Academics | Event Details

Data Protection Policy

1. Purpose & Scope
This policy outlines the Sultan Institute of Management Training commitment to protecting the personal data of students, staff, and stakeholders. It covers all activities and processes involving the use of personal data, whether in electronic or hard copy form.
2. Data Collection and Use
- Personal data is collected only for legitimate educational purposes. - Data collection, usage, and disclosure are conducted in accordance with relevant laws and regulations. - Consent is obtained from individuals where required, unless exempted by law
3. Data Access and Security
- Access to personal data is restricted to authorized personnel only. - Technical controls are deployed to minimize the risk of data loss or breaches, including encryption and secure storage solutions. - Regular audits are conducted to ensure compliance with data protection standards.
4. Data Accuracy and Retention
- Personal data is kept accurate and up-to-date. - Data is retained only for as long as necessary to fulfill the purposes for which it was collected. - Clear guidelines are established for the secure disposal of data no longer needed.
5. Individual Rights
- Individuals have the right to access their personal data and request corrections if necessary. - Requests for data access or correction are handled promptly and transparently. - Individuals are informed about their data protection rights and how to exercise them.
6. Data Breach Response
- A clear procedure is in place for responding to data breaches, including immediate containment and assessment of the breach. - Affected individuals and relevant authorities are notified as required by law.
7. Training and Awareness
- Regular training is provided to staff on data protection principles and practices. - Awareness programs are conducted to ensure that everyone understands their responsibilities regarding data protection.
8. Review and Amendments
- This policy is reviewed annually to ensure it remains effective and compliant with legal requirements. - Amendments to the policy are made as necessary and communicated to all stakeholders.