University of New York in Prague, s.r.o. considers the protection of your personal data to be a priority and we undertake to exert maximum effort in order to secure them. We declare that we process your personal data in conformity with valid legislation, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (‘GDPR’), Act No 101/2000 Coll, on Personal Data Protection, Act No 127/2005 Coll, on Electronic Communication, and Act No 480/2004 Coll on Some Services Provided by Information Companies.
In this Data Privacy Statement we will show you how we collect, process, use, and protect your personal data, and thus how we help to protect your privacy. We will try to explain basic terms, principles, fundamentals, and processes of personal data protection that we use. By using our website and services, you agree with the conditions stated herein.
The controller of personal data is University of New York in Prague, s.r.o., registered office Londýnská 506/41, Praha 2, postcode 120 00, company reg No: 25676598, registered in the Commercial Register administered by the Municipal Court in Prague, section C, file No 60332 (hereinafter referred to as ‘UNYP’). As a controller, we define the purpose and means for processing of your personal data, and we are responsible for the observance of all obligations and principles of their protection. Processing then means any operation or a set of operations performed on personal data such as collection, processing, arrangement, etc. Our contact details (as a controller) are provided herein.
The processor then is the entity which receives from us your personal data and which handles these personal data in conformity with instructions from us. The processor may be, for example, our external provider of e-learning services who operates on our behalf an online portal for our online courses. We try to ensure sufficient securing of personal data with the processors by means of written contracts on processing and protection of personal data.
You are a personal data subject exclusively as a natural person. In the case of UNYP, personal data subjects are primarily the persons with whom we have entered into a contract or whom we view as our customers and users of our services. Therefore this main group includes, for example, university applicants, students, and graduates but also lecturers and employees. We usually process their data in order to execute and perform contracts or based on our justified interest. However, you may also become the subject of the personal data processed by us when you give us for example your marketing consent for receiving news by email or if you visit our website without being our customer.
Our services that require registration are not intended for persons under 16 years of age, unless expressly provided otherwise therein. If you are a person under16 years of age and want to use any of our services, or give us your consent for processing your personal data, please notify us of this fact during registration or the granting of your consent (use the contact details provided by us) so that we may consider whether it is necessary to contact your legal representative and obtain their consent.
We collect a part of your data automatically using technical means and through the services you use. An example of that may be the data obtained through our web and cookies (for more information go to the Cookies section), or the data recorded during the use of our network and other information and communication systems (eg UNYP e-learning system).
However, we obtain the majority of personal data directly from you, be they from our website forms or other online applications and services, from your emails, telephone calls, personal meetings (standard interviews with university applicants), or from other sources. You always disclose such data voluntarily, and by doing so you grant your consent to the processing conditions.
To a lesser extent, we obtain your personal data from third parties such as our partner universities and suppliers.
We divide personal data into various topical categories and their processing is always subject to the existence of at least one purpose (however, often there are multiple purposes for one category). Basic categories which we may process and their purposes include the following:
Identification data (name, surname, maiden name, title, academic title before and after name, gender, language, domicile, permanent residence, date and place of birth, citizenship/nationality, personal identifier (assigned by UNYP), type of document, passport number, ID card number, company registration number, VAT number, social security number, passport number, document validity, date and place of issuing of a document, photograph from ID card, application login, date of establishment/termination of record, employee number, job title, signature) are necessary for proper identification of persons in individual roles across our activities and services.
We need contact data (correspondence address, telephone number, fax number, email address, data box, social media contact data, and communication applications) to secure requisite communication with you for all the services we provide as well as when ordering these services. The separate purpose(s) for processing of some data (eg email address) then may include marketing activities. Such processing typically occurs based on your consent.
Authentication and authorisation data in IT systems (user names, email addresses, passwords, security questions, system roles and authorisations) are processed for the purpose of safe operation of these systems and to make sure that only verified users are granted access to perform operations appropriate to their authorisation.
Network identifiers and tracking data (IP address, MAC address, cookies and other tracking mechanisms in browsers, localisation data, web browser setting data) are processed for the purpose of trouble-free and secure provision of network infrastructure and for monitoring the statistics of our web traffic and their improvement.
Transaction data (bank account number, debit/credit card number, authorisations/powers of attorney, transaction date, transaction amount, transaction purpose) are necessary for proper assignment of your payments to services you order through our website or through other means.
Data regarding studies, education, and research (registration in courses, schedules, grades, credits, attendance, submitted work, number of lessons taught, research records) are naturally the core of our university and we process these for the purpose of providing of university training for the purpose of scientific research, for the purpose of attestation by accrediting bodies and other bodies.
Photos and video and audio recordings are processed mostly for the purpose of documenting and promotion of our activities and services always in conformity with valid legislation.
CVs, cover letters, and records of procurement procedures are processed for the purpose of hiring of new employees and keeping personnel records.
Wages and similar records (wages/remuneration, refund of wages, average pay, bonuses/use of benefits, wage deductions, manners of sending wages, personal account number, consumption of internal resources, insurance, taxes and deductions, tax payer statement, tax returns and supporting documents) are processed for the purpose of keeping personnel records and for the purpose of paying remuneration to employees.
Data regarding performance of work (post, cost centre, supervisor, working hours, leave, sick leave, maternity/paternity leave, career interruption, attendance, events, calendar, information about business trips and other changes in the employment relationship, timesheets, entrusted work equipment and other valuables, number of hours worked, attended training courses, access rights, book of work accidents, performance of work for a third party) are processed for the purpose of keeping personnel records.
Data from security systems (CCTV records, alarm records) are processed only within the minimum scope necessary for securing the safety of persons and property on our premises.
This list is not complete and it always depends on the role you have in relation to us (eg a student, employee). If you want to know which categories concern you, please contact us using the email address stated in the section ‘How can you contact us?’.
In principle, we do not process data regarding racial or ethnic origin, political views, religious or philosophical beliefs, membership in trade unions, or sexual orientation. These data on their own may harm the data subject in society, at work, at school, or may cause discrimination towards the data subject. If these data are requested of you, we recommend that you do not hand them over.
We conduct processing of your personal data exclusively based on legally defined entitlement that give us authorisation to do so. The main legal entitlements for processing by UNYP include in particular:
The following entitlements are then applied rather rarely for processing of some of your personal data:
We always process your personal data only for the duration of the purpose for their processing.
In the case of processing your personal data in order to perform a legal obligation. the processing time is clearly given by the related legal regulation. Within UNYP this concerns particularly students’ personal data processed for the purpose of compulsory reporting to state administration bodies (registry office), employees’ personal data associated with the requirements stipulated by the Labour Code, or tax records according to the respective law.
When processing data based on execution or performance of a contract (eg study contract, employment contract, etc), the processing time is limited by the given contract. Upon expiry of all related obligations from the contract, we will stop processing your personal data for this purpose and we will delete them unless such data are processed for any other purpose.
We will keep the personal data processed based on the title of a legitimate interest only for a necessary time, which we define with regard to the nature of the kept data. In the case of study applications submitted via the UNYP web, such time limit is stipulated to 5 years for basic data and data about the selected programme; however, for additional documents of a more personal nature downloaded to our server, this time limit is only 1 year.
If you have given us your consent to the processing of your personal data e.g. for marketing purposes (sending of UNYP newsletter by email), processing of your personal data will occur until your consent is withdrawn or until you fail to renew such consent after a certain time.
We undertake not to hand over your personal data to third parties for consideration for any commercial purposes. In order to be able to share your personal data with third parties within or beyond the European Union and the European Economic Area, there must be a substantial and clearly defined reason to do so, supported by an executed contract, UNYP’s legitimate interest, or expressly provided consent by the personal data subject. Furthermore, such sharing must be implemented in an adequately secured way (eg encryption, pseudonymisation, etc) and the scope of the handed over personal data must be strictly defined.
An example of a situation when UNYP hands over your personal data to a third party may be, for example, studying abroad at one of our partner universities, the preparation and implementation of which requires that we hand over particularly your basic identification and contract data and selected study records.
The basic question for us during any handover of data to third parties will always be whether it is in the best interest of the personal data subject and whether all possible steps have been taken to achieve procedural and technical security of such sharing procedure.
We consider the protection of your personal data to be a crucial matter and we pay our full attention to it. We handle your personal data with due care and protect them within the maximum scope of the corresponding technical level and while observing the following principles:
We have also adopted the following technical and organisational measures in support of securing the processed personal data:
A natural person is entitled to request from us (as a controller of personal data):
If we receive such a request, we will inform the applicant of the adopted measures without undue delay, in any case not later than within one month of receiving the application. This time limit may be extended by another two months if necessary and with regard to the complexity and number of applications. In certain cases defined by the Regulation, our company is not bound to satisfy the request. This shall be in particular in situations when such request is apparently groundless particularly due to its repetition. In such cases we may impose an adequate fee due to administrative costs associated with provision of the requested information or statements or with the required actions or to refuse to satisfy such request.
If we receive a request stated above but have justifiable doubts regarding the identity of the applicant, we may ask the person to submit additional identification data. We will keep the information about the fact that the data subject has exercised its rights with us and the way we handled the application for a reasonable time (usually 5 years) for the purpose of documenting this fact for statistic purposes, to improve our services and protect our rights.
In the cases when the data subject believes that UNYP processes its personal data without authorisation or otherwise violates their rights, they are entitled to file a complaint with the supervisory body (in the Czech Republic, the Office for Personal Data Protection).
Cookies are small data files that are necessary for some functions of websites such as logging in. Thanks to cookies, a website may also remember various settings such as the language, font, and other options you have selected for viewing the website. This is the reason why we place cookies in your computer. Most large websites and providers do the same thing.
Cookies can be divided into two basic species according to their durability. While session cookies remain in your browser only until it is closed and then deleted, persistent cookies remain in the browser for a long time (depending on your browser settings and cookies settings) or until you manually delete them.
You may erase any cookies already present in your computer. Most browsers also provide the possibility to block placement of cookies in your computer, though in that case you will not be able to use our online services. Detailed information about the settings regarding the storage of cookie files in your browser are available on the website of the provider of the particular browser you are using.
The owner and provider of websites www.unyp.cz is a private college, University of New York in Prague, Ltd., which according to the law no. 121/2000 Coll., On copyright, is entitled to apply the law on property on this website.
All rights, including copyright to the content of websites www.unyp.cz, including all website design, text, graphics, the selection and arrangement, and all software compilations, underlying source code, software (including applets) and all other material on this website the site owns or controls the University of New York in Prague, all rights reserved.
Users can not interfere with the security of the website can use these websites to spread malicious computer viruses and do not try to enter publicly inaccessible parts of this website. The user is required to respect the copyrights of the providers.
The liability arising out of the use of these websites rests solely with the user and the provider does not bear any responsibility in particular for the content uploaded by users. All legal disputes arising out of the use of this website will be dealt with at the appropriate court in the Czech Republic and under the laws of the Czech Republic. If, for any reason, some of the provisions of these Terms become unenforceable, this provision will be deemed severable from the other terms and will not affect the intent of these terms and the remainder of these terms and conditions will continue to be fully effective and effective.
They declare that this website is making the most of its content and all its features for all Internet users. The presentation page is created using XHTML, visual with CSS2. We do not guarantee the correct rendering of pages, especially for some older web browsers or other than standard screen resolutions.
Our website has been created and its trouble-free operation is secured by the CENTARIO internet agency. If you have any questions, comments, ideas for improvement, or technical difficulties, do not hesitate to write to email@example.com.
We reserve the right to change or adjust at any time and for any reason the principles of protection of personal data set forth in this statement. If there are any substantial changes in the content of this statement, these will published in this document. We therefore recommend that you regularly check for any contingent changes at this website.
Nothing in this data privacy statement intends to create a contract or a legal relationship between University of New York in Prague and any user who visits our website or provides personal data in any form.
You may use the following contact details for any comments and queries regarding personal data protection and when exercising your legal rights:
University of New York in Prague, s.r.o.
Londýnská 506/41, Praha 2, postcode 120 00
(Last revision date: January 10, 2019)
The e-mail address you provide will be used only to send you the newsletter. Your privacy is important to us.
For more information download our UNYP Brochure.