General Data Protection

GENERAL DATA PROTECTION REGULATION

The philosophy of Ctl Eurocollege is to respect, protect, and secure the personal data and privacy rights of all individuals within its community. To achieve this we have issued guidelines on how data is handled.

Any processes of personal data shall be made pursuant to local legislation, including, but not limited to, the Cyprus Law (The Processing Of Personal Data (protection of individuals) Law 138 (i) 2001 as amended), and when applicable from 25 May 2018, the EU General Data Protection Regulation (GDPR). The “Controller” is Ctl Eurocollege, and personal data shall have the same meaning as in the Cyprus Law and the GDPR.

Your personal data will be processed only by the competent personnel and staff of the College. This data will be processed in order to comply with local and international laws, regulations and standards. You are informed and acknowledge that the College may legally conduct any necessary and immediate processing of your personal data for the purposes of the College carrying out its legal obligations and legitimate interest. 

Your personal data may be shared among our associates and / or agents for your admission purpose and the relevant governmental departments for your visa obtainance. In other cases where your specific and/or explicit consent becomes necessary to process your personal data, the College will provide you with a separate declaration.

You reserve the right to object, grant access, and be kept informed on any matter pertinent to your personal data. Your personal data will only be retained for as long as necessary, unless any legislation requires for a specific retention period. Furthermore, should you disagree with or object to any matter concerning the processing of your personal data, you have the right to put this in writing to the Ctl Eurocollege.

The College does not disclose your personal data to third parties, except where necessary for the purposes of professional, legal, or accounting obligations and/or advise to the College. These third parties are required to comply with the applicable EU data protection law and standards and to use your personal data strictly for the purposes described in this Policy.

The College will take appropriate technical and organisational measures intended to protect against unauthorised or unlawful processing of your personal data and against accidental loss or destruction of, or damage to, your personal data.

Conditions for the lawful processing of personal data according to the Personal Data Processing Law (Protection of Individuals) N. 138 (I) / 2001:

Personal data is:

1. Processed fairly and lawfully.
2. Collected for specified, explicit and legitimate purposes and is not further processed in a way incompatible with those purposes.
3. Relevant, appropriate and not excessive in relation to the purposes of processing.
4. Accurate and, where necessary, kept up to date.
5. Kept in a from which permits identification of data subjects for no longer than is necessary, at the Commissioner’s discretion, for the fulfillment of the purposes for which they were collected and processed. After the expiry of this period, the Commissioner may, by a reasoned decision, allow the preservation of personal data for historical, scientific or statistical purposes, if he considers that the rights of the data subjects or third parties are not affected.

The Data Subject has the following rights:

1. To be informed about the processing of his/her data.
2. To have access to his/her data.
3. To object to the processing of his/her data.
4. To be compensated for any damage caused by reason of violation of the Law.

For more information please refer to www.dataprotection.gov.cy