Learnovate Privacy Statement

Introduction

This is a statement of the practices of the Trinity College Dublin Learnovate Technology Centre (“the Service”) in connection with the processing of personal data for the purposes of the Service and the steps taken by Trinity College Dublin, the University of Dublin (“Trinity College” / “the University”) as a data controller to safeguard individuals’ rights under data protection legislation, specifically the EU General Data Protection Regulation (“GDPR”) and Data Protection Acts 1988-2018.

Trinity College fully respects your right to privacy and actively seeks to preserve the privacy rights of data subjects who share personal data with the University. Any personal information which you volunteer to the Service will be treated with the highest standards of security and confidentiality, in accordance with data protection legislation.

This Privacy Statement explains the following

  • How the Service collects your personal data;
  • The purpose and legal basis for processing your personal data;
  • How we securely store your personal data;
  • Details of third parties with whom we share personal data; and
  • Your rights under data protection legislation.

How we collect your personal data

We collect personal data to provide our services to you. This data may be collected directly from you by our staff or from other systems under the control of Trinity College.

Purpose and legal basis for processing personal data

The personal data we collect from you will only be processed by the Service for the specific and lawful purposes as outlined in this Privacy Statement. Trinity College will ensure that your data is processed fairly and lawfully in keeping with the principles of data protection as set out under Article 5 GDPR.

Specifically, your personal data may be processed for any or all of the following purposes:

ProcessPurposeLegal basis for processing under GDPR
Membership Payments
Information on events and research
Article 6(1)(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract t
Contact requestRequest for informationArticle 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
Job applicationsVetting and review of candidates for advertised roles within the Centre

Successful candidate will be required to provide additional personal data

Article 6(1)(c) processing is necessary for compliance with a legal obligation to which the controller is subject

Article 6(1)(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

Business Development ManagementTo enable the successful commercialisation of researchArticle 6(1)(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
Blended EventsResearch dissemination, promotion

Payment

Sign-up for Learnovate online, blended or physical events. You will only be added to our contact data base where you have indicated you wish to be

Article 6: Exercise of official authority particularly Universities Act Section 12 g and I

Article 6(1)(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract

Article 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes

Covid related formsPublic HealthArticle 9: 2 (i) Reasons of Public interest in the area of Public health
Marketing/Events/Website Users. Promotion of services. Promotion of servicesArticle 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes
EdTech Accelerator Programme.Programme supporting EdTech startups with training and mentoring.Article 6(1)(a) the data subject has given consent to the processing of his or her personal data for one or more specific purposes

For further information on personal data processing at Trinity College Dublin please see https://www.tcd.ie/privacy

The Service has compiled processing records, in accordance with Article 30 GDPR requirements. If you require further details, please contact info@learnovatecentre.org

How we securely store your personal data

Personal data will be stored confidentially and securely as required by the Trinity College Information Systems Security Policy and Data Protection Policy. The University is committed to ensuring that the processing of your data is safeguarded by appropriate technical and organisational security measures relevant to the processing in accordance with Article 32 GDPR requirements.

When we store your personal data on our systems the data will be stored either on University premises or on secure IT platforms within the European Economic Area (“EEA”) or external of the EEA which are subject to Chapter V GDPR requirements.

Details of third parties with whom we share personal data

The Service will only share your data with third parties where necessary for the purposes of processing outlined in this Privacy Statement. In accordance with Article 28 GDPR, when we share your data with third parties the Service will ensure that the data is processed according to specific instructions and that the same standards of confidentiality and security are maintained.

The following table details the third parties with whom your personal data is shared together with the purposes for the sharing:

Active CampaignCustomer Relationship Management system (CRM) holding our consent data for outreach and events
StripePayment processing systems for events
HopInOnline events hosting platform
Google DriveAdministration and communication

How long we retain your data

In keeping with the data protection principle of storage limitation we will only retain your data for as long as is necessary. For the purposes described in this Privacy Statement we will store your data for the duration of your contract of employment or duration of membership  in accordance with the Trinity College Records Management Policy

Your rights under data protection law

You have the following rights over the way we process your personal data. For further information please see the Trinity College Data Subject Rights Requests Procedure.

Right of Access

You have the right to request a copy of the personal data which is processed by the Service and to exercise that right easily and at reasonable intervals.

Consent

You may withdraw your consent to the Service processing your personal data at any time, when consent is the legal basis for the processing. To withdraw your consent, we require you to advise the Service in writing.

Rectification

You have the right to have inaccuracies in personal data that we hold about you rectified.

Erasure

You have the right to have your personal data deleted where we no longer have any justification for retaining it, subject to exemptions such as the use of pseudonymised or anonymised data for scientific research purposes.

Object

You have the right to object to processing your personal data if:

  • We have processed your data based on a legitimate interest or for the exercise of the public tasks of the University if you believe the processing to be disproportionate or unfair to you.
  • The personal data was processed for the purposes of direct marketing or profiling related to direct marketing.
  • We have processed the personal data for scientific or historical research purposes or statistical purposes unless the processing is necessary for the performance of a task carried out for reasons of public interest.

Restriction

You have the right to restrict the processing of your personal data if:

  • You are contesting the accuracy of the personal data.
  • The personal data was processed unlawfully.
  • You need to prevent the erasure of the personal data in order to comply with legal obligations.
  • You have objected to the processing of the personal data and wish to restrict the processing until a legal basis for continued processing has been verified.

Portability

Where it is technically feasible you have the right to have a readily accessible machine readable copy of your data transferred or moved to another data controller where we are processing your data based on your consent and if that processing is carried out by automated means.

Cookies

We use information gathered from cookies to help improve your experience of our website. Some cookies are essential so you can move around the website and use its features. Our website also contains third party cookies which are listed in our Cookie Register. You can refuse or consent to third party cookies when you first visit our website or by following the guidelines in our Cookie Policy.

Further information

If you have any queries relating to the processing of your personal data for the purposes outlined above or you wish to make a request in relation to your rights you can contact any member of the Service staff at: info@learnovatecentre.org

If you wish to make a complaint or escalate an issue relating to your rights you can contact the Trinity College Data Protection Officer:

Email: dataprotection@tcd.ie

Post:
Data Protection Officer
Secretary’s Office,
Trinity College Dublin,
Dublin 2,
Ireland.

Oifigeach Cosanta Sonraí
Oifig an Rúnaí,
Coláiste na Tríonóide, Baile Átha Cliath,
Baile Átha Cliath 2,
Éire.

If you are not satisfied with the information we have provided to you in relation to the processing of your personal data or you are dissatisfied with how Trinity College is processing your data you can make a complaint to the Data Protection Commissioner at: https://forms.dataprotection.ie/contact.

Definitions

Personal data

Any information relating to an identified or identifiable natural person (‘data subject’).

Special Categories of Personal Data (Sensitive personal data)

  • Data concerning health
  • Personal data revealing racial origin, ethnic origin, political opinions, religious beliefs, philosophical beliefs, trade-union membership
  • The processing of genetic data for the purpose of uniquely identifying a natural person
  • The processing of biometric data for the purpose of uniquely identifying a natural person
  • Data concerning a natural person’s sex life or sexual orientation

Processing

Any operation or set of operations performed on personal data. Processing includes storing, collecting, retrieving, using, combining, erasing and destroying personal data, and can involve automated or manual operations.

Data subject

Someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data controller

An organisation, such as Trinity College, which determines the purposes and means of the processing of personal data.

Data processor

A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller, traditionally under contract. This does not include Service staff who are processing personal data on behalf of the University as part of their employment duties.

Date: 15/07/2021