Staff Privacy Notice

As a staff member or former staff member of ATU Donegal, the Institute will process some of your personal data.

This privacy notice explains how ATU Donegal collects, uses and shares your personal data and your rights in relation to the personal data that we hold on you. It also explains your rights in relation to the data we hold. During the recruitment process, throughout your employment with us and when your employment ceases ATU Donegal collects, uses and stores (i.e. processes) your personal data. This data is collected from a variety of sources, mainly from you directly, but may also come from other sources; e.g. your former employer(s). During the course of your employment and after you leaver or retire additional information may be added to your record.

ATU Donegal may share information between different internal departments for operational reasons only as is necessary and proportionate for the purposes intended.

The type of personal data that may be collected includes but is not limited to, the following;

  • Recruitment data: Name, contact information (address, email address, telephone numbers) date of birth, PPS number, passport number, nationality and country of domicile, next of kin/ emergency contact information, Eircode, CV (which includes information relating to your education, qualifications training records, membership of professional bodies). References, Interview Notes and Selection Board Reports, Nationality, Citizenship, Work Permit/ hosting agreement.
  • Personnel file information including; PPS Number, Birth Certificate, Marital/ Civil Partnership Status, Next of Kin details, date of marriage, references, probation information, attendance records, annual leave records, maternity, paternal, paternity and term time records, children’s birth certs , progression records
  • Payroll information: salary, allowances, deductions, financial information including bank details (BIC, IBAN, Name and Address of Bank/ Building Society) tax codes and details, claim forms, trade union details.
  • Pensions: pension calculations and deductions, service transfers, transfer values, arrears calculations, benefits statements.
  • HR information; information relating to grievances, disciplinary and any external information.
  • IT Information: internet and email usage, call logs from internal extensions, IP address and date and time of external logins.
  • Photographs (to process ID card), Images within CCTV footage/ photography/ filming. Area access logs.
  • Travel and Expenses: copy of passport if travel is booked, car registration details, confirmation of business class insurance.
  • Special category data to include physical or mental health, racial or ethnic origin (including medical certificates, occupational health assessments and disability information). Certain criminal activities.
  • Termination of employment: resignation letter and employment letter.

Special Category data/ Sensitive information (including health, criminal record etc) is collected to monitor whether our equal opportunities are working and to carry out our obligation as an employer. In addition to the normal standards of confidentiality, we also carefully control access to sensitive data within the Institute so that it is only available to those staff who require it to perform their studies.

The processing of your personal data is necessary for the following lawful purposes:

  • Processing that is necessary for the performance of our contract with you.
  • Processing that is necessary to comply with legal obligation or performance of a function conferred on LYIT by an enactment
  • Processing that is necessary in the public interest
  • Processing where we have consent.

Where processing of your personal data is based on you providing consent, you have the right to withdraw consent at any time by contacting the department or function who obtained that consent, or LYIT’s data protection office (details below).

LYIT collects and uses your personal data for a rage of contractual, statutory and public interest purposes; including the following;

  • Recruitment of staff, which includes the Vetting/approval of new (and existing) staff under the Protection of Children & Vulnerable Adults legislation via the Garda Vetting Bureau and training and induction of new staff.
  • Academic matters which includes the provision of support in: teaching and learning skills, assessment, examinations, research and collaboration.
  • Provision of HR services including provision of contracts of employment, salaries, sick and annual leave, pensions administration grievance and disciplinary matters.
  • Administering finance related issues such as staff training assistance, payroll administration, travel and expenses, trade union subscriptions.
  • Provision of staff cards for identification / security and access purposes.
  • Provision of IT and Library services.
  • Provision of adequate access to buildings, ensure security, assist with law enforcement or where required and authorised by law.
  • Research and statistical analysis including but not withstanding collation of information for the CUA Project team (this includes details of your academic achievement research and work experience).
  • Monitor and evaluate the staff experience to enhance services further
  • Enable effective communication with our staff both current and past and also to contact others in the case of an emergency situation.
  • To provide data to organisations such as the HEA (Higher Education Authority), Revenue etc. in line with legal and government requirements.
  • To comply with statutory reporting requirements and support professional accreditation of programmes.
  • To administer voluntary surveys from time to time to assist those carrying out research.
  • To create and publish printed and soft copy material such as reviews, reports, prospectus, brochures, website for promotional and archive purposes.
  • To respond to requests for information made under data protection legislation and Freedom of Information legislation and facilitate the work of internal and external auditors.
  • To meet health and safety and equality of opportunity monitoring obligations.
  • On termination of employment; to assist you joining other third level or professional organisations who may require confirmation of your data such as date of birth or confirmation of job title/employment.  To facilitate any new employer with confirmation of your employment (references for example) and possibly pension entitlement and salary confirmation if transferring to another third level education provider.

The personal data the Institute holds and processes relating to staff is obtained directly from the staff member or applicant in a recruitment campaign or for example as a member of Governing Body, external examiner, interview panel member etc.
Personal data may be collected in a number of ways including:

  • The information you supply to us when you express an interest in becoming a staff member (application process via provision of CV or application forms either hard copy or soft copy to the recruitment section and also the information you supply on receipt of a job offer from LYIT.
  • The information you supply during your employment for maintenance of your individual CORE HR profile, or through application to the HR department directly or to via the payroll department for payment of salaries and travel and expenses.
  • Information provided to LYIT directly from a third party from example (via Revenue, trade union, education institution).
  • Information captured through IT usage.
  • Captured as an image on CCTV or in a photograph
  • On Termination of employment.

All the personal data we collect is processed by our staff in LYIT.  However, for the purposes of IT operations the hosting and maintenance of some staff data is held on a computerised personnel/payroll system called CORE HR.  The server holding this data is monitored by our IT Services team, our HR and Payroll staff but also is serviced and maintained by an external provider working in conjunction with the Institute.  We have a strict regime in place to oversee the effective and secure processing of your personal data.  You can gain more information on this IT framework by accessing the Institute website section on IT Policies and Procedures.

LYIT may disclose staff personal data and sensitive personal data to external agencies only where it has obligations or a legitimate reason to do so including the following:

  • State Agencies: Higher Education Authority (HEA), Payroll Shared Services Centre, An Garda Síochána, Comptroller & Auditor General (C&AG), SIPO, CSO.
  • Government Departments; Department of Education and Skills, Department of Enterprise Trade and Innovation, Department of Public Expenditure and Reform, Department of Social Protection for PPS number verification, Revenue.
  • Third Level Institutions; CUA Project Team, THEA, Other higher education institutions, partners or research organisation, Erasmus sites,  
  • External Examiners; External examiner and assessors
  • Professional Bodies; who accredit programmes of study in LYIT.
  • Students, LYIT Staff and Third Party Contractors (only those with Contracts to Provide Services at LYIT); to facilitate contact via the staff directory and email directory and staff information to facilitate timetabling.
  • Software and service providers;  performing administrative duties on behalf of LYIT such as IT services provision, printing copies and agencies who facilitate the printing and delivery of mailshots and Institute publications for marketing purposes.
  • Potential employers and recruitment agencies who wish to verify LYIT employment history of former staff as part of their recruitment process.
  • Governing Body Members and Audit and Risk Committee members, staff information is provided to facilitate approval of recruitment, progression and notification of temporary posts.  
  • Third parties; Insurance companies in regard to accidents occurring on Institute property, Legal advisors to the Institute. Internal Auditors, Prospective and actual research funders or sponsors, programme validation board, mediators and arbitrators, interview panels, companies providing contracted specific services to LYIT.

This is not an exhaustive list and any other disclosures to third parties that may occur but are not listed here are made only where there is a legitimate reason to do so and in accordance with the law.

You have the following rights, subject to certain exemptions, in relation to your data:

  • The right to be informed about the data procession that LYIT does
  • The right to request access to their personal data held by LYIT and the right to receive a copy of this information
  • The right to rectification to have any inaccurate or incomplete personal data rectified.
  • The right to erasure of personal data.  This will only arise where there is no legitimate reason for the LYIT to continue to process the personal data.  If you exercise your right to erasure LYIT will retain a set of core personal data which for former staff will include, name, date of birth, job title, employee ID number, pension details (if appropriate). These will be kept to maintain your LYIT employment details for archive purposes.  It may be necessary to also retain some financial records about you for reporting and audit purposes.  It will be necessary to note your wish for erasure so that we do not inadvertently contact you in future.
  • The right to restrict processing of personal data.  Individuals have the right to block the processing of their personal data by the Institute in specific situations.
  • The right to data portability.  Staff have the right to request the provision of some elements of their information in digital form in order to provide it to other organisations (for example their pension data).
  • The right to object.  You can object to the processing of your personal data by LYIT in certain circumstances including the sending and receipt of direct marketing material.
  • The right to object to automated decision making and profiling.  You have the right to object to decision taken by automatic methods without a human intervention in some circumstances.

LYIT will hold your data indefinitely to assist with your lifelong relationship with the Institute or until you ask us to do otherwise. Currently LYIT will retain your personnel file for up to 7 years after the cessation of your employment.  All records retained by the Institute are held in accordance with the Institute's Records Management Schedule, currently under review.

We may contact you by telephone, email or post. In addition, if you have provided us with your mobile phone number we may text you with Instituted related information.

Your personal data will be stored either on LYIT premises, with approved storage providers or on secure IT platforms within the EEA.  Where your personal data would be held outside the EEA, we will ensure that this is done in accordance with EU approved transfer mechanisms.

Further Information

Please contact us if you have any questions about the information we hold about you or to request a copy of that information:

Data Protection Officer
ATU Donegal
Port Road
Letterkenny
Co Donegal
F92 FC93

T:  +353 (0)74 918 6021
E:  dataprotection@atu.ie

As a staff member, if you are unhappy with the ATU Donegal’s handling of your personal data or believe that the requirements of the data protection legislation are not being complied with you should contact LYIT’s Data Protection Officer in the first instance.  You also have the right to submit a complaint to the Data Protection Commissioner. In writing to the Data Protection Commissioner, Canal House, Station Road, Port Arlington, R32 AP23, Laois, by emailing info@dataprotection.ie or phoning 0761 104800.

Data Controller:
T: +353 (0)74 918 6000