+998 78 129 19 19
En En

Data Protection Policy

Introduction
STARS International University® needs to collect and use certain information about individuals. This data may include customers, suppliers, business partners, employees and other individuals with whom the organization interacts or with whom it may need to contact.

This policy describes how personal data will be collected, processed and stored to comply with the company\ data protection standards and legal requirements.

Objectives of this policy

The Data Protection Policy ensures that STARS International University®:

  • Complies with data protection legislation and follows best practices;
  • Protects the rights of employees, clients and partners;
  • Demonstrates transparency in how individuals' data is stored and processed;
  • Protect yourself from the risks of data breaches.
Data Protection Act

The Data Protection Act sets out how organisations, including STARS International University®, must collect, process and store personal information.

These rules apply regardless of whether the data is stored electronically, on paper or in other media.

To comply with the law, personal information must be collected and used fairly, kept securely and not disclosed unlawfully.

  • Data protection law is based on eight key principles. According to these principles, personal data must:
  • Be processed fairly and lawfully;
  • Be collected only for specified, legitimate purposes;
  • Be relevant and not excessive;
  • Be accurate and up-to-date;
  • Not be kept longer than necessary;
  • Be processed in accordance with the rights of data subjects;
  • Be protected by appropriate means;
  • Not be transferred outside the European Economic Area (EEA) if the country or territory to which they are transferred does not ensure an adequate level of protection.
People, Risks and Responsibilities

Scope of the policy

This policy applies to:

STARS International University® Head Office;

All STARS International University® affiliates;

All STARS International University® employees and volunteers;

All contractors, suppliers and others working on behalf of STARS International University®.

The policy covers all data the company holds that relates to identifiable individuals, even if that data is not technically covered by the Data Protection Act. This may include:

Names of individuals;

Postal addresses;

Email addresses;

Telephone numbers;

Any other information related to individuals.

Risks related to data protection

This policy helps protect STARS International University® from the following risks:

  • Breaches of confidentiality (such as inappropriate disclosure of information);
  • Breaches of choice (e.g., all individuals should be able to choose how their data is used by the company);
  • Reputational damage (e.g., if confidential data is successfully hacked).
Responsibility

Everyone who works for or collaborates with STARS International University® is responsible for ensuring that data is collected, stored, and processed appropriately. Each team working with personal data must ensure that data is processed in accordance with this policy and the data protection principles.

However, the following individuals have key areas of responsibility:

  • Management has ultimate responsibility for ensuring that STARS International University® complies with its legal obligations.
  • The Data Protection Officer is responsible for:
  • Communicating data protection issues, risks and concerns to management;
  • Reviewing data protection procedures and policies within agreed timeframes;
  • Providing training and advice to anyone covered by this policy;
  • Handling requests from staff and others covered by this policy;
  • Resolving requests from data subjects for access to their information (known as "data access requests");
  • Reviewing and approving all contracts with third parties who may process the University's sensitive data.
IT Manager

Responsible for (including the responsibilities of the local data protection officer):

  • Ensuring that all systems, services and equipment used to store data comply with security standards;
  • Regularly checking and scanning hardware and software to ensure they are working reliably;
  • Assessing third-party services that the company is considering for storing or processing data (e.g. cloud services).
Marketing Manager

Responsible for:

  • Approving data protection statements attached to communications such as emails and letters;
  • Resolving data protection queries from journalists or media;
  • Ensure that marketing initiatives comply with data protection principles.
General Guidelines for Employees

Only those employees who need access to the data to perform their jobs may have access to information covered by this policy.

Data should not be shared informally. Employees should contact their managers to gain access to confidential information. STARS International University® provides training to all employees to help them understand their responsibilities when handling data.

Employees must ensure that all data is protected by taking reasonable precautions and following these guidelines:

Use strong passwords that must never be shared with anyone;

Personal data must not be disclosed to unauthorized persons inside or outside the company;

Data must be reviewed regularly and updated if out of date. When data is no longer needed, it must be deleted or destroyed.

If in doubt, employees should seek advice from their manager or data protection officer

Data storage
  • Paper documents or files must be stored in a secure location where unauthorized persons cannot see them.
  • When not in use, documents must be locked in a drawer or cabinet.
  • Paper documents and printouts must not be left where unauthorized persons can see them, such as on a printer.
  • Printouts of data should be shredded when no longer required.
Use of Data

Personal data is of no value to STARS International University® unless the company can use it. However, the use of data carries the greatest risk of loss, damage or theft:

  • When working with personal data, employees should ensure that their computer screens are locked at all times when left unattended.
  • Personal data should not be shared informally. In particular, they should not be sent via email, as this method of transmitting data is not secure.
  • Data must be encrypted before being transmitted electronically. Your IT manager can explain how toto authorised external contacts.
  • Personal data shall never be transferred outside the European Economic Area.
  • Employees shall not save copies of personal data on their own computers. Data shall only be accessed and updated from the central database.
Disclosure of data for other reasons

In some cases, the Data Protection Act allows the disclosure of personal data to law enforcement agencies without the consent of the data subject. In such cases, STARS International University® will disclose the requested data. However, the data protection officer must ensure that the request is legitimate, seeking support from the board of directors and legal counsel if necessary.

Provision of information

STARS International University® aims to ensure that individuals are aware that their data is being processed and that they understand:

  • How their data is used;
  • How they can exercise their rights.

To this end, the university has a privacy statement that sets out how the university uses data relating to individuals.

SIU/003-DP; Revision No.: 01; Date: 16.03.2021

Application Form
Application Form
  • About University
  • Faculties
  • News & events
  • Books for sale
  • Students hostel
  • Sports complex
  • KitchenbySTARS
  • HEMIS Student
  • Contacts
  • STARS Policy
  • DIGI STARS
  • STARS Spiritual and Educational Center
  • TurkVigor

Sign in STARS

Forgot your password

New user

Create an account
notice