Data Protection

A new law around the protection of personal data, the General Data Protection Regulation (GDPR) came into force across Europe on 25 May 2018.


The new legislation is a change to the law relating to personal data.

Its purpose is to increase transparency in relation to the way your personal data is used and should help to provide you with more control. The introduction of the GDPR will affect everyone in the EU, and in some circumstances will affect the handling of personal data outside the EU as well. It aims to provide you with more data transparency, as well as more control over how your personal information can be used when it comes into force. 

The Institute of Banking aims to provide the best possible protection for personal information held by the Institute and is fully committed to taking all necessary actions to ensure compliance with the new legislation. 

Why does The Institute of Banking collect and use my personal information?

There are a number of reasons why the Institute collects and uses your personal information.

We have outlined some of these reasons below but if you’d like to find out more, please read our Data Protection Notice

  •  To give you access to education programmes, on-going learning, continuing professional development, career support and networking opportunities
  •  To organise events, conferences and webinars
  •  To provide other operational supports (e.g. eCPD support)
  •  To provide and promote information on our membership, education, designation and continuing professional development services
  •  To safeguard and promote the welfare of members
  •  To carry out surveys and statistical analysis
  •  To ensure we provide you with the best service possible
  •  To confirm to third parties on request that you are a member of the Institute, subject to your consent
  •  To tailor communications to make them relevant to any preferences that you have demonstrated
  •  To meet our legal and regulatory obligations

What is a Data Protection Notice?

A Data Protection Notice is a notification which provides detailed, clear explanations of how the Institute manages your personal information.

The GDPR requires every organisation which processes personal data to publish a data protection notice.

What are some of the main changes I will see as a member?

The GDPR will give you enhanced control over your personal information by setting out additional and more clearly defined privacy rights, which you can exercise.

Rights for members under the GDPR include the:

  •  right to access your personal information
  •  right to have inaccuracies corrected and incomplete information updated
  •  right to have information erased
  •  right to object to processing personal information in certain circumstances (e.g. in relation to direct marketing)
  •  right to restrict processing
  •  right to have your personal information sent directly to yourself or another organisation
  •  rights in relation to automated decision making and profiling
  •  right to withdraw your consent at any time, where processing is based on consent. 

Does the Institute share my personal information?

We sometimes need to share your personal information with trusted third parties. For example, when studying on an accredited programme, we share your information with UCD.

The Institute is also required to co-operate by law or otherwise through a legal process with Irish, EU regulatory or enforcement bodies such as the Central Bank of Ireland.

How secure and confidential is my personal information?

We use different security technologies and procedures to help protect your personal information from unauthorised access, use or disclosure. The security of your personal information is exceptionally important to us and we put a huge effort into protecting it.  Our Data Protection Notice outlines how we do this in more detail.

For how long does The Institute of Banking retain my personal information?

This depends on the nature of the information we hold and the purposes for which it is processed. Sometimes there are statutory obligations (imposed on us by law).

Where do I get more information?

You can find out more about your privacy rights and how you can control the personal information The Institute of Banking holds about you in our Data Protection Notice available here

How do I complain?

If you have any questions about the information we hold about you or have a complaint about the use of your personal information, please let us know. We will try to resolve any query or concern you raise with us. You may contact us by sending an email to [email protected] or by writing to the Data Protection Officer, The Institute of Banking, 1 North Wall Quay, Dublin 1.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority. The supervisory authority in Ireland is the Data Protection Commission, Canal House, Station Road, Portarlington, Co. Laois R32 AP23. Phone: (057) 8684800. Email: [email protected]