SECURITY SYSTEMS AND PRIVACY
All data included on the University website are subject to law no. 9887, on 10.03.2008 "On the protection of personal data", as amended. This privacy announcement tells you what to expect when the university collects your personal information. This applies to information collected, related to:
ACADEMIC AND NON-ACADEMIC STAFF AND STUDENTS
Barleti University has the official website of the institution,www.umb.edu.al. Through the official website, Barleti University transmits and collects information. The data collected by us, as a controller of personal data, in relation to academic and non-academic staff, as well as students are not used for other purposes, which are not consistent with the purpose of collection. Specifically, for academic and non-academic staff the system collects personal data, which consists of: identification data and email address, while for students the system collects personal data, which consists of: identification data, email address, address, identification document number, as well as the number of high school diploma, or university diploma used toenroll in a study program at Barleti University. The collection of these data is in function of the activity that this university exercises in accordance with law no. 9741, on 21.05.2007, "On Higher Education in the Republic of Albania", as amended and bylaws issued in its implementation, as well as the Statute and Regulations of the institution. The collection and processing of this data through the digital system of the university network is made in the framework of the digitalization of the administration of the database maintained by the teaching secretaries. Data on students are also collected for the purpose of statistical information required by the Ministry of Education. In some cases, sensitive data may be collected for students, based on the decisions of the respective Council of Ministers, which are issued for each academic year regarding admission quotas and tuition fees. Recognition or any processing of the recorded data for a purpose other than the one for which this data was collected, is prohibited. Excluded from this rule is the case when the data are used to prevent or prosecute a criminal offense or other cases provided by law. Data documentation is kept for as long as is necessary for the purpose for which it was collected. The right of access is exercised in accordance with the constitutional principles of freedom of expression and information, freedom of the press and professional secrecy. The right of access may be restricted if it violates the interests of national security, foreign policy, the economic and financial interests of the state, the prevention and prosecution of criminal offenses.
ACCESS TO PERSONAL DATA
Barleti University, as a personal data controller, tries hard to be as open as possible to give access to students and academic or non-academic staff to their personal data. Individuals canbe informed whether we keep any personal data by sending us a "request for access to personal data" under the amended Personal Data Protection Act. If we keep your personal information:
To make a request to Barleti University for any personal data we may keep, it is necessary to make a written request to the Directorate of Human Resources Management and Information [email protected], PA, or to send it to the address: [email protected] If we keep information about you, you can ask us to correct any errors in it by contacting, once again, the Human Resources Management and Information Directorate, PA.
VISITORS ON OUR WEBSITE
Barleti University has the official website of the institution,www.umb.edu.al. Through the official website, Barleti University, as a controller of personal data, transmits and collects information. For visitors to our website www.umb.edu.al the system collects standard information, which relates to their online registration, clicks on articles or sections on this site. This information is collected for statistical purposes (to show the access of visitors, to see which are the most sensitive sections and consequently the interest of personal data subjects, always without making them identifiable). We, as personal data controllers, collect this information in such a way that we do not identify any visitors. We make no attempt to find out the identity of the visitors who have visited our website. Barleti University, as a controller of personal data, does not use (and does not allow any third party) statistical analytical tools to track or collect personal information that makes visitors to our official site identifiable. We do not link any data collected from this site to any personal data that makes the visitor identifiable from any source that comes as part of our use.
The search engine on our website is easy to use. It is locked to our server and constantly indexes the content on our website. All search requests are handled by the application and the information is not disseminated to any third party. If we would like to collect personally identifiable information through our website, we will make it clear to you when we collect personal information and explain what we intend to do with it.
PERSONAL DATA SECURITY MEASURES
We, as controllers of personal data, take appropriate organizational and technical measures to protect personal data from unlawful collapse, accidental loss, to protect access or dissemination by unauthorized persons, especially when data processing is made on the network, as well as from any other illegal form of processing. Barleti University, as a personal data controller, also takes these special security measures:
The protection of personal data is done, among other things, by taking security measures, as follows:
The premises in which personal data will be processed must be protected by organizational, physical and technical measures to prevent the access of unauthorized persons to the premises and equipment that personal data will be processed with. The implementation of security measures should be done in accordance with the level of security of data and information administered, as well as indicators of the level of risk that may arise from unauthorized exposure of stored information.
The following security measures are applied in the premises where personal data are processed:
In the premises where protected (personal) data are processed, can stay:
Electronic data processing and information devices in UniBa structures are used only for the performance of the tasks defined in the regulations. Only ICT employees, who are previously trained in their use, use these devices. The Information Technology Sector makes training of personnel dealing with automatic data processing. For any error or defect in the systems / databases of the institution, the system administrator is notified. Based on the request, he makes the relevant adjustment. The Information Technology Sector manages programs for managing data and information purchased or donated by various donors. When a program intended for the processing of personal data is created at the initiative of an external employee or a contracting entity, which is not involved in the development of the organization and planning of programs, before being involved in the use of the program, it must be approved by the Rectorate. After approval, the Rectorate organizes its installation in electronic devices. For each program the Information Technology Sector can determine:
Furthermore, regarding the personal data security measures in UniBa, you can read the Regulation "On the protection, processing, storage and security of personal data" of this university, published on the official website www.umb.edu .al, in the section "Privacy policies".
DISSEMINATION OF PERSONAL DATA
The extraction or dissemination of data by us, as controllers of personal data is done in accordance with the purpose (s) for which they were collected, retained or processed. This compatibility consists of:
CHANGES TO THIS NOTICE ON PERSONAL DATA PROTECTION
We, as personal data controllers, will update this notice on a regular basis, assessing privacy policies as extremely important throughout the activity that Barleti University performs under the amended law no. 9741, on 21.05.2007, "On Higher Education in the Republic of Albania”
COMPLAINTS OR QUESTIONS
Barleti University, as a personal data controller, strives to meet the highest standards in the collection and use of personal data. Any request for this should be sent to the email address: [email protected] Also, for more information on the collection and use of personal data by Barleti University, as a personal data controller, you can read the Regulation "On protection, processing, storage and security of personal data", of this university, published on the official website www.umb.edu.al , in the section " Privacy policies ".
INFORMATION SECURITY POLICY
Barleti University, as a controller of personal data, processes information in order to perform its legal and statutory duties. This may include confidential information about students and academic or non-academic staff. Barleti University uses a risk-based approach in assessing and understanding risks, and uses all the physical, technical and procedural tools of staff to achieve appropriate security measures. Barleti University, as a controller of personal data, takes into account developments in technology and implementation costs to achieve a level of security, appropriate to the nature of the information and the damage that may result from a security breach. The staff of Barleti University is subject to the obligation to maintain the confidentiality of information, which is given to the latter to exercise its functions in accordance with the law, and may distribute it only to lawful authorities. Barleti University provides guidance and training to its staff to enable them to understand and implement their responsibilities in respecting safety. Barleti University assesses their integrity before they are hired, as well as monitors their compliance with their security obligations.