Personal Data - DCU Guidance & Procedures
This section of the data protection webpages provides links to the relevant policies, guides and training materials which staff, students and other interested parties may find useful. In addition, it also provides guidance on making a personal data access request to the university.
N.B. If you want to access any of the Staff Access Only documents;
Please click here to log in before accessing them.
The documents listed below set out the University's primary policies & notices related to personal data.
A) Personal Data Policies
B) Notices & Statements
A) Data Subject Rights Procedure
Data Subjects Rights Procedure - Staff Guide (Staff Access Only)
B) Data Breach Reporting Procedure
Data Breach Reporting Procedure - Staff Guide (Staff Access Only)
Data Incident / Breach Report (Staff Access Only)
C) Data Protection Impact Assessments (DPIAs)
Staff Guide to the DPIA process
Step 1 - Screening Questionnaire
Step 2 - DPIA Template
D) Data Processing Agreements (DPA) Templates & MOU Clause
The following legal agreement templates (or MOU text) are to be used by DCU units when negotiating the legal arrangements pertaining to the transfer of personal data. For advice on which one to use please contact the Data Protection Unit (Ext 7476 / 6466 / 7476). All of the documents are 'Staff Access Only' so please click on text at the top of this webpage prior to downloading as necessary.
1) DPA Template - DCU as the Data Controller
2) DPA Template - Annex / Addendum to an existing agreement
3) DSA Template - Joint Controllers
4) DPA Template - DCU as a Data Processor
5) MOU Clause
E) Data Protection & Research
G) ISS Guidance
Guide & Application Form for Individuals
Under the legislation any individual may make a request to obtain a copy of their own personal data held by Dublin City University. These requests are known as 'Access Requests' or alternatively 'Subject Acccess Requests'. The guide at the link below explains in further detail how such a request may be made. Anyone who wishes to make a request should first of all review the guidance below and formally make the request using the application form provided.
Guide for University Staff
A separate guide for members of staff of the University who are handling an access request is provided below. Please note you must provide a valid staff login name and password to access the guide.
Staff Guide to Subject Access Requests (Staff Access Only)
Staff Personnel Files - Access Requests
In addition to the general right of access described above, staff of the University may view their own personnel file which is held by the Human Resources office. Please click on the following link for further details:
Garda Requests for Copies of CCTV Recordings
From time to time members of An Gardai Síochaná who are investigating offences may require copies of CCTV recordings held by the University. In order to comply with best practice and guidelines on this area issued by the Office of the Data Protection Commissioner the following form is to be used by garda officers when requesting a copy of a CCTV recording(s) held by the University.
A PDSS (Personal Data Security Schedule) is the primary document used, at a unit or research project level, to record the categories of personal data being processed. For each category listed some basic rules and controls are identified and the PDSS is then brought to the attention of members of staff involved in processing. A guide to preparing a PDSS, and the standard template, can be found at the links below.
This section sets out the training materials available to assist staff and students in meeting their obligations to process personal data in a manner compliant with the relevant legislation.
GDPR Online Training Course - Available through Loop (Select the '2020 Data Protection Staff' course)
Data Protection Training Slides - Guide for Staff (Staff Access Only)
Data Protection Training Presentation - Teaching & Learning (YouTube Video provided by TEU)
Click here for a link to list of FAQ's regarding data protection.
List of GDPR Unit Advocates
There are a number of desigated GDPR Advocates in place in various units across the DCU Community (please see the table below). The primary role of the Advocate is to act as the initial 'go-to' person within the unit(s) for all matters relating to data protection generally. Where a query cannot be answered by the Unit Advocate please contact the DCU Data Protection Unit.
|Advocate||DCU Unit / Area|
|Aisling McKenna||Quality Promotion & Institutional Research|
|Annabella Stover||Student Support & Development|
|Bernadette Ni Aingleis||Institute of Education|
|Deborah Lawlor||Campus Residences|
|Deirdre Wynter||For all Units under VP for External Affairs|
|Eleanor Healion||Admin Office - Faculty of Science & Health|
|Gemma Dempsey||DCU Sports|
|Gemma Boyne||Human Resources|
|Georgina Garford||DCU Educational Trust|
|Goretti Daughton||Admin Office - Faculty of Humanites & Social Sciences|
|Jennifer O'Halloran||Finance Office|
|Jonathan Begg||Admin Office - DCU Business School|
|Joan O'Connell||Data Protection Unit|
|Kieran O'Dwyer||Research & Innovation Support|
|Lorraine Heffernan||Presidents Office|
|Louise Phelan||The Helix|
|Margaret Irwin-Bannon||Office of the VP for Academic Affairs|
|Mark Glynn||Open Education Unit|
|Martin Ward||Data Protecion Unit|
|Noel Prior||Risk & Compliance|
|Noeleen O'Keefe||Open Education Unit|
|Rachel O'Brien||DCU Language Services|
|Ross Munnelly||Alumni Office|
|Sandra McCormack||Student Union (Office of Student Life DAC)|
|Sharon King||Graduate Studies Office|