University of Zagreb

Faculty of Kinesiology

PRIVACY POLICY

PRIVACY POLICY

 

This privacy policy, based on the General Data Protection Regulation (Regulation, GDPR) and other regulations governing the rules for the protection of personal data, explains which personal data is collected in relation to our activities, how we process, use and protect these data, for what purposes we use them, as well as your rights related to the protection of your privacy and your personal data.

 

THE FUNDAMENTAL PRINCIPLE OF OUR ACTIVITIES IS PRIVACY AND DATA PROTECTION

 

The privacy of individuals and the protection of personal data are fundamental human rights. We at the Faculty of Kinesiology have a duty to take care of the privacy of individuals whose personal data we process and store. We ensure the personal data are collected and processed only when necessary.

 

The Faculty of Kinesiology adheres to the following principles with the aim of protecting the privacy of its current, former and potential students, students of doctoral studies, our employees and external associates, users and visitors:

  • We do not collect more information than is necessary
  • We do not use personal data for purposes other than those mentioned
  • We do not keep personal data if it is no longer necessary
  • We never sell, borrow or distribute personal data
  • We do not send personal data to third parties without your knowledge
  • We do not use any automated decision processing and decision making or profiling
  • We do not transfer personal data outside the EU/EEA except for the purpose of fulfilling international agreements and organizing international conferences, which we inform you about separately
  • We continuously ensure that personal data is stored safely.

 

It is important to read our privacy policy and we hope that you will take time and your attention. We tried to write it as clearly as possible and to be understandable to everyone, with the desire to maintain your full confidence in the way we treat your personal data.

If, after you have read them, you will have further questions about the protection of personal data or wish to exercise any of your rights in the protection of personal data, please contact our

 

Data Protection Officer

Igor Barlek, CIPP/E

e-mail: bi@biconsult.hr

 

This privacy policy, as well as our website, is designed to ensure a high level of protection of your personal data and will be continuously updated and improved.

This privacy policy was updated on 18 September 2024.

 

DATA CONTROLLER

 

The University of Zagreb Faculty of Kinesiology acts in relation to your personal data as our students of our study programmes, our employees, professors, assistant professors, lecturers, external associates and users and visitors, in the role of controller which determines the purpose and methods of processing your personal data and takes care of ensuring all measures of your personal data security.

 

Your personal data controller:

The University of Zagreb Faculty of Kinesiology

Horvaćanski zavoj 15, HR-10000 Zagreb, Republic of Croatia

 

 

HOW AND WHAT DATA DO WE COLLECT?

 

When applying for our study programmes

In accordance with the conditions of the public call for application to study programmes, i.e. university studies and professional studies, applications are made through the National IT System of Applications to Higher Education Institutions (NISpVU) under the jurisdiction of the Agency for Science and Higher Education (AZVO) as data controller and CARNET as a data processor providing IT infrastructure. In the further application procedure, in addition to data obtained from the NISpVU and in line with the requirements and criteria of the publicly available selection procedure prescribed by the Faculty Council, we collect personal data of future students for the purpose of concluding a study contract, as well as data on health status for the purpose of preventing the occurrence of undesirable consequences on health as a vital interest of students according to the GDPR Art. 9 provisions.

In accordance with the conditions of the public call and the criteria for the ranking of applicants during the application procedure for postgraduate doctoral studies, personal data from CVs, data related to previous education and all other data necessary to prove the fulfilment of the criteria for concluding a study contract are directly collected.

In accordance with our legal obligation for all our students we also collect a photograph for application on the Student identity card (Smart X-Card).

 

Personal data of our study programmes students, employees, external associates and users and visitors

In accordance with the Act on Scientific Activity and Higher Education and subordinate legislation, the higher education and professional and scientific activities are carried out through our in the exercise of our public authority and, among others, we conduct the following data processing:

  • records of the candidates applying within the study application procedures;
  • records of students attending study programmes, as well as studies in special educational and scientific programmes and EU projects;
  • records on the examination grades and other study obligations, student work, extracurricular activities and participation in competitions and professional and scientific achievements;
  • records of issued documents on the completion of studies and acquired academic and professional titles and academic degrees;
  • other records prescribed by law and subordinate legislation, implementing and general acts

 

and in doing so, it collects, processes and stores personal data:

  • former and current employees of the Faculty of Kinesiology, professors, assistant professors, lecturers, assistants and external associates,
  • current, former and potential students of our study programmes,
  • members of the Faculty Council, the Dean's College and the Permanent Committees of the Faculty Council,

in accordance with the principles and retention periods set by the Act on Scientific Activity and Higher Education and the Archives and Archival Institutions Act and the related subordinate legislation and internal regulations.

Scientific research

Personal data of the data subjects are collected within the scientific and research activities and through the work of the Institute for Kinesiology for the purpose of scientific research, with previously obtained informed consent and fulfilling recognized ethical standards for scientific research and strict application of the Code of Ethics of the Faculty of Kinesiology, respecting the principle of inability to subsequently identify the data subjects.

Library

 The use of the library is also made available to external users, and during the use of library materials only personal identification document with photograph is taken for the purpose of identification without a storage of the personal data.

Video surveillance

Based on legitimate interest, the Faculty of Kinesiology uses a video surveillance for the purpose of protecting the property and safety of students, employees, external associates and users and visitors. It monitors the acceptable area around and within the facility of the faculty, whose camera perimeters are clearly marked by visible privacy notices. Video surveillance recordings shall be stored for a maximum period of six months from the date of their occurrence.

Web site

Although you can use our website without providing any personal information, after contacting us through our e-mail addresses, the Faculty of Kinesiology collects your personal data. Your personal data (your name, e-mail address) will be processed and stored so that we can contact you and respond to your request. The Faculty of Kinesiology will not share your personal data with any third party nor will grant their access. The data will be used only for the purpose of further contacting and answering your inquiry.

To use certain contents of our website you must register through your AAI @EduHr e-identity of the members of the academic and research community assigned by the host institution.

If you are under 16, please do not disclose any personal information without the consent of your parents or guardians. In any case, where we realize that we have collected or received personal data from a child under 16, and without the consent of the holder of parental responsibility, we shall delete such data without delay. If you have information that data from a child under 16 have been disclosed, please contact us on the dekanat@kif.hr.

Our web pages contain links to other web sites and social networks and they are not affected by our privacy policy. We recommend to read the privacy policies of each website and social network you visit, especially where you leave your information.

EXTERNAL DATA PROCESSORS

We provide access to your personal data to authorised external data processors for the purpose of  data processing on behalf of the Faculty of Kinesiology on the basis of our explicit instructions and through concluded data processing agreements ensuring a high level of protection of personal data. Engaged business entities shall strictly respect the obligation of confidentiality in accordance with this policy and with the data processing agreements we have concluded in accordance with the GDPR obligations.

Withing its own activities the Faculty of Kinesiology uses the services of data processors that process personal data of students of our study programmes and postgraduate doctoral studies, our employees, professors, assistant professors, lecturers, external associates, users and visitors for the purpose of fulfilling legal obligations in the field of scientific activities and higher education and with the purpose of IT support, video surveillance systems maintenance, software solutions maintenance and safe storage and processing of documentation.

We exchange the data according to the legal obligations to public authorities such as the Ministry of Science and Education, the Agency for Science and Higher Education, CARNET and the University Computing Centre (SRCE).

 

COOKIES

 

Our website uses only the necessary cookies to ensure page functionality:

Cookie                  Type                      Expiry                   Purpose

CMS                      HTTP                     7 days                  website functionality

 

YOUR RIGHTS

You are free to contact us at any time in order to exercise your rights in the field of protection of your personal data. Your rights are as follows:

The right to access personal data

You have the right to access your personal data and to be informed about which data and how we process it, for what purpose and for what period. We provide you with the opportunity to receive a copy of your personal data.

The right to correct personal data

You have the right to correct or complete inaccurate or incomplete personal data collected by us.

The right to delete personal data 

You have the right to request us to delete your personal data when the data is no longer necessary to fulfil the purpose for which it was collected, when you submit a justified complaint or your personal data is processed illegally.

The right to object

You have the right to object to certain handling of your personal data. For example, you can request that we stop processing your personal data for direct marketing purposes via the newsletter.

The right to restriction of processing

You can ask us to restrict data processing, for example, when deletion, correction or objection regarding your personal data is pending and/or when we do not have a valid basis for processing your data and you want us to keep it. When processing is restricted, your data will be stored and will not be processed further. For example, if you dispute the accuracy of your data, the processing of such data will be restricted until it is ensured that the data is correct.

If you want to exercise any of the above rights, feel free to apply:

 

  • by post to the address of the Faculty of Kinesiology or
  • by e-mail to the dekanat@kif.hr.

We shall respond to your request as soon as possible and no later than one month after receiving your request. If the secure confirmation of your identity is not possible, we will be free to request additional verification of your identity.

​RIGHT TO LODGE A COMPLAINT WITH THE SUPERVISORY AUTHORITY

You may at any time lodge a complaint with the competent supervisory authority, in particular in the EU country where you have a habitual residence, place of employment or place of alleged infringement, if you consider that our processing of your personal data is not lawful. Direct contacts of the competent supervisory authority in the Republic of Croatia are:

CROATIAN PERSONAL DATA PROTECTION AGENCY (AZOP)

Selska cesta 136, 10 000 Zagreb, Republic of Croatia

Telefon: +385 1 4609 000  Fax: +385 1 4609 099

e-mail: azop@azop.hr Web: https://azop.hr  

 

 

PRIVACY POLICY UPDATES

 

We retain the right to periodically update and improve the text of this privacy policy, primarily for the purpose of respecting legal changes, i.e. changes in the purposes and methods of data processing. However, we will not restrict your rights arising from this privacy policy or from the relevant legislation. In case of any changes that may affect your rights, we will inform you promptly and in an appropriate manner.