University of Doha for Science and Technology Privacy Notice.
What is the purpose of this document?
The University of Doha for Science and Technology (the “University provides information and services to, the students, employees, the public and all users of its information technologies through its website www.udst.edu.qa
The University is committed to protecting the privacy and security of personal data of our users and being transparent about the information we hold.
This Privacy Notice describes how we collect and use personal data, in accordance with Law No. 13 of 2016 (the “Personal Data Privacy Protection Law”). This Privacy Notice shall be applicable to all personal data collected by or submitted to the University.
The University is a "Data Controller". This means that we are responsible for deciding the purpose for which and the means by which your personal data is processed. We are required under the Personal Data Privacy Protection Law to notify you of the information contained in this Notice. For the avoidance of doubt, this Privacy Notice covers the electronic processing of personal data in addition to traditional methods of data processing.
This Privacy Notice applies to personal data and information of website visitors. It does not apply to any personal information of employees or independent contractors of the University.
This Privacy Notice does not form part of any contract of employment or other contract to provide services.
It is important that you read and retain this Privacy Notice, together with any other notices we may provide on specific occasions when we are collecting or processing personal data about you, so that you are aware of how and why we are using such information and what your rights are under the Personal Data Privacy Protection Law.
Personal Data Privacy Protection Principles
Personal data we hold shall be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes and not used in any way that is incompatible with those purposes.
- Relevant to the purposes for which they were collected and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes for which they were collected.
- Kept securely.
The Kind of Information We Hold About You
The types of information we may hold include:
- Personal Information, which is information that identifies you, such as your name, password, email address, address, phone number(s), and photographic image.
- Demographic Information, such as zip code, country, years of work experience, skills, industry, certifications, degrees, etc. We do this to help you connect with other event participants like exhibitors.
- Preference Information, such as preferred time zone or whether to show a dialog on your next visit. We do this to personalize your experience on the University’s website.
- Content Submissions, such as any information that you submit on our forms, blogs, social media pages, through file uploads, or via online chats.
- Anonymous information, such as pages visited, and time on the University’s website. We do this in order to understand how the University’s website are being used and what the engagement is like.
- We collect information stored in your social media profile that you authorize us to access when you use your social media profile to execute features on the University’s website, such as the ability to log into the University’s website using your social media profile credentials.
In addition, when you visit the University’s website, we may collect certain information by automated means, such as cookies and web beacons, as described in more detail below. The information we may collect by automated means includes, but is not limited to:
- Information about the devices our visitors use to access the Internet (such as the IP address and the device, browser and operating system type).
- Pages and URLs that refer visitors to the University’s website, also pages and URLs that visitors exit to once they leave the University’s website.
- Dates and times of visits to the University’s website.
- Information on actions taken on the University’s website (such as page views, site navigation patterns or application activity).
- A general geographic location (such as country and city) from which a visitor accesses the University’s website.
- Search terms that visitors use to reach University’s website.
How is Your Information Collected?
We may collect information about you from various sources, including the University’s website, when you call or email us or communicate with us through social media, or when you participate in an Event. An “Event” is an online gathering that includes registration before the event begins, activities between the event’s start and end time, and after the event’s end time. We also may collect information about you from business partners and other third parties and publicly available information, including from our customers prior to or during an event. We may collect your information at different points in connection with our business and the University’s website, including your registration, profile submissions, use of the University’s website, interactions with us, and during an Event.
How We Use the Information We Collect?
We may use the information we collect about you to:
- Create, manage and maintain your account on the University’s website.
- Provide you with the University’s website and other services that you request.
- Manage your participation in events hosted on the University’s website, where you have signed up for such events and promotions.
- Maintain a record of the events in which you participate, including chat and webinar history and download activity.
- Enable you to interact with other event participants.
- Provide administrative notices or communications applicable to your use of the University’s website.
- Respond to your questions and comments and provide customer support.
- Operate, evaluate and improve our business and the services we offer.
- Analyze and enhance our marketing communications and strategies (including by identifying when emails we have sent to you have been received and read).
- Analyze trends and statistics regarding visitors’ use of the University’s website, mobile applications and social media assets, and the jobs viewed or applied to on the University’s website.
- Maintain the quality of the University’s website, including detecting security incidents and protecting against malicious, deceptive, illegal or fraudulent activities.
- Enforce our Code of Conduct for online use and legal rights.
- Comply with applicable legal requirements and our policies.
We may also use non-personally identifiable information and certain technical information about your computer and your access to the University’s website (including your internet protocol address) in order to operate, maintain and manage the University’s website.
We may collect, compile, store, publish, promote, report, share or otherwise disclose or use any and all aggregated information, however, unless otherwise disclosed in Privacy Notice, we will not sell or otherwise transfer or disclose your Personal Information to a third party without your consent.
Legal Basis for Processing Your Personal Data.
We will only use your personal data to the extent the Personal Data Protection Law allows us to. In processing your personal data in connection with the purposes set out in this Privacy Notice, we may rely on one or more of the following legal bases:
- Consent: We may process your personal data where we have obtained your prior, expressed consent.
- Contractual necessity: Where we need to perform any contract that you may enter with us.
- Compliance with applicable Law: Where we need to comply with a legal obligation.
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
- Where we need to protect the vital interests of any individual.
- Where it is needed in the public interest and in accordance with the law.
Situations in which We Will Use your Personal Data.
The situations in which we will process your personal data are listed below:
- Contact and communicate with you in connection with our notifications, programs, events, or updates that you may have registered for.
- Operating and managing our website, providing contents to you, displaying and notifying you of changes to our website and or online systems.
- Physical security of our premises including records of visit to our premises electronic security, including, login records and access details.
- For internal research and development purposes for new content, products, and services, and to improve, test, and enhance the features and functions of our current Services.
- Health and safety assessments and record keeping, and compliance with related legal obligations.
- Business management and planning.
- Exercise our rights and to protect our and others’ rights and/or property, including to act against those that seek to violate or abuse our Services.
- To prevent fraud.
- To monitor your use of our information and communication systems to ensure compliance with our policies.
- To ensure network and information security, including preventing unauthorized access to our computer and electronic communications systems.
Some of the above grounds for processing will overlap and there may be several (other) grounds which justify our use of your personal data.
Please note that we may process your personal data without your knowledge or consent and where this is required or permitted by law.
In some circumstances we may anonymize your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
Sharing of Personal Data.
We may have to share your personal data with third parties, including third-party service providers and other entities connected with us.
We require third parties to respect the security of your data and to treat it in accordance with the law.
If we do, you can expect a similar degree of protection in respect of your personal data.
Why we might share your personal data with third parties?
We will share your personal data with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
How secure is your personal data with third-party service providers?
All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
Personal Data Security.
We have put in place measures to protect the security of your personal data. Third parties will only process your personal data on our instructions and where they have committed to treat the data as confidential and to keep it secure.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your duty to inform us of changes.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes at any time.
Your Rights with Regard to Personal Data.
Certain rights are provided to you, by law with regard to your personal data. You have the right to:
- Approve processing of your personal data by the University, unless processing is necessary to meet the University’s legitimate purposes or a legitimate purpose of a receiving third party.
- Withdraw at any time previously given consent for processing personal data.
- Object to the processing of personal data, if it is not necessary to achieve the purposes for which it was collected, or if it exceeds its requirements, or is discriminatory, unfair or contrary to the law, or when it is processed for marketing purposes.
- Request access to your personal data and request revision of the same.
- Request correction of the personal data the request shall be accompanied with proof of accuracy of the of such request.
- Request erasure or deletion of your personal data. In case of withdrawal of consent of processing your personal data or objecting to the processing of the same, upon cessation of the purpose for which it has been collected, or when all justifications for processing such personal data cease to exist.
- Be notified of the processing of your personal data and the purposes for which processing is to be conducted.
- Be notified of any disclosure of any inaccurate personal data.
- Obtain a copy of the personal data.
We may require proof of your identity before we can give effect to these rights; and where your request requires the establishment of additional facts (e.g., a determination of whether any processing is non-compliant with applicable law) we will investigate your request reasonably promptly, before deciding what action to take.
Right to withdraw consent.
In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please email us at email@example.com . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
We take all reasonable steps to ensure your personal data is kept accurate and up to date and is rectified if we become aware of inaccuracies.
We take every reasonable step to ensure that:
- Any personal data that we process is accurate and, where necessary, kept up to date.
- Any of your personal data that we process that is inaccurate (having regard to the purposes for which they are processed) is immediately erased or rectified.
- We may occasionally ask you to confirm the accuracy of your personal data.
Please note that no data transmission over the internet can be guaranteed entirely secure. While we strive to protect your personal data, we can neither ensure nor warrant the security of any information you transmit to us or from our software or services, and you do so at your own risk. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with our applicable policies and the Law.
Changes to this Privacy Notice.
We reserve the right to update this Privacy Notice at any time, and we will provide you with a new Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.
If you have any questions about this Privacy Notice, please contact: firstname.lastname@example.org