Skip to content

Team LM Data Protection Policy

Background

The European Union introduced a new Data Protection effective May 2018, known as the General Data Protection Regulation (GDPR).  Team LM took the opportunity to update its previous policy on data protection known as the compliance with Data Protection Act Policy with this policy.

The GDPR goals are to ensure protection of the fundamental privacy rights of living persons, specifically the right to the protection on one’s personal data.  Team LM take all reasonable steps to ensure data collected or held is not misused or mishandled and have dedicated people and procedure in place to achieve this goal of protecting personal data of employees and learners.

Purpose of Policy

The policy is a statement Team LM’s commitment to protect the rights and privacy of individuals in accordance with Irish Law and European Law.  Data Protection law applies to the keeping and processing of Personal Data, both in manual form or on computer.  The purpose of this policy is to assist TEAM LM to meet its statutory obligations while explaining those obligations to the relevant staff.

Applicability

The policies apply to Data Protection Officer, all students and other organisations who directly or indirectly have access to TEAM LM information (physical or electronic).  This policy is advised to staff and learners.

Policy Statement

TEAM LM is committed to upholding Irish and European Union Data Protection laws and following data protection principles which derive from National and or European Union law.

  1. Personal Data will be processed lawfully, fairly and transparently
  2. Personal Data will be collected for specified, explicit and legitimate purposes and not further processed. The information collected from staff or learners will solely be to fulfil service requests.  This may include email addresses, personal name, date of birth, PPS number and personal contact numbers.  Any personal information used is for the operation and fulfilment of a service requested and the provider of the information has the right to review this information held by TEAM LM at any time.
  3. Personal Data will be processed in a manner that ensures appropriate security. We do not ask external services to provide training on TEAM LM’s behalf and TEAM LM are fully aware of their responsibilities in terms of keeping third party information secure under General Data Protection Regulations 2018.
  4. Personal Data will be accurate and kept up to date. The provider of the information has the right to review their data at any time.
  5. Only data that is relevant and limited to what is necessary will be collected.
  6. Personal Data will be safely and securely destroyed and will not be retained any longer than is necessary.

TEAM LM shall be responsible for and be able to demonstrate compliance with the above policy.

The Data Protection Officer and the Information Owner are the only people that have access to personal data.  Those accessing data may access only when it is required for the completion of their duties.

Periodic reviews of data, at least annually to ensure data is held securely.

The Information Owner invites the DPO to report on any areas of security that may need to be addressed of if there are any potential breaches.

The Information Owner nominates the DPO in TEAM LM.

The DPO must make periodic reviews to check the information is accurate and up to date.  TEAM LM’s culture of data protection is promoted and adhered to and learners are made aware of this upon application and again at induction.

TEAM LM seek professional assistance and advice in drawing up their Data Protection Policy so it complies with Irish and European Law.

Accessing & processing of data is only permitted by the DPO and Information Owner.