Last updated: 31/10/2018
Pursuant to the General Data Protection Regulation, national data protection laws of the various Member States, and other privacy regulations, the responsible entity (“Controller”) is:
University of Nicosia
46 Makedonitissas Avenue, CY-2417
P.O. Box 24005, CY-1700
+357 22 841 528
University of Nicosia is a corporate body organized in accordance with Cyprus law, and Mr. Antonis Polemitis is authorized to represent the University.
For processing purposes the University is also the processor.
University of Nicosia Data Protection Officer contact details:
A. & E. C. Emilianides, C. Katsaros & Associates LLC
192 Ledras, 3rd Floor,
1011 Nicosia, Cyprus
Tel: + 357 22 676752
Fax: + 357 22 676754
E-mail: [email protected]
A. Data Processing
Type of personal data held by the University of Nicosia:
The University holds information relating to you from different sources. Nevertheless the information we hold come essentially from the information you personally provide us.
Our records contain:
- Your contact details
- Your biographical information
- Details of your education
- Your personal university identifiers
- Details about your family
- Socio-financial information relating to you and your family
- Your student’s academic achievements as well as examination scripts and results
- Information about your areas of interest
1. Accessing this website and creation of log files
Information are collected every time this website is accessed or used. These data and information are stored in log files on the server and can include:
The temporary storage of data and log files is lawful pursuant to Art. 6 (1) General Data Protection Regulation.
The IP address is temporarily stored in the system as it is necessary to provide website access to the User’s computer. The IP address is retained while that website is being accessed.
These log files are stored to ensure website functionality, optimize the content of our website, and ensure the security of our IT system.
The data will be deleted when they are no longer needed for the purpose they were collected. For data collected to provide access to the website, this will be at the end of every session.
For log files, this will occur after seven days at the latest. Some data may be preserved for a longer period of time, in which case user IP addresses are deleted or removed, rendering it impossible to link the data to any individual.
The purpose of these technical cookies is to simplify website use.
Cookies are stored on the User’s computer and transferred to us. That is why you, as the User, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings. Cookies already stored on your hard drive can be deleted at any time. This can also be done automatically. However, disabling cookies for our website may result in some functions not working correctly.
Users can register on the EMSI webpage by providing personal data. All information requested in the online data entry form will be transmitted as part of the registration process.
You will be asked to grant your consent for the processing of this data as part of the registration process.
These data are processed subsequent to user consent pursuant to Art. 6 (1) GDPR.
User registration is necessary to provide specific content and services on our website, including the creation and administration of user accounts, participation in surveys, forums, job, portal and the administrative tasks associated with them.
The data will be deleted when they are no longer needed for the purpose they were collected.
4. Contact form and email contact
There are contact forms on the EMSI webpage that can be used to communicate electronically. When registering, the data entered by you into the online data entry form will be transmitted. Your consent is required for the processing of this data, and you will be referred to our Privacy Statement and asked to grant your consent when you send the form.
Alternatively, contact may be initiated using an email address provided by you. In this case, the personal data provided in the email will be stored. This information will not be passed on to third parties.
These data are processed subsequent to user consent pursuant to Art. 6 (1)GDPR.
The processing of information received from the sending of an email is lawful under Art. 6 (1) GDPR.
These data are only stored for the purposes of processing that communication. The data will be deleted when they are no longer needed for the purpose they were collected.
5. Your reinforced rights:
The University of Nicosia has taken appropriate measures to provide any information relating to your rights as well as the exercise of these rights. Under Chapter III of the GDPR you have the following rights:
I. Transparent information, communication and modalities for the exercise of your rights
You have the right to be provided with your data freely and in an intelligible and easily accessible form. Following your request, the University of Nicosia shall provide information without undue delay and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. In that case the Univeristy of Nicosia will inform you for the reasons of the delay.
II. Information to be provided where personal data are collected from the data subject
You have the right to know the contact details of the agent who collects your data, the contact details of the Data Protection Officer (‘DPO’) that was appointed by the University of Nicosia, the purposes of the processing for which the personal data are intended, the legal basis for the processing, the recipients or categories of recipients of the personal data and where applicable the fact that the controller intends to transfer personal data to a third country.
III. Right of access
You have the right to request and receive a copy of your personal data undergoing processing. However, for any further copies requested, the University of Nicosia may charge you a reasonable fee that is based on administrative costs.
IV. Right to rectification
You have the right to obtain from the University without undue delay the rectification of inaccurate personal data concerning you
V. Right to erasure (‘right to be forgotten’)
There is a right to ask for the erasure of your personal data and that they are no longer processed where the personal data are no longer necessary in relation to the purposes for which they are controlled or otherwise processed.
Hence, in the cases where the University retains and process personal data in accordance with the provisions of Article of the GDPR, the University may object to such a request and may keep the relevant personal data that are required in order for the University to comply with its legal obligations.
VI. Right to restriction of processing
You have the right to restrict processing where the accuracy of the personal data is contested by you, the processing is unlawful and there is pending verification as to whether the legitimate grounds of the University of Nicosia override those of your rights.
Therefore, we ensure that the University of Nicosia has in place a procedure where you have the right to restrict the processing of your personal data. Nonetheless, for those personal data that are necessary for compliance with a legal obligation, the University may object to the restriction.
VII. Right to data portability
You have the right to receive the personal data concerning you, which you have provided to the University of Nicosia, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.
VIII. Right to object
You have the right to object to the processing of your personal data. However, if the University of Nicosia lawfully processes such data under Article 6(1) (c), the University will still have the right to process the data.
IX. Automated individual decision-making, including profiling
You have the right not to be subject to a decision solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects.