Polasaí um Chosaint Sonraí 2019

Polasaí um Chosaint Sonraí Ghaelscoil Míde 2019

Baineann Polasaí um Chosaint Sonraí na scoile le sonraí pearsanta a choimeádann Bord Bainistíochta (BB) na scoile, atá cosanta ag na hAchtanna um Chosaint Sonraí 1998 go 2018 agus Rialachán Ginearálta um Chosaint Sonraí (RGCS) an Aontas Eorpaigh.

Baineann an polasaí seo le foireann uile na scoile, an Bord Bainistíochta, tuismitheoirí/caomhnóirí, daltaí agus daoine eile (daltaí ionchasacha nó féideartha agus a dtuismitheoirí/a gcaomhnóirí agus iarratasóirí ar phoist foirne laistigh den scoil) sa mhéid go mbaineann na bearta faoin bpolasaí leo. Stórálfar sonraí go slán, ionas go gcosnaítear faisnéis rúnda i gcomhlíonadh na reachtaíochta ábhartha. Leagtar amach sa pholasaí seo an bealach ina gcosnóidh an scoil sonraí pearsanta agus sonraí íogaire. Déileálann an polasaí seo plé le sonraí atá cláraithe ar pháipéar agus atá cláraithe ar an ríomhaire.

Cuirtear an modh ‘Príobháideachas d’Aonghnó’ i bhfeidhm i nGaelscoil Míde i dtaca le Cosaint Sonraí. Ciallaíonn sé seo go ndéantar pleanáil chúramach agus sonraí pearsanta á mbailiú lena chinntiú gur cuid dílis iad na prionsabail um chosaint sonraí d’aon chóras bailithe sonraí a cuirtear i bhfeidhm. Déantar iniúchadh ar na sonraí pearsanta a choimeádtar le:
1.    go mbeidh fáil ag daoine aonair ar a gcuid sonraí pearsanta
2.    cinntiú go gcoinnítear iad go slán, sábháilte
3.    modhanna um chosaint sonraí a chlárú
4.    freagracht & trédhearcacht a fhorbairt.

Prionsabail um Chosaint Sonraí
Rialaitheoir sonraí is ea an Bord Bainistíochta ar shonraí pearsanta a bhaineann lena bhfoireann, daltaí, tuismitheoirí/caomhnóirí agus daoine eile de phobal na scoile reatha agus roimhe seo agus amach anseo. Tá dualgas ar an scoil, mar dhea, na prionsabail um chosaint sonraí a chomhlíonadh a leagtar amach sna hAchtanna um Chosaint Sonraí, 1988 go 2018 agus RGCS, ar féidir an t-achoimriú a leanas a dhéanamh orthu:

1.    Sonraí Pearsanta a fháil & a phróiseáil go cóir
Bailítear faisnéis ar dhaltaí le cabhair ó thuismitheoirí/chaomhnóirí agus ón bhfoireann. Aistríonn na scoileanna ar ar fhreastail na daltaí roimhe seo, faisnéis.   I dtaobh faisnéis atá á coimeád ag an scoil ar dhaoine eile (comhaltaí foirne, daoine a dhéanann iarratas ar phoist laistigh den scoil, tuismitheoirí/caomhnóirí daltaí etc.), is gnách go soláthraíonn na daoine an fhaisnéis iad féin le toiliú iomlán agus feasach agus a cuireadh i dtoll a chéile fad a bhí siad fostaithe nó ar conradh leis an Scoil. Caitear leis na sonraí sin go léir i gcomhréir leis na hAchtanna um Chosaint Sonraí agus le téarmaí an Pholasaí um Chosaint Sonraí seo. Déanfar an fhaisnéis seo a fháil agus a phróiseáil go cóir.

2.    Toiliú
Más de bhunús toiliú a cuirtear sonraí pearsanta le chéile (m.sh. sonraí atá ag teastáil le bheith ar fhoireann spóirt/imeachtaí iar-scoile nó imeachtaí scoile roghnach ar bith eile) is ceart do thoilliú a bheith soar, feasach agus a bheith aistharraingthe ag aon tráth, gan an duine a bheith thíos le pionós nó le díobháil. Lorgóidh Gaelscoil Míde gníomh dearfach m.sh. tic a chur i mbosca/ doiciméad a shíniú le toiliú a chur in iúl. Tá sé ceadaithe toiliú a tharraingt siar uair ar bith.

3.    Ná coimeád na sonraí ach amháin le haghaidh críche sonraithe, sainráite & dleathaí amháin nó níos mó.
Cuirfidh an BB daoine ar an eolas ar na cúiseanna a mbailíonn siad a sonraí agus cuirfidh siad daoine ar an eolas ar an úsáid a bhainfidh siad as a sonraí.  Coimeádtar an fhaisnéis go léir agus aird ag gach tráth ar shárleas an duine.

4.    Gan sonraí a phróiseáil ach ar bhealaí a oireann do na cuspóirí a tugadh i dtosach báire iad:
Ní phróiseálfar sonraí a bhaineann le daoine ach ar bhealach atá ar aon dul leis an cuspóirí a bailíodh iad. Ní nochtfar faisnéis ach ar bhonn riachtanais, agus déanfar rochtain ar an bhfaisnéis a rialú go dian.

5.    Coinnigh Sonraí Pearsanta slán sábháilte.
Ní féidir leo siúd ach a bhfuil fíorchúis acu chun amhlaidh a dhéanamh rochtain a fháil ar an bhfaisnéis. Stóráiltear Sonraí Pearsanta faoi ghlas i gcás taifead de láimh & cosnaítear iad le bogearraí balla dóiteáin agus le cosaint phasfhocail i gcás sonraí a stóráiltear go leictreonach. Cosnaítear sonraí pearsanta atá ar ghléasanna iniompartha (ar nós ríomhairí glúine) le pasfhocal agus criptiú.

6.    Bíodh Sonraí Pearsanta beacht, comhlán agus suas chun dáta.
Ba cheart do dhaltaí, tuismitheoirí/caomhnóirí, agus/nó an fhoireann an scoil a chur ar an eolas ar aon athrú ar cheart don scoil a dhéanamh dá sonraí pearsanta agus/nó sonraí pearsanta íogaire lena chinntiú go bhfuil sonraí an duine aonair cruinn, iomlán agus cothrom le dáta. A luaithe a chuirfear ar an eolas iad, déanfaidh an scoil na hathruithe riachtanacha ar na taifid ábhartha. Níor cheart taifid a athrú nó a scriosadh, áfach, gan an t-údarú ceart a fháil. Má theastaíonn athrú/ceartú, ba cheart don duine a dhéanfaidh an t-athrú sin nóta a dhátú agus a shíniú ina dtugtar an t-údarú sin agus an athrú/na hathruithe atá le déanamh ar aon bhuntaifead/bhuncháipéis.

7.    Déan cinnte de go bhfuil na sonraí leordhóthanach, ábhartha gan a bheith iomarcach.
Ní bhaileofar agus ní stórálfar ach an méid faisnéise a theastaíonn chun seirbhís leordhóthanach a sholáthar.

8.    Gan an fhaisnéis a choimeád níos faide ná mar is gá don chuspóir nó do na cuspóirí sonraithe ar tugadh í .
Mar riail ghinearálta, coimeádfar an fhaisnéis don fhad a bheidh an duine ag freastal ar an scoil. Ina dhiaidh sin, comhlíonfaidh an scoil treoirlínte na Roinne Oideachais agus Scileanna maidir le Sonraí Pearsanta a stóráil a bhaineann le dalta. I gcás comhaltaí foirne, comhlíonadh an scoil treoirlínte na ROS agus ceanglais na gCoimisinéirí Ioncaim araon maidir le taifid a choimeád a bhaineann le fostaithe. Anuas air sin, féadfaidh an scoil na sonraí a choimeád a bhaineann le duine ar feadh fad níos faide ama chun forálacha ábhartha an dlí a chomhlíonadh agus/nó chun éileamh a chosaint faoin reachtaíocht fostaíochta agus/nó faoi chonradh agus/nó faoin dlí sibhialta. Féach Tábla Coinneáil Taifid Scoile.
9.    Cóip dá sonraí pearsanta a sholáthar d’aon duine, ar iarraidh sin:
Tá an ceart ag daoine fios a bheith acu cén sonraí pearsanta atá á gcoimeád fúthu, cé aige a gcoimeádtar iad agus cén cuspóir dá gcoimeádtar iad agus cóip a fháil dóibh, más mian.

Scóip

Baineann an Reachtaíocht um Chosaint Sonraí le sonraí pearsanta a choimeád agus a phróiseáil, i bhfoirm de láimh agus leictreonach araon. Is é cuspóir an pholasaí seo ná cabhrú leis an scoil a ndualgais reachtúla a chomhlíonadh, na dualgais siúd a mhíniú d’fhoireann na Scoile, agus an fhoireann, na daltaí agus a dtuismitheoirí/a gcaomhnóirí a chur ar an eolas faoi conas a chaithfear lena sonraí.

Baineann an polasaí le foireann uile na scoile, an Bord Bainistíochta, tuismitheoirí/caomhnóirí, daltaí agus daoine eile (daltaí ionchasacha nó féideartha agus a dtuismitheoirí/a gcaomhnóirí, agus iarratasóirí ar phoist foirne laistigh den scoil) sa mhéid go láimhseálann nó go bpróiseálann an scoil a Sonraí Pearsanta i gcaitheamh a ndéileálacha leis an scoil.

Sainmhíniú ar Théarmaí um Chosaint Sonraí
Chun tuiscint cheart a fháil ar dhualgais na scoile i leith Cosaint Sonraí, tá roinnt príomhthéarmaí ann ar cheart d’fhoireann uile na scoile tuiscint a fháil orthu:

Ciallaíonn Sonraí Pearsanta sonraí a bhaineann le duine aonair ata sainaitheanta nó ar féidir é/í a shainaithint cibé acu ó na sonraí i gcomhar le faisnéis eile atá faoi sheilbh, nó ar dócha go mbeidh sí faoi sheilbh na Rialaitheora Sonraí (BB).

Rialathóir Sonraí:  Ciallaíonn sé seo duine aonair nó aonán dlí a rialaíonn inneachair agus úsáid sonraí pearsanta. Is é an Bord Bainistíochta an rialaitheoir sonraí, an príomhoide ag feidhmiú ar son an Bhoird Bhainistíochta chun na feidhmeanna i gceist a chomhlíonadh.

Sonraí:  Ciallaíonn sin faisnéis i bhfoirm inar féidir í a phróiseáil. Áirítear ann sonraí uathoibrithe (faisnéis ar ríomhaire nó faisnéis a taifeadadh chun í a chur ar ríomhaire ar ball) agus lámhshonraí (faisnéis a choimeádtar mar chuid de chóras comhaid ábhartha nó le hintinn a bheith ina chuid de chóras comhaid ábhartha).

Córas Comhaid Ábhartha:  Ciallaíonn sé seo aon tacar d’fhaisnéis, bíodh is nach bhfuil sé ríomhairithe, atá struchtúrtha trí thagairt do dhaoine aonair, nó trí thagairt do chritéir i dtaobh daoine aonair, i dtreo is gur furasta rochtain ar fhaisnéis shonrach i dtaobh daoine aonair ar leith.

An Duine is Ábhar do na Sonraí:  An té is ábhar do na sonraí pearsanta.

Próiseáil Sonraí:   Aon phróiseáil a déantar ar shonraí, ina measc bheadh:

  • Bailiú, taifead agus coinneáil sonraí
  • Bailiú, eagrú, stóráil, athrú nó leasú sonraí
  • Ag iniúchadh, dul i gcomhairle le nó ag baint úsáide as na sonraí
  • Sonraí a nochtadh tré iad a roinnt, a scaipeadh nó iad a chur ar fáil 
  • Sonraí a ailíniú, a mheascadh, a bhlocáil, a ghlanadh amach nó a scrios


Próiseálaí Sonraí:   Duine ar bith a dhéanann próiseáil ar eolas pearsanta thar cheann an rialathóir sonraí, seachas fostaí de chuid an rialathóir sonraí agus a dhéanann próiseáil ar a leithéid de shonraí mar chuid dá ndualgais fostaíochta, mar shampla, d’fhéadfadh gur fostaí de chomhlacht seachtarach a dhéanann próiseáil ar son an rialathóir sonraí. Leagann an reachtaíocht um Chosaint Sonraí freagracht ar chomhlachtaí dá leithéid i dtaca le próiseáil na sonraí sin. [m.sh. Aladdin; GBW Chartered Accountants, etc.]

Tagraíonn Sonraí Pearsanta Íogaire do Shonraí Pearsanta maidir leis an méid a leanas

  • Bunadh ciníoch nó eitneach
  • Tuairimí polaitiúla nó creidimh reiligiúnacha nó fhealsúnacha 
  • Sláinte fhisiciúil nó meabhrach
  • Saol gnéis agus gléaschlaonadh 
  • Sonraí géineolaíochta nó bithmhéadaracha 
  • Ciontuithe coiriúla nó cion a líomhnaíodh
  • Ballraíocht de cheardchumainn


Sárú ar Shonraí Pearsanta:   Sárú ar shlándáil a chúisigh scrios timpisteach nó neamhdhleathach, cailleadh, athrú, nochtadh neamhúdaraithe ar nó rochtain ar shonraí pearsanta stóráilte nó próiseáilte. Ciallaíonn sé seo comhghéilleadh nó cailleadh sonraí pearsanta cuma conas nó cá dtarlaíonn sé.

Réasúnaíocht
Anuas ar a ndualgais dhlíthiúla faoi shainchúram fairsing na reachtaíochta oideachais, tá freagracht dhlíthiúil ar an scoil chun na hAchtanna um Chosaint Sonraí 1988 go 2018 agus RGCS a chomhlíonadh.

Mínítear sa pholasaí seo cén sórt sonraí a bhailítear, cén fáth a mbailítear iad, cé chomh fada a stórálfar iad agus cé leis a roinnfear iad. Caitheann an scoil lena gcuid freagrachtaí faoin dlí um Chosaint Sonraí go han-tromchúiseach, agus is mian leo cleachtais shábháilte a chur i bhfeidhm chun sonraí pearsanta duine a chosaint. Aithnítear, chomh maith, go n-éascaíonn faisnéis fhíriciúil a chur i dtaifead go cruinn agus í a stóráil go sábháilte measúnú a dhéanamh ar an bhfaisnéis agus a chur ar chumas an phríomhoide agus an bhoird bhainistíochta chun cinntí a dhéanamh maidir le reáchtáil éifeachtúil na Scoile. Anuas air sin, baineann ríthábhacht le láimhseáil éifeachtúil na sonraí lena chinntiú go bhfuil comhsheasmhacht agus leanúnachas ann sa chás go dtagann athrú ar an bpearsanra laistigh den scoil agus den bhord bainistíochta.

Dualgas Dhlíthiúil Eile

Cuirtear san áireamh i gcur i bhfeidhm an pholasaí seo dualgais agus freagrachtaí eile dlíthiúla na scoile. Baineann cuid díobh seo go díreach le cosaint sonraí. Mar shampla:

  • Faoi Alt 9(g) den Acht Oideachais, 1998, ní mór rochtain a thabhairt do thuismitheoirí dalta, nó do dhalta a bhain aois 18 mbliana amach, ar thaifid a choimeádann an scoil a bhaineann le dul chun cinn an dalta ina n-oideachas.

  • Faoi Alt 20 den Acht Oideachais (Leas), 2000, ní mór don scoil clár a choimeád de gach dalta a fhreastalaíonn ar an scoil.

  • Faoi Alt 20(5) den Acht Oideachais (Leasú), 2000, tá dualgas ar phríomhoide chun faisnéis áirithe a chur in iúl a bhaineann le freastal linbh ar an scoil agus ceisteanna eile a bhaineann le dul chun cinn oideachais an linbh do phríomhoide scoile eile a bhfuil an leanbh ag aistriú chuici. Seolann Gaelscoil Míde cóip de Pas Oideachais an pháiste, dearth ag an NCCA, ag príomhoide na meánscoile ina bhfuil an dalta cláraithe. Sa chás go bhfuil tuairiscí ar dhaltaí a scríobh daoine gairmiúla eile seachas foireann Ghaelscoil Míde ag an scoil i bhfillteáin daltaí reatha, ní ceadmhach a leithéid de thuairisc a sheoladh ar aghaidh ag an Iar-Bhunscoil gan cead soiléir i scríbhinn a iarraidh agus a fháil ó thuismitheoirí na ndaltaí ábhartha sin.
     
  • Faoi Alt 21 den Education (Welfare) Act, 2000, ní mór don scoil freastal nó neamhfhreastal daltaí atá cláraithe ag an scoil ar gach lá scoile a chur i dtaifead.

  • Faoi Alt 28 den Acht Oideachais (Leasú), 2000, féadfaidh an Scoil Sonraí Pearsanta a choimeádann siad a sholáthar do chomhlachtaí áirithe forordaithe (an Roinn Oideachais, TÚSLA, an Chomhairle Náisiúnta um Oideachas Speisialta agus scoileanna eile) Caithfidh an BB a bheith sásta go n-úsáidfear iad do “chuspóir ábhartha” (lena n-áirítear stair oideachais nó oiliúna duine a chur i dtaifead nó chun monatóireacht a dhéanamh ar a ndul chun cinn oideachais nó oiliúna; nó chun tabhairt faoi thaighde ar scrúduithe, páirt a ghlacadh in oideachas agus in éifeachtacht ghinearálta oideachais nó oiliúna).

  • Faoi Alt 14 den Acht um Oideachas do Dhaoine a bhfuil Riachtanais Speisialta Oideachais acu, 2004, ceanglaítear ar an scoil chun an fhaisnéis sin a iarrfaidh an Chomhairle go réasúnta ó thráth go chéile a sholáthar don Chomhairle Náisiúnta um Oideachas Speisialta (agus dá bhfostaithe, lena n-áireofaí Eagraithe Riachtanais Speisialta Oideachais).

  • Foráiltear san Acht um Shaoráil Faisnéise, 1997, ceart cáilithe chun rochtain a fháil ar fhaisnéis atá á coimeád ag comhlachtaí poiblí nach riachtanach gur “sonraí pearsanta” atá i gceist leo i gcomhréir leis an reachtaíocht um chosaint sonraí. Cé nach bhfuil formhór na scoileanna faoi réir na reachtaíochta um shaoráil faisnéise faoi láthair, má sholáthair scoil faisnéis do chomhlacht atá cumhdaithe ag an Acht um Shaoráil Faisnéise (ar nós na Roinne Oideachais agus Scileanna etc.), d’fhéadfaí na taifid seo a nochtadh má dhéantar iarratas ar an gcomhlacht sin.

  • Faoi Alt 26(4) den Acht Sláinte, 1947, cuirfidh Scoil faoi deara go dtugtar gach áis réasúnta (áiseanna chun ainmneacha agus seoltaí dalta a fhreastalaíonn ar an scoil san áireamh) d’údarás sláinte a sheirbheáil fógra orthu i leith cigireacht leighis, e.g. cigireacht fiaclóireachta.

  • Faoi Acht um Thús Áite do Leanaí 2015: tá freagrachtaí ar na daoine faoi shainordú atá sa scoil mí-úsáid nó faillí leanaí a thuairisciú do TÚSLA – an Ghníomhaireacht um Leanaí agus an Teaghlach (nó i gcás éigeandála agus nach bhfuil fáil ar TÚSLA, an Garda Síochána).


Gaol le Spiorad Sainiúil na Scoile
Déanfaidh Gaelscoil Míde an méid a leanas:

  • a chur ar chumas gach dalta a lánchumas a fhorbairt
  • timpeallacht shábháilte agus shlán a sholáthar chun foghlaim inti
  • meas ar éagsúlacht luachanna, creideamh, traidisiún, teangacha agus slite beatha a chur chun cinn sa tsochaí.


Tá de chuspóir againn na spriocanna seo a bhaint amach agus meas á léiriú ar phríobháideacht agus ar chearta um chosaint sonraí daltaí, na foirne, tuismitheoirí/caomhnóirí agus daoine eile a idirghníomhaíonn linn. Is mian leis an scoil na haidhmeanna/misin seo a bhaint amach & meas iomlán á léiriú ar chearta daoine i leith príobháideachta & cearta faoin Reachtaíocht um Chosaint Sonraí.

Sonraí Pearsanta

I measc na dtaifead ar Shonraí Pearsanta atá á gcoimeád ag an scoil, d’fhéadfadh an méid a leanas a bheith i gceist:

  1. Taifid Foirne:

           (a) Catagóirí sonraí foirne:

Mar aon leis na comhaltaí reatha foirne (agus iarchomhaltaí foirne), d’fhéadfadh go mbainfeadh na taifid seo le hiarratasóirí a dhéanann iarratas ar phoist laistigh den scoil, múinteoirí faoi oiliúint agus múinteoirí faoi phromhadh. D’fhéadfaí a áireamh leis na taifid foirne seo:

  • Ainm, seoladh & sonraí teagmhála, uimhir PSP
  • Buntaifid iarratais agus cheapacháin (foirmeacha iarratais, scéimeanna marcála agallaimh agus cáipéisí eile a bhaineann le hearcú agus le roghnú, ar nós teistiméireachtaí, torthaí Ghrinnfhiosrúchán an Gharda Síochána agus measúnuithe Medmark) 
  • Taifead ar cheapacháin le poist ardú céime
  • Sonraí faoi asláithreacht fhaofa (sosanna gairme, saoire thuismitheora, saoire staidéir etc.)
  • Sonraí faoin taifead oibre (cáilíochtaí, na ranganna a múineadh, na hábhair etc.)
  • Sonraí faoi ghearáin agus/nó chasaoid, lena n-áirítear comhairliúcháin nó plé inniúlachta, pleananna gníomhaíochta/ feabhsaithe/ measúnachta agus taifead ar dhul chun cinn
  • Sonraí faoi aon timpistí/ghortuithe a tharla ar réadmhaoin na scoile nó i dtaca leis an gcomhalta foirne a thugann faoina ndualgais scoile 
  • Taifid ar aon tuairiscí a rinne an scoil (nó a bhfostaithe) maidir leis an gcomhalta foirne do ranna Stáit agus/ó do ghníomhaireachtaí eile faoin Acht um Thús Áite do Leanaí 2015.


         (b) Cuspóirí:
              Coimeádtar taifid foirne do na cuspóirí a leanas:

  • bainistíocht agus riarachán ghnó na scoile (anois agus amach anseo)
  • íocaíocht na foirne a éascú, agus chun sochair/teidlíochtaí eile a ríomh (lena náirítear seirbhís ináirithe chun íocaíochtaí pinsin, teidlíochtaí agus/nó íocaíochtaí iomarcaíochta a ríomh sa chás gur cuí)
  • íocaíochtaí pinsin a éascú amach anseo 
  • bainistíocht acmhainní daonna. 
  • arduithe céime a rinneadh a chur i dtaifead (cáipéisíocht a bhaineann le hardú céime ar a ndearnadh iarratas) agus athruithe a tháinig ar fhreagrachtaí etc.
  • a chur ar chumas na scoile chun a gcuid dualgas a chomhlíonadh mar fhostóir, lena n-áirítear timpeallacht shábháilte éifeachtúil oibre agus múinteoireachta a chaomhnú (lena n-áirítear a gcuid freagrachtaí faoin Acht um Shábháilte, Sláinte agus Leas ag an Obair, 2005) a chomhlíonadh 
  • a chur ar chumas na scoile chun na ceanglais a leagann an Roinn Oideachais agus Scileanna, na Coimisinéirí Ioncaim, an Chomhairle Náisiúnta um Oideachas Speisialta, TÚSLA, FSS, agus aon ranna agus/nó gníomhaireachtaí rialtais, reachtúla agus/nó rialála síos a chomhlíonadh 
  • an reachtaíocht a bhaineann leis an scoil a chomhlíonadh.


        (c) Láthair & Slándáil

  1. Coimeádtar taifid de láimh go slán, sábháilte faoi ghlas i gcómhadchaibinéid in oifig riaracháin glasáilte agus gan teacht orthu ach ag fostaithe atá údaraithe leis na sonraí sin a úsáid. Ní mór do na fostaithe sin na sonraí sin a choinneáil faoi rún.
  2. Coimeadtar taifead digiteach ar ríomhairí a bhfuil cosaint phasfhocail, bogearraí balla dóiteáin agus leibhéil leordhóthanacha criptithe orthu. Bíonn Córas Rogha Aláram Ionraidh ar siúl lasmuigh d’uaireanta scoile.


2.    Taifid Daltaí:

       (a) Catagóirí sonraí daltaí: D’fhéadfaí a áireamh leo seo:

  • Faisnéis a d’fhéadfaí a lorg agus a chur i dtaifead ar chlárú agus a d’fhéadfaí a chur le chéile agus a bhailiú i gcaitheamh thréimhse an dalta sa scoil. D’fhéadfaí a áireamh leis na taifid seo:
  • ainm, seoladh agus sonraí teagmhála, uimhir PSP 
  • dáta agus áit bhreithe 
  • ainmneacha agus seoltaí na dtuismitheoirí/na gcaomhnóirí agus a sonraí teagmhála (lena n-áirítear aon socruithe speisialta maidir le caomhnóireacht, coimeád nó rochtain)
  • creideamh reiligiúnach
  • bunadh ciníoch nó eitneach 
  • ballraíocht de phobal an Lucht Siúil, sa chás gur cuí
  • cibé acu más nó mura sealbhóirí cárta leighis iad siúd (nó a dtuismitheoirí) 
  • cad í céad teanga an dalta agus cibé a labhraítear teangacha eile sa bhaile.
  • aon choinníollacha ábhartha speisialta (e.g. riachtanais speisialta oideachais, saincheisteanna sláinte) a d’fhéadfadh bheith i gceist.
  • Faisnéis ar an iarthaifead acadúil (lena náirítear tuairiscí, teistiméireachtaí, measúnuithe agus taifid eile ó aon scoil(eanna) ar ar fhreastail an dalta roimhe seo
  • Measúnuithe síceolaíocha, síciatracha agus/nó leighis
  • Taifid tinrimh 
  • Grianghraif & íomhánna taifeadta de dhaltaí (lena n-áirítear ag imeachtaí scoile agus éachtaí a chur i dtaifead) a bainistítear de réir polasaí grianghraifeadóireachta na scoile, leis seo.
  • Taifead acadúil – ábhair ar a ndearnadh staidéar, tascanna ranga, torthaí scrúdaithe faoi mar atá siad taifeadta ar thuairiscí oifigiúla scoile 
  • Taifid ar éachtaí suntasacha
  • Taifid ar shaincheisteanna/imscrúduithe disciplíneacha agus/nó na smachtbhannaí a ghearrtar
  • Taifid eile, e.g. taifid ar aon ghortuithe/timpistí tromchúiseacha etc. (Nóta: moltar chun tuismitheoirí a chur ar an eolas go bhfuil teagmhas ar leith á chur i dtaifead)
  • Taifid ar aon tuairiscí a rinne an scoil (nó a bhfostaithe) maidir leis an dalta le ranna Stáit agus/nó le gníomhaireachtaí eile faoin Acht Tús Áite do Leanaí 2015.


      (b) Cuspóirí:  
Coimeádtar taifid dalta do na cuspóirí a leanas:

  • a chur ar chumas gach dalta a lánchumas a fhorbairt
  • na ceanglais reachtaíochta nó riaracháin a chomhlíonadh 
  • a chinntiú gur féidir leis na daltaí incháilithe tairbhe a bhaint ón múinteoireacht ábhartha nó na tacaíochtaí airgeadais breise 
  • tacú le teagasc reiligiúnach a sholáthar 
  • a chur ar chumas teagmháil a dhéanamh le tuismitheoirí/caomhnóirí i gcás éigeandála nó sa chás go ndúntar an scoil, nó chun tuismitheoirí a chur ar an eolas ar dhul chun cinn a linbh nó chun tuismitheoirí a chur ar an eolas ar imeachtaí Scoile etc.
  • freastal ar riachtanais oideachais, shóisialta, fhisiciúla agus mhothúchánacha an dalta   • glactar grianghraif agus íomhánna taifeadta de dhaltaí chun éachtaí scoile a cheiliúradh, bliainirisí a chur le chéile, láithreán gréasáin a bhunú, imeachtaí scoile a chur i dtaifead, agus chun taifead a choimeád ar stair na scoile. Glactar agus úsáidtear na taifid siúd i gcomhréir le Polasaí ar Ghlacadh Griangraifeanna & Ráiteas Príomháideachta Suíomh Gréasáin na Scoile. 
  • a chinntiú go gcomhlíonann an dalta critéir iontrála na scoile 
  • a chinntiú go gcomhlíonann na daltaí na riachtanais aoise íosta do chlárúchán bunscoile. 
  • cáipéisíocht/faisnéis a sholáthar faoin dalta don Roinn Oideachais agus Scileanna, an Chomhairle Náisiúnta um Oideachas Speisialta, TÚSLA, agus scoileanna eile etc. i gcomhlíonadh an dlí agus na dtreoracha a eisíonn ranna rialtais 
  • cáipéisíocht/faisnéis/teistiméireachtaí a sholáthar d’institiúidí dara leibhéal oideachais a iarrann an dalta (nó a dtuismitheoirí/a gcaomhnóirí i gcás dalta faoi 18 mbliana d’aois).


       (c) Láthair & Slándáil
i.    Coimeádtar taifid de láimh go slán, sábháilte faoi ghlas i gcómhadchaibinéid in oifig riaracháin glasáilte agus gan teacht orthu ach ag fostaithe atá údaraithe leis na sonraí sin a úsáid. Ní mór do na fostaithe sin na sonraí sin a choinneáil faoi rún.
ii.    Coimeadtar taifead digiteach ar ríomhairí a bhfuil cosaint phasfhocail, bogearraí balla dóiteáin agus leibhéil leordhóthanacha criptithe orthu. Bíonn Córas Rogha Aláram Ionraidh ar siúl lasmuigh d’uaireanta scoile. 
3.    Taifid an Bhoird Bhainistíochta:

(a)    Catagóirí de shonraí an bhoird bhainistíochta:
D’fhéadfaí a áireamh leo seo:
    Ainm, seoladh agus sonraí teagmhála gach comhalta den bhord bainistíochta (agus iarchomhaltaí an BB)
    Taifid maidir le ceapacháin a dhéantar leis an mBord
    Miontuairiscí ar chruinnithe an Bhoird Bhainistíochta agus an chomhfhreagrais a sheoltar chuig an mBord, ina bhféadfadh tagairtí do dhaoine ar leith a bheith i gceist.

(b)    Cuspóirí: A chur ar chumas an Bhoird Bhainistíochta chun oibriú i gcomhréir leis an Acht Oideachais, 1998 agus leis an reachtaíocht infheidhme eile agus le taifead a choimeád ar choinní agus cinntí an bhoird.

(c)    Láthair & Slándáil: Mar atá thuas.

4.    Taifid Eile:
Coimeádfaidh Gaelscoil Míde taifid eile a bhaineann le daoine. Taifead de láimh a bheidh san fhormáid ina gcoimeádtar na taifid seo (comhad pearsanta laistigh de chomhad ábhartha comhdaithe) agus/nó taifead ríomhaire (bunachar sonraí). Leagtar amach thíos roinnt samplaí de shaghas na dtaifead eile a choimeádann an scoil (ní liosta críochnaitheach an liosta seo):

Creidiúnaithe
(a)    Catagóirí sonraí: féadfaidh an scoil roinnt den fhaisnéis a leanas nó an fhaisnéis go léir a leanas a choimeád faoi chreidiúnaithe (ar daoine féinfhostaithe roinnt díobh):
    ainm
    seoladh
    sonraí teagmhála
    uimhir PSP
    sonraí cánach
    sonraí bainc agus
    an méid a íocadh leo

(b)    Cuspóirí: Teastaíonn an fhaisnéis chun gnáthbhainistiú agus gnáthriaradh a dhéanamh ar ghnóthaí airgeadais na scoile, lena n-áirítear sonraisc a íoc, cuntais bhliantúla airgeadais a chur le chéile agus iniúchtaí agus imscrúduithe a dhéanann na Coimisinéirí Ioncaim a chomhlíonadh.

(c)    Láthair & Slándáil: I gcaibinéad slán faoi ghlas in oifig na scoile

Íomhánna/Taifid CCTV
(a)    Catagóirí Tá CCTV súiteáilte i nGaelscoil Mide:
    Tá ceamairí súiteáilte go seachtrach ar chuaillí timpeall ar an bhfoirgneamh agus ar áitreamh na scoile.
    Tá ceamairí súiteáilte sa bhforhalla ag clúdach príomh dhoras, cúl doras agus staighrí na scoile.
Féadfaidh córais CCTV íomhánna den fhoireann, daltaí agus muintir an phobail a thaifeadadh a thugann cuairt ar an áitreabh. Tá an láthair féachanna lonnaithe in oifig an Phríomhoide.

(b)    Cuspóirí:  Sábháilteacht agus slándáil na foirne, na ndaltaí agus na gcuairteoirí agus réadmhaoin agus trealamh na scoile a chosaint.

(c)     Láthair & Slándáil: Tá ceamaraí lonnaithe go seachtrach agus go hinmheánach faoi mar a shonraítear sa Pholasaí CCTV. Tá trealamh taifeadta lonnaithe in oifig an Phríomhoide.

Tá cosc ar rochtain ar íomhánna/thaifeadtaí ach ag príomhoide agus foireann na scoile. Coimeádtar taifeadtaí ar feadh 28 lá, seachas má theastaíonn siad chun imscrúdú a dhéanamh ar theagmhas. Féadtar féachaint ar íomhánna/thaifeadtaí nó iad a chur ar fáil don Gharda Síochána de bhun Reachtaíocht um Chosaint Sonraí.

Torthaí Measúnaithe/Scrúdaithe
(a)     Catagóirí: Coimeádfaidh an scoil sonraí ina bhfuil torthaí scrúdaithe maidir lena ndaltaí go léir. Ina measc seo beidh, torthaí scrúdaithe ranga agus torthaí Scrúduithe Chaighdeánaithe.

(b)    Cuspóirí: Is é an príomhchuspóir a choimeádtar na torthaí scrúdaithe seo ná chun monatóireacht a dhéanamh ar dhul chun cinn dalta agus chun bonn daingean a sholáthar maidir leibhéil gnóthachtála oideachais agus moltaí don todhchaí. Féadtar na sonraí seo a bhailiú ar mhaithe le cuspóirí staitistiúla/tuairiscithe, ar nós táblaí torthaí a bhailiú. Féadtar na sonraí seo a aistriú chuig an Roinn Oideachais agus Scileanna, an Chomhairle Náisiúnta Curaclaim agus Measúnachta agus na comhlachtaí siúd comhchosúla eile.

(c)     Láthair & Slándáil: Sábháiltear torthaí na Scrúdaithe Chaighdeánaithe go digiteach ar chóras bunachair ALADDIN sna scamaill. Coimeádtar cóipchrua de na torthaí i gcaibinéad slán faoi ghlas in oifig an phríomhoide. Coimeádann na múinteoirí torthaí na scrúdaithe ranga sna seomraí ranga. Coimeádtar taifid de láimh go slán, sábháilte faoi ghlas i gcómhadchaibinéid sa seomra. Coimeádtar taifead digiteach ar an bhfreastalaí scoile le ríomhairí a bhfuil cosaint phasfhocail, bogearraí balla dóiteáin orthu.

Teastais Breithe & Baiste
(a)    Catagóirí: Coimeádann an scoil cóip de na teastais seo a leanas
    Teastas Breithe
    Teastas Baiste

(b)    Cuspóirí: Is é an príomhchuspóir a choimeádtar na teastais seo ná
    a chinntiú go gcomhlíonann na daltaí na riachtanais aoise íosta do chlárúchán bunscoile.
    teacht a bheith ag an scoil ar shonraí beacht, cruinn le bunachar POD á líonadh.
    a chinntiú go gcomhlíonann na daltaí gur mian leo go n-ullmhófaí do na sacraimintí iad riachtanais na hEaglaise Chaitlicigh.

(c)    Láthair & Slándáil: Coimeádtar cóip chrua de na teastais go slán, sábháilte faoi ghlas i gcomhadchaibinéid san oifig riaracháin. Scriostar na Teastais Breithe nuair a thosaíonn na daltaí ar scoil agus nuair a bhíonn an bunachar POD líonta. Coimeádtar cóipeanna de na Teastais Baiste ó R2 go R6 agus scriostar iad ina dhiaidh sin nuair a bhíonn sacraimint an Chomaoin Naofa agus sacraimint an Chóineartaithe glactha ag na daltaí.

Nasc le Polasaithe Eile & le Soláthar Curaclaim

Is gá do pholasaithe scoile a bheith comhsheasmhach lena chéile, laistigh de chreatlach Phlean foriomlán na Scoile. Ba cheart scrúdú a dhéanamh ar na polasaithe ábhartha atá i bhfeidhm cheana féin nó atá á bhforbairt nó á nathbhreithniú, agus tagairt á déanamh don Pholasaí um Chosaint Sonraí agus ba cheart dul i ngleic le haon impleachtaí a mbíonn aige dóibh.

D’fhéadfadh na beartais a leanas a bheith i measc na mbeartas ar a ndéantar breithniú:
    Bunachar Sonraí Daltaí Ar-Líne (POD) : bailiú sonraí leis na dualgais a bhaineann le bunachar sonraí daltaí ar-líne na ROS a chomhlíonadh.
    Polasaí um Chosaint Leanaí
    Polasaí Frithbhulaíochta
    Cód Iompair
    Beartas um Úsáid Substaintí
    Polasaí Clárúcháin
    Polasaí um Úsáid Inghlactha TFC.
    Polasaí Measúnaithe
    Polasaí um Oideachas Speisialta
    Polasaí Leabharlanna
    Polasaí Scéim Iasachta Téacsleabhair
    Polasaí Teagmhas Criticiúil
    Polasaí CCTV
    Polasaí ar thógáil grianghrafanna
    Polasaí Tinrimh

Próiseáil de réir Cearta an Ábhar Sonraí

I nGaelscoil Míde déanfar gach taifead ar shonraí pearsanta a phróiseáil i gcomhréir le cearta an ábhar sonraí. Tá an ceart ag an duine is ábhar do na sonraí:
    Fios a bheith aige/aici cén sonraí pearsanta atá á choimeád ag an scoil air/uirthi.
    Iarratas a dhéanamh rochtain a fháil ar aon sonraí atá á choimeád ag ar an rialathóir sonraí    air/uirthi
    Próiseáil a chuid/cuid sonraí ar son margaíocht dhíreach a chosc
    Iarraidh go gceartófar a sonraí má tá siad míchruinn.
    Iarraidh go scriosfar a sonraí chomh luath is nach bhfuil sé ag teastáil nó neamhábharach.

Próiseálaithe Sonraí
Nuair a dhéanann scoil seachfhoinsiú ar shonraí go próiseálaí sonraí lasmuigh de láthair na scoile, is gá de réir an dlí conradh comhaontaithe scríofa a chur i bhfeidhm (féach Ráiteas Samplach um Chosaint Sonraí). Sonraíonn comhaontú tríú páirtí Ghaelscoil Míde an próiseáil atá le déanamh ar na sonraí, na coiniallacha slándála a ghabhann leis an bpróiseáil agus gur gá na sonraí a scrios nó a thabhairt ar ais nuair atá an obair próiseála críochnaithe nó an conradh tagtha chun deiridh.

Sárú ar Shonraí Pearsanta
Is gá aon eachtra sárú ar shonraí pearsanta a thuairisciú d’Oifig an Choimisinéara Chosaint Sonraí laistigh de 72 uair a chloig.

Má tá an riosca ard ann go mbeidh cearta agus saoirsí an duine nádúrtha i mbaol de bharr na sáraithe sin, is gá do BB an ábhar sonraí a chur ar an eolas faoin sárú pearsanta sonraí sin, gan mhoill.

Má bhíonn próiseálach sonraí feasach ar shárú ar shonraí pearsanta, is gá dó é seo a chur in iúl don rialathóir sonraí (BB) gan mhoill.

Deighleáil le hIarratas ar rochtain ar shonraí
Tá duine ar bith i dteideal cóip a lorg de na sonraí pearsanta a coiméadtar faoi/fúithi, ar iarratas i scríbhinn.

Is gá freagairt don iarratas sin laistigh de mhí amháin. D’fhéadfadh sé go mbeadh gá le síneadh ama m.sh., thar tréimhsí saoire

Ní ghearrfar táille rochtana ach i gcásanna eisceachtúla sa chás go mbíonn na hiarratais athráiteach, gan bhunús nó iomarcach.

Ní chuirfear sonraí pearsanta a bhaineann le duine aonair ar bith eile seachas an ábhar sonraí ar fail.

Eolas a Chur ar Fáil ar an nGuthán

Is gá d’fhostaithe a bhíonn ag deighleáil le fiosrúcháin ar an nguthán a bheith cúramach faoi eolas pearsanta ata ag an scoil a nochtadh ar an nguthán. Is ceart don fostaí:
    Iarraidh ar an nglaoiteoir an t-iarratas a chur i scríbhinn
    Iarratais casta a chur ar aghaidh chuig an bpríomhoide
    Gan mothú faoi fhiacha eolas pearsanta a nochtadh

Socruithe, Róil & Freagrachtaí maidir le Cur i bhFeidhm

Is é an BB an rialathóir sonraí agus is é an Príomhoide a chuireann an Polasaí um Chosaint Sonraí i bhfeidhm ag cinntiú go bhfuil cur amach ag an bhfoireann a láimhseálann nó a mbíonn rochtain acu ar Shonraí Pearsanta ar a gcuid freagrachtaí um chosaint sonraí.

Is iad na daoine seo a leanas atá freagracht as gach gníomh a chur i bhfeidhm:

Rialathóir Sonraí:   Bord Bainistíochta Ghaelscoil Míde
Cur i bhFeidhm an Pholasaí:   Príomhoide: Joe Ó Dónaill

Faomhadh & Cumarsáid

Faomhadh ag cruinniú BB ar an 19/09/2019 agus sínithe ag an gCathaoirleach. Taifead den faomhadh déanta ag an Rúnaí i Miontuairiscí an chruinnithe. Polasaí um Chosaint Sonraí curtha suas ar shuíomh ghréasáin na scoile agus tuismitheoirí curtha ar an eolas faoi.

Monatóireacht a Dhéanamh ar Chur i bhFeidhm an Pholasaí

Déanfaidh an Príomhoide, an fhoireann agus an Bord Bainistíochta monatóireacht ar chur i bhfeidhm an Pholasaí um Chosaint Sonraí.

Athbhreithniú & Measúnú an Pholasaí

Déanfar athbhreithniú agus measúnú ar an bpolasaí i ndiaidh dhá bhliain. Ba cheart go dtabharfar aird ar fhaisnéis nó treoirlínte athraitheacha (e.g. ón gCoimisinéir Cosanta Sonraí, an Roinn Oideachais & Scileanna nó ó TÚSLA), reachtaíocht & aiseolas ó thuistí/chaomhnóirí, daltaí, foireann na scoile agus daoine eile nuair a bhíonn athbhreithniú agus measúnú leanúnach á dhéanamh. Déanfar an polasaí a leasú de réir mar is gá i gcomhthéacs an athbhreithnithe agus an mheasúnaithe sin agus laistigh de chreatlach phleanála na scoile.


Síniú:  

Cathaoirleach an Bhord Bainistíochta.

--------------------------------------------------------------------------------------------------------------------

 

Data Protection Policy 2019


Gaelscoil Míde, Data Protection Policy 2019
The school’s Data Protection Policy applies to the personal data held by the school’s Board of Management (BoM), which is protected by the Data Protection Acts 1988 to 2018 and the EU General Data Personal Regulation (GDPR).

The policy applies to all school staff, the Board of Management, parents/guardians, students and other partners with whom the school deals with (i.e. prospective or potential students and their parents/guardians and applicants for staff positions within the school) insofar as the measures under the policy relate to them. Data will be stored securely, so that confidential information is protected in compliance with relevant legislation. This policy sets out the manner in which personal data and special categories of personal data will be protected by the school. This policy deals with data which is both stored on paper and on computers.

Gaelscoil Míde operates a “Privacy by Design” method in relation to Data Protection. This means we plan carefully when gathering personal data so that we build in the data protection principles as integral elements of all data operations in advance. We audit the personal data we hold in order to:
1.    be able to provide access to individuals to their data
2.    ensure it is held securely
3.    document our data protection procedures
4.    enhance accountability and transparency

Data Protection Principles
The school BoM is a data controller of personal data relating to its past, present and future staff, students, parents/guardians and other members of the school community. As such, the BoM is obliged to comply with the principles of data protection set out in the Data Protection Acts 1988 to 2018 and GDPR, which can be summarised as follows:

1.    Obtain and process Personal Data fairly.
Information on students is gathered with the help of parents/guardians and staff. Information is also transferred from their previous schools. In relation to information the school holds on other individuals (members of staff, individuals applying for positions within the School, parents/guardians of students, etc.), the information is generally furnished by the individuals themselves with full and informed consent and compiled during the course of their employment or contact with the School. All such data is treated in accordance with the Data Protection legislation and the terms of this Data Protection Policy. The information will be obtained and processed fairly.

2.    Consent
Where consent is the basis for provision of personal data, (e.g. data required to join sports team/ after-school activity or any other optional school activity) the consent must be a freely-given, specific, informed and unambiguous indication of the data subject’s wishes. Gaelscoil Míde will require a clear, affirmative action e.g. ticking of a box/signing a document to indicate consent. Consent can be withdrawn by data subjects in these situations

3.    Keep it only for one or more specified and explicit lawful purposes.
The BoM will inform individuals of the reasons they collect their data and the uses to which their data will be put. All information is kept with the best interest of the individual in mind at all times.

4.    Process it only in ways compatible with the purposes for which it was given initially.
Data relating to individuals will only be processed in a manner consistent with the purposes for which it was gathered. Information will only be disclosed on a ‘need to know’ basis, and access to it will be strictly controlled.

5.    Keep Personal Data safe and secure.
Only those with a genuine reason for doing so may gain access to the information. Personal Data is securely stored under lock and key in the case of manual records and protected with computer software and password protection in the case of electronically stored data. Portable devices storing personal data (such as laptops) are encrypted and password-protected.

6.    Keep Personal Data accurate, complete and up-to-date.
Students, parents/guardians, and/or staff should inform the school of any change which the school should make to their personal data and/or sensitive personal data to ensure that the individual’s data is accurate, complete and up-to date. Once informed, the school will make all necessary changes to the relevant records. Records must not be altered or destroyed without proper authorisation. If alteration/correction is required, then a note of the fact of such authorisation and the alteration(s) to be made to any original record/documentation should be dated and signed by the person making that change.

7.    Ensure that it is adequate, relevant and not excessive.
Only the necessary amount of information required to provide an adequate service will be gathered and stored.

8.    Retain it no longer than is necessary for the specified purpose or purposes for which it was given.
As a general rule, the information will be kept for the duration of the individual’s time in the school. Thereafter, the school will comply with DES guidelines on the storage of Personal Data relating to a student. In the case of members of staff, the school will comply with both DES guidelines and the requirements of the Revenue Commissioners with regard to the retention of records relating to employees. The school may also retain the data relating to an individual for a longer length of time for the purposes of complying with relevant provisions of law and or/defending a claim under employment legislation and/or contract and/or civil law. See School Record Retention Table.

9.    Provide a copy of their personal data to any individual on request.
Individuals have a right to know and have access to a copy of personal data held about them, by whom, and the purpose for which it is held.

Scope

The Data Protection legislation applies to the keeping and processing of Personal Data, both in manual & electronic form. The purpose of this policy is to assist the school to meet its statutory obligations, to explain those obligations to School staff, and to inform staff, students and their parents/guardians how their data will be treated.

The policy applies to all school staff, the Board of Management, parents/guardians, students and others (including prospective or potential students and their parents/guardians, and applicants for staff positions within the school) insofar as the school handles or processes their Personal Data in the course of their dealings with the school.

Definition of Data Protection Terms
In order to properly understand the school’s obligations, there are some key terms, which should be understood by all relevant school staff:

Personal Data means any data relating to an identified or identifiable person who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the Data Controller (BoM)

Data Controller: A data controller is the individual or legal entity that controls the contents and use of personal data. The Board of Management itself is the data controller, with the principal acting on behalf of the BOM in exercising the functions involved.

Data: What is meant by data is information in a form that can be processed. It includes automated data (information on computer or information recorded with the intention of putting it on a computer) and manual data (information that is kept as part of a relevant filing system or with the intention that it should form part of a filing system).

Relevant Filing System: This refers to any set of information that, while not computerised, is structured by reference to pupils, staff or partners with whom the school has business, so that specific information relating to a particular individual is readily accessible.

Data Subject:  An individual who is the subject of personal data.

Data Processing:   Performing any operation or set of operations on data, including:
    Obtaining, recording or keeping the data,
    Collecting, organising, storing, altering or adapting the data
    Retrieving, consulting or using the data
    Disclosing the data by transmitting, disseminating or otherwise making it available
    Aligning, combining, blocking, erasing or destroying the data

Data Processor:   A person who processes personal information on behalf of a data controller, but does not include an employee of a data controller who processes such data in the course of their employment, for example, this might mean an employee of an organisation to which the data controller out-sources work. The Data Protection legislation places responsibilities on such entities in relation to their processing of the data. [e.g. Aladdin; GBW Chartered Accountants, etc.].
Special categories of Personal Data refers to Personal Data regarding a person’s:
    racial or ethnic origin
    political opinions or religious or philosophical beliefs
    physical or mental health
    sexual life and sexual orientation
    genetic and biometric data
    criminal convictions or alleged offence
    trade union membership

Personal Data Breach:   A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed. This means any compromise or loss of personal data, no matter how or where it occurs.

Rationale
In addition to its legal obligations under the broad remit of educational legislation, the school has a legal responsibility to comply with the Data Protection Acts 1988 to 2018 and the GDPR.

This policy explains what sort of data is collected, why it is collected, for how long it will be stored, and with whom it will be shared. The school takes its responsibilities under Data Protection law very seriously, and wishes to put in place safe practices to safeguard individuals’ personal data. It is also recognised that recording factual information accurately and storing it safely facilitates an evaluation of the information, enabling the principal and board of management to make decisions in respect of the efficient running of the school. The efficient handling of data is also essential to ensure that there is consistency and continuity where there are changes of personnel within the school and board of management.

Other Legal Obligations

Implementation of this policy takes account of the school’s other legal obligations & responsibilities. Some of these are directly relevant to data protection. For example:

    Under Section 9(g) of the Education Act, 1998, the parents of a student, or a student who has reached the age of 18 years, must be given access to records kept by the school relating to the progress of the student in their education.

    Under Section 20 of the Education (Welfare) Act, 2000, the school must maintain a register of all students attending the school.

    Under Section 20(5) of the Education (Welfare) Act, 2000, a principal is obliged to notify certain information relating to the child’s attendance in school and other matters relating to the child’s educational progress to the principal of another school to which a student is transferring.  Gaelscoil Míde sends, by post, a copy of a child’s Educational Passport, as provided by the NCCA, to the principal of the Post-Primary School in which the pupil has been enrolled. Where reports on pupils which have been completed by professionals, apart from Gaelscoil Míde, are included in current pupil files, such reports are only passed to the Post-Primary school following express written permission having been sought and received from the parents of said pupils.
    Under Section 21 of the Education (Welfare) Act, 2000, the school must record the attendance or non-attendance of students registered at the school on each school day

    Under Section 28 of the Education (Welfare) Act, 2000, the School may supply Personal Data kept by it to certain prescribed bodies (the Department of Education and Skills, TUSLA, the National Council for Special Education and other Schools). The BoM must be satisfied that it will be used for a “relevant purpose” (which includes recording a person’s educational or training history or monitoring their educational or training progress; or for carrying out research into examinations, participation in education and the general effectiveness of education or training).

    Under Section 14 of the Education for Persons with Special Educational Needs Act, 2004, the School is required to furnish to the National Council for Special Education (and its employees, which would include Special Educational Needs Organisers) such information as the Council may from time to time reasonably request.

    The Freedom of Information Act 1997 provides a qualified right to access to information held by public bodies which does not necessarily have to be “personal data” as with data protection legislation. While most schools are not currently subject to freedom of information legislation, if a school has furnished information to a body covered by the Freedom of Information Act (such as the Department of Education and Skills etc.), these records could be disclosed if a request is made to that body.

    Under Section 26(4) of the Health Act, 1947 a School shall cause all reasonable facilities (including facilities for obtaining names and addresses of pupils attending the school) to be given to a health authority who has served a notice on it of a medical inspection e.g. a dental inspection.

    Under Children First Act 2015, mandated persons in school have responsibilities to report child welfare concerns to TÚSLA – Child and Family Agency (or in the event of an emergency and the unavailability of TUSLA to An Garda Síochána).

Relationship to the Characteristic Spirit of the School

Gaelscoil Míde seeks to:
    enable each student to develop their full potential
    provide a safe and secure environment for learning
    promote respect for the diversity of values, beliefs, traditions, languages and ways of life in society.

We aim to achieve these goals while respecting the privacy and data protection rights of students, staff, parents/guardians and others who interact with us. The school wishes to achieve these aims/missions while fully respecting individuals’ right to privacy and rights under the Data Protection Legislation.

Personal Data

The Personal Data records held by the school may include:

3.    Staff Records:

(d)    Categories of staff data:
As well as existing members of staff (and former members of staff), these records may also relate to applicants applying for positions within the school, trainee teachers and teachers under probation. These staff records may include:
    Name, address & contact details, PPS no.
    Original records of application and appointment (including application forms, interview marking schemes and other documents relating to recruitment and selection such as references, Garda vetting outcomes and Medmark assessments)
    Record of appointments to promotion posts
    Details of approved absences (career breaks, parental leave, study leave, etc.)
    Details of work record (qualifications, classes taught, subjects, etc.)
    Details of complaints and/or grievances, including consultations or competency discussions, action, improvement, evaluation plans and record of progress
    Details of any accidents/injuries sustained on school property or in connection with the staff member carrying out their school duties
    Records of any reports the school (or its employees) have made in respect of the staff member to State departments and/or other agencies under Children First Act 2015.

(e)    Purposes:  
Staff records are kept for the purposes of:
    the management and administration of school business (now and in the future)
    to facilitate the payment of staff and calculate other benefits/ entitlements (including reckonable service for the purpose of calculation of pension payments, entitlements and/or redundancy payments where relevant)
    to facilitate pension payments in the future
    human resource management
    recording promotions made (documentation relating to promotions applied for) and changes in responsibilities, etc.
    to enable the school to comply with its obligations as an employer including the preservation of a safe, efficient working and teaching environment (including complying with its responsibilities under the Safety, Health and Welfare At Work Act 2005)
    to enable the school to comply with requirements set down by the Department of Education and Skills, the Revenue Commissioners, the National Council for Special Education, TÚSLA, the HSE, and any other governmental, statutory and/or regulatory departments and/or agencies
    and for compliance with legislation relevant to the school.
(f)    Location & Security:
(a)    Manual records are kept in a secure, locked filing cabinet in a locked administration office only accessible to personnel who are authorised to use the data. Employees are required to maintain the confidentiality of any data to which they have access.
(b)    Digital records are stored on password-protected computer with adequate encryption and firewall software in a locked office. The school has the intruder alarm activated during out-of-school hours.

4.    Student Records:

(c)    Catagories of student data may include:
    Information which may be sought and recorded at enrolment and may be collated and compiled during the course of the student’s time in the school. These records may include:
•    name, address & contact details, PPS number
•    date and place of birth
•    names and addresses of parents/guardians and their contact details (including any special arrangements with regard to guardianship, custody or access)
•    religious belief
•    racial or ethnic origin
•    membership of the Traveller community, where relevant
•    whether they (or their parents) are medical card holders
•    what the child’s first language is and whether or not other languages are spoken in     the home
•    any relevant special conditions (e.g. special educational needs, health issues etc.) which may apply.
    Information on previous academic record (include. reports, references, assessments and other records from any previous school(s) attended by the student)
    Psychological, psychiatric and/or medical assessments
    Attendance records
    Photographs and recorded images of students (including at School events and noting achievements) are managed in line with the accompanying policy on school photography
    Academic record – subjects studied, class assignments, examination results as recorded on official school reports
    Records of significant achievements
    Records of disciplinary issues/investigations and/or sanctions imposed
    Other records e.g. records of any serious injuries/accidents etc. (Note: it is advisable to inform parents that a particular incident is being recorded)
    Records of any reports the school (or its employees) have made in respect of the student to State departments and/or other agencies under Children First Act 2015.

(d)    Purposes:  
The purposes for keeping student records include:
    to enable each student to develop to his/her full potential
    to comply with legislative or administrative requirements
    to ensure that eligible students can benefit from the relevant additional teaching or financial supports
    to support the provision of religious instruction
    to enable parents/guardians to be contacted in case of emergency or in the case of school closure, or to inform parents of their child’s educational progress, or to inform parents of School events, etc.
    to meet the educational, social, physical and emotional requirements of the student
    photographs and recorded images of students are taken to celebrate school achievements, compile yearbooks, establish a school website, record school events, and to keep a record of the history of the school. Such records are taken and used in accordance with the School Photography Policy and School Website Privacy Statement.
    to ensure that the student meets the school’s admission criteria
    to ensure that students meet the minimum age requirements for attendance at Primary School.
    to furnish documentation/ information about the student to the Department of Education and Skills, the National Council for Special Education, TÚSLA, and other schools, etc. in compliance with law and directions issued by governmental departments
    to furnish, when requested by the student (or their parents/guardians in the case of a student under 18 years), documentation/information/ references to second-level educational institutions.

(c) Location & Security
i.    Manual records are kept in a secure, locked filing cabinet in a locked administration       office only accessible to personnel who are authorised to use the data. Employees are required to maintain the confidentiality of any data to which they have access.
ii.    Digital records are stored on password-protected computer with adequate encryption and firewall software in a locked office. The school has the intruder alarm activated during out-of-school hours.

5.    Board of Management Records:

(a)    Categories of board of management data:
These may include:
    Name, address and contact details of each member of the board of management (including former members of the BoM)
    Records in relation to appointments to the board
    Minutes of board of management meetings and correspondence to the board which may include references to particular individuals.

(b)    Purposes: To enable the Board of Management to operate in accordance with the Education Act, 1998 and other applicable legislation and to maintain a record of board appointments and decisions.

(c)    Location & Security: As above.

6.    Other Records:

Gaelscoil Míde will hold other records relating to individuals. The format in which these records will be kept are manual record (personal file within a relevant filing system), computer record (database). Some examples of the type of other records which the school will hold are set out below (this list is not exhaustive):

Creditors
(a)    Categories of data: the school may hold some or all of the following information about creditors (some of whom are self-employed individuals):
    name
    address
    contact details
    PPS number
    tax details
    bank details and
    amount paid.

(b)    Purposes: This information is required for routine management and administration of the school’s financial affairs including the payment of invoices, the compiling of annual financial accounts and complying with audits and investigations by the Revenue Commissioners


(c)    Location & Security : In a secure filing cabinet in the principal’s office

CCTV Images/Recordings
(a)    Categories: CCTV is installed in Gaelscoil Míde:
    Cameras are installed externally on posts around the school building and the school grounds.
    Cameras are installed internally in the foyer covering the main entrance, rear entrance and stairs in the school.

These CCTV systems may record images of staff, students and members of the public who visit the premises. The viewing station is in the Principal’s office.

(b)    Purposes:  Safety and security of staff, students and visitors and to safeguard school property and equipment.

(c)    Location & Security:  Cameras are located externally and internally as detailed in the CCTV Policy. Recording equipment is located in the Principal’s office.

Access to images/recordings is restricted to the principal & staff of the school. Recordings are retained for 28 days, except if required for the investigation of an incident. Images/recordings may be viewed or made available to An Garda Síochána pursuant to Data Protection Acts Legislation.

Assessment/Examination Results
(a)    Categories: The School will hold data comprising examination results in respect of its students. These include class test results and the results of Standardised Tests.

(b)    Purposes: The main purpose for which these examination results are held is to monitor a student’s progress and to provide a sound basis for advising them and their parents or guardians about educational attainment levels and recommendations for the future. The data will also be aggregated for statistical/reporting purposes, such as to compile results tables. The data may be transferred to the Department of Education and Skills, the National Council for Curriculum and Assessment and such other school to which the pupils move.

(c)    Location & Security: Standardised test results are saved digitally on the ALADDIN   database in the cloud. Hardcopies of the results as kept in a secure cabinet in the principals’ office. Class examination results are kept by the teachers in their classrooms. Manual records are kept in a secure, locked filing cabinet in the classroom. Digital records are stored on the school server via password-protected laptops and with adequate firewall software.

Birth & Baptismal Certificates
(a)    Categories: The School will hold a copy of the following certificates:
    Birth Certificate
    Baptismal Certificate

(b)    Purposes: The main purpose for which these certificates are held is
    to ensure that the student meets the school’s admission criteria
    to have access to specific information that is required to populate the POD database.
    to ensure that the student who wish to be prepared for the sacraments meet the Catholic Church requirements.

(c)    Location & Security:  These certificates are held in manual form and are kept in a secure, locked cabinet in the administration office. The Birth Certificates are destroyed once the children have started school and the POD database has been populated. Copies of the Baptismal Certificates are kept from second class to sixth class and destroyed there after once both Communion and Confirmation Sacraments have been received.

Links to Other Policies & to Curriculum Delivery

Our school policies need to be consistent with one another, within the framework of the overall School Plan. Relevant school policies already in place or being developed or reviewed, shall be examined with reference to the Data Protection Policy and any implications which it has for them shall be addressed.

The following policies may be among those considered:
    Pupil Online Database (POD): Collection of the data for the purposes of complying with the Department of Education and Skills’ pupil online database.
    Child Protection Procedures
    Anti-Bullying Procedures
    Code of Behaviour
    Substance Abuse Policy
    Enrolment Policy
    ICT Acceptable Usage Policy
    Assessment Policy
    Special Educational Needs Policy
    Library Policy
    Book-Rental Policy
    Critical Incident Policy
    CCTV Policy
    Policy on taking of Photographs
    Attendance Policy

Processing In Line with a Data Subject’s Rights

Data in Gaelscoil Míde will be processed in line with the data subject's rights. Data subjects have a right to:
    Know what personal data the school is keeping on them
    Request access to any data held about them by a data controller
    Prevent the processing of their data for direct-marketing purposes
    Ask to have inaccurate data amended
    Ask to have data erased once it is no longer necessary or irrelevant.

Data Processors
Where the school outsources to a data processor off-site, it is required by law to have a written contract in place (see Written Third party service agreement). Gaelscoil Míde’s third party agreement specifies the conditions under which the data may be processed, the security conditions attaching to the processing of the data and that the data must be deleted or returned upon completion or termination of the contract.

Personal Data Breaches
All incidents in which personal data has been put at risk must be reported to the Office of the Data Protection Commissioner within 72 hours.

When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the BoM must communicate the personal data breach to the data subject without undue delay.

If a data processor becomes aware of a personal data breach, it must bring this to the attention of the data controller (BoM) without undue delay.

Dealing with a data access request
Individuals are entitled to a copy of their personal data on written request.

Request must be responded to within one month.
An extension may be required e.g. over holiday periods.

No fee may be charged except in exceptional circumstances where the requests are repetitive or manifestly unfounded or excessive.

No personal data can be supplied relating to another individual apart from the data subject.

Providing Information over the Phone

An employee dealing with telephone enquiries should be careful about disclosing any personal information held by the school over the phone. In particular, the employee should:
    Ask that the caller put their request in writing
    Refer the request to the Principal for assistance in difficult situations
    Not feel forced into disclosing personal information

Implementation Arrangements, Roles & Responsibilities

The BoM is the data controller and the Principal implements the Data Protection Policy, ensuring that staff who handle or have access to Personal Data are familiar with their data protection responsibilities.

The following personnel have responsibility for implementing the Data Protection Policy:

Data Controller:   BoM, Gaelscoil Míde
Implementation of Policy:   Principal: Joe Ó Dónaill

Ratification & Communication

Ratified at the BoM meeting on 19/09/2019 and signed by Chairperson. Secretary recorded the ratification in the Minutes of the meeting. School’s Data Protection Policy uploaded on to school website and parents informed of same.

Monitoring the Implementation of the Policy

The implementation of the Data Protection Policy shall be monitored by the Principal, staff and the Board of Management.

Reviewing & Evaluation the Policy

The policy will be reviewed and evaluated after 2 years. On-going review and evaluation will take cognisance of changing information or guidelines (e.g. from the Data Protection Commissioner, Department of Education and Skills or TUSLA), legislation and feedback from parents/guardians, students, school staff and others. The policy will be revised as necessary in the light of such review and evaluation and within the framework of school planning.

Síniú:  

Cathaoirleach an Bhord Bainistíochta.