Student Campus Privacy Policy |
Contact information of the processor of personal data |
Registry Code: 80131259
Address: Raja Str. 4D, Tallinn 12616
E-mail: campus at campusttu dot ee
Application of personal data processing |
NPO TTÜ Student Campus has committed itself to protect the privacy of its clients and users by processing personal information in accordance with the requirements of the legislation and by applying all precautionary measures to protect personal data. By submitting an application on the application page of NPO TTÜ Student Campus, you confirm that you have read and understood the NPO requirements for the processing and protection of personal data.
Personal data to be processed |
Personal data is considered to be all information relating to an identified or identifiable natural person. The personal data to be processed by NPO include, inter alia, the following types of data and changes made to these data types:
- name and surname, gender, personal identification code, date of birth (dd/mm/yyyy), nationality
- address (street, city, county/state, country), phone, e-mail
- university name, faculty, date of commencement of studies, note of enrolled members of state budget, student code
- contact person (name and phone number)
- bank information – name of the bank, address, account number, bank account owner, address of the bank account owner, IBAN, SWIFT (BIC)
- application reason, rental period
While using Wi-Fi internet connection, personal data and public information of Facebook and/or Gmail will be collected as follows:
- Facebook ID or Gmail address
- Person’s name
- IP address of the device
- MAC address of the device
Objectives for the processing of personal data and data retention |
Processing personal data is necessary for the signing and functioning of a contract. NPO will process the personal data for the following purposes:
- processing housing applications, reserving and confirming accommodation places;
- preparing and signing the housing contracts;
- submitting invoices;
- processing access cards and sharing rights for other services;
- client communication, incl. contacting for forwarding operational information;
- fulfilment of obligations arising from legislation;
- improving the service;
- protecting its rights;
NPO maintains personal data for as long as it is legally required or reasonably necessary for the purposes for which the NPO has the right to process data. Wi-Fi service’s user data is collected and stored on the Ruckus SmartZone Wi-Fi controller, which is located in the service provider’s secure Tier II data centre.
Forwarding personal data to third parties |
NPO is the liable processor of personal data. NPO does not forward personal data to third parties without the prior consent of the client, except on the bases provided by legislation. NPO can forward personal data received from the clients to the following parties:
- Authorized processors, i.e. persons processing the personal data of NPO’s clients on the behalf of NPO (Max123 AS, Tallinn University of Technology, Zone Media OÜ, Securitas Eesti AS, Koodikaru OÜ, E-Kyla Arendus OÜ);
- Surveillance and investigative authority.
Authorized processors are required to take all precautionary measures to protect the personal data of the clients, to keep distributed information confidential and to process personal data in accordance with the limits set by the legislation.
Personal data received by Wi-Fi authentication is not processed or sent to third parties. The data will only be used if there is a reason to suspect that a specific Wi-Fi user is causing problems in the network (cyber-attacks, spreading viruses, etc.). Once the person of concern has been identified, the stored contact information will be used to contact and warn the user.
Safety |
The NPO implements all measures (including organizational, physical, IT security measures) for the protection of personal data that is being processed. Access to the modification and processing of personal data is restricted to authorized persons and the personal data of all NPO clients and users is treated as confidential.
Access to personal data, correction of data |
The client can see the personal data collected about him/her by logging in to e-Campus information system. The client has the right to demand the correction of his/her inaccurate data. If the client feels that the processing of personal data has violated his/her rights, he/she has the right to contact the Estonian Data Protection Inspectorate or the court for termination of the violation.