Frederick University is a private university operating in the Republic of Cyprus, a member state of the European Union. It began operating in September 2007 following a decision of the Council of Ministers of the Republic of Cyprus and following the successful, long-standing course of the Frederick Institute of Technology in education and research. In January 2012, the University received its final operating license following a decision of the Council of Ministers.
The mission of Frederick University is to provide learning opportunities through teaching and research in the fields of science, technology, social sciences, and the arts, as well as to make a systematic contribution to the broader social context. The education offered is of high quality and leads to recognized qualifications that ensure the professional careers and development of the University’s graduates in Cyprus and abroad.
The main objectives of Frederick University are:
Within the framework of providing Frederick University’s services, and in order to enhance their effectiveness, certain personal data concerning you is collected. Frederick University, as Data Controller, determines all the procedures, means, and purposes of the processing of personal data, in accordance with the requirements of the relevant European legislation on personal data (General Data Protection Regulation – Regulation 2016/679).
More specifically, it has an obligation to facilitate the data subject whenever the latter wishes to exercise their legally and institutionally established rights. Some of the most fundamental rights of the data subject are those of information, access, rectification, erasure (“the right to be forgotten”), restriction of data, portability, and objection. The central importance of these rights can be summarized as follows: the data subject has the inalienable right to know not only that their personal data is being collected and processed, but also what that data is. They may request the correction of inaccurate information and its updating. They also have the right to request the deletion of data, subject to certain necessary conditions. In particular, they may take such action when, for example, the data is no longer necessary, they have withdrawn their consent, or the data is the product of unlawful processing. In all these cases, the person invokes harm to their personality.
Through this Personal Data Protection & Privacy Policy (hereinafter “Policy”), we wish to present to you, indicatively, certain of our practices and policies regarding the collection, use, sharing, and processing of data collected from or about you.
This Policy applies regardless of whether you access our website via your personal computer, mobile device, or any other technology or device. For any inquiries, you may contact the Data Protection Officer of Frederick University at info@ucert.frederickuniversity.gr.
| No. | Purpose of data processing | Personal data | Possible consequences of failure to provide personal data | Legal basis for processing |
| 1. | Registration as a student in the University’s study programs | Necessary personal identification details (e.g., full name, father’s name), contact details, consent declaration | Failure of registration/failure to commence studies | Performance of contract/Legal obligation/Consent |
| 2. | Communication with the student or third parties/organizations to offer informational news about the University’s programs and/or services | Contact details (full name, address, telephone, email address) | Inadequate provision of services | Performance of contract/Consent |
| 3. | Recording of data for historical, statistical, and research purposes (file archiving) | Necessary personal identification details (full name, father’s name, address, telephone number, email address, registration number) | Inability to archive the file | Legal obligation/Consent |
| 4. | Communication with the student or a third party (company, organization) to settle financial obligations | Personal identification details | Financial default | Legal obligation/Performance of contract |
| 5. | Submission of reports to the competent national regulatory authorities (e.g., for tax purposes) | Personal identification details, financial information, social insurance information | Failure to fulfill a legal obligation | Legal obligation |
| 6. | Submission of student data to partner bodies (such as academic institutions or professional organizations) for communication purposes | Personal data | Inability to communicate/deficient execution of cooperation | Legal obligation/Consent |
| 7. | Collection of data for the purposes of investigation, prosecution, and identification of criminal offenses, and protection of the University’s property | Personal identification data (image) | Inability to investigate, prosecute, or identify criminal offenses | Legal obligation/Performance of contract/Notification/Consent |
DISCLOSURE OF PERSONAL DATA
We will not assign, disclose, or rent your personal information to any third party/organization/body in any manner other than as described in this Policy. However, we reserve the right to disclose your personal information to third parties:
3.1 In the event of compliance with any legal or regulatory obligation, as described above.
3.2 In order to cooperate with law enforcement authorities for the enforcement of laws, as well as for the investigation and prosecution of illegal activities such as fraud or damage to property. We reserve the right to disclose any information relating to you to law enforcement bodies and other competent authorities that, in our assessment, is necessary or related to any investigation of fraud or other illegal activity.
Specifically, these authorities are:
3.3 We will not disclose your personal data to third parties outside the European Union in countries where there is no adequate data protection regime. However, should such a data transfer need to take place, it will be carried out in accordance with the necessary safeguards established under European legislation (Regulation 2016/679) and following prior cooperation with the national supervisory authority for the protection of personal data, namely the Office of the Commissioner for Personal Data Protection of the Republic of Cyprus.
DATA RETENTION PERIOD
4.1 Your data is stored only for as long as necessary for the purpose for which it was collected, in accordance with the principles of data minimization and storage limitation.
Based on these principles, your data will be retained for as long as your relationship with Frederick University continues. After the end of your contractual relationship, your data will be retained for longer periods for historical, research, and statistical purposes. In particular:
In addition, we align the retention of your data with any variations arising from the exercise of your personal data protection rights. Nevertheless, in certain cases, specific personal information may be retained beyond this period due to possible legal obligations, legitimate interests, etc. Such cases are possible matters relating to:
DATA STORAGE
5.1 The data of both students and academic and administrative staff of Frederick University is kept and stored in the Archive Office of Frederick University, under the sole supervision of the Head of the Office. Access to this data is granted to the University’s Administration, the Deans of Schools, the Heads of Departments for academic purposes, as well as administrative officers in the course of performing their duties.
5.2 Data of other persons (such as suppliers or other individuals who cooperate with Frederick University under any form of contractual relationship), i.e., different from those in paragraph 5.1, are kept and stored in the Accounting Office of Frederick University, under the sole supervision of the Head of the Office. Access to this data is granted to the members of the Board of Directors of Frederick University.
YOUR PERSONAL DATA PROTECTION RIGHTS
6.1 At any time, while we retain or process your data, you retain the following rights and may submit a relevant request through your personal account:
6.2 We will evaluate your request and respond to you regarding its progress (approval of request, partial approval of request, rejection of request) as soon as possible and in any case within one month of its submission.
6.3 If your requests are exercised repeatedly, require disproportionate technical efforts, or could infringe on the privacy of third parties, we may either reject them as unfounded or require the payment of a reasonable fee. In any case, responses to your requests from Frederick University will be justified and communicated to you (either in writing or electronically).
6.4 You have the right to lodge a complaint directly with the national Supervisory Authority for the Protection of Personal Data and with the Data Protection Officer of Frederick University.
UPDATING YOUR PERSONAL DATA
7.1 Except in exceptional cases, you can review, update, or delete certain personal information.
7.2 You can obtain a copy of your personal data through your personal account. For your protection, you will need to prove your identity in order to receive such copies. You should include the necessary information to identify yourself, as well as any additional relevant information that will help us fulfill your request. If you wish to terminate your cooperation or relationship with Frederick University, you may also contact the University’s Administration (if you represent a company or other organization) or the Registrar’s Office (for students). We will comply with such requests, unless we have a legal obligation and/or legitimate interest in not deleting the data.
SECURITY
8.1 Frederick University takes every necessary, appropriate, and suitable measure to safeguard your personal data undergoing processing, so as to prevent or minimize any infringement thereof. These measures comply with both modern best practices and the requirements of European legislation. Indicatively, the techniques of pseudonymization and encryption are mentioned. Naturally, other methods are also employed, such as the creation of strong security passwords, monitoring and detection actions under lawful conditions, and strict adherence to a confidentiality policy. All these actions aim to protect the data from misuse, unauthorized access or disclosure, loss, alteration, or destruction.
SENDING PROMOTIONAL MESSAGES
9. The sending of promotional messages by any means (electronic or printed) regarding the University’s programs and events/news is carried out exclusively and only after obtaining the free and explicit consent of the data subject.