SUSI Data Protection Statement

Who We Are

The Student Grant Scheme is administered by the SUSI Unit of City of Dublin Education Training Board (CDETB) as the student grant awarding authority designated by the Minister for Education and Skills under the Student Support Act 2011. CDETB is the joint Data Controller with the Department of Education and Skills for student grant applications under the Student Grant Scheme.

The Information you provide: what we use it for and who we share it with

We process information that you or other parties to this application (for example, parents/ guardians, partners, spouses of applicant students) provide to assess your eligibility for or entitlement to student financial support in a particular academic year.

The categories of personal data provided by you and collected by SUSI for the purpose of assessment are:

  • name, address and contact details, date of birth, PPS number
  • marital and family status
  • nationality
  • details of previous and current/future education
  • employment details
  • bank details
  • name, address and contact details, PPS number of parent/guardian
  • marital and family status of parent/guardian
  • employment details of parent/guardian
  • details of income of parent/guardian


Data Sharing and the use of External Data Sources

As part of conducting an assessment and ongoing grant management, we may share some or all of the data that you or other parties to this application provide with other Government bodies and agencies set out in Schedule 2 of the Student Support Act 2011.

To assist in the evaluation and support efficient processing of grant applications, SUSI may also receive data from other Government bodies and agencies as set out in Schedule 2 of the Student Support Act 2011.

Data may be transferred and received in batch transfers or on a case by case basis. We may use this data to confirm the accuracy of information provided by applicants or to replace legacy paper-based data sources to improve the timeliness and efficiency of application processing. All data sharing arrangements are governed by respective data sharing agreements with each of the data sharing bodies:

Agency / BodyPurposeInformation exchangedFormat
General Register Office (GRO)Validation of date of birth and nationality for applicants born in Ireland prior to 2005SUSI Application number
First name
Last name
Mothers maiden name
Department of Education and SkillsPost Primary Pupil Database is used to validate residency requirements for grant applications.
Clarify eligibility for a grant
Ensure accurate interpretation of the relevant grant scheme
Ensure operation of a grant scheme
Ensure provision of the appropriate financial support
Prevention and detection of fraud, including the provision of information to support criminal investigations or prosecutions
Facilitate annual transaction testing and audits
SUSI Reference number
Revenue CommissionersValidation of information income of employment / self-employment as provided on the application form
Prevention and detection of fraud, including the provision of information to support criminal investigations or prosecutions
Income details
For applicant and related parties to application
Department of Employment Affairs and Social ProtectionValidation of information where applicants indicate they are in receipt of social welfare payments
Prevention and detection of fraud, including the provision of information to support criminal investigations or prosecutions
to application
Payment name
Allowance information
For applicant and related parties
Direct Access
Department of Employment Affairs and Social Protection – MyGovIDVerification of identity
Facilitating registration and login to online SUSI account
Contacting applicant in order to process application for a student grant
First name
Last name
Email address
Telephone number
Secure Token Service (STS) and real time Application Programming Interface (API)
Department of AgricultureValidation information where applicants indicate they are in receipt of income from farming
Prevention and detection of fraud, including the provision of information to support criminal investigations or prosecutions

Business Identifier number
Reference year
Name of payment received
Dates of payments

Department of Justice and EqualityValidation of citizenship and nationalityName
SUSI Reference number
Person ID
Application ID
Legacy No
Permission to remain in the State
Date permission valid until
Case by case requests
Department of Housing, Planning, Community and Local GovernmentTo assist in the identification and processing of applications by persons in receipt of certain State paymentsName(s)
SUSI Reference number
Details of payments
Case by case requests
QQI (Quality and Qualifications Ireland)Verification of information regarding applicant’s prior education and/or equivalence of qualifications from other jurisdictionsApplication no.
Full title of course
Name of Relevant Awarding Institution
The year the Award was made
Details of attachment if any
Details of query
Copy of qualification (if any) received from applicant) may include identifiable personal information
NFQ level
Case by Case requests
Higher Education Authority (HEA)Verification and validation of details of previous academic history of a studentPPSN SUSI
SUSI Ref no.
NFQ level of course
Course Title
Return year
Year of graduation
Graduating Institution
Other grant awarding authorities (Local Authorities and Education and Training Boards)Verification and validation of previous grant support historyName
Date of Birth
Payment amount and name
Batch and Case by Case requests
HSE (TUSLA – the child and family agency)To assist in the identification and processing of applications by persons in receipt of certain State paymentsName
SUSI reference number
Information on documents required
CAO- Central Application OfficeTo assist in the identification of accepted college placesCAO application no.
Surname of Applicant
First name of Applicant
Date of Birth of Applicant
CAO Course code of net acceptance
Level of course
Name of course
Name of Institution offering course
Approved Further and Higher Education InstitutionsVerification that the student has registered on and is continuing to attend an approved course in an approved institutionSusi Application number
College Code
CAO number
Graduate Type
Student ID
Course code
Code Description
Course Year Last
Course Year This
Course Type
Course Level
Eligible for Free Fees
Rate last
Rate this
Percentage Fees Payable
Fees Payable Value
Registered and Progressing
Student Attendance
Other funding
File ID
Student Grants Appeals BoardProcessing and adjudication of any appeal to the Student Grants Appeals BoardAll information pertaining to the application. Batch
SOLASVerification and validation of course details. Course details. Batch
AbtranOutsourced contracted service provider for SUSI - Processing of post, hard copy documents, letters and phone callsAll information submitted for General Assessment. Batch and case by case requests



The application process requires you and other parties to the application to provide contact information. We will use this information contact you for the following purposes:

  • to contact you or other parties to the application about the application,
  • to administer the application,
  • to administer any grant payments that we determine by this application you may be entitled to.

Consent and Enquiry Handling

It is necessary to process certain personal data provided by the applicant and other individuals connected to them or related to them in order to correctly assess entitlement to student support funding.

To ensure efficient, accurate, and equitable processing of applications, we may take into account any information provided that related household members have applied for student support. If an applicant provides information that another party to the application or member of the household is also an applicant for, or is in receipt of, a student grant, SUSI will record the link using applicants’ PPS numbers in order to assist efficiency and consistency in processing of grant applications.

You or other parties to your application can contact the SUSI support centre to make enquiries about the status of an application. In order to facilitate such enquiries, SUSI will share information about the status of an application with all parties to that application. Contact centre staff will ask verification questions to ensure that we only share information with a party to the application.

We will not provide personal data of a party to an application to other parties to the application without their consent. We will limit the information that we share to the status of the application and clarification of any outstanding supporting documentation or actions that are required to progress the application. In circumstances where disclosure of such information to another party to the application is not desired for personal reasons, the applicant should alert SUSI to this so that we can put appropriate controls in place on a case by case basis.

In circumstances where a third party (not a party to the application) requests information, personal data will not be shared without the consent of the subject of the information.

At the point of application and in the SUSI online account, under the ‘Data Privacy’ section, it is possible for individuals to provide consent and authorise SUSI to communicate with other people of your behalf. The purpose of this section is specific to processing information during enquiry handling while an application is being processed. Where consent has been provided, SUSI may discuss your details with the individuals selected/named for the purpose of enquiry handling.

You may also provide consent by completing and submit a Third Party Authorisation form.

Please click here for SUSI Third Party Authorisation


In circumstances where you or a party to the application provides personal data pertaining to another person who is not party to the application, consent must be provided by that person directly in order to allow SUSI process their information.


Pursuant to Section 91 of the Data Protection Act 2018 and Article 15 of the GDPR, individuals may access their personal data and request a copy of their data held by SUSI.

Please click here for SUSI Subject Access Request(s)  SAR Procedure and Form

Data Retention & Processing

SUSI will keep the data provided on a secure Students Grants Database for the purpose of on-going administration, audit and review. SUSI will not keep personal data for any longer than is necessary and/or as required by law, whether under the Data Protection Legislation or otherwise. SUSI may share the data submitted via the application process with authorised agents or third parties who act on behalf of SUSI pursuant to a contractual relationship. SUSI continues to be the Data Controller for this data and these authorised agents act as Data Processors on our behalf. Such agents or third parties are only permitted to use the personal data as instructed by SUSI. They are also required to keep the data safe and secure.

Applicants and parties to applications may speak to employees of SUSI (or agents acting on its behalf) by telephone. To ensure that SUSI provides a quality service, the telephone conversations may be recorded. SUSI will treat the recorded information as confidential and will only use it for staff training/quality control purposes, and for confirming details of the conversations with SUSI.

If applicants and parties to applications requests that SUSI communicates with him/her by email, the applicant is solely responsible for the security and integrity of their own email account. The transmission of information via the internet is not completely secure and consequently, while SUSI will take all reasonable security measures, it cannot guarantee the privacy or confidentiality of information being passed via the Internet; any transmission is entirely at the applicants own risk.

For further information on data collected on our website, please see our Privacy Statement.


Records of all personal information are stored in centralised databases (including computerised and manual files) in the SUSI data centers and in the document management systems of our outsourced Data Processor, Abtran. All storage facilities are located in Ireland. SUSI take appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of the data and against their accidental loss or destruction. Data Processing and Data Sharing agreements entered in to between SUSI and the agencies / bodies with whom it exchanges data take account of the security measure requirements necessary to protect the data.

Use of Cookies

‘Cookies’ are small text files that may be written to a website user’s computer for a variety of purposes. See for more information on them and how to control them. Consent is required where the cookies being written are not essential for the ‘Information Age Service’ being availed of.

The system makes use of Cookies when users have accessed the secure application pages ( The cookies which are written are essential for the Information Age service. They control the security of user sessions, support accessibility settings for visually impaired users, and support translation of the user interface for applicants submitting applications in the Irish language. No cookies are written when visitors arrive on the landing page (

This website uses cookies to give you the best experience. Agree by clicking the 'Accept' button.