Document Feedback - Review and Comment
Step 1 of 4: Comment on Document
How to make a comment?
1. Use this to open a comment box for your chosen Section, Part, Heading or clause.
2. Type your feedback into the comments box and then click "save comment" button located in the lower-right of the comment box.
3. Do not open more than one comment box at the same time.
4. When you have finished making comments proceed to the next stage by clicking on the "Continue to Step 2" button at the very bottom of this page.
Important Information
During the comment process you are connected to a database. Like internet banking, the session that connects you to the database may time-out due to inactivity. If you do not have JavaScript running you will receive a message to advise you of the length of time before the time-out. If you have JavaScript enabled, the time-out is lengthy and should not cause difficulty, however you should note the following tips to avoid losing your comments or corrupting your entries:
-
DO NOT jump between web pages/applications while logging comments.
-
DO NOT log comments for more than one document at a time. Complete and submit all comments for one document before commenting on another.
-
DO NOT leave your submission half way through. If you need to take a break, submit your current set of comments. The system will email you a copy of your comments so you can identify where you were up to and add to them later.
-
DO NOT exit from the interface until you have completed all three stages of the submission process.
(1) This (2) The Data Protection Officer (DPO) is responsible for the management and implementation of the (3) The Data Protection Officer is responsible for ensuring that all DSARs are responded to within the required one-month period, or any necessary and notified extension period (as described below). (4) Where applicable, all Staff, Faculty, Adjunct Faculty and students are responsible for engaging with and adhering to this (5) Where Staff other than the Data Protection Officer receive a DSAR, they must inform the Data Protection Officer immediately and furnish a copy of the DSAR received. (6) All third-party processors are required to provide the necessary technical and operational assistance to enable the College to respond to a DSAR within the permitted time frame. (7) A data subject can make a request to obtain personal data held in relation to them by the College at any time. (8) Applications may be made via email to the Data Protection Officer at dpo@hiberniacollege.net and must include a completed application form, available under the resources section of the Hibernia College Quality Framework, and official photographic identification, e.g. passport or driver's licence. (9) The Data Protection Officer will verify that the request has been made using the correct application form and is accompanied by photographic identification. (10) The Data Protection Officer will send the data subject an acknowledgment email, normally within two working days. (11) Where the College holds a large quantity of information concerning the data subject, the College may request that the data subject specify the information or processing activities to which the request relates before the information is delivered. If the data subject refuses to clarify the request, the College must still respond to the request except where it is considered manifestly unfounded or excessive by the College. (12) Where a DSAR is considered manifestly unfounded or excessive by the College, having undertaken a detailed assessment, the College may refuse to act on the request in line with Article 12(5) of the GDPR. If this is the case, the College will inform the data subject of its decision. (13) The College must respond to all DSARs within one month. (14) The date of receipt of the DSAR is the beginning of the one-month period. (15) Where a request is complex, or multiple requests are received from the same individual, the College can extend this time up to a further two months. (16) When an extension is sought, the data subject will be notified within the one-month period of this and will be informed of the expected time frame to complete the request and an explanation why the extension is necessary. (17) The Data Protection Officer will contact any departments required to assist in the preparation of a response to the DSAR, without delay. This may include contacting: (18) The Data Protection Officer will set up a secured location for any relevant person to submit requested information. (19) All relevant persons are given a deadline of no more than two weeks to provide the requested data. (20) The Data Protection Officer sends a reminder to all relevant persons one week before the deadline. (21) Each department, or individual, is required to notify the Data Protection Officer of any anticipated delays or complications in delivering the data. (22) When all relevant data has been collected, it is formally recorded and categorised by the Data Protection Officer. (23) Omissions and redactions may be applied by the Data Protection Officer to the information as necessary, e.g. to retain data privacy of other data subjects, to protect legally privileged information, intellectual property or commercially sensitive information. Where this occurs, the data subject will be notified of the reason for the omissions/redactions. (24) When all data relevant to the request has been prepared, it is shared with the data subject using a secure electronic medium or another secure medium if explicitly requested. (25) The Data Protection Officer will issue a response letter to the data subject accompanying the data (26) The Data Protection Officer retains central records of all subject DSARs. (27) The Data Protection Officer conducts an annual review of all DSARs to: (28) The report is shared with the Executive Management Team.Data Subject Access Request (DSAR) Management Procedure
Section 1 - Introduction
Purpose and Parent Policy
Responsibilities
Staff, Faculty and Adjunct Faculty Responsibilities
Third-Party Processor
Section 2 - Procedure
Part A - Procedure for Managing a DSAR
Submitting an Application
Receipt and Acknowledgment
Time Frame for Delivering Request
Notification of Departments
Data Gathering and Collation of Data
Completion of Request
Records and Evaluation