Introduction
The University of Limerick (“the University”) actively seeks to preserve the data protection rights of those individuals who share information with the University. Personal data will be processed in compliance with Irish and European Data Protection legislation, specifically the General Data Protection Regulation (EU) 2016/679 (‘GDPR’) and the Data Protection Acts 1988 - 2018, and in accordance with the University Data Protection Policy available on the UL Policy Hub.
This Privacy Notice sets out the practices of the University with regard to the processing of personal data on its main website (i.e. www.ul.ie). Other websites administered by the University, including research centres, may have their own privacy notices providing additional information relating to their activities.
Personal Data Collected on our Website
We collect your personal data on our website where you choose to provide it. For example, we may collect your name, contact details and preferences when you complete an online form or register to attend an event. We will not collect any unnecessary personal data from you and will only process your data as explained in this Notice and at the point of collection.
Consent to the use of cookies.
For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies
in the browser you use to access our website and to properly document this we use a consent management platform:
CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam,
The Netherlands. Website: https://cookiefirst.com
referred to as CookieFirst.
When you access our website, a connection is established with CookieFirst’s server to give us the possibility to
obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in
order to be able to activate only those cookies to which you have consented and to properly document this. The data
processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory
legal storage periods may apply notwithstanding the aforementioned.
CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is
article 6(1)(c) of the General Data Protection Regulation (GDPR).
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law,
which ensures that data of our website visitors is only processed in accordance with our instructions and in
compliance with the GDPR.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your
browser automatically transmits to us. The following data is collected:
The University websites use cookies in order to remember your actions or preferences over a period of time, or to deliver certain website functionality. As required by law, University websites will ask for your consent for all cookies other than those that are strictly necessary for the operation of the websites. Please see our Cookie Statement for further information.
The purpose and legal basis for collecting your data
In order for the use of personal data to be lawful, it should be processed in accordance with a legal basis as set out under Articles 6 and 9 GDPR.
The University will ensure that your data is processed fairly and lawfully in keeping with the principles of data protection and will process personal data under various legal bases depending on the purpose for which the data is collected on our websites.
These may include:
Where the processing of personal data is a statutory function of the University as a public authority. The statutory functions of the University are set out in sections 12 and 13 of the Universities Act 1997.
Where the processing of personal data is necessary for the formation of a contract with you.
Where you provide your consent to the processing of your personal data
Retention of Personal Data
The University retains personal data in accordance with its Records Management and Retention Policy available on the UL Policy Hub. We only retain personal information for as long as is necessary. Where you have consented to us using your details for marketing purposes, we will keep such data until you notify us otherwise and/or withdraw your consent.
Security
The University will employ reasonable and appropriate administrative, technical, personnel, procedural and physical measures to safeguard your personal data against loss, theft and unauthorised users’ access, use or modification.
Sharing Data with Third Parties
The University will only share your personal data with external third parties where we are required to do so under a statutory or legal obligation, or we are required to do so under a contractual obligation or we have your consent, or we are otherwise permitted to do so in accordance with data protection legislation.
Your Rights
Your rights relating to your personal data include:
to be informed (via this privacy notice and other communications);
your right to request access to personal data held by the University, and to have any incorrect personal data rectified;
your right (where appropriate) to the restriction of processing concerning you or to object to processing;
your right to have personal data erased (where appropriate); and
your right to data portability regarding certain personal data;
Requests for any of the above should be addressed by email to dataprotection@ul.ie or in writing setting out your specific request to the University’s Data Protection Officer, Office of the Corporate Secretary, Room A1-073, University of Limerick, Limerick. Your request will be processed within 30 days of receipt.
Queries/Contact/Complaints
Further information on Data Protection at the University of Limerick may be viewed at https://www.ul.ie/corporatesecretary/data-protection. You can contact the University’s Data Protection Officer at dataprotection@ul.ie or by writing to Data Protection Officer, Room A1-073, University of Limerick, Limerick.
You have a right to lodge a complaint with the Office of the Data Protection Commission (Supervisory Authority). While we recommend that you raise any concerns or queries with us first, you may contact that Office at info@dataprotection.ie or by writing to the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28.
Review
This Privacy Notice will be reviewed and updated from time to time to take into account changes in the law and the experience gained from operation of the Notice in practice.
© University of Limerick