Data Protection Policy 2018
This policy has been formulated in 2018 in order to comply with the EU General Data Protection Regulation (GDPR). The CBOI’s Data Protection Policy applies to the personal data held by the CBOI, which is protected by the Data Protection Acts 1988 to 2018 and the EU General Data Personal Regulation (GDPR).
The policy applies to all CBOI staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors), the Board of Management, CBOI members and their parents/guardians, CBOI Volunteers and all project participants including those but not exclusive to those participating in Peace Proms, Choir members and their parents/guardians, School Teachers, Principals, and all other members of the CBOI community insofar as the measures under the policy relate to them. Data will be stored securely so that confidential information is protected in compliance with relevant legislation. This policy sets out the manner in which personal data and special categories of personal data will be protected by the CBOI.
CBOI operates a “Privacy by Design” method in relation to Data Protection. This means we plan carefully when gathering personal data so that we build in the data protection principles as integral elements of all data operations in advance. We audit the personal data we hold in order to:
- Be able to provide access to individuals to their data
- Ensure it is held securely
- Document our data protection procedures
- Enhance accountability and transparency
DATA PROTECTION PRINCIPLES
The Board is a data controller of personal data relating to its past, present and future staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors); CBOI members and their parents/guardians; CBOI Volunteers and all project participants including those but not exclusive to those participating in Peace Proms, Choir members and their parents/guardians, School Teachers, Principals, and all other members of the CBOI community. As such, the Board is obliged to comply with the principles of data protection set out in the Data Protection Acts 1988 to 2018
Room P1175, Carroll Building, Dundalk Institute of Technology, Dublin Road, Dundalk, Co. Louth, IRELAND
Tel: +353 4293 70494
and GDPR, which can be summarised as follows:
1 Obtain and Process Personal Data Fairly
Information is gathered in the case of CBOI members, with the help of CBOI parents/guardians, CBOI staff. Information is gathered in the case of choir members and those participating in Peace Proms, with the help of CBOI staff, the staff of associated schools and the parents/guardians whose children attend the associated schools. Information is generally furnished with full and informed consent. All such data is treated in accordance with the Data Protection Legislation and the terms of this Data Protection Policy. The information will be obtained and processed fairly. (See: Appendix 1)
Where consent is the basis for provision of personal data, (e.g. data required to consent to a child being photographed or videoed) the consent must be a freely-given, specific, informedand unambiguous indication of the data subject’s wishes. CBOI will require a clear affirmative action e.g. ticking of a box/signing a document to indicate consent. Consent can be withdrawn by data subjects in these situations. (See: Appendix 2)
3. Keep It Only for One or More Specified and Explicit Lawful Purposes
The CBOI will inform individuals of the reasons they collect their data and the uses to which their data will be put. All information is kept with the best interest of the individual in mind at all times
4. Data Will be Processed Only in Ways Compatible with the Purposes for which it was Given Initially.
Data relating to individuals will only be processed in a manner consistent with the purposes for which it was gathered. Access to information will be strictly controlled.
5. Keeping Personal Data Safe and Secure
Only those with a genuine reason for doing so may gain access to the information. Personal Data is securely stored under lock and key in the case of manual records and protected with computer software and password protection in the case of electronically stored data. Portable devices storing personal data (such as laptops) are encrypted and password- protected.
6. Keeping Personal Data Accurate, Complete and Up-to-Date
CBOI and Peace Proms Choir Members and their parents/guardians; associated school staffs and Principals; and/or CBOI Volunteers and staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) should inform the CBOI of any change which the CBOI should make to theirpersonal data and/or sensitive personal data to ensure that the individual’s data is accurate,complete and up-to-date. Once informed, the CBOI will make all necessary changes to the relevant records. Records must not be altered or destroyed without proper authorisation. If alteration/correction is required, then a note of the fact of such authorisation and the alteration(s) to be made to any original record/documentation should be dated and signed by the person making that change.
7. Ensure that it is Adequate, Relevant and Not Excessive
Only the necessary amount of information required to provide an adequate service will be gathered and stored.
8. Retain it No Longer than is Necessary for the Specified Purpose or Purposes for Which it was Given
As a general rule, the information will be kept for the duration of the individual’s time in theCBOI or as part of Peace Proms. Thereafter, the CBOI will comply with DES guidelines on the storage of Personal Data.
- In the case of members of staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors), the CBOI will comply with both DES guidelines and the requirements of the Revenue Commissioners with regard to the retention of records relating to employees. The CBOI may also retain the data relating to an individual for a longer length of time for the purposes of complying with relevant provisions of law and or/defending a claim under employment legislation and/or contract and/or civil law.
- In the case of CBOI members and the parents/guardians, the CBOI will retain data until the member has left the CBOI. If the CBOI wishes to remain in contact with past members and their parents/guardians, their consent and the parents’/guardians’consent will be requested.
- In the case of Volunteers, the CBOI will retain data as long as the Volunteer is willing to work with the CBOI or for longer if the Volunteer wishes to remain updated as to CBOI events. If the CBOI wishes to remain in contact with a volunteer, their consent will be requested.
- In the case of Choir Members, the CBOI will retain data until the end of the academic year in which the choir member is participating in Peace Proms or other CBOI events. This information, which is stored electronically will then be deleted.
- In the case of Parents/guardians of CBOI members or Choir members or event participants, the CBOI will retain data as long as the parent/guardian wishes to receive information and updates from the CBOI. Information is distributed electronically and parents/guardians can unsubscribe at will.
- In the case of Teachers/Principals of the schools participating in CBOI programmes including but not exclusive to Peace Proms, the CBOI will retain data as long as their school wishes to participate in Peace Proms and associated CBOI events; or wishes to be informed about CBOI events including Peace Proms.9. Provide a Copy of Their Personal Data to Any Individual on RequestIndividuals have a right to know and have access to a copy of personal data held about them, by whom, and the purpose(s) for which it is held (See: Appendix 4)DATA PROTECTION SCOPE
The Data Protection legislation applies to the keeping and processing of Personal Data. The purpose of this policy is to assist the CBOI to meet its statutory obligations, to explain those obligations to CBOI staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors), and to inform staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors), volunteers, Orchestra Members, Choir Members, all project participants and their parents/guardians, how their data will be treated.
The policy applies to all CBOI staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors), the Board of Management, CBOI Members and their Parents/Guardians and all project participants including but not exclusive to those participating in Peace Proms including Choir Members and their Parents/Guardians, and Teachers/Principals of associated schools, insofar as the CBOI handles or processes their Personal Data in the course of their dealings with the CBOI.
DEFINITION OF DATA PROTECTION TERMS
In order to properly understand the CBOI’s obligations, there are some key terms, whichshould be understood by all relevant CBOI staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors):
“Personal Data” means any data relating to an identified or identifiable natural person i.e. a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the Data Controller.
“Data Controller” is the Board of Management of the CBOI
“Data Subject” is an individual who is the subject of personal data
“Data Processing” is performing any operation or set of operations on data, including:
- Obtaining, recording or keeping the data;
- Collecting, organising, storing, altering or adapting the data;
- Retrieving, consulting or using the data;
- Disclosing the data by transmitting, disseminating or otherwise making it available;4
• Aligning, combining, blocking, erasing or destroying the data;
“Data Processor” is a person who processes personal information on behalf of a data controller. The Data Protection legislation places responsibilities on such entities in relation to their processing of the data.
“Special categories of Personal Data” refers to Sensitive Personal Data regarding a person’s:
- Racial or ethnic origin;
- Political opinions or religious or philosophical beliefs;
- Physical or mental health;
- Sexual life and sexual orientation;
- Genetic and biometric data;
- Criminal convictions or the alleged commission of an offence;
- Trade union membership.“Personal Data Breach” is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. This means any compromise or loss of personal data, no matter how or where it occursRATIONALEIn addition to its legal obligations under the broad remit of educational legislation, the CBOI has a legal responsibility to comply with the Data Protection Acts 1988 to 2018 and the GDPR.
This policy explains what sort of data is collected, why it is collected, for how long it will be stored and with whom it will be shared. The CBOI takes its responsibilities under data protection law very seriously and wishes to put in place safe practices to safeguardindividual’s personal data. It is also recognised that recording factual information accurately and storing it safely facilitates an evaluation of the information, enabling the Board of Management to make decisions in respect of the efficient running of the CBOI. The efficient handling of data is also essential to ensure that there is consistency and continuity where there are changes of personnel within the CBOI and Board of Management.
OTHER LEGAL OBLIGATIONS
Implementation of this policy takes into account the CBOI’s other legal obligations andresponsibilities. Some of these are directly relevant to data protection. For example:
Under Section 9(g) of the Education Act, 1998, the parents/guardians of a member, or a member who has reached the age of 18 years, must be given access to records kept by the CBOI relating to the progress of the member in the CBOI.
Under Section 20 of the Education (Welfare) Act, 2000, the CBOI must maintain a register of all members (Orchestra and Choir) and all project participants including those participating in Peace Proms and attending the CBOI.
Under Section 21 of the Education (Welfare) Act, 2000, the CBOI must record the attendance or non-attendance of members and all project participants including those registered to participate in Peace Proms.
The Freedom of Information Act 1997 provides a qualified right to access to informationheld by public bodies which does not necessarily have to be “personal data”, as with data protection legislation.
Under Children First Act 2015, mandated persons in CBOI have responsibilities to report child welfare concerns to Tusla- Child and Family Agency (or in the event of an emergency and the unavailability of Tusla, to An Garda Síochána)
RELATIONSHIP TO CHARACTERISTIC SPIRIT OF THE CBOI
CBOI seeks to:
- Enable members and all project participants including but not exclusive to those participating in Peace Proms, to develop their full musical, personal, and social potential;
- Provide a safe and secure environment for learning, and music and Arts education;
- Promote respect for the diversity of values, beliefs, traditions, languages and ways oflife in society.We aim to achieve these goals while respecting the privacy and data protection rights of members and all project participants including but not exclusive to those participating in Peace Proms; staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors), parents/guardians of choir and orchestra members; Volunteers; Teachers and Principals of associated schools; and others who interact with us. The CBOI wishes to achieve these aims/missions while fully respecting all individuals’ rights to privacy and rights under the Data Protection Legislation.PERSONAL DATA HELD
The Personal Data records held by the CBOI may include Staff, Board of Management, Creditors, Orchestra Members, Parents/Guardians of Orchestra Members; Choir Members, Parents/Guardians of Choir Members, Volunteers, Teachers and Principals of Associated Schools.
1. STAFF RECORDS
Categories of staff: (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) data:
As well as existing members of staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors) (and former members of staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors)), these records may also relate to applicants applying for positions within the CBOI, These staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) records may include:
- Name, address and contact details, PPS number.
- Name and contact details of next-of-kin in case of emergency.
- Original records of application and appointment to promotion posts
- Details of approved absences (career breaks, parental leave, study leave, etc.)
- Details of work record (qualifications, classes taught, subjects, etc.)
- Details of any accidents/injuries sustained on CBOI property or in connection withthe staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) member carrying out their CBOI duties
- Records of any reports the CBOI (or its employees) have made in respect of the staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) member to State departments and/or other agencies under Children First Act 2015Purposes:
- The management and administration of CBOI business (now and in the future);
- To facilitate the payment of staff (full time/part time/temporary and those who areself-employed or otherwise and are hired for specific purposes e.g. tutors, conductors), and calculate other benefits/entitlements (including reckonable service for the purpose of calculation of pension payments, entitlements and/or redundancy payments where relevant)
- Facilitate pension payments in the future;
- Human resources management;
- Recording promotions made (documentation relating to promotions applied for) andchanges in responsibilities, etc.;
- Enabling the CBOI to comply with its obligations as an employer, including thepreservation of a safe, efficient working and teaching environment (including complying with its responsibilities under the Safety, Health and Welfare at Work Act 2005);
- Compliance with legislation relevant to the CBOI.Location and Security Procedures of CBOI:
• Digital records are stored on password-protected computer with adequate encryption and firewall software in a locked office. The CBOI has the burglar alarm activated during out-of-CBOI hours.
2. BOARD OF MANAGEMENT RECORDS:
Categories of Board of Management data:
- Name, address and contact details of each member of the Board of Management(including former members of the Board of Management)
- Records in relation to appointments to the Board
- Minutes of Board of Management meetings and correspondence to the Board, whichmay include references to individuals. Purposes:
• To enable the Board of Management to operate in accordance with applicable legislation and to maintain a record of Board appointments and decisions.
(Location and Security procedures as above):
3. OTHER RECORDS: CREDITORS
The CBOI may hold some or all of the following information about creditors (some of whom are self-employed individuals):
- Contact details
- PPS numberPurposes:
• This information is required for routine management and administration of the
CBOI’s financial affairs, including the payment of invoices, the compiling of annualfinancial accounts and complying with audits and investigations by the Revenue Commissioners.
(Location and Security procedures as above):
4. MEMBER RECORDS (Choir and Orchestra):
Categories of member data:
Information which may be sought and recorded at enrolment in the Cross Border Orchestra of Ireland or may be collated and compiled during the course of the member’s time in theCBOI. Information may be sought and recorded at registration to become part of a school choir participating in Peace Proms workshop or concerts, or other CBOI events and initiatives. These records may include:
- Name, address and contact details
- PPS number
- Date and place of birth
- Passport Details
- Musical Education
- Names and addresses of parents/guardians and their contact details (including anyspecial arrangements with regard to guardianship, custody or access)
- Any relevant special conditions (e.g. Special medical, dietary needs, health issues)which may apply
Consent is requested from members/parents/guardians for taking photographs, recorded images and videos of members, associate members, choir members, teachers and Principals participating in CBOI events including but not exclusive to Peace Proms. These images may be used in the Media for example Television, on printed PR materials and on Social Media.
Other records e.g. Records of any serious injuries / accidents, (Note: it is advisable to inform parents/guardians that a particular incident is being recorded);
- To enable each member to develop to his/her full musical potential;
- To comply with legislative or administrative requirements;
- To ensure that eligible members and all project participants including thoseparticipating in peace proms can benefit from the relevant additional teaching orfinancial supports;
- To enable parents/guardians to be contacted in the case of emergency or in the caseof disruption to CBOI or Peace Proms or other event rehearsals or concerts, or to inform parents/guardians of their child’s musical progress or to inform parents of CBOI events.
- To meet the educational, social, physical and emotional requirements of the member;
- Photographs and recorded images of members and all project participants includingbut not exclusive to those participating in Peace Proms are taken to celebrate CBOI achievements, to promote CBOI, to develop CBOI’s website and other social media platforms, to record CBOI events, and to keep a record of the history of the CBOI.Such records are taken and used in accordance with the ‘CBOI website privacystatement’.
- To ensure that the member meets the CBOI’s admission criteria
- To ensure that members and all project participants including those participating inpeace Proms meet the minimum age requirement for attendance at CBOI. (Location and Security Procedures as above):PROCESSING IN LINE WITH A DATA SUBJECT’S RIGHTSData in the CBOI will be processed in line with the data subject’s rights. Data subjects have aright to:
- Know what personal data the CBOI is keeping on them;
- Request access to any data held about them by a data controller;
- Ask to have inaccurate data amended;
- Ask to have data erased once it is no longer necessary or irrelevant (See: Appendix 5)PERSONAL DATA BREACHES
- All incidents in which personal data has been put at risk must be reported to the Office of the Data Protection Commissioner within 72 hours
- When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the BoM must communicate the personal data breach to the data subject without undue delay
- If a data processor becomes aware of a personal data breach, it must bring this to the attention of the Board without undue delay.
DEALING WITH A DATA ACCESS REQUEST
- Individuals are entitled to a copy of their personal data on written request
- Request must be responded to within one month. An extension may be required (e.g.over holiday periods etc.)
- No fee may be charged except in exceptional circumstances where the requests arerepetitive or manifestly unfounded or excessive
- No personal data can be supplied relating to another individual apart from the datasubjectProviding Information Over the PhoneAn employee dealing with telephone enquiries should be careful about disclosing any personal information held by the CBOI over the phone. In particular, the employee should:
- Ask that the caller put their request in writing
- Refer the request to the principal for assistance in difficult situations
- Not feel forced into disclosing personal informationIMPLEMENTATION ARRANGEMENTS, ROLES AND RESPONSIBILITIESThe Board is the data controller and the principal implements the Data Protection Policy, ensuring that staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) who handle or have access to Personal Data are familiar with their data protection responsibilitiesThe following personnel have responsibility for implementing the Data Protection Policy:
Board of Management Four CBOI Staff
Data Controller Implementation of Policy
Monitoring the Implementation of the Policy
The implementation of the policy shall be monitored by the Board and staff of the CBOI
Reviewing and Evaluating the Policy
The policy will be reviewed and evaluated after two years. On-going review and evaluation will take cognisance of changing information or guidelines, legislation and feedback from parents/guardians, members and all project participants including those participating in Peace Proms, CBOI staff (full time/part time/temporary and those who are self-employed or otherwise and are hired for specific purposes e.g. tutors, conductors) and others. The policy will be revised as necessary in the light of such review and evaluation and within the framework of CBOI planning
CBOI – Appendix 1 Fair Processing
Fair Processing of Personal Data
Section 2A of the Acts details a number of conditions, at least one of which must be met, in order to demonstrate that personal data is being processed fairly. These conditions include that the data subject has consented to the processing, or that the processing is necessary for at least one of the following reasons:
- The performance of a contract to which the data subject is party, or
- In order to take steps at the request of the data subject prior to entering into a contract, or
- In order to comply with a legal obligation (other than that imposed by contract), or
- To prevent injury or other damage to the health of the data subject, or
- To prevent serious loss or damage to the property of the data subject, or
- To protect the vital interests of the data subject where the seeking of the consent of thedata subject is likely to result in those interests being damaged, or
- For the administration of justice, or
- For the performance of a function conferred on by or under an enactment or,
- For the performance of a function of the Government or a Minister of the Government, or
- For the performance of any other function of a public nature performed in the publicinterest by a person, or
- For the purpose of the legitimate interests pursued by a data controller except where theprocessing is unwarranted in any particular case by reason of prejudice to the fundamental rights and freedoms or legitimate interests of the data subject
Fair Processing of Sensitive Personal Data
If processing sensitive data, you must satisfy the requirements for processing personal data set out above along with at least one of the following conditions (set out in section 2B of the Acts):
- The data subject has given explicit consent, or
- The processing is necessary in order to exercise or perform a right or obligation which isconferred or imposed by law on the data controller in connection with employment, or
- The processing is necessary to prevent injury or other damage to the health of the datasubject or another person, or serious loss in respect of, or damage to, property or otherwise to protect the vital interests of the data subject or of another person in a case where consent cannot be given, or the data controller cannot reasonably be expected to obtain such consent, or
- The processing is necessary to prevent injury to, or damage to the health of, another person, or serious loss in respect of or damage to, the property of another person, in a case where such consent has been unreasonably withheld, or
- The processing is carried out by a not-for-profit organisation in respect of its members or other persons in regular contact with the organisation, or
- The information being processed has been made public as a result of steps deliberately taken by the data subject, or
- The processing is necessary for the administration of justice, or
- The processing is necessary for the performance of a function conferred on a person by orunder an enactment, or
- The processing is necessary for the performance of a function of the Government or aMinister of the Government, or
- The processing is necessary for the purpose of obtaining legal advice, or in connectionwith legal proceedings, or is necessary for the purposes of establishing, exercising ordefending legal rights, or
- The processing is necessary for medical purposes, or
- The processing is necessary in order to obtain information for use, subject to, and inaccordance with, the Statistics Act, 1993, or
- The processing is necessary for the purpose of assessment of or payment of a tax liability,or
- The processing is necessary in relation to the administration of a Social Welfare scheme
CBOI – Appendix 2
Consent and Sample Consent Form
Where consent is the basis for provision of personal data (e.g. data required for photography / videoing) the consent must be a freely-given, specific, informed and unambiguousindication of the data subject’s wishes. Each CBOI members, their parent/guardian (for members under 18yrs), associated member, choir member, the parent/guardian of a choir member will require a clear, affirmative action e.g. ticking of a box/signing a document, to indicate consent. Consent can be withdrawn by data subjects at will.
SCHOOL AUTHORITIES: Please copy one consent form for each child in your choir and send home to be signed by a parent/guardian. Please scan and upload the completed forms to our database no later than Sept. 28th. * Please retain the original signed forms in your school.
PEACE PROMS WATERFORD IT 2019
Our school will be taking part in a musical education programme called “Peace Proms”. We will be performing at the Sports Arena Waterford IT on 9th or 10th February 2019. Peace Proms aims to entertain, educate and engage children and young people in music and to enrich their lives through exceptional musical experiences and performances. The project objective is to help young people to develop qualities of self-reliance, personal integrity, responsibility, and confidence by giving them the opportunity to:
- Perform with a full symphony orchestra
- Work with an internationally acclaimed conductor and top soloists
- Perform in premier venues throughout Ireland
- Develop vocal technique, presentation and performance
- Experience a variety of musical styles and genres and develop an appreciation of themPeace Proms is recognised as one of Ireland and the UK’s most important Arts Education initiatives, providing outstanding cultural opportunities for young people while promoting peace, unity and tolerance through music. It is supported and endorsed by thePARENT/GUARDIAN: Please complete this form and return it to your school.
Department of Education and Skills, the Department of Arts, Heritage and the Gaeltacht, and the Arts Council of Northern Ireland.
1. PERMISSION TO PARTICIPATE IN WATERFORD PEACE PROMS 2019
I/we give our son/daughter______________________________________ (name of son/daughter) permission to participate in Peace Proms, as part of _______________________________ (name of school) choir I/we understand that Peace Proms workshops and concerts may be photographed and audio /video recorded and that my child’s image may appear in future media presentations including printed materials for example brochures /leaflets /posters /flyers; and audio visual and social media materials for example video/TV/DVD presentations /advertisements.
2. INFORMATION ABOUT PEACE PROMS
unsubscribe from our newsletter at any time. Under our GDPR Policy, your information will not be shared and will be deleted at the end of the school year (30/06/19).
Parent /Guardian Mobile 1__________________________Parent /Guardian Mobile 2________________________________ Email 1________________________________________ Email 2________________________________________________Signed___________________________________________________(Parent/Guardian) Date___________________
In order to comply with EU GDPR, you can find the Data Protection Policy and more information on the CBOI and Peace Proms on their websites www.cboi.ie and www.peaceproms.com
To ensure that the CBOI’s practices are open and transparent and to obtain datafairly the data subject should be made aware of:
- The Name of The Data Controller (i.e. CBOI Board of Management)
- The Purpose/Rationale for collecting the Data and any secondary uses of theirPersonal Data which might not be obvious to them
- The Persons or Categories of Persons to whom the Data may be disclosed E.G.a. DES
- Other third parties operating in the Education and Welfare Sphere eg. TheHSE, Tusla, an Garda Síochána
- Other Third Parties with whom The CBOI Contracts, such As Cloud-Based
CBOI Administration Software Companies, Accountants, Insurance
Companies, Lawyers, Etc.
- The replies to questions asked are necessary
- All subjects have the right to access their personal data
- All subjects have the right to rectify their data if inaccurate or processed unfairly
- In the case of consent for photographing and videoing of events, all subjects shouldbe aware that these images may be used in the Media for example Television, on printed PR materials for example posters, flyers and brochures, and on Social Media. Photographs and recorded images of members and all project participants including but not exclusive to those participating in Peace Proms are taken to celebrate CBOI achievements, to promote CBOI, to develop CBOI’s website and other social mediaplatforms, to record CBOI events, and to keep a record of the history of the CBOI.
- Where consent for photographing and videoing is requested but not given by a parent/guardian, it will not be possible for their child to participate in the said event.
- Any other information which is relevant so that processing may be fair and to ensure that the data subject has all the information that is necessary to facilitate their awareness of how their data will be processed.
In general, the fair obtaining principle requires that every individual about whom information is collected for holding will be aware of what is happening. When people are giving you information, they should be able to answer YES to the following questions:-
- do they know what information CBOI will keep about them?
- do they know the purpose for which CBOI keep and use it?
- do they know the people or bodies to whom CBOI may disclose or pass it?
CBOI – Appendix 3
CBOI Record Retention Table
CBOI Register/Roll Books Enrolment Forms Disciplinary Notes Medical / Dietary Notes Accident Reports
Hold until member leaves CBOI Hold until member leaves CBOI Hold until member leaves CBOI Never Destroy
18 months from close of competition plus 6 months in case Equality Tribunal needs to inform CBOI that a claim is being taken
Contract of Employment Accident/Injury at work Reports Garda Vetting Certs
Retention for duration of employment + 7 years
BOM Agenda CBOI Team Minutes Payroll & Taxation
Photographic and video recordings of CBOI events which feature CBOI members and Choir members including but not exclusive to those participating in Peace Proms
Revenue require a 6-year period after the end of the tax year. Retain for 7 Years
Consent forms which are stored electronically are deleted at the end of the academic year, upon completion of participation in specific programme. Parents who receive electronic information about CBOI programmes and events can unsubscribe at will. Indefinitely. In the case of consent for photographing and videoing of events, these images may be used in the Media for example Television, on printed PR materials for example posters, flyers, brochures and on Social Media. Photographs and recorded images of members and all project participants including but not exclusive to those participating in Peace Proms are taken to celebrate CBOI achievements, to promoteCBOI, to develop CBOI’s website and other socialmedia platforms, to record CBOI events, and to keep a record of the history of the CBOI.
Data that becomes obsolete will be shredded or deleted if stored electronically. The CBOI may employ the services of a private company in the destruction of such data.
CBOI – Appendix 4
Personal Data Access Request Form
Request for a copy of Personal Data under the Data Protection Acts 1988 to 2018
Important: Proof of Identity must accompany this Access Request Form (eg. official/Statephotographic identity document such as driver’s licence, passport).
* We may need to contact you to discuss your access request
Please tick the box which applies to you:
Contact number *
Email addresses *
Former CBOI member, associate member / choir member
Current Staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors) Member
Former Staff (full time/part time/temporary and those who are self- employed or otherwise and are hired for specific purposes e.g. tutors, conductors) Member:
Name of Member:
Date of Birth of Member:
Insert Year of participating:
Insert Years From/To:
Data Access Request:
I, ……………………………………………… [name] wish to make an Access Request for acopy of personal data that CBOI holds about me/my child. I am making this access request under Data Protection Acts 2013 to 2018
To help us to locate your personal data, please provide details below, which will assist us to meet your requirements e.g. description of the category of data you seek.
This Access Request must be accompanied with a copy of photographic identification e.g., passport or drivers licence. I declare that all the details I have given in this form are true and complete to the best of my knowledge.
Signature of Applicant ……………………………………………………….. Date: …………………….
Please return this form to the relevant address:
To: The Board of Management, CBOI, Dundalk Institute of Technology, Dundalk.
CBOI – Appendix 5
Your rights as a data subject
- Right to have your data processed in accordance with the Data Protection Acts – to have your personal information obtained and processed fairly, kept securely and not unlawfully disclosed to others
- Right to be informed – to know the identity of the data controller and the purpose for obtaining your personal information
- Right of access – to get a copy of your personal information
- Right of rectification or erasure – to have your personal information corrected ordeleted if inaccurate
- Right to block certain uses – to prevent your personal information being used for certain purposes
- Right to have your name removed from a direct marketing list – to stop unwanted mail
- Right to object – to stop some specific uses of your personal information
- Employment rights – not to be forced into accessing personal information for aprospective employer
- Freedom from automated decision making – to have a human input in the making of important decisions relating to you
10. Rights under Data Protection and Privacy in Telecommunications Regulations- to prevent your phone directory entry details from being used for direct marketing purposes
CBOI – Appendix 6
The 8 Rules of Data Protection
1 Obtain and process information fairly
2 Keep it only for one or more specified, explicit and lawful purposes3 Use and disclose it only in ways compatible with these purposes
4 Keep it safe and secure
5 Keep it accurate, complete and up-to-date
6 Ensure that it is adequate, relevant and not excessive
7 Retain it for no longer than is necessary for the purpose or purposes8 Give a copy of his/her personal data to that individual on request