Categories
Uncategorized

YOU AND GDPR – GENERAL DATA PROTECTION REGULATION.

IF YOU WERE A SEMINARIAN, PRIEST OR RELIGIOUS AND FEEL YOU WERE UNJUSTLY TREATED YOU ARE NOW ABLE TO ASK YOUR DIOCESE OR ORDER FOR ALL THE DATA THEY HOLD ON YOU.

This means that you will get to see all the letters, reports, emails minutes, and notes that were and are on file about you.

Information is power.

That information and that power is now available to you through this European legislation that is binding in all European countries.

I spoke recently to a former Maynooth seminarian who had been treated very badly there – to the point that it had seriously affected his health.

He needed to find out what was being said about him and what daya was being held on his diocesan file.

He submitted a request to his diocesan data official and within a month he received a copy of everything the diocese had about him – including a copy of the initial psychological report the diocese submitted him to.

Any of the information that mentioned other individuals had the individuals names redacted.

So, in the last few days I requested all my data from the Archdiocese of Dublin, where I grew up and where I was a seminarian at Clonliffe from 1970 to 1973.

I also requested my date from Down and Connor with which I have been associated with since the summer of 1978 – 41 years now.

I’m looking forward to the outcome.

I will follow up with a request to Waterford where I was a seminarian from 1973 to 1976.

And of course I will apply to Cardiff archdiocese with which I was also associated with.

It’s good to be able to access data held on oneself.

Go ahead – and access yours.

120 replies on “YOU AND GDPR – GENERAL DATA PROTECTION REGULATION.”

Anonymous 24th Nov 2019 — 11:16 pm — wrote, “Any information held that is defamatory in nature is libel…..”
______________________________________________________________
Here in England the term used is ‘Defamation’ not ‘Libel’.
And these days there are more Law Suits for Breach of Privacy than there are for Defamation.
Please remember that. It’s important.
For example it’s not defamatory to say that somebody’s Gay, but if you ‘out’ that some respectable law-abiding citizen that’s a Breach of Privacy.
Circumstances always alter cases but they, and perhaps their children, might be able to sue particularly if they have the right Insurance cover.

Like

I didn’t actually 😊 I threw an empty piss pot out my window for a dare 😊
Piss pots were obligatory in Clinliffe as you were not allowed to leave your room at night.

Like

In the case of Maynooth the easist way is to make a request by email, giving month and year of admission and diocese and home address as a student. They usually email back asking for a scan of ID (passport/driving licence) so include that from the start, to save time. Say you are making a GDPR request for all information held on you by St Patrick’s College, Maynooth, which will cover records held by the seminary, the Pontifical University, and the National University when it was under church control.
Contact details:
President’s Office
Pontifical University
St Patrick’s College Maynooth
Co Kildare
Email: president@spcm.ie
Phone: +353 (1) 7083958

Like

Lol! 🤣🤣🤣Only a clown would request data from Maynooth.
Go straight to the data protection officer in your diocese.👍

Like

The relevant diocese would have copies of all end-of-semester reports, pastoral placement reports, etc., as same are sent to the relevant bishop for review.

Like

I’m assuming all one needs to do is write a letter to the relevant organisation? do you have to say WHY you want this information or prove WHO you are?

Like

Pat, seriously, I’m surprised at you.
The current GDPR regulations were preceded by the church’s policy of Shred Anything Which Might Give Trouble, and well you know it.

Like

5.11: Every institution,civil and religious should be investigated: prisons: psychiatric hospitals particularly (now that we know the horrendous diagnoses made and treatments give, which often destroyed people’s potential for recovery: I know), : nursing homes: detention centres, government agencies (whiteboards awful experiences). In the past the state and church could – and still do – create a folder of files on individuals and used information in very cynical, negative and destructive ways. Just Look at the way politicians use/abuse information on one another and on different groups in society. There has to be a proper guarantee that information held on individuals is protected from harmful manipulation.

Liked by 1 person

11.20: That should read “whistleblowers” – remember the awful insinuations and manufactured accusations made against some….almost completely destroying the. When fully revealed through freedom of information, the lies in files were morally reprehensible.

Like

11:20 am
I agree.
I’m wondering how you know re horrendous diagnoses and treatments destroyed peoples potential for recovery? You are right. The psychiatric system badly needs investigating.

Like

Been there, done that Pat, sound great but it will be so heavily redacted it will be of little use to you.

Like

Oh, + Pat, you are very trusting that you think that you will get everything ! I assure you, law or no law on your side, there will be all sorts of sifting and redacting done before you get your records. And, it will be impossible for you to know what has been removed, because these paper records will just be bundled together without any proper order or recording, so no way to tel what was there that is not there now. Computerised records will be more difficult to fiddle. But you records, by and large, date before computers. Good luck !

Like

It will be interesting to see if this legislation will survive Brexit. And the British still cry what has the EU ever done for us? There is an inconsistency to put it mildly between the British claim to freedom and the tendency to put it mildly to cover up.

Like

That’s assuming that all their info on you is kept in a file rather than in a set of notebooks that supposedly are the Papal Nuncio’s diplomatic correspondence, or else merely the private diary of Fr Sean O’Bubblegum.
Remember how many decades it took for the existence of Crimen sollicitationis to become public knowledge.

Like

Joseph Lollard @ 5:16. All my information was printed with most of it on headed paper. No a jotting pad in sight.

Like

It’s rather pointless and a tad childish to suggest random names of people who should apply for this. What does that achieve and quite frankly totally pointless.

Like

Pat
Can someone request information from you? Technically any information held on people is their property.

Like

9.36: Pat, you are not a private entity, surely? Aren’t you a listed “solemniser” for the state and is not the Oratory a registered entity/charity? You have lots of information on files – therefore aren’t you subject to the same requirement of law?

Like

I am a listed solemniser but all the data related to marriages etc is kept by the Registrar General.

We are not a registered charity.

In law I am an individual self employed man returning self employed yearly tax returns.

Like

By Post Author

Bishop Buckley 25th Nov 2019 — 9:36 am – wrote “I am a private individual.”
Perhaps. ???
Sorry Pat but you style yourself a Bishop, and you run a very high-profile blog.
“In a lawsuit the first to speak seems right, until someone comes forward and cross-examines.” Proverbs 18:17

Like

Joseph Lollard @ 5:48.

It’s a pity that certain individuals who issued legal threats against this blog didn’t follow through with same. Why didn’t they???

Answer: Because they knew they would be publically humiliated and exposed as sociopathic liars and frauds.

Like

I applied to my ex Seminary for all data held about me. I know for sure that two documents were definitely held by the Seminary. Lo and behold those documents were missing along with, I strongly suspect, other documents also. The very few documents I did receive were heavily redacted. In my case I’ve found it was not worth the bother and a waste of time. Best not to get any hopes up. It all sounds grand but in reality it’s far from satisfactory.

Like

I couldn’t be bothered pursuing it because how can anyone prove what data was or was not held against them. It’s not all clear cut.

Liked by 1 person

The only things that were redacted on my requested documents were names other than my own.
My end-of-term reports compiled and signed by my formator, summer-placement pastoral report, vocation-director report, emails pertaining to me, psychological assessment, and other documents from all sources were provided in full.
I actually received far more information than I had envisaged.
I would recommend that one sends a very detailed email to the data protection officer with as much information regarding the documents as possible such as dates, names of relevant persons, etc.

Like

Is it a requirement that the relevant organisation “provides” the information by sending it to the applicant? Or does the organisation meet the requirements of the legislation by providing access to the information whereby the applicant is required to go somewhere to view it?
MMM

Like

MMM – It has to be sent to the applicant subsequent to provision of applicant’s photo ID.
Data can be sent via email and registered post addressed to the applicant.

Like

https://www.citizensinformation.ie/en/government_in_ireland/data_protection/overview_of_general_data_protection_regulation.html#lf18e4
“The Data Protection Commission has the power to order any controller or processor to provide information that the authority requires to assess compliance with the Regulation. It may carry out investigations of controllers and processors in the form of data audits, including accessing the premises of a controller or processor. It authority can order a controller or processor to change their processes, comply with data subject requests. The Data Protection Commission can also issue warnings to controllers and processors and can ban processing as well as commence legal proceedings against a controller or processor.”

Like

That’s Free State info, so it’s irrelevant to Larne as Ulster is British and the Free State has no jurisdiction here.

Like

I believe an Archdiocesan Safeguarding department has just been found by the authorities to be in breach of the law – the circumstances of which cannot, as of yet, be discussed here; but will be in the not to distant future.

Like

Clifton and wonersh seminarians have not been given all the information requested by the seminarians expelled recently… So Pat I’m sorry this post is not right, but they don’t care about European laws. They are above the law it seems..

Like

@12:24 – Well then they are in serious breach of the law and should be reported to the relevant UK Data Protection Commission.

No diocese or seminary is above GDPR 2018.

Like

https://www.citizensinformation.ie/en/government_in_ireland/data_protection/overview_of_general_data_protection_regulation.html#lf18e4

Penalties
Penalties apply to both controllers and processors found to be in breach of the GDPR. There are different penalties, depending on the importance of the breach.

Serious infringements
For the most serious infringements (for example, not having sufficient customer consent to process data or violating the core of privacy by design concepts) organisations can be fined up to 4% of their annual global turnover or €20 million, whichever is greater.

Each member state may introduce further fines legislation, which will be enforceable within that state only.

Lesser breaches
Under the GDPR, organisations in breach of the Regulation can be fined up to 2% of their annual global turnover or €10 million, whichever is greater, for lesser breaches. Some examples of lesser breaches include: not having records in order, not notifying the supervisory authority and data subject about a breach or not an conducting impact assessment.

Like

Thanks to Boris we will soon have the Brussels jackboot lifted off our British necks so they can stick the GDPR where the sun don’t shine.

Like

UK Data Protection Info:

https://www.gov.uk/data-protection/find-out-what-data-an-organisation-has-about-you

Find out what data an organisation has about you
Write to an organisation to ask for a copy of the information they hold about you.

If it’s a public organisation, write to their Data Protection Officer (DPO). Their details should be on the organisation’s privacy notice.

If the organisation has no DPO, or you do not know who to write to, address your letter to the company secretary.

How long it should take
The organisation must give you a copy of the data they hold about you as soon as possible, and within 1 month at most.

In certain circumstances, for example particularly complex or multiple requests, the organisation can take a further 2 months to provide data. In this case, they must tell you:

within 1 month of your request
why there’s a delay
When information can be withheld
There are some situations when organisations are allowed to withhold information, for example if the information is about:

the prevention, detection or investigation of a crime
national security or the armed forces
the assessment or collection of tax
judicial or ministerial appointments
An organisation does not have to say why they’re withholding information.

How much it costs
Requests for information are usually free. However, organisations can charge an administrative cost in some circumstances, for example if:

you’re asking for a large amount of information
your request will take a lot of time and effort to process

Make a complaint
If you think your data has been misused or that the organisation holding it has not kept it secure, you should contact them and tell them.

If you’re unhappy with their response or if you need any advice you should contact the Information Commissioner’s Office (ICO).

ICO
casework@ico.org.uk
Telephone: 0303 123 1113
Textphone: 01625 545860
Monday to Friday, 9am to 4:30pm
Find out about call charges

Information Commissioner’s Office
Wycliffe House Water Lane
Wilmslow
Cheshire
SK9 5AF
You can also chat online with an advisor.

The ICO can investigate your claim and take action against anyone who’s misused personal data.

Like

Excellent comprehensive comment. Thank you for the effort you’ve put into it. Much appreciated.
MMM

Like

UK GDPR non-compliance penalties:

https://www.itgovernance.co.uk/dpa-and-gdpr-penalties

GDPR penalties and fines
The maximum fine under the GDPR is up to 4% of annual global turnover or €20 million – whichever is greater – for organisations that infringe its requirements.

However, not all GDPR infringements lead to data protection fines. Supervisory authorities such as the UK’s ICO (Information Commissioner’s Office) can take a range of other actions, including:

Issuing warnings and reprimands;
Imposing a temporary or permanent ban on data processing;
Ordering the rectification, restriction or erasure of data; and
Suspending data transfers to third countries.

Like

He left a pair of his jock straps at my place last week. I’m pretty sure he’ll come back to ask for them.

Like

Brendan Marshall doesn’t need to request his data. He is squeaky clean and no skeletons in his cupboard. All the rumours were malicious and untrue.

Like

https://www.citizensinformation.ie/en/government_in_ireland/data_protection/overview_of_general_data_protection_regulation.html#lf18e4
Serious infringements
For the most serious infringements (for example, not having sufficient customer consent to process data or violating the core of privacy by design concepts) organisations can be fined up to 4% of their annual global turnover or €20 million, whichever is greater.
Each member state may introduce further fines legislation, which will be enforceable within that state only.
Lesser breaches
Under the GDPR, organisations in breach of the Regulation can be fined up to 2% of their annual global turnover or €10 million, whichever is greater, for lesser breaches. Some examples of lesser breaches include: not having records in order, not notifying the supervisory authority and data subject about a breach or not an conducting impact assessment.

Like

The above is the reason why all my requested documents were produced pronto by my diocese.

GDPR 2018 is serious legislation; hence why all dioceses now have dedicated data protection officers similarly to secular entities. They know the very punitive consequences of breaching this law.

Like

Send an email to the diocesan data protection officer:

From Cashel & Emly website:

Your Rights as a Data Subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

Right to be informed
Right to access information
Right of rectification
Right to erasure
Right to data portability
Right to object to processing of personal data
Right to restriction
Right to object to automated decision making, including profiling
Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Cashel & Emly will process personal data in accordance with our retention schedule. This retention schedule is governed by regulatory & legislative requirements.

Withdraw Consent
If we are relying on your consent to process your data you can withdraw this at any time – this does not affect the lawfulness of processing based on your consent before its withdrawal.

Complaints
In the event that you wish to make a complaint about how your personal data is being processed by Cashel & Emly, or how your complaint has been handled, you have the right to lodge a complaint directly with the Cashel & Emly, and the Office of the Data Protection Commissioner.

Contacting Us
If you have any questions or comments about our privacy notice or practices, please contact us. may modify or update this privacy notice from time to time at any time without prior notice. You can check the “Version” date below to see when the notice was last changed. We encourage you to check this notice often so that you can continue to be aware of how we are protecting your personal information. Your continued use of the website constitutes your consent to the contents of this privacy notice, as it may be modified from time to time.

Postal Address :

Tel: 050 421 512

Email: office@cashel-emly.ie

Version 0.10 June 2018

https://cashel-emly.ie/privacy-policy/

Like

If the “Magna Carta“ posters request their files from Gaynooth it will require an entire fleet of UPS vans! 🙂

Like

Och Pat, have ye no an update on the poor wee Scotties that used to be on here every day greetin their wee lamps out?

I’m put a mind of them listening to the whiney and whingey wee Scottie voice of Nichola Sturgeon here on the BBC.

Wee Inspector Hamish McTavish and his all the wee investigations he was carrying oot? Not a wee peep och aye the noo.

Like

We’ve had enough of the wee Scotties for a bit. Let’s have a rest from them. Otherwise there might be a muddah

Like

Och naye at all. Do ye no miss their wee whiney Scottie caterwaulin? Sure they’re bonnie and canny wee laddies. Where’s ma kist o’whistles till a play a wee wailin tune? Och aye.

Like

Pat I have been told that canon law does not allow records to be shared as the formators decisions are protected. What’s this?

Like

Frankly the church would like all its business to be secret from the world outside. Luckily responsible people in the world are realising what happens when you let the church police itself in any area.

Like

There is no such canon. There are many examples of canons that defer to civil law, probably based on Paul’s exhortation that Christians must be good citizens.

Like

A specified data controller/processor such as a diocese or seminary has to release all personal data held on file when requested to do so via a “Subject Access Request” pursuant to GDPR 2018.

Canon Law does not supersede such request.

Like

Dear Pat,
I’m glad to see your blog today. I requested my files last year. I later requested that the files be destroyed. There was some too and fro as they wanted to keep the files but there were no grounds to justify retaining them so in the end they were destroyed.
On a positive note the current bishop, on reviewing the file, apologised to me. He said it was clear that his predecessor had failed to take account of my good character and reports when he withdrew my nomination for seminary. This tied in with the seminary council who had unanimously supported my being there.
It was some consulatation of the years of psychological pain caused by that bishop. I had been genuine in my vocation and discernment. I genuinely did very well in seminary for altruistic reasons. But it wasnt enough for the bishop. I have always believed it was because I was both heterosexual and celibate. Such characteristics were not common in those who were ordained.
Like all men, I am not perfect. I have shortcomings. But my conduct in seminary will not have tarnished my soul.
I would encourage all ex-sems to enter their GDPR requests. It helps with the closure… plus it’s nice to give Mullaney something constructive to do.

Like

On Saturday night, on ‘The Ray Darcy Show’ which airs on RTE One, Ray Darcy interviewed the American actor Holt McCallany. Holt was sent, sometime in the 1970’s, the the Dominican run Newbridge College in Co Kildare. Holt described, on his first day at the college, being punched by a Dominican priest in the student’s dining room, sent flying knocking over his food and being them ordered to clean it up! The story has been reported in some papers today, aswell as online media. I just checked the Irish Dominican website and not a word; nothing, no apology or even acknowledgement of this outrageous abuse by a member of their order.

Like

What is Armagh’s position on data and GDPR? It doesn’t seem at all clear from its website. It says the data controller is the Archdiocesan Trust which is a registered Charity. Any query has to be submitted in writing and if you wish data about you to be erased or reviewed you have to give a reason why in writing and this may not be granted they say. Do they actually have a named data person contact and office as this all seems a bit suspect and vague. Who do you write to or email?

Like

On the subject just raised about Armagh, I wonder if that Armagh farmer and his Son will get their data back from Armagh. I imagine their correspondence and emails will be heavily redacted because of names connected to World Youth Day.

Like

It’s way past your bed time chum @ 10.59pm. Find yourself another fantasy before you sleep sewer mouth and brain.

Like

JResponding to my post @ 5:48. Anonymous 25th Nov 2019 @ 6:41 pm, wrote:
It’s a pity that certain individuals who issued legal threats against this blog didn’t follow through with same. Why didn’t they???
Answer: Because they knew they would be publicly humiliated and exposed as sociopathic liars and frauds.
_____________________________________________________________—
Somebody was able to have blogger close +Pat’s previous blog http://www.wisecatholic.blogspot.com
And it’s not unusual to hear of people up in court for persistenly hounding their victims on Social Media.
Here’s a recent report from the Free State of an Internet Troll getting three years. https://www.rte.ie/news/courts/2019/1114/1090892-harassment-case/

And there’s another thing that’s not being talked about. Some of the priests and seminarians regularly abused here for years are plainly gay men, and with further psychological problems As such they’re Suicide Risks. Do we want to drive them over the edge; in effect, KILL THEM ACCIDENTLY.

I’m not talking theoretically. One of my very first memories is of a funeral, following such a death, in 1943.

Like

Joseph Lollard @ 11:49. The so- called “formators” who were meant to be overseeing these men are the real abusers and frauds.
You are as a big a waster in Birmingham as you were in Maynooth.
Now give us all a break from your nauseating comments.
I am ready any time you, Connolly and Mullaney would like to go to court…Just Saying.

Like

You dope “Joseph Lollard”!
How could anyone be prosecuted for apparently “trolling” someone writing under a pseudonym???
Do you have anything between your ears?Seriously!

Like

Anonymous 25th Nov 2019 — 11:58 pm wrote, Barrack room lawyer now.

Better a barrack-room lawyer than a Canon Lawyer.

Like

Pat there must be a formal written report on the Kevin Connolly Stamullen incident with Stephen Wilson . Mayne try to phone Kevin Heery or Robert McCabe.

Like

IF an incident occurred, both of them are very unlikely to get involved. You might as well try ringing Tom Deenihan.

Like

No impossible, Kevin broke ranks with Tom deighan, it’s like what happened with John Harney lost interest in his body, wanted a newer younger model like Miss Stephen Wilson and her Trolly.

Like

Why did Kevin hot foot it back to Clogher overnight? No sooner had he been ordained a deacon for Meath, and after piddling all over his native diocese, he returns looking for tea and sympathy! Now he’s in a parish but won’t mix with the clergy…..strange!!!

Like

Mullaney threw me out of his Kitten network, Mullaney accused me of been disloyal. The greatest annoyance for Mullaney and his network is disloyalty.

Like

Wilson broke ranks and informed on Prior and Mullaney. Wilson is not prudent while intoxicated. Wilson even spoke of his previous relationship with Paul Prior, they met on a Ryan air flight, Wilson later explained how they later met up in a gay sauna in Barcelona.

Like

Leave a comment