What is Data Protection?


Personal data may be defined as data relating to a living individual who is, or can be identified from, either the data itself or from the data in conjunction with other information that is in, or is likely to come into, the possession of a 'Data Controller'.

The primary purpose of data protection legislation is to safeguard the privacy rights of individuals where organisations, such as a university, process personal data as part of their day-to-day operations. 

There is therefore an obligation on all organisations, including DCU and its wholly owned campus companies, to process personal data in a manner compliant with the legislation.

In order to carry out its statutory, academic and administrative functions the University collects and processes personal data relating to many categories of individuals and this includes the students and staff of the University. The University takes the confidentiality of all personal data seriously and consequently takes all reasonable steps to comply with data protection legislation. The University endeavours to collect personal data only in order to meet specific legitimate purposes and to retain that data only for so long as those purposes remain valid.

The University is committed to ensuring that all staff, registered students, agents, contractors and its own data processors comply with data protection legislation regarding:

  • the processing and confidentiality of any personal data held by the University;


  • the privacy rights of individuals under the legislation.

DCU as a Data Controller

A Data Controller is:

the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Dublin City University is a 'Data Controller' as defined under the legislation.

Controllers make decisions about processing activities. They exercise overall control of the personal data being processed and are ultimately in charge of and responsible for the processing.