Data Protection at Griffith College

Griffith College is committed to data protection best practice as defined under the General Data Protection Regulation (GDPR). This section provides information on a range of data protection aspects including:

  • What is GDPR?
  • What GDPR means for you
  • Our Data Protection Policy
  • What are my rights?
  • Cookie Policies & Privacy Notices
  • How do I make a request?
  • What do I do if there's a breach?
  • Personal Data Retention
  • Useful Links & Resources

If you are looking for an initial introduction to GDPR, we also recommend you visit the Training page of this section.

What is GDPR?

The General Data Protection Regulation (GDPR) came into force on 25th May 2018. It is an EU regulation which seeks to create a common data protection framework across all EU states. At its core, GDPR seeks to protect the rights of consumers and ensure companies are fair and transparent in how they use consumers’ data.

Griffith College places great importance on the fair processing of personal data. The College, through its data protection officer and data protection committee, has undertaken substantial work to ensure that as an institution we adhere to data protection best practice.



What GDPR means for you

GDPR means you as a consumer have more control over your personal data – how it is obtained and processed; as well as providing a range of rights that cover aspects such as accessing and amending your data.

How we process your data as a student of Griffith College

Griffith College requires to process a range of personal data in order to effectively deliver academic and administrative services to its learners. To find out more about how the College processes this data and the types of information included, please refer to our student contract.

In case of a data breach

Please notify the college’s Data Protection Officer at [email protected] as soon as you identify a potential data breach. As required under GDPR, the College will then identify the nature of the breach and notify the Data Protection Commissioner as and where applicable. In the case of College staff, the College’s policy also requires that you contact your relevant line manager.