The Secondary Education Committee Privacy Statement

  •  SEC is the data controller for student grant applications.
  • The SEC processes all personal data in accordance with the governing legislation (The Data Protection Acts 1988 – 2018, and the General Data Protection Regulation (EU) 2016/679.
  • The SEC adheres to the following principles when processing data: lawfulness, fairness and transparency; purpose limitation; data minimisation; accuracy; storage limitations; integrity and confidentiality; and accountability.
  • SEC may share personal data provided in your application with other Government bodies and agencies for the purpose of processing your grant application. Details are outlined in our data protection policy.
  • SEC will not retain data, including phone call records, for any longer than is necessary and/or as required by law, whether under The Data Protection Acts 1988-2018, and General Data Protection Regulation (EU) 2016/679.
  • SEC take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of the data and against their accidental loss or destruction.
  • Personal data will not be shared with other persons without your specific consent or if necessary to meet our legal obligations.
  • Where applicants identify relationship to other applicants or grant recipients, such information will be linked to ensure consistency and efficiency in processing.
  • Individuals have a number of rights under the legislation. This includes access to your personal data. A full list of your rights is available in our data protection policy.

Who we are?

The Secondary Education Committee (SEC) administers the Department of Education’s Protestant Block Grant Scheme. The SEC allocates means-tested grants to necessitous members of Protestant communities to assist them in attending Protestant-managed schools. The eligibility criteria including eligible schools are specified in a memorandum of understanding with the Department of Education and the Rules and Regulations of the Protestant Block Grant Scheme.

Complete an assessment of applicants’ means requires the gathering of personal data from applicants. Without this personal data, the SEC is unable to determine if an applicant is eligible and what level of support they require. The SEC is the data controller for all applications for support under the Protestant Block Grant scheme. This privacy policy will explain how our organization uses the personal data we collect from you for grant applications and when you use our website.

What data do we collect?

We process information that you provide to assess your eligibility to apply for a grant for your children/s tuition or boarding fees in a secondary school recognised by the SEC. In order to assess your level of necessity we complete a means test using the data and information you provide us with electronically.

The categories of personal data provided by you and collected by SEC for the purpose of assessment are:

  • name, address and contact details, date of birth, PPS number
  • marital and family status
  • religious denomination
  • details of your child/ren, names, date of birth, college/ school attendance
  • employment details
  • Income tax details, copy bank and financial statements, copy tax assessment forms.
  • name, address and contact details, charity number of person verifying the religion of your child/ren
  • details of incomes of parent/guardian

Information provided for grant applications is stored securely, in electronic form, and maybe consulted by grant assessors if you make subsequent grant applications.

When you use our website, we collect certain data through cookies, which we use to improve the quality of the information we provide on our website.

How do we collect your data?

You directly provide the SEC with most of the data we collect. We collect data and process data when you:

  • Register online or apply online for a grant
  • Voluntarily complete a survey or provide feedback on any of our message boards or via email.
  • Use or view our website via your browser’s cookies.
  • Provide additional information that is requested by an SEC grants officer
  • Make an appeal of an SEC grant officer’s decision
  • Through phone calls

We may also receive your data indirectly from the following sources:

  • Through conducting background checks on publicly available registers, databases, and sources
  • From the information provided to us by schools that you are attending
  • From the information provided to us by your minister of religion or church

How will we use your data?

The SEC collects your data so that we can:

  • Process your grant application, and verify the information provided therein
  • Comply with the rules and regulations of the Protestant Block Grant scheme
  • Communicate the outcome of your grant application to your school
  • Pay your school the value of your grant
  • Verify your initial and continued eligibility for a grant

We will only share your data with external agencies in so far as it is necessary and secondary to the primary purposes of processing your application and paying your grant. In order to process your application, we engage data processors. All data sharing arrangements are governed by respective data processing agreements which protect your privacy and restricts their access to it. Data may be transferred from their servers to ours in the batch transfer or on a case-by-case basis. We use this information to complete your application.

We will also share the value of the allocated grant and the name of the pupil to your school in order to facilitate the payment of the grant.

Contact Information provided by you

The application process requires you and other parties to the application to provide contact information. We will use this contact information for the following purposes:

  • to contact you or other parties to the application about the application.
  • to administer the application.
  • to administer any grant payments that we determine by this application you may be entitled to.

How do we store your data?

The SEC stores your data in electronic form on its secure servers. Records of all personal information are stored in centralised databases (including computerised and manual files) in the SEC data centre. All storage facilities are located in the EU. SEC take appropriate security measures against unauthorised access to or alteration, disclosure, or destruction of the data and against their accidental loss or destruction. Data Processing and Data Sharing agreements entered into between SEC and the agencies/bodies with whom it exchanges data take account of the security measure requirements necessary to protect the data.

The SEC will keep the data provided on a secure database for the purpose of ongoing administration, audit, and review. SEC will not keep personal data for any longer than is necessary and/or as required by law, whether under the Data Protection Legislation or otherwise. We will keep your application data for 7 years from the date of your last application. Once this time period has expired, we will delete your data from our database.

SEC may share the data submitted via the application process with authorised agents or third parties who act on behalf of SEC pursuant to a contractual relationship. SEC continues to be the Data Controller for this data and these authorised agents act as Data Processors on our behalf. Such agents or third parties are only permitted to use the personal data as instructed by SEC. They are also required to keep the data safe and secure and to retain it for a minimum amount of time.

Applicants and parties to applications may speak to employees of SEC (or agents acting on its behalf) by telephone. To ensure that SEC provides a quality service, the telephone conversations may be recorded. SEC will treat the recorded information as confidential and will only use it for staff training/quality control purposes, and for confirming details of the conversations with SEC. The Blueface portal stores 100 Hours or 3 months of audio recordings, whichever comes first, after which the oldest recordings are removed to make space for new recordings. Once recordings are removed from the portal either by deleting manually or being removed due to storage they are permanently deleted and there is no way to retrieve them from the server.

If applicants and parties to applications requests that SEC communicate with him/her by email, the applicant is solely responsible for the security and integrity of their own email account. The transmission of information via the internet is not completely secure and consequently, while SEC will take all reasonable security measures, it cannot guarantee the privacy or confidentiality of information being passed via the Internet; any transmission is entirely at the applicant’s own risk.

Consent and Enquiry Handling

It is necessary to process certain personal data provided by the you (the applicant) and other individuals connected to you or related to you in order to correctly assess entitlement to student support funding.

To ensure efficient, accurate, and equitable processing of applications, we may take into account any information provided that related household members have applied for student support.

You or other parties to your application can contact the SEC support line to make enquiries about the status of an application, the number to contact is 01 551 4693. In order to facilitate such enquiries, SEC will share information about the status of an application with all parties to that application. Contact centre staff will ask verification questions to ensure that we only share information with a party to the application.

We will not provide personal data of a party to an application to other parties to the application without their consent. We will limit the information that we share to the status of the application and clarification of any outstanding supporting documentation or actions that are required to progress the application. In circumstances where disclosure of such information to another party to the application is not desired for personal reasons, the applicant should alert SEC to this so that we can put appropriate controls in place on a case-by-case basis.

In circumstances where a third party (not a party to the application) requests information, personal data will not be shared without the consent of the subject of the information. In circumstances where you or a party to the application provides personal data pertaining to another person who is not party to the application, consent must be provided by that person directly in order to allow SEC process their information.

Pursuant to Section 91 of the Data Protection Act 2018 and Article 15 of the GDPR, individuals may access their personal data and request a copy of their data held by SEC.

To do this please contact the SEC office by writing to The Data Protection Officer, Secondary Education Committee, Church of Ireland House, Church Avenue, Rathmines, Dublin 6, D06 CF67.

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our website, we may collect information from you automatically through cookies or similar technology.  For further information, visit allaboutcookies.org.

How do we use cookies?

The SEC uses cookies in a range of ways to improve your experience on our website, including:

  • Understanding how you use our website
  • Improving the website in future

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

  • Functionality – the SEC uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and location you are in. A mix of first-party and third-party cookies are used.
  • Advertising – the SEC uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed, and information about your browser, device, and your IP address. The SEC sometimes shares some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.

How to manage cookies

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

 Privacy policies of other websites

The SEC website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

School Data

To facilitate effective engagement with schools we process and store data relating to officers at scheme member schools. This information is supplied to us from schools and is updated on their advice.

Changes to our privacy policy

The SEC keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 19 September 2023.

What are your data protection rights?

  1. Data protection is a fundamental right set out in Article 8 of the EU Charter of Fundamental Rights.
  2. Everyone has the right to the protection of personal data concerning him or her.
  3. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
  4. Compliance with these rules shall be subject to control by an independent authority.

Individuals have:

  • The right to be informed about what your information is being used for
  • The right to access – You have the right to request and receive a copy of your personal data within 30days of requesting it, and for no charge (note, limitations apply).
  • The right to rectification – You have the right to request that we correct and fix any information that is inaccurate.
  • The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your personal data.
  • The right to object to processing – You have the right to object to our processing of your personal data.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

If you make a data subject request, we have 30 days to respond to you, in full. We may need to verify your identity and will not be able to share the personal data of other individuals without their explicit consent. If you have any questions about our privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please contact us:

  • Phone: 01 551 4693
  • Email: info@secgrant.ie
  • Post: The Data Protection Officer, Secondary Education Committee, Church of Ireland House, Church Avenue, Rathmines, Dublin 6, D06 CF67

How to contact the appropriate authority

The Data Protection Commission is the governing data authority in Ireland.  If you would like to contact the Commission in respect to the processing of your personal data by the SEC, or for other reasons where you may be dissatisfied by how the SEC is using your personal data, you can contact them by:

Email: dpo@dataprotection.ie

Phone: 01 7650100

And you can visit their website at: www.dataprotection.ie