Privacy Policy

Data Science Institute – Privacy Notice

Subject Access Request

At the Data Science Institute, we take the protection of your personal data seriously. If you have questions about how we manage your personal data, or if you would like to access the information we hold about you under the General Data Protection Regulation (GDPR), you can submit a Subject Access Request (SAR) to us directly.

Introduction

The Data Science Institute is committed to safeguarding your personal data and maintaining your privacy. This Privacy Notice explains how we collect, use, share, and protect your personal information.

We encourage you to read this Privacy Notice carefully to understand how and why we use your personal data. The notice is presented in a clear structure to help you find relevant information:

1. Who we are

2. Data Protection Officer

3. What is personal data?

4. Data protection principles

5. How we use your personal data

6. What personal data we collect

7. Sharing your data

8. International transfers

9. Data security

10. Data retention

11. Your data rights

12. Updates to this notice

1. Who We Are

The Data Science Institute is the “data controller” of your personal data. This means we determine how and why your personal information is processed and are responsible for ensuring it is handled in compliance with data protection laws.

When we use terms like “Data Science Institute,” “we,” “us,” or “our,” we are referring to the legal entity responsible for delivering academic and professional education services.

2. Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our compliance with data protection law.

Contact Details:

Email: privacy@datascienceinstitute.net

Postal Address:

Data Protection Officer

Data Science Institute

Waterfront Square,

1 Horgan's Quay,

Cork, Ireland,

T23 PPT8

If you have any concerns or queries about your personal data, we encourage you to contact us in the first instance. You also have the right to lodge a complaint with the Data Protection Commission at www.dataprotection.ie.

3. What Is Personal Data?

Personal data is any information that can identify an individual, either directly or indirectly. This includes your name, contact information, identification numbers, or online identifiers. It does not include anonymised data that cannot identify you.

4. Data Protection Principles

We follow six key principles when processing your personal data. Your data will be:

• Processed lawfully, fairly, and transparently

• Collected for specific, legitimate purposes

• Relevant and limited to what is necessary

• Accurate and kept up to date

• Retained only as long as necessary

• Protected by appropriate security measures

5. How We Use Your Personal Data

We will only use your personal data where the law allows us to. The main reasons we process your data are:

• To perform a contract with you (e.g. enrolling you in a programme)

• To comply with a legal obligation

• To pursue our legitimate interests (e.g. improving our services), provided these are not overridden by your rights

• To protect your vital interests or for reasons of public interest (in rare cases)

• With your consent (primarily for marketing purposes)

You may withdraw your consent at any time by contacting us at the address above.

6. What Personal Data We Collect

Depending on your relationship with us, we may collect the following:

When you enquire or apply:

• Name, contact details (email, phone, postal address)

• Education and employment history

• Programme interests

• Nationality, date of birth, gender

When you enrol or study with us:

• PPS number (where applicable)

• Passport and visa details (if applicable)

• Payment information

• Emergency contact details (with your confirmation that you have consent from that person)

• Health or disability information (to provide support or reasonable adjustments)

• Academic records, attendance, assessments, and progression

Marketing and events:

With your consent, we may contact you with programme information or invitations to events relevant to your interests.

Website data:

We collect technical information (browser type, IP address, device data) through cookies and analytics tools. See our website's Cookie Policy for more.

If you choose not to provide certain data we require, we may not be able to provide specific services to you.

7. Sharing Your Data

We may share your personal data with trusted third parties when necessary for legal, academic, or operational purposes:

• Service providers: including IT support, customer service, online learning platforms, and payment processors

• Awarding bodies: such as Quality and Qualifications Ireland (QQI) or other accrediting institutions

• Your employer or sponsor, if they are supporting your studies

• Educational agents, where you are applying through an authorised representative

• Regulatory bodies: such as the Department of Justice, the Higher Education Authority (HEA), or health authorities (e.g. in cases of contact tracing)

• Professional or industry bodies, for programme accreditation or compliance

• Survey and research partners, such as StudentSurvey.ie or Graduate Outcomes, using anonymised data only

• Other legal requirements, such as court orders, law enforcement, or during a potential business restructure or transfer

We require all recipients of your data to adhere to applicable data protection laws and maintain appropriate confidentiality and security.

8. International Transfers

As part of our services and communications, your data may be processed outside the European Economic Area (EEA). Where this occurs, we ensure your rights are protected through safeguards such as:

• Standard contractual clauses approved by the European Commission

• Appropriate agreements with third-party providers

Please contact our DPO if you would like further information on data transfers.

9. Data Security

We use a combination of technical and organisational measures to keep your data secure, including:

• Access control and encryption

• Secure storage and backup systems

• Internal training and data handling protocols

• Procedures to detect, investigate, and report any security breaches

Only authorised personnel and partners have access to your personal data, and they are required to keep it confidential.

10. Data Retention

We retain your data only as long as necessary to fulfil the purposes we collected it for, including legal, regulatory, and academic obligations.

We determine retention periods based on:

• The nature and sensitivity of the data

• Legal and compliance requirements

• The purpose for which the data was collected

• Whether the data can be anonymised or securely destroyed

Please inform us if your personal details change during your relationship with us.

11. Your Data Rights

You have the following rights under GDPR:

• Access: Request a copy of the personal data we hold about you

• Rectification: Correct inaccurate or incomplete information

• Erasure: Ask us to delete your personal data in certain circumstances

• Restriction: Ask us to suspend use of your data in specific cases

• Objection: Object to our processing of your data (e.g. for marketing or legitimate interests)

• Data portability: Request the transfer of your data to another provider

• Withdraw consent: Withdraw your consent where applicable

To exercise any of these rights, please email us at privacy@datascienceinstitute.net. We may request verification of your identity before proceeding.

There is normally no charge for exercising your rights. However, we may charge a fee or refuse a request if it is clearly unfounded or excessive.

12. Updates to This Notice

We may revise this Privacy Notice occasionally to reflect changes in our practices or legal requirements. When we do, we will post the updated version on our website and notify you of any significant changes.

Would you like this converted into a downloadable PDF or Word version for publication?