UMP PRIVACY STATEMENT

1.    PREAMBLE
The University of Mpumalanga (UMP) is committed to protecting personal information or data. This privacy statement describes why and how we collect and use personal data. It provides information about individuals’ rights in relation to personal information kept by the university. UMP conforms to applicable laws and international standards and ISO requirements for the collection and use of personal information. We believe in responsible management of personal information, and continually improve our practices and maintain a high standard in handling it.

 2.    PRIVACY PRINCIPLES
UMP subscribes to the privacy principles described below. 

2.1    Trust 
We are committed to responsible management of the personal data under our control and to compliance with all applicable data protection laws that regulate the collection, use, and disclosure of data about individuals. We ensure compliance with applicable privacy laws, and self-regulatory programs. We take steps to prevent the personal data we collect from being used in ways that have not been communicated to individuals and/or could negatively affect them. 

2.2     Accountability 
We take responsibility for what we do with personal data, and we ensure that we have appropriate measures and records in place to comply with applicable laws

2.3       Confidentiality
We keep the data subject’s information private, without disclosing the information, even to law enforcement, except under certain specific circumstances and within acceptable legal requirements. 

2.4       Integrity
We implement the appropriate data validation and error checking, to ensure data integrity, accuracy, completeness, and consistency and that personal data is filed properly and stored safely and correctly. 

2.5       Transparency
We ensure that personal data is being used with integrity, lawfully, fairly and traceably, for valid purposes and that data subjects know what data is being collected, who can access it, how it's being used and how it can be interacted with.  .           

2.6        Quality 
We are continually working to maintain the personal data in our possession so that it is complete, accurate, relevant, reliable, and up to date. 


3.   DATA COLLECTION AND CONSENT UMP collects personal data from:
Our employees, students, and service providers while conducting our business.
People we contact regarding research surveys and interviews are conducted online, in person, by telephone, email, or postal mail, and research data collection is guided by research ethics polices.
We use disclaimers and cookies to visitors and to those who visit our websites and people who contact us via, email, or other means.
We rely on the consent that data subjects provide us at the point of data collection for using their personal information 


4.   NOTIFICATION AND CHOICE
We provide clear notice about what data we collect. We offer choices about our data collection at a time and in a context that reflects the sensitivity of the data being collected. You have choices about how your personal data is handled, and we are committed to providing you with reasonable access to your personal data and the ability to review and limit the use of such data in accordance with applicable laws. 


5.   USE AND RETENTION
We use data about you for the purpose(s) for which it was collected or provided to us as stated at the point of collection. We restrict access to and use of personal data of UMP students, staff, and service providers for a legitimate purpose. We have records retention schedule and processes to guide how long we keep different types of personal data. 

6. ACCESS, CORRECTION, AND DELETION We provide individuals with reasonable opportunities to access the personal data UMP holds about them and correct it if it’s inaccurate, or request that personal data be deleted (where applicable). 


7.  UNDERAGE STUDENTS DATA 
We understand the importance of protecting the privacy of under-age students, i.e., those students who are under 18 years of age, especially in the online environment. We comply with applicable laws regarding the collection and use of data about underage students, 


8. INTERNATIONAL STUDENTS AND STAFF DATA
We comply with applicable laws regarding international students and staff about access to personal data. 


9. DISCLOSURES OF DATA TO THIRD PARTIES
We do not give data in our possession to third parties. Service providers are requested to complete, the non-disclosure agreements, to keep the information secure and use it to perform only the services they have been engaged to provide. We will provide data to third parties to the extent required by applicable laws, to protect our students, staff and service providers and UMP’s legal interests. 


10. DATA SECURITY
We implement multi-layered organizational, technical, and administrative measures that are designed to protect the personal data in our possession. We engage in regular system testing and updating of our controls to respond to changing technology and environment and security threats. 

11. CONTACT DETAILS
If you have any comments or questions regarding this Privacy Statement, or wish to contact us, please email at privacy@ump.ac.za.  for the attention of: The Deputy Director: Records and Archives University of Mpumalanga Corner R40 and D725 Roads
Riverside Nelspruit, 1200