1. Who is responsible for user’s data processing?
UNIVERSITY OF ICELAND (hereinafter, “UNIVERSITY OF ICELAND”), company with registered office address in SAEMUNDARGOTU 2, REYKJAVIK 101, Iceland., with VAT NUMBER 19133 will be responsible for the treatment of user’s data.
2. How the company has obtained user’s data?
The data managed by UNIVERSITY OF ICELAND have been provided by the user, through (i) the different forms that the user has filled out when browsing the WEBSITE (e.g., registration as a WEBSITE user, forms referred to job offers and/or application processes, etc.); or (ii) by sending an email enquiry.
4. What type of data does the company process?
The data managed in UNIVERSITY OF ICELAND are those that the user has provided in the forms and/or email address that the company uses to contact purposes.
More specifically, UNIVERSITY OF ICELAND manages the following data categories, depending on the WEBSITE use:
Identification and contact data (e.g., name, surname, identity card number, postal and electronic address, telephone, etc.).
Internet browsing data (e.g., IP address, visits to web pages, connections to Wi-Fi networks, etc.).
Personal profile data, education, employment, etc. (in the case UNIVERSITY OF ICELAND job applications/offers processes in which the user voluntarily participates).
4. For what purpose and according to which legitimacy does the company manage user’s data?
User’s personal data management has the following purposes:
Process and manage information requests, suggestions, complaints or claims that the user make through the WEBSITE or email.
Process and manage service contracting and provision formalized by UNIVERSITY OF ICELAND through the WEBSITE.
Manage user’s job application, registration and participation in the corresponding selection process.
UNIVERSITY OF ICELAND’s personal data management is developed in accordance with the applicable regulations, based on user’s consent given at the time of collecting the personal data that the user has voluntarily provided through the corresponding tools established for this purpose on the WEBSITE.
The company reminds that, at any time, the user can freely revoke his/her consent without any charge according to the terms explained in Section
5. To whom can the company send user’s data?
The company informs that user’s personal data may be shared with the following third parties:
Organizations and Public Administrations to which UNIVERSITY OF ICELAND has the legal obligation to communicate user’s data.
When the user gives his/her consent the entities part of UNIVERSITY OF ICELAND’s same business group, with the purpose of attending user’s requests and queries and/or sending the user commercial communications regarding the mentioned entities and their respective activities or products.
As well, the company informs the user that his/her personal data could be communicated to third entities that provide services to UNIVERSITY OF ICELAND and, some of which, as Data Processors, may have data processing centers located outside the European Economic Area, so the user’s data could be subject to international data transfer according to the applicable legal guarantees.
6. How long will the company keep user’s data?
In general terms, personal data will be kept as long as the user does not revoke his/her data treatment consent or requests data removal or once that the time needed by UNIVERSITY OF ICELAND to meet the corresponding legal obligations.
In any case, the company informs the user that UNIVERSITY OF ICELAND has established internal data filtering policies to control the period of storage of owned personal data. Consequently, the data could be canceled once the company considers that these data are no longer necessary and/or adequate for the purpose for which they were collected.
7. What are user’s rights?
Applicable data protection regulations guarantee the user several rights related to his/her personal data that the user may apply during data processing. These mentioned rights are following ones:
Data access: the user has the right to check his/her data to know concerning personal data that are being managed by the company.
Request the rectification or removal of user’s data: under certain circumstances, the user has the right to rectify those inaccurate of concerning personal data that are being managed by the company or, even, to request its removal when, among other reasons, the data are no longer necessary for the purposes to which data were collected.
Request the limitation of user’s data management: under certain circumstances, the user has the right to request the limitation of his/her personal data processing. In that case, the company will keep the mentioned data only for the compliance or defense of claims according to the data protection terms established in the applicable regulation.
User data portability: under certain circumstances, the user has the right to receive the concerning personal data provided to the company in a structured, commonly used and machine-readable format and to transfer them to another data controller.
Opposition to user’s data processing: under certain circumstances and some reasons related to user’s particular situation, the user has the right to oppose the processing of his/her data. In that case, the company will stop processing these data except that, due to legitimate reasons or the implementation or defense of possible claims, these data will need to be kept.
As well, the user has the right to withdraw at any time his/her consent, not affecting this decision the legality of the data treatment based on the consent prior to its withdrawal.
The user can exercise these rights under written request addressed to UNIVERSITY OF ICELAND, specifically to the postal address indicated in Section 1 or by sending an email addressed to firstname.lastname@example.org.
Finally, the user can present a claim in the corresponding Control Authority (in Iceland, The Icelandic Data Protection Authority), especially when the user has not obtained satisfaction in the exercise of his/her rights. The user can contact the mentioned Authority through the following website: www.personuvernd.is.
8. Security measures
UNIVERSITY OF ICELAND will treat user’s data every time in an absolutely confidential way and keeping the mandatory duty of secrecy according to the provisions established in the data protection applicable regulations and adopting the corresponding technical and organizational measures for this purpose, necessary to guarantee the security of user’s data; prevent its alteration, loss, treatment or unauthorized access and taking into account the state of technology, the nature of the stored data and the risks to which they are exposed.
9. Cookies policy
Additionally, the company informs that UNIVERSITY OF ICELAND has established a Cookies Policy accessible through the following link.