The Middle East College (MEC) implements a Privacy Policy to help data owners comply with the disclosure requirement of data protection and data privacy laws. The policy governs the collection, use, disclosure, retention and protection of personal information of all employees and students.
Purpose:
The purpose of Privacy Policy is to:
- clarify when personal information will be collected;
- clarify how MEC uses the personal information of its employees and students;
- ensure that no employees will expose any personal information of any employee or student;
- classify levels of information, into confidential and top secret information.
Audience
The policy is applicable to all stakeholders of MEC
Definition
Authorised people: People who are responsible for determining appropriate classifications, making decisions about who can use and access information and who can ensure the appropriate level of control over information. For staff information, contact the Human Resources Department and for student information contact the Registration and Assessment Department.
Policy Statement
- Personal information is collected when the employee or student joins the College.
- Personal information shall only be used for official purposes.
- Personal information shall be disclosed only in accordance with the national law or with the permission of the owner.
- Personal information includes, but is not limited to: personal contact information, date of birth, phone number, health history, salary or wages, resume and references, terms and conditions of employment, performance assessment, work history, disciplinary matters.
- Permission to access personal information is subject to approval by the Registrar.
- Private rights of employees are protected by employees’ rights to request access to their own personal information.
- Confidential information is not to be used in any manner that is incompatible or inconsistent with that as authorized by MEC, or that is inconsistent with the required usage. Confidential information shall not be disclosed/ divulged to any third party without a specific written authorization of MEC.
- Unauthorised usage of confidential information includes any form of exploitation, misuse, loss, and destruction, reverse engineering, decompiling, alteration, deletion or any other likewise harmful effects thereof and shall be subject to penal/ disciplinary actions.