IT Policies

Privacy Policy

This policy outlines the rules and guidelines privacy policies

Policy ID: IT-POL-007
Effective Date: September 15, 2023
Last Updated: September 5, 2023
Approved by: IT Security Committee

1. Purpose

This Privacy Policy explains how the university collects, uses, protects, and shares personal and institutional data to ensure transparency, compliance with legal requirements, and respect for individual privacy rights.

2. Scope

This policy applies to all university departments, staff, students, contractors, and external partners who handle, process, or access personal or sensitive information in electronic or physical form.

3. Data Collection

  • The university collects personal data for academic, administrative, and legal purposes only.
  • Information collected may include names, contact details, identification numbers, academic records, and login credentials.
  • Data will be collected directly from individuals or authorized third parties with consent when required.

4. Data Use

  • Personal data is used only for legitimate academic, administrative, or operational needs.
  • Data will not be shared with third parties without legal or contractual requirements, or explicit consent.
  • Aggregated or anonymized data may be used for research and reporting purposes.

5. Data Protection

  • All personal data is stored securely using encryption and access control measures.
  • Only authorized personnel may access sensitive information, and only as needed for their roles.
  • Regular audits and security assessments are conducted to prevent unauthorized access or data breaches.

6. Rights of Individuals

  • Individuals have the right to access their personal data and request corrections if inaccurate.
  • Requests to delete or restrict processing of personal data will be reviewed according to legal and academic obligations.
  • Concerns about privacy practices can be reported to the university IT Directorate or data protection officer.

7. Data Retention and Disposal

  • Personal data will be retained only as long as necessary for its intended purpose or legal requirements.
  • Data no longer needed will be securely destroyed using approved methods.

8. Policy Updates

The university may update this Privacy Policy to reflect legal, technological, or operational changes. Updated versions will be published on the official website with effective dates clearly indicated.

Download PDF Print Policy Share Policy Report Issue

Related Policies

Security Policy

Guidelines for protecting company data and systems from threats.

View Policy

Data Management

Policies for handling, storing, and classifying company data.

View Policy

Network Usage

Rules for using company networks and internet access.

View Policy