within various departments/units of the University for the purpose of performing University functions and providing associated facilities and services. For example, we compile and retain the student registration data you give us and we maintain an ongoing record of course selection data, examinations data, attendance data, awards and credits etc.

We will not normally use your data for any unrelated purpose without your consent. However, in exceptional cases permitted by law, we may process and disclose data without consent or notice to you, for example if it is required to investigate offenses, to present injury or damage or to comply with a legal obligation.

The purpose and legal basis for the use of personal data relating to sudents is detailed in the table below:

 

Purpose for processing personal data

Category

Legal basis for processing

  • Admission and registration.
  • Administration of your education.
  • Administration of University policies.
  • Administration and provision of IT and Library services.
  • Provision of data to the Higher Education Authority and Department of Education.
  • The provision of data to the Department of Justice to support visa applications for international students.
  • To provide student ID cards and TCard services.

Administrative

Necessary to carry out the objects and functions under the Universities Act 1997.
Performance of a contract.
Statutory requirements. 

  • Academic assessment and supervision and monitoring of attendance.
  • Graduation and granting of awards.
  • Processing of appeals, complaints and disciplinary issues.
  • Audio recording of lectures.
  • Administration of research programmes and funding.
  • Administration of placements.
  • Surveys and student feedback

Academic

Necessary to carry out the objects and functions under the Universities Act 1997.

  • The provision of medical, counselling and disability and equality services.
  • The provision of reasonable accommodations.
  • The provision of careers services and mentorship.
  • The use of sports and recreational facilities.
  • The provision of University accommodation.

Student Services

Consent or explicit consent.
Vital interests of the individual.
Necessary to carry out the objects and functions under the Universities Act 1997.

  • If necessary due to a medical emergency.
  • The protection of vital interests.
  • The protection of public health.

Duty of Care

Vital interests of the individual.
Statutory requirement.

  • Processing and recovery of fees and payments
  • Administration of TCard

 

Financial

Necessary to carry out the objects and functions under the Universities Act 1997.

  • The administration of campus CCTV for security.
  • Provision of a safe environment for educational activities.

Health & Safety

Legitimate interest of the University.
Statutory requirement.

  • Garda Vetting for placements on specific courses.
  • For the purposes of criminal investigations. when requested by An Garda Síochána.
  • Exercise or defence of legal claims.

 

Legal

Statutory requirement.

Legal claims.

  • Provide information about University events and activities.

 

Communications

Necessary to carry out the objects and functions under the Universities Act 1997.

  • Retention of academic data and data of archival value in the public interest.

Archives

Necessary to carry out the objects and functions under the Universities Act 1997.
Permitted by section 42 of the Data Protection Act 2018.

  • Provision of education and contact data to Trinity Development & Alumni for the purposes of alumni engagement and fundraising.

Alumni

Necessary to carry out the objects and functions under the Universities Act 1997.

  • Provision of contact data to the Students Union.

Students Union

Necessary to carry out the objects and functions under the Universities Act 1997.

Do We Transfer your Data to Third Parties?

Student data is normally retained by the University but in some cases we may appoint third parties to process data on our behalf, in which case we will comply with our legal obligations to contractually protect the data. We may also disclose student data where it is required in the normal course of performing the University’s functions and services. For example, we may be required to provide student data to grant bodies or government departments in connection with funding decisions.

Parents/Guardians

As the University considers students, even if they are not yet 18, to have the maturity to give consent for the use of their data, in normal circumstances, the University will not disclose personal data to the parents, guardians or other representatives of a student without the student’s consent. The University’s preference is to receive written consent by way of email from the student where possible. Without such consent the University will not release any details regarding students including details of their registration, attendance, fee payments etc. However, there may be exceptional circumstances, for example, in the case of potential danger to the health or well-being of a student or if a representative such as a solicitor or politician has written to the University making it clear that they are acting on behalf of the student.

Marketing Communications

The University will not engage in direct marketing activities unless you have asked to be updated about specific services or the information relates to a service you have previously expressed an interest in. You have the right to object to an opt out of direct marketing at any time.

Accessing your Data

You have a legal right to access your personal data subject to certain exceptions which are set out at law. To ensure a coordinated and appropriate response to data access requests, all such requests should be directed to the University’s Data Protection Officer, they should clearly and distinctly identify the specific personal data being requested.

Examinations Data

The right for students to access their scripts and discuss their performance is outlined in s. 51 of the General Regulations and Information Section of the Trinity Calendar (page H11). Students wishing to access their scripts must do so in accordance with these regulations, and should therefore in the first instance contact the relevant Director of Undergraduate Teaching and Learning or Course Coordinator.

Applicable Law

The University will comply with Irish data protection laws as they may be amended from time to time. This is the case regardless of the nationality of the students concerned.

Further Information

The University has appointed a Data Protection Officer who will assist the University and its staff in complying with the data protection legislation. Specific queries or concerns should be addressed to dataprotection@tcd.ie.